diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml new file mode 100644 index 00000000..a39a5018 --- /dev/null +++ b/.github/workflows/ci.yml @@ -0,0 +1,82 @@ + +# See https://docs.github.com/en/actions/reference/workflow-syntax-for-github-actions + +name: CI + +on: [push, pull_request] + +jobs: + Tests: + runs-on: ubuntu-latest + container: registry.opensuse.org/yast/head/containers/yast-ruby:latest + + steps: + + - name: Git Checkout + uses: actions/checkout@v2 + + # just for easier debugging... + - name: Inspect Installed Packages + run: rpm -qa | sort + + - name: Unit Tests + run: rake test:unit + # enable code coverage reporting + env: + COVERAGE: 1 + + # send the coverage report to coveralls.io + - name: Coveralls Report + uses: coverallsapp/github-action@master + with: + github-token: ${{ secrets.GITHUB_TOKEN }} + + Rubocop: + runs-on: ubuntu-latest + container: registry.opensuse.org/yast/head/containers/yast-ruby:latest + + steps: + + - name: Git Checkout + uses: actions/checkout@v2 + + - name: Rubocop + run: rake check:rubocop + + Package: + runs-on: ubuntu-latest + container: registry.opensuse.org/yast/head/containers/yast-ruby:latest + + steps: + + - name: Git Checkout + uses: actions/checkout@v2 + + - name: Package Build + run: yast-ci-ruby -o package + + Yardoc: + runs-on: ubuntu-latest + container: registry.opensuse.org/yast/head/containers/yast-ruby:latest + + steps: + + - name: Git Checkout + uses: actions/checkout@v2 + + - name: Yardoc + run: rake check:doc + + # downloading the Docker image takes some time so bundling several fast + # checks into one job avoids that overhead + Checks: + runs-on: ubuntu-latest + container: registry.opensuse.org/yast/head/containers/yast-ruby:latest + + steps: + + - name: Git Checkout + uses: actions/checkout@v2 + + - name: POT Check + run: rake check:pot diff --git a/.travis.yml b/.travis.yml deleted file mode 100644 index 76b0bac2..00000000 --- a/.travis.yml +++ /dev/null @@ -1,12 +0,0 @@ -sudo: required -language: ruby -services: - - docker - -before_install: - - docker build -t yast-security-image . -script: - # the "yast-travis-ruby" script is included in the base yastdevel/ruby image - # see https://github.com/yast/docker-yast-ruby/blob/master/yast-travis-ruby - - docker run -it -e TRAVIS_JOB_ID="$TRAVIS_JOB_ID" yast-security-image yast-travis-ruby - - docker run -it -e TRAVIS_JOB_ID="$TRAVIS_JOB_ID" yast-security-image rake check:doc diff --git a/Dockerfile b/Dockerfile deleted file mode 100644 index 7b8f4b66..00000000 --- a/Dockerfile +++ /dev/null @@ -1,2 +0,0 @@ -FROM registry.opensuse.org/yast/head/containers/yast-ruby:latest -COPY . /usr/src/app diff --git a/README.md b/README.md index 0b9c36dc..58078eaa 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,8 @@ # YaST - The Security Settings Module # -[![Travis Build](https://travis-ci.org/yast/yast-security.svg?branch=master)](https://travis-ci.org/yast/yast-security) -[![Jenkins Build](http://img.shields.io/jenkins/s/https/ci.opensuse.org/yast-security-master.svg)](https://ci.opensuse.org/view/Yast/job/yast-security-master/) - +[![Workflow Status](https://github.com/yast/yast-security/workflows/CI/badge.svg?branch=master)]( +https://github.com/yast/yast-security/actions?query=branch%3Amaster) +[![Jenkins Status](https://ci.opensuse.org/buildStatus/icon?job=yast-yast-security-master)]( +https://ci.opensuse.org/view/Yast/job/yast-yast-security-master/) +[![Coverage Status](https://img.shields.io/coveralls/yast/yast-security.svg)](https://coveralls.io/r/yast/yast-security?branch=master) +[![inline docs](http://inch-ci.org/github/yast/yast-security.svg?branch=master)](http://inch-ci.org/github/yast/yast-security) diff --git a/test/security_test.rb b/test/security_test.rb index 4c12c3e3..fd222f88 100755 --- a/test/security_test.rb +++ b/test/security_test.rb @@ -259,8 +259,7 @@ def enabled? it "does not write invalid values" do Security.Settings["kernel.sysrq"] = "yes" Security.Settings["net.ipv4.ip_forward"] = "" - expect(sysctl_config).to_not receive(:kernel_sysrq).with("yes") - expect(sysctl_config).to_not receive(:raw_forward_ipv4=).with("") + expect(sysctl_config).to_not receive(:kernel_sysrq) expect(Security.write_kernel_settings).to eq(false) end diff --git a/test/test_helper.rb b/test/test_helper.rb index 33eeb798..6cc58775 100644 --- a/test/test_helper.rb +++ b/test/test_helper.rb @@ -25,24 +25,43 @@ require "yast/rspec" require_relative 'SCRStub' -::RSpec.configure do |c| - c.include SCRStub +::RSpec.configure do |config| + config.include SCRStub + + config.mock_with :rspec do |mocks| + # If you misremember a method name both in code and in tests, + # will save you. + # https://relishapp.com/rspec/rspec-mocks/v/3-0/docs/verifying-doubles/partial-doubles + # + # With graceful degradation for RSpec 2 + mocks.verify_partial_doubles = true if mocks.respond_to?(:verify_partial_doubles=) + end end if ENV["COVERAGE"] require "simplecov" - SimpleCov.start + SimpleCov.start do + add_filter "/test/" + end + + src_location = File.expand_path("../src", __dir__) + # track all ruby files under src + SimpleCov.track_files("#{src_location}/**/*.rb") + + # additionally use the LCOV format for on-line code coverage reporting at CI + if ENV["CI"] || ENV["COVERAGE_LCOV"] + require "simplecov-lcov" - # for coverage we need to load all ruby files - Dir["#{SRC_PATH}/modules/**/*.rb"].each { |f| require_relative f } - Dir["#{SRC_PATH}/lib/**/*.rb"].each { |f| require_relative f } + SimpleCov::Formatter::LcovFormatter.config do |c| + c.report_with_single_file = true + # this is the default Coveralls GitHub Action location + # https://github.com/marketplace/actions/coveralls-github-action + c.single_report_path = "coverage/lcov.info" + end - # use coveralls for on-line code coverage reporting at Travis CI - if ENV["TRAVIS"] - require "coveralls" SimpleCov.formatter = SimpleCov::Formatter::MultiFormatter[ SimpleCov::Formatter::HTMLFormatter, - Coveralls::SimpleCov::Formatter + SimpleCov::Formatter::LcovFormatter ] end end