-
Notifications
You must be signed in to change notification settings - Fork 1
/
.travis.yml
47 lines (37 loc) · 1.38 KB
/
.travis.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
---
sudo: required
language: python
services:
- docker
python: "2.7"
env:
- SITE=test.yml
before_install:
- sudo apt-get update -qq
- docker pull nginx
install:
# Install Ansible.
- pip install ansible
# Add ansible.cfg to pick up roles path.
- "{ echo '[defaults]'; echo 'roles_path = ../'; } >> ansible.cfg"
# Get debug output
- "ansible localhost -m setup -u root -i tests/inventory --connection=local"
script:
# Check the role/playbook's syntax.
- "ansible-playbook -i tests/inventory tests/$SITE --syntax-check"
# Run the role/playbook with ansible-playbook.
- "ansible-playbook -i tests/inventory tests/$SITE --connection=local --skip-tags \"apply_profile\" --sudo"
# Run the role/playbook again, checking to make sure it's idempotent.
- >
ansible-playbook -i tests/inventory tests/$SITE --connection=local --skip-tags "apply_profile" --sudo
| grep -q 'changed=0.*failed=0'
&& (echo 'Idempotence test: pass' && exit 0)
|| (echo 'Idempotence test: fail' && exit 1)
# Start sample nginx container with sample AppArmor profile
# - docker run --security-opt="apparmor:sample" -p 80:80 --rm -it nginx bash
# Ping should 'not' work by default in this container
#- >
# ping 8.8.8.8
# | grep -q 'Lacking privilege for raw socket'
# && (echo 'AppArmor profile check: pass' && exit 0)
# || (echo 'AppArmor profile check: fail' && exit 1)