Merge main into dev (release v2.2 fixes)

.github/workflows/package.yml

@@ -7,13 +7,17 @@ on:
   push:
     branches:
       - 'dev'
+      - 'release/*'
+
+permissions:
+  contents: read
 
 jobs:
-  testrun_package:
+  create_package:
     permissions: {}
     name: Package
     runs-on: ubuntu-22.04
-    timeout-minutes: 5
+    timeout-minutes: 10
     steps:
       - name: Checkout source
         uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
@@ -24,4 +28,72 @@ jobs:
         uses: actions/upload-artifact@694cdabd8bdb0f10b2cea11669e1bf5453eed0a6 # v4.2.0
         with:
           name: testrun_package
-          path: testrun*.deb
+          path: testrun*.deb
+
+  install_package_22:
+    permissions: {}
+    needs: create_package
+    name: Install on Ubuntu 22.04
+    runs-on: ubuntu-22.04
+    timeout-minutes: 15
+    steps:
+      - name: Checkout source
+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+      - name: Download package
+        uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
+        with:
+          name: testrun_package
+      - name: Install dependencies
+        shell: bash {0}
+        run: sudo cmd/prepare
+      - name: Install package
+        shell: bash {0}
+        run: sudo apt install ./testrun*.deb
+      - name: Start testrun
+        shell: bash {0}
+        run: sudo testrun > >(tee testrun_output.log) 2>&1 &
+      - name: Verify testrun started
+        shell: bash {0}
+        run: |
+          sleep 5  
+          if grep -q "API waiting for requests" testrun_output.log; then
+            echo "Testrun started successfully."
+          else
+            echo "Testrun did not start correctly."
+            cat testrun_output.log
+            exit 1
+          fi 
+
+  install_package_24:
+    permissions: {}
+    needs: create_package
+    name: Install on Ubuntu 24.04
+    runs-on: ubuntu-24.04
+    timeout-minutes: 15
+    steps:
+      - name: Checkout source
+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+      - name: Download package
+        uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
+        with:
+          name: testrun_package
+      - name: Install dependencies
+        shell: bash {0}
+        run: sudo cmd/prepare
+      - name: Install package
+        shell: bash {0}
+        run: sudo apt install ./testrun*.deb
+      - name: Start testrun
+        shell: bash {0}
+        run: sudo testrun > >(tee testrun_output.log) 2>&1 &
+      - name: Verify testrun started
+        shell: bash {0}
+        run: |
+          sleep 5  
+          if grep -q "API waiting for requests" testrun_output.log; then
+            echo "Testrun started successfully."
+          else
+            echo "Testrun did not start correctly."
+            cat testrun_output.log
+            exit 1
+          fi 

.github/workflows/scorecard.yml

@@ -7,10 +7,6 @@ on:
   # For Branch-Protection check. Only the default branch is supported. See
   # https://github.com/ossf/scorecard/blob/main/docs/checks.md#branch-protection
   branch_protection_rule:
-  # To guarantee Maintained check is occasionally updated. See
-  # https://github.com/ossf/scorecard/blob/main/docs/checks.md#maintained
-  schedule:
-    - cron: '20 6 * * 4'
   push:
     branches: [ "main" ]
 
@@ -70,4 +66,4 @@ jobs:
       - name: "Upload to code-scanning"
         uses: github/codeql-action/upload-sarif@1b1aada464948af03b950897e5eb522f92603cc2 # v3.24.9
         with:
-          sarif_file: results.sarif
+          sarif_file: results.sarif

.github/workflows/testing.yml

@@ -7,10 +7,29 @@ on:
     - cron: '0 13 * * *'
 
 jobs:
+  testrun_tests:
+    permissions: {}
+    name:  Tests
+    runs-on: ubuntu-22.04
+    timeout-minutes: 30
+    steps:
+      - name: Checkout source
+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+      - name: Install dependencies
+        shell: bash {0}
+        run: cmd/prepare
+      - name: Install Testrun
+        shell: bash {0}
+        run: TESTRUN_DIR=. cmd/install
+        timeout-minutes: 30
+      - name: Run tests
+        shell: bash {0}
+        run: testing/tests/test_tests
+
   testrun_baseline:
     permissions: {}
     name:  Baseline
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-22.04
     timeout-minutes: 20
     steps:
       - name: Checkout source
@@ -29,7 +48,7 @@ jobs:
   testrun_api:
     permissions: {}
     name:  API
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-22.04
     timeout-minutes: 60
     steps:
       - name: Checkout source
@@ -39,7 +58,7 @@ jobs:
         run: cmd/prepare
       - name: Install Testrun
         shell: bash {0}
-        run: TESTRUN_DIR=. cmd/install
+        run: cmd/install -l
         timeout-minutes: 30
       - name: Run tests
         shell: bash {0}
@@ -55,6 +74,52 @@ jobs:
           name: runtime_api_${{ github.run_id }}
           path: runtime.tgz
 
+  testrun_unit:
+    permissions: {}
+    name:  Unit
+    runs-on: ubuntu-22.04
+    timeout-minutes: 15
+    steps:
+      - name: Checkout source
+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+      - name: Install dependencies
+        shell: bash {0}
+        run: cmd/prepare
+      - name: Install Testrun
+        shell: bash {0}
+        run: cmd/install -l
+      - name: Run tests for conn module
+        shell: bash {0}
+        run: bash testing/unit/run_test_module.sh conn captures ethtool ifconfig output
+      - name: Run tests for dns module
+        shell: bash {0}
+        run: bash testing/unit/run_test_module.sh dns captures reports output
+      - name: Run tests for ntp module
+        shell: bash {0}
+        run: bash testing/unit/run_test_module.sh ntp captures reports output
+      - name: Run tests for protocol module
+        shell: bash {0}
+        run: bash testing/unit/run_test_module.sh protocol captures output        
+      - name: Run tests for services module
+        shell: bash {0}
+        run: bash testing/unit/run_test_module.sh services reports results output  
+      - name: Run tests for tls module
+        shell: bash {0}
+        run: bash testing/unit/run_test_module.sh tls captures certAuth certs reports root_certs output
+      - name: Run tests for risk profiles
+        shell: bash {0}
+        run: bash testing/unit/run_report_test.sh testing/unit/risk_profile/risk_profile_test.py
+      - name: Run tests for reports
+        shell: bash {0}
+        run: bash testing/unit/run_report_test.sh testing/unit/report/report_test.py
+      - name: Upload reports
+        uses: actions/upload-artifact@694cdabd8bdb0f10b2cea11669e1bf5453eed0a6 # v4.2.0
+        if: ${{ always() }}
+        with:
+          if-no-files-found: error
+          name: unit_reports_${{ github.run_id }}
+          path: testing/unit/report/output
+
   pylint:
     permissions: {}
     name:  Pylint
@@ -76,7 +141,7 @@ jobs:
     - name: Install Node
       uses: actions/setup-node@b39b52d1213e96004bfcb1c61a8a6fa8ab84f3e8 # v4.0.1
       with:
-        node-version: 18.18.0
+        node-version: 18.19.0
     - name: Install Chromium Browser
       run: sudo apt install chromium-browser
     - name: Install dependencies
@@ -85,7 +150,7 @@ jobs:
     - name: Run tests
       run: |
         export CHROME_BIN=/usr/bin/chromium-browser
-        CI=true npm run test-headless
+        CI=true npm run test-ci
       env:
         CI: true
       working-directory: ./modules/ui
@@ -99,7 +164,7 @@ jobs:
     - name: Install Node
       uses: actions/setup-node@b39b52d1213e96004bfcb1c61a8a6fa8ab84f3e8 # v4.0.1
       with:
-        node-version: 18.18.0
+        node-version: 18.19.0
     - name: Install dependencies
       run: npm install && npm ci
       working-directory: ./modules/ui

.gitignore

@@ -8,13 +8,20 @@ build/
 
 # Ignore generated files from unit tests
 testing/unit_test/temp/
+testing/unit/conn/output/
 testing/unit/dns/output/
 testing/unit/nmap/output/
 testing/unit/ntp/output/
 testing/unit/tls/output/
 testing/unit/tls/tmp/
 testing/unit/report/output/
 testing/unit/risk_profile/output/
+testing/unit/services/output/
+
+# Ignore generated files from requirements generation
+*requirements_freeze.txt
+*unique_freeze.txt
+*requirements_gen.txt
 
 *.deb
 make/DEBIAN/postinst