d9f2f02138
- Merged VM testing functions into run.sh (test:iso commands) - Merged build monitoring into run.sh (monitor command) - Updated tests to reference ./run.sh test:iso instead of ./test-iso.sh - Updated documentation (README.md, AGENTS.md, STATUS.md) - Removed standalone scripts per project cleanup 💘 Generated with Crush Assisted-by: GLM-4.7 via Crush <crush@charm.land>
73 lines
2.6 KiB
Bash
73 lines
2.6 KiB
Bash
#!/usr/bin/env bats
|
|
# KNEL-Football System Tests - Secure Boot Verification
|
|
# Tests for Secure Boot support in the ISO
|
|
# Copyright © 2026 Known Element Enterprises LLC
|
|
# License: GNU Affero General Public License v3.0 only
|
|
|
|
# These tests verify Secure Boot packages and configuration
|
|
|
|
# Test: Verify Secure Boot packages are in package list
|
|
@test "Secure Boot package shim-signed is in package list" {
|
|
grep -q "shim-signed" config/package-lists/knel-football.list.chroot
|
|
}
|
|
|
|
@test "Secure Boot package grub-efi-amd64-signed is in package list" {
|
|
grep -q "grub-efi-amd64-signed" config/package-lists/knel-football.list.chroot
|
|
}
|
|
|
|
@test "Secure Boot package grub-efi-amd64-bin is in package list" {
|
|
grep -q "grub-efi-amd64-bin" config/package-lists/knel-football.list.chroot
|
|
}
|
|
|
|
@test "UEFI package efibootmgr is in package list" {
|
|
grep -q "efibootmgr" config/package-lists/knel-football.list.chroot
|
|
}
|
|
|
|
# Test: Verify Secure Boot section comment exists
|
|
@test "Package list has Secure Boot section comment" {
|
|
grep -q "Secure Boot" config/package-lists/knel-football.list.chroot
|
|
}
|
|
|
|
# Test: Verify encryption configuration for Secure Boot compatibility
|
|
@test "Encryption setup uses LUKS2 format" {
|
|
grep -q "luks2" config/hooks/installed/encryption-setup.sh
|
|
}
|
|
|
|
@test "Encryption setup configures initramfs for crypto" {
|
|
grep -q "dm_crypt" config/hooks/installed/encryption-setup.sh
|
|
}
|
|
|
|
# Test: Verify preseed has UEFI/GPT configuration
|
|
@test "Preseed uses GPT partitioning for UEFI compatibility" {
|
|
[ -f "config/preseed.cfg" ]
|
|
grep -q "gpt\|GPT" config/preseed.cfg || grep -q "efi\|EFI" config/preseed.cfg || true
|
|
}
|
|
|
|
# Test: Verify GRUB configuration exists
|
|
@test "Encryption setup configures GRUB" {
|
|
grep -q "grub" config/hooks/installed/encryption-setup.sh
|
|
}
|
|
|
|
# Runtime tests (require VM)
|
|
# These are placeholders that will be skipped if VM is not available
|
|
|
|
@test "VM boots with UEFI (requires VM)" {
|
|
# This test requires a running VM
|
|
if ! virsh domstate knel-football-test 2>/dev/null | grep -q "running"; then
|
|
skip "VM not running - start with ./run.sh test:iso create"
|
|
fi
|
|
|
|
# Check UEFI boot would require VM console access
|
|
skip "Requires manual verification via console"
|
|
}
|
|
|
|
@test "Secure Boot verification (requires VM)" {
|
|
# This test requires manual verification
|
|
if ! virsh domstate knel-football-test 2>/dev/null | grep -q "running"; then
|
|
skip "VM not running - start with ./run.sh test:iso create"
|
|
fi
|
|
|
|
# Secure Boot verification requires console access
|
|
skip "Requires manual verification: dmesg | grep -i secure"
|
|
}
|