wallenstein/algo
1
0
Fork 0
mirror of https://github.com/trailofbits/algo.git synced 2025-08-14 08:43:01 +02:00
Code Issues Projects Releases Wiki Activity

update travis-ci tests

Browse source
This commit is contained in:
Jack Ivanov 2019-03-20 19:48:41 +01:00
parent e8f733a8b8
commit d1d8740e04
5 changed files with 71 additions and 34 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

71
.travis.yml
View file

@ -1,15 +1,11 @@
--- ---
language: python language: python
python: "2.7" python: "2.7"
sudo: required dist: xenial
dist: trusty
services: services:
- docker - docker
matrix:
fast_finish: true
addons: addons:
apt: apt:
sources: sources:
@ -41,35 +37,52 @@ before_cache:
- sudo tar cf $HOME/lxc/cache.tar /var/lib/lxd/images/ - sudo tar cf $HOME/lxc/cache.tar /var/lib/lxd/images/
- sudo chown $USER. $HOME/lxc/cache.tar - sudo chown $USER. $HOME/lxc/cache.tar
env: matrix:
- LXC_NAME=docker LXC_DISTRO=ubuntu LXC_RELEASE=18.04 fast_finish: true
include:
- stage: Test
name: local deployment from docker
script:
- docker build -t travis/algo .
- sudo tar xf $HOME/lxc/cache.tar -C / || echo "Didn't extract cache."
- sudo cp -f tests/lxd-bridge /etc/default/lxd-bridge
- ssh-keygen -f ~/.ssh/id_rsa -t rsa -N ''
- echo -e "#cloud-config\nssh_authorized_keys:\n - $(cat ~/.ssh/id_rsa.pub)" | sudo lxc profile set default user.user-data -
- sudo service lxd restart
- sudo lxc launch ubuntu:18.04 algo
- until host algo.lxd 10.0.8.1 -t A; do sleep 3; done
- export LXC_IP="$(dig algo.lxd @10.0.8.1 +short)"
- pip install -r requirements.txt
- pip install ansible-lint
- gem install awesome_bot
- ansible-playbook --version
- tree . -L 2
- ansible-playbook main.yml --syntax-check
- ./tests/local-deploy.sh
- ./tests/update-users.sh
before_install: - stage: Test
- test "${LXC_NAME}" != "docker" && sudo modprobe wireguard || docker build -t travis/algo . name: cloud-init deployment
script:
- sudo tar xf $HOME/lxc/cache.tar -C / || echo "Didn't extract cache."
- sudo cp -f tests/lxd-bridge /etc/default/lxd-bridge
- sudo service lxd restart
- bash tests/cloud-init.sh | sudo lxc profile set default user.user-data -
- sudo lxc profile show default
- sudo lxc launch ubuntu:18.04 algo
- until sudo lxc exec algo -- test -f /var/log/cloud-init-output.log; do echo 'Log file not found, Sleep for 3 seconds'; sleep 3; done
- ( sudo lxc exec algo -- tail -f /var/log/cloud-init-output.log & )
- |
until sudo lxc exec algo -- test -f /var/lib/cloud/data/result.json; do
echo 'Cloud init is not finished. Sleep for 30 seconds';
sleep 30;
done
- sudo lxc exec algo -- test -f /opt/algo/configs/localhost/.config.yml
install: # script:
- sudo tar xf $HOME/lxc/cache.tar -C / || echo "Didn't extract cache."
- ssh-keygen -f ~/.ssh/id_rsa -t rsa -N ''
- chmod 0644 ~/.ssh/config
- echo -e "#cloud-config\nssh_authorized_keys:\n - $(cat ~/.ssh/id_rsa.pub)" | sudo lxc profile set default user.user-data -
- sudo cp -f tests/lxd-bridge /etc/default/lxd-bridge
- sudo service lxd restart
- sudo lxc launch ${LXC_DISTRO}:${LXC_RELEASE} ${LXC_NAME}
- until host ${LXC_NAME}.lxd 10.0.8.1 -t A; do sleep 3; done
- export LXC_IP="$(dig ${LXC_NAME}.lxd @10.0.8.1 +short)"
- pip install -r requirements.txt
- pip install ansible-lint
- gem install awesome_bot
- ansible-playbook --version
- tree . -L 2
script:
# - awesome_bot --allow-dupe --skip-save-results *.md docs/*.md --white-list paypal.com,do.co,microsoft.com,https://github.com/trailofbits/algo/archive/master.zip,https://github.com/trailofbits/algo/issues/new # - awesome_bot --allow-dupe --skip-save-results *.md docs/*.md --white-list paypal.com,do.co,microsoft.com,https://github.com/trailofbits/algo/archive/master.zip,https://github.com/trailofbits/algo/issues/new
# - shellcheck algo # - shellcheck algo
# - ansible-lint main.yml users.yml deploy_client.yml # - ansible-lint main.yml users.yml deploy_client.yml
- ansible-playbook main.yml --syntax-check
- ./tests/local-deploy.sh
- ./tests/update-users.sh
notifications: notifications:
email: false email: false

11
install.sh
View file

@ -12,6 +12,10 @@ LOCAL_DNS="${7:-${LOCAL_DNS:-false}}"
SSH_TUNNELING="${8:-${SSH_TUNNELING:-false}}" SSH_TUNNELING="${8:-${SSH_TUNNELING:-false}}"
ENDPOINT="${9:-${ENDPOINT:-localhost}}" ENDPOINT="${9:-${ENDPOINT:-localhost}}"
USERS="${10:-${USERS:-user1}}" USERS="${10:-${USERS:-user1}}"
REPO_SLUG="${11:-${REPO_SLUG:-trailofbits/algo}}"
REPO_BRANCH="${12:-${REPO_BRANCH:-master}}"
EXTRA_VARS="${13:-${EXTRA_VARS:-placeholder=null}}"
ANSIBLE_EXTRA_ARGS="${14:-${ANSIBLE_EXTRA_ARGS}}"
cd /opt/ cd /opt/
@ -32,9 +36,11 @@ installRequirements() {
} }
getAlgo() { getAlgo() {
[ ! -d "algo" ] && git clone https://github.com/trailofbits/algo algo [ ! -d "algo" ] && git clone https://github.com/${REPO_SLUG} algo
cd algo cd algo
git checkout ${REPO_BRANCH}
python -m virtualenv --python=`which python2` .venv python -m virtualenv --python=`which python2` .venv
. .venv/bin/activate . .venv/bin/activate
python -m pip install -U pip virtualenv python -m pip install -U pip virtualenv
@ -95,7 +101,8 @@ deployAlgo() {
-e users=$(echo "$USERS" | jq -Rc 'split(",")') \ -e users=$(echo "$USERS" | jq -Rc 'split(",")') \
-e server=localhost \ -e server=localhost \
-e ssh_user=root \ -e ssh_user=root \
--skip-tags debug | -e "${EXTRA_VARS}" \
--skip-tags debug ${ANSIBLE_EXTRA_ARGS} |
tee /var/log/algo.log tee /var/log/algo.log
} }

4
roles/ssh_tunneling/tasks/main.yml
View file

@ -64,7 +64,7 @@
passphrase: "{{ p12_export_password }}" passphrase: "{{ p12_export_password }}"
cipher: aes256 cipher: aes256
force: false force: false
no_log: true # no_log: true
when: not item.stat.exists when: not item.stat.exists
with_items: "{{ privatekey.results }}" with_items: "{{ privatekey.results }}"
register: openssl_privatekey register: openssl_privatekey
@ -76,7 +76,7 @@
privatekey_passphrase: "{{ p12_export_password }}" privatekey_passphrase: "{{ p12_export_password }}"
format: OpenSSH format: OpenSSH
force: true force: true
no_log: true # no_log: true
when: item.changed when: item.changed
with_items: "{{ openssl_privatekey.results }}" with_items: "{{ openssl_privatekey.results }}"

2
roles/strongswan/tasks/client_configs.yml
View file

@ -18,7 +18,7 @@
with_together: with_together:
- "{{ users }}" - "{{ users }}"
- "{{ PayloadContent.results }}" - "{{ PayloadContent.results }}"
no_log: True # no_log: True
- name: Build the client ipsec config file - name: Build the client ipsec config file
template: template:

17
tests/cloud-init.sh Executable file
View file

@ -0,0 +1,17 @@
#!/bin/bash
echo "#!/bin/bash
export METHOD=local
export ONDEMAND_CELLULAR=true
export ONDEMAND_WIFI=true
export ONDEMAND_WIFI_EXCLUDE=test1,test2
export WINDOWS=true
export STORE_CAKEY=true
export LOCAL_DNS=true
export ENDPOINT=algo.lxc
export USERS=user1,user2
export EXTRA_VARS='install_headers=false tests=true apparmor_enabled=false'
export ANSIBLE_EXTRA_ARGS='--skip-tags apparmor'
export REPO_SLUG=${TRAVIS_PULL_REQUEST_SLUG:-${TRAVIS_REPO_SLUG:-trailofbits/algo}}
export REPO_BRANCH=${TRAVIS_PULL_REQUEST_BRANCH:-${TRAVIS_BRANCH:-master}}
curl -s https://raw.githubusercontent.com/${TRAVIS_PULL_REQUEST_SLUG:-${TRAVIS_REPO_SLUG}}/${TRAVIS_PULL_REQUEST_BRANCH:-${TRAVIS_BRANCH}}/install.sh | sudo -E bash -x"