Skip to content

Commit

Permalink
Fix tests (trailofbits#14319)
Browse files Browse the repository at this point in the history
  • Loading branch information
davidemyers authored Oct 31, 2021
1 parent d06869e commit 4bed66f
Show file tree
Hide file tree
Showing 7 changed files with 23 additions and 68 deletions.
47 changes: 14 additions & 33 deletions .github/workflows/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ on: [push, pull_request]

jobs:
lint:
runs-on: ubuntu-18.04
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@v2
- uses: actions/[email protected]
Expand All @@ -26,12 +26,12 @@ jobs:
ansible-lint -x experimental,package-latest,unnamed-task -v *.yml roles/{local,cloud-*}/*/*.yml
scripted-deploy:
runs-on: ubuntu-16.04
runs-on: ubuntu-20.04
strategy:
matrix:
UBUNTU_VERSION: ["18.04", "20.04"]
steps:
- uses: actions/checkout@v1
- uses: actions/checkout@v2
- uses: actions/[email protected]
with:
python-version: '3.7'
Expand All @@ -40,29 +40,20 @@ jobs:
run: |
sudo apt update -y
sudo apt install -y \
python3-pip \
lxd \
expect-dev \
debootstrap \
tree \
bridge-utils \
dnsutils \
build-essential \
libssl-dev \
libffi-dev \
python3-dev \
linux-headers-$(uname -r) \
wireguard \
libxml2-utils \
crudini \
fping \
strongswan \
libstrongswan-standard-plugins \
resolvconf
openresolv
python3 -m pip install --upgrade pip
python3 -m pip install -r requirements.txt
sudo snap refresh lxd
sudo lxd init --auto
- name: Provision
env:
DEPLOY: cloud-init
Expand Down Expand Up @@ -93,46 +84,36 @@ jobs:
sudo -E bash -x ./tests/wireguard-client.sh
sudo env "PATH=$PATH" ./tests/ipsec-client.sh
local-deploy:
runs-on: ubuntu-16.04
docker-deploy:
runs-on: ubuntu-20.04
strategy:
matrix:
UBUNTU_VERSION: ["18.04", "20.04"]
steps:
- uses: actions/checkout@v1
- uses: actions/checkout@v2
- uses: actions/[email protected]
with:
python-version: '3.7'

- name: Install dependencies
run: |
set -x
sudo add-apt-repository -yu ppa:ubuntu-lxc/stable
sudo apt update -y
sudo apt install -y \
python3-pip \
lxd \
expect-dev \
debootstrap \
tree \
bridge-utils \
dnsutils \
build-essential \
libssl-dev \
libffi-dev \
python3-dev \
linux-headers-$(uname -r) \
wireguard \
libxml2-utils \
crudini \
fping \
strongswan \
libstrongswan-standard-plugins \
resolvconf
openresolv
python3 -m pip install --upgrade pip
python3 -m pip install -r requirements.txt
sudo snap refresh lxd
sudo lxd init --auto
- name: Provision
env:
DEPLOY: docker
Expand Down
9 changes: 0 additions & 9 deletions install.sh
Original file line number Diff line number Diff line change
Expand Up @@ -22,16 +22,7 @@ installRequirements() {
export DEBIAN_FRONTEND=noninteractive
apt-get update
apt-get install \
software-properties-common \
git \
build-essential \
libssl-dev \
libffi-dev \
python3-dev \
python3-pip \
python3-setuptools \
python3-virtualenv \
bind9-host \
jq -y
}

Expand Down
2 changes: 1 addition & 1 deletion main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@

- name: Verify Python meets Algo VPN requirements
assert:
that: (ansible_python.version.major|string + '.' + ansible_python.version.minor|string)|float is version('3.6', '>=')
that: (ansible_python.version.major|string + '.' + ansible_python.version.minor|string) is version('3.6', '>=')
msg: >
Python version is not supported.
You must upgrade to at least Python 3.6 to use this version of Algo.
Expand Down
2 changes: 1 addition & 1 deletion roles/client/handlers/main.yml
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
---
- name: restart strongswan
service: name=strongswan state=restarted
service: name={{ strongswan_service }} state=restarted
1 change: 0 additions & 1 deletion tests/algo.conf

This file was deleted.

16 changes: 0 additions & 16 deletions tests/lxd-bridge

This file was deleted.

14 changes: 7 additions & 7 deletions tests/pre-deploy.sh
Original file line number Diff line number Diff line change
Expand Up @@ -4,10 +4,6 @@ set -euxo pipefail

sysctl net.ipv6.conf.all.disable_ipv6=0

tar xf $HOME/lxc/cache.tar -C / || echo "Didn't extract cache."
cp -f tests/lxd-bridge /etc/default/lxd-bridge
cp -f tests/algo.conf /etc/default/algo.conf

export REPOSITORY=${REPOSITORY:-${GITHUB_REPOSITORY}}
export _BRANCH=${BRANCH#refs/heads/}
export BRANCH=${_BRANCH:-${GITHUB_REF#refs/heads/}}
Expand All @@ -18,12 +14,16 @@ else
echo -e "#cloud-config\nssh_authorized_keys:\n - $(cat ~/.ssh/id_rsa.pub)" | lxc profile set default user.user-data -
fi

systemctl restart lxd-bridge.service lxd-containers.service lxd.service
lxc network set lxdbr0 ipv4.address 10.0.8.1/24

lxc profile set default raw.lxc lxc.aa_profile=unconfined
lxc profile set default raw.lxc 'lxc.apparmor.profile = unconfined'
lxc profile set default security.privileged true
lxc profile show default
lxc launch ubuntu:${UBUNTU_VERSION} algo

lxc init ubuntu:${UBUNTU_VERSION} algo
lxc network attach lxdbr0 algo eth0 eth0
lxc config device set algo eth0 ipv4.address 10.0.8.100
lxc start algo

if [[ ${UBUNTU_VERSION} == "20.04" ]]; then
lxc exec algo -- apt remove snapd --purge -y || true
Expand Down

0 comments on commit 4bed66f

Please sign in to comment.