felipe/apparmor.d
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

ci(github): ignore profile not handled by this project.

Browse source
This commit is contained in:
Alexandre Pujol 2025-03-30 21:29:28 +02:00
parent cbea160416
commit 0d43563520
No known key found for this signature in database
GPG key ID: C5469996F0DF68EC
1 changed files with 14 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

14
tests/integration/common.bash
View file

@ -6,6 +6,11 @@
export BATS_LIB_PATH=${BATS_LIB_PATH:-/usr/lib/bats} export BATS_LIB_PATH=${BATS_LIB_PATH:-/usr/lib/bats}
load "$BATS_LIB_PATH/bats-support/load" load "$BATS_LIB_PATH/bats-support/load"
export SYSTEMD_PAGER=
# Ignore the profile not managed by apparmor.d
IGNORE=(php-fpm snapd/snap-confine)
# User password for sudo commands # User password for sudo commands
export PASSWORD=${PASSWORD:-user} export PASSWORD=${PASSWORD:-user}
@ -105,12 +110,21 @@ aa_check() {
now=$(date +%s) now=$(date +%s)
duration=$((now - _START + 1)) duration=$((now - _START + 1))
logs=$(aa-log --raw --systemd --since "-${duration}s") logs=$(aa-log --raw --systemd --since "-${duration}s")
for profile in "${IGNORE[@]}"; do
logs=$(echo "$logs" | grep -v "$profile")
done
aa_start aa_start
if [[ -n "$logs" ]]; then if [[ -n "$logs" ]]; then
fail "profile $PROGRAM raised logs: $logs" fail "profile $PROGRAM raised logs: $logs"
fi fi
} }
_timeout() {
local duration="2s"
timeout --preserve-status --kill-after="$duration" "$duration" "$@"
}
# Bats setup and teardown hooks # Bats setup and teardown hooks
setup_file() { setup_file() {