KNEL/football
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
football/tests/integration/e2e_test.bats
Charles N Wyble 89fd6b7dfb fix: move preseed.cfg to includes.installer for live-build 
The preseed file needs to be in config/includes.installer/ for live-build
to embed it into the Debian installer. Previously it was in config/ which
doesn't get picked up by lb build.

- Moved config/preseed.cfg -> config/includes.installer/preseed.cfg
- Updated all test files to reference new path

💘 Generated with Crush

Assisted-by: GLM-4.7 via Crush <crush@charm.land>
2026-02-19 19:39:35 -05:00

278 lines
9.4 KiB
Bash
Raw Permalink Blame History

#!/usr/bin/env bats
# End-to-end integration tests for KNEL-Football Secure OS
# Tests the complete workflow from source to ISO
# Copyright © 2026 Known Element Enterprises LLC
# License: GNU Affero General Public License v3.0 only
# =============================================================================
# PROJECT STRUCTURE TESTS
# =============================================================================
@test "project root has essential files" {
[ -f "/workspace/run.sh" ]
[ -f "/workspace/Dockerfile" ]
[ -f "/workspace/AGENTS.md" ]
[ -f "/workspace/README.md" ]
[ -f "/workspace/docs/PRD.md" ]
}
@test "src directory contains all build scripts" {
[ -f "/workspace/src/build-iso.sh" ]
[ -f "/workspace/src/firewall-setup.sh" ]
[ -f "/workspace/src/security-hardening.sh" ]
}
@test "all source scripts are executable" {
[ -x "/workspace/src/build-iso.sh" ]
[ -x "/workspace/src/firewall-setup.sh" ]
[ -x "/workspace/src/security-hardening.sh" ]
}
@test "run.sh is executable" {
[ -x "/workspace/run.sh" ]
}
# =============================================================================
# CONFIGURATION DIRECTORY TESTS
# =============================================================================
@test "config directory structure is complete" {
[ -d "/workspace/config" ]
[ -d "/workspace/config/hooks" ]
[ -d "/workspace/config/hooks/live" ]
[ -d "/workspace/config/hooks/installed" ]
[ -d "/workspace/config/package-lists" ]
}
@test "config has preseed file" {
[ -f "/workspace/config/includes.installer/preseed.cfg" ]
}
@test "config has package list" {
[ -f "/workspace/config/package-lists/knel-football.list.chroot" ]
}
# =============================================================================
# LIVE HOOKS TESTS
# =============================================================================
@test "live hook desktop-environment.sh exists and is executable" {
[ -f "/workspace/config/hooks/live/desktop-environment.sh" ]
[ -x "/workspace/config/hooks/live/desktop-environment.sh" ]
}
@test "live hook firewall-setup.sh exists and is executable" {
[ -f "/workspace/config/hooks/live/firewall-setup.sh" ]
[ -x "/workspace/config/hooks/live/firewall-setup.sh" ]
}
@test "live hook qr-code-import.sh exists and is executable" {
[ -f "/workspace/config/hooks/live/qr-code-import.sh" ]
[ -x "/workspace/config/hooks/live/qr-code-import.sh" ]
}
@test "live hook security-hardening.sh exists and is executable" {
[ -f "/workspace/config/hooks/live/security-hardening.sh" ]
[ -x "/workspace/config/hooks/live/security-hardening.sh" ]
}
@test "live hook usb-automount.sh exists and is executable" {
[ -f "/workspace/config/hooks/live/usb-automount.sh" ]
[ -x "/workspace/config/hooks/live/usb-automount.sh" ]
}
# =============================================================================
# INSTALLED HOOKS TESTS
# =============================================================================
@test "installed hook disable-package-management.sh exists and is executable" {
[ -f "/workspace/config/hooks/installed/disable-package-management.sh" ]
[ -x "/workspace/config/hooks/installed/disable-package-management.sh" ]
}
@test "installed hook encryption-setup.sh exists and is executable" {
[ -f "/workspace/config/hooks/installed/encryption-setup.sh" ]
[ -x "/workspace/config/hooks/installed/encryption-setup.sh" ]
}
@test "installed hook encryption-validation.sh exists and is executable" {
[ -f "/workspace/config/hooks/installed/encryption-validation.sh" ]
[ -x "/workspace/config/hooks/installed/encryption-validation.sh" ]
}
@test "installed hook install-scripts.sh exists and is executable" {
[ -f "/workspace/config/hooks/installed/install-scripts.sh" ]
[ -x "/workspace/config/hooks/installed/install-scripts.sh" ]
}
# =============================================================================
# HOOKS USE STRICT MODE
# =============================================================================
@test "all live hooks use set -e or set -euo pipefail" {
for hook in /workspace/config/hooks/live/*.sh; do
grep -q "set -e\|set -euo pipefail" "$hook"
done
}
@test "all installed hooks use set -e or set -euo pipefail" {
for hook in /workspace/config/hooks/installed/*.sh; do
grep -q "set -e\|set -euo pipefail" "$hook"
done
}
# =============================================================================
# DOCUMENTATION TESTS
# =============================================================================
@test "docs directory exists with documentation files" {
[ -d "/workspace/docs" ]
[ -f "/workspace/docs/PRD.md" ]
}
@test "AGENTS.md has required sections" {
grep -q "MANDATORY SECURITY REQUIREMENTS" /workspace/AGENTS.md
grep -q "DOCKER-ONLY WORKFLOW" /workspace/AGENTS.md
grep -q "AGENT WORKFLOW" /workspace/AGENTS.md
}
@test "README.md has essential sections" {
grep -q "## " /workspace/README.md
}
@test "PRD.md has functional requirements" {
grep -q "FR-" /workspace/docs/PRD.md
}
# =============================================================================
# RUN.SH COMMAND TESTS
# =============================================================================
@test "run.sh help command works" {
run /workspace/run.sh help
# Help exits with 1 (usage message)
[ "$status" -eq 0 ] || [ "$status" -eq 1 ]
}
@test "run.sh shows available commands" {
run /workspace/run.sh help
[[ "$output" == *"build"* ]]
[[ "$output" == *"test"* ]]
[[ "$output" == *"iso"* ]]
}
@test "run.sh has lint command" {
run /workspace/run.sh lint
# Lint may pass (0), fail with issues (123), command issues (1), or not found (127)
[ "$status" -eq 0 ] || [ "$status" -eq 1 ] || [ "$status" -eq 123 ] || [ "$status" -eq 127 ]
}
# =============================================================================
# SECURITY REQUIREMENTS INTEGRATION
# =============================================================================
@test "encryption setup contains LUKS2 configuration" {
grep -q "luks2\|LUKS2" /workspace/config/hooks/installed/encryption-setup.sh
}
@test "encryption setup contains AES-256 cipher" {
grep -q "aes-xts\|aes_xts\|AES-256" /workspace/config/hooks/installed/encryption-setup.sh
}
@test "security-hardening.sh configures password policy" {
grep -q "pwquality\|minlen\|dcredit" /workspace/src/security-hardening.sh
}
@test "firewall-setup.sh uses nftables" {
grep -q "nft\|nftables" /workspace/src/firewall-setup.sh
}
@test "firewall-setup.sh configures WireGuard" {
grep -q "wireguard\|WireGuard\|51820" /workspace/src/firewall-setup.sh
}
# =============================================================================
# PACKAGE LIST VALIDATION
# =============================================================================
@test "package list contains linux kernel" {
grep -q "linux-image-amd64" /workspace/config/package-lists/knel-football.list.chroot
}
@test "package list contains Secure Boot packages" {
grep -q "shim-signed" /workspace/config/package-lists/knel-football.list.chroot
grep -q "grub-efi-amd64-signed" /workspace/config/package-lists/knel-football.list.chroot
}
@test "package list contains desktop environment" {
grep -q "icewm" /workspace/config/package-lists/knel-football.list.chroot
grep -q "lightdm" /workspace/config/package-lists/knel-football.list.chroot
}
@test "package list contains WireGuard" {
grep -q "wireguard" /workspace/config/package-lists/knel-football.list.chroot
}
@test "package list contains SSH client (not server)" {
grep -q "openssh-client" /workspace/config/package-lists/knel-football.list.chroot
! grep -q "openssh-server" /workspace/config/package-lists/knel-football.list.chroot
}
@test "package list contains security tools" {
grep -q "auditd" /workspace/config/package-lists/knel-football.list.chroot
grep -q "aide" /workspace/config/package-lists/knel-football.list.chroot
}
# =============================================================================
# TEST DIRECTORY STRUCTURE
# =============================================================================
@test "tests directory has proper structure" {
[ -d "/workspace/tests" ]
[ -d "/workspace/tests/unit" ]
[ -d "/workspace/tests/integration" ]
[ -d "/workspace/tests/security" ]
[ -d "/workspace/tests/system" ]
}
@test "unit tests exist" {
ls /workspace/tests/unit/*.bats 2>/dev/null | grep -q .
}
@test "integration tests exist" {
ls /workspace/tests/integration/*.bats 2>/dev/null | grep -q .
}
@test "security tests exist" {
ls /workspace/tests/security/*.bats 2>/dev/null | grep -q .
}
@test "system tests exist" {
ls /workspace/tests/system/*.bats 2>/dev/null | grep -q .
}
# =============================================================================
# DOCKERFILE VALIDATION
# =============================================================================
@test "Dockerfile exists and has content" {
[ -f "/workspace/Dockerfile" ]
[ -s "/workspace/Dockerfile" ]
}
@test "Dockerfile installs live-build" {
grep -q "live-build" /workspace/Dockerfile
}
@test "Dockerfile installs bats for testing" {
grep -q "bats" /workspace/Dockerfile
}
@test "Dockerfile installs shellcheck for linting" {
grep -q "shellcheck" /workspace/Dockerfile
}
@test "Dockerfile sets WORKDIR" {
grep -q "WORKDIR" /workspace/Dockerfile
}
Reference in New Issue View Git Blame Copy Permalink