From c7c3b9f8f66f5eb15c83dad946653f725a3b6df6 Mon Sep 17 00:00:00 2001 From: Josef Reidinger Date: Mon, 18 Jan 2021 21:06:43 +0100 Subject: [PATCH 1/5] Removed Dockerfile --- Dockerfile | 2 -- 1 file changed, 2 deletions(-) delete mode 100644 Dockerfile diff --git a/Dockerfile b/Dockerfile deleted file mode 100644 index 7b8f4b66..00000000 --- a/Dockerfile +++ /dev/null @@ -1,2 +0,0 @@ -FROM registry.opensuse.org/yast/head/containers/yast-ruby:latest -COPY . /usr/src/app From c3f93b5a76649c7a2ba1a2e014fd8c2322efd7c4 Mon Sep 17 00:00:00 2001 From: Josef Reidinger Date: Mon, 18 Jan 2021 21:06:43 +0100 Subject: [PATCH 2/5] Removed .travis.yml --- .travis.yml | 12 ------------ 1 file changed, 12 deletions(-) delete mode 100644 .travis.yml diff --git a/.travis.yml b/.travis.yml deleted file mode 100644 index 76b0bac2..00000000 --- a/.travis.yml +++ /dev/null @@ -1,12 +0,0 @@ -sudo: required -language: ruby -services: - - docker - -before_install: - - docker build -t yast-security-image . -script: - # the "yast-travis-ruby" script is included in the base yastdevel/ruby image - # see https://github.com/yast/docker-yast-ruby/blob/master/yast-travis-ruby - - docker run -it -e TRAVIS_JOB_ID="$TRAVIS_JOB_ID" yast-security-image yast-travis-ruby - - docker run -it -e TRAVIS_JOB_ID="$TRAVIS_JOB_ID" yast-security-image rake check:doc From 206060ebe48cbe189b8cf9f0e8ded12fe5a90b05 Mon Sep 17 00:00:00 2001 From: Josef Reidinger Date: Mon, 18 Jan 2021 21:16:33 +0100 Subject: [PATCH 3/5] Add github actions --- .github/workflows/ci.yml | 82 ++++++++++++++++++++++++++++++++++++++++ test/test_helper.rb | 39 ++++++++++++++----- 2 files changed, 111 insertions(+), 10 deletions(-) create mode 100644 .github/workflows/ci.yml diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml new file mode 100644 index 00000000..a39a5018 --- /dev/null +++ b/.github/workflows/ci.yml @@ -0,0 +1,82 @@ + +# See https://docs.github.com/en/actions/reference/workflow-syntax-for-github-actions + +name: CI + +on: [push, pull_request] + +jobs: + Tests: + runs-on: ubuntu-latest + container: registry.opensuse.org/yast/head/containers/yast-ruby:latest + + steps: + + - name: Git Checkout + uses: actions/checkout@v2 + + # just for easier debugging... + - name: Inspect Installed Packages + run: rpm -qa | sort + + - name: Unit Tests + run: rake test:unit + # enable code coverage reporting + env: + COVERAGE: 1 + + # send the coverage report to coveralls.io + - name: Coveralls Report + uses: coverallsapp/github-action@master + with: + github-token: ${{ secrets.GITHUB_TOKEN }} + + Rubocop: + runs-on: ubuntu-latest + container: registry.opensuse.org/yast/head/containers/yast-ruby:latest + + steps: + + - name: Git Checkout + uses: actions/checkout@v2 + + - name: Rubocop + run: rake check:rubocop + + Package: + runs-on: ubuntu-latest + container: registry.opensuse.org/yast/head/containers/yast-ruby:latest + + steps: + + - name: Git Checkout + uses: actions/checkout@v2 + + - name: Package Build + run: yast-ci-ruby -o package + + Yardoc: + runs-on: ubuntu-latest + container: registry.opensuse.org/yast/head/containers/yast-ruby:latest + + steps: + + - name: Git Checkout + uses: actions/checkout@v2 + + - name: Yardoc + run: rake check:doc + + # downloading the Docker image takes some time so bundling several fast + # checks into one job avoids that overhead + Checks: + runs-on: ubuntu-latest + container: registry.opensuse.org/yast/head/containers/yast-ruby:latest + + steps: + + - name: Git Checkout + uses: actions/checkout@v2 + + - name: POT Check + run: rake check:pot diff --git a/test/test_helper.rb b/test/test_helper.rb index 33eeb798..6cc58775 100644 --- a/test/test_helper.rb +++ b/test/test_helper.rb @@ -25,24 +25,43 @@ require "yast/rspec" require_relative 'SCRStub' -::RSpec.configure do |c| - c.include SCRStub +::RSpec.configure do |config| + config.include SCRStub + + config.mock_with :rspec do |mocks| + # If you misremember a method name both in code and in tests, + # will save you. + # https://relishapp.com/rspec/rspec-mocks/v/3-0/docs/verifying-doubles/partial-doubles + # + # With graceful degradation for RSpec 2 + mocks.verify_partial_doubles = true if mocks.respond_to?(:verify_partial_doubles=) + end end if ENV["COVERAGE"] require "simplecov" - SimpleCov.start + SimpleCov.start do + add_filter "/test/" + end + + src_location = File.expand_path("../src", __dir__) + # track all ruby files under src + SimpleCov.track_files("#{src_location}/**/*.rb") + + # additionally use the LCOV format for on-line code coverage reporting at CI + if ENV["CI"] || ENV["COVERAGE_LCOV"] + require "simplecov-lcov" - # for coverage we need to load all ruby files - Dir["#{SRC_PATH}/modules/**/*.rb"].each { |f| require_relative f } - Dir["#{SRC_PATH}/lib/**/*.rb"].each { |f| require_relative f } + SimpleCov::Formatter::LcovFormatter.config do |c| + c.report_with_single_file = true + # this is the default Coveralls GitHub Action location + # https://github.com/marketplace/actions/coveralls-github-action + c.single_report_path = "coverage/lcov.info" + end - # use coveralls for on-line code coverage reporting at Travis CI - if ENV["TRAVIS"] - require "coveralls" SimpleCov.formatter = SimpleCov::Formatter::MultiFormatter[ SimpleCov::Formatter::HTMLFormatter, - Coveralls::SimpleCov::Formatter + SimpleCov::Formatter::LcovFormatter ] end end From 39292f1fda352dad7f21704f9752aa5fd70f62d3 Mon Sep 17 00:00:00 2001 From: Josef Reidinger Date: Mon, 18 Jan 2021 21:17:01 +0100 Subject: [PATCH 4/5] update badges --- README.md | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 0b9c36dc..58078eaa 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,8 @@ # YaST - The Security Settings Module # -[![Travis Build](https://travis-ci.org/yast/yast-security.svg?branch=master)](https://travis-ci.org/yast/yast-security) -[![Jenkins Build](http://img.shields.io/jenkins/s/https/ci.opensuse.org/yast-security-master.svg)](https://ci.opensuse.org/view/Yast/job/yast-security-master/) - +[![Workflow Status](https://github.com/yast/yast-security/workflows/CI/badge.svg?branch=master)]( +https://github.com/yast/yast-security/actions?query=branch%3Amaster) +[![Jenkins Status](https://ci.opensuse.org/buildStatus/icon?job=yast-yast-security-master)]( +https://ci.opensuse.org/view/Yast/job/yast-yast-security-master/) +[![Coverage Status](https://img.shields.io/coveralls/yast/yast-security.svg)](https://coveralls.io/r/yast/yast-security?branch=master) +[![inline docs](http://inch-ci.org/github/yast/yast-security.svg?branch=master)](http://inch-ci.org/github/yast/yast-security) From c2f81c12b37fdf7128a27c767ecf98aa33158a83 Mon Sep 17 00:00:00 2001 From: Josef Reidinger Date: Mon, 18 Jan 2021 21:32:14 +0100 Subject: [PATCH 5/5] fix tests --- test/security_test.rb | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/test/security_test.rb b/test/security_test.rb index 4c12c3e3..fd222f88 100755 --- a/test/security_test.rb +++ b/test/security_test.rb @@ -259,8 +259,7 @@ def enabled? it "does not write invalid values" do Security.Settings["kernel.sysrq"] = "yes" Security.Settings["net.ipv4.ip_forward"] = "" - expect(sysctl_config).to_not receive(:kernel_sysrq).with("yes") - expect(sysctl_config).to_not receive(:raw_forward_ipv4=).with("") + expect(sysctl_config).to_not receive(:kernel_sysrq) expect(Security.write_kernel_settings).to eq(false) end