From 9b32aca0caf23f235e531dccbdebf4f3092362bf Mon Sep 17 00:00:00 2001 From: schurzi Date: Tue, 7 Feb 2023 09:27:46 +0100 Subject: [PATCH] run our CI tests periodically (#634) * allow multiple instances for os vm tests Signed-off-by: Martin Schurz * add scheduled trigger to all test actions Signed-off-by: Martin Schurz * use different scenario names Signed-off-by: Martin Schurz * use different scenario names Signed-off-by: Martin Schurz * use different scenario names Signed-off-by: Martin Schurz * use username to create uniqe vms Signed-off-by: Martin Schurz * use compatible name Signed-off-by: Martin Schurz * add explaination Signed-off-by: Martin Schurz --------- Signed-off-by: Martin Schurz --- .github/workflows/mysql_hardening.yml | 2 ++ .github/workflows/nginx_hardening.yml | 2 ++ .github/workflows/os_hardening.yml | 2 ++ .github/workflows/os_hardening_vm.yml | 2 ++ .github/workflows/ssh_hardening.yml | 2 ++ .github/workflows/ssh_hardening_custom_tests.yml | 2 ++ molecule/os_hardening_vm/molecule.yml | 5 ++++- 7 files changed, 16 insertions(+), 1 deletion(-) diff --git a/.github/workflows/mysql_hardening.yml b/.github/workflows/mysql_hardening.yml index e47367c7..227d9bf7 100644 --- a/.github/workflows/mysql_hardening.yml +++ b/.github/workflows/mysql_hardening.yml @@ -15,6 +15,8 @@ on: # yamllint disable-line rule:truthy - 'roles/mysql_hardening/**' - 'molecule/mysql_hardening/**' - '.github/workflows/mysql_hardening.yml' + schedule: + - cron: '0 6 * * 0' concurrency: group: >- diff --git a/.github/workflows/nginx_hardening.yml b/.github/workflows/nginx_hardening.yml index bb444a23..8bfe44bd 100644 --- a/.github/workflows/nginx_hardening.yml +++ b/.github/workflows/nginx_hardening.yml @@ -14,6 +14,8 @@ on: # yamllint disable-line rule:truthy - 'roles/nginx_hardening/**' - 'molecule/nginx_hardening/**' - '.github/workflows/nginx_hardening.yml' + schedule: + - cron: '0 6 * * 1' concurrency: group: >- diff --git a/.github/workflows/os_hardening.yml b/.github/workflows/os_hardening.yml index d6c01ed9..1aa83eab 100644 --- a/.github/workflows/os_hardening.yml +++ b/.github/workflows/os_hardening.yml @@ -14,6 +14,8 @@ on: # yamllint disable-line rule:truthy - 'roles/os_hardening/**' - 'molecule/os_hardening/**' - '.github/workflows/os_hardening.yml' + schedule: + - cron: '0 6 * * 3' concurrency: group: >- diff --git a/.github/workflows/os_hardening_vm.yml b/.github/workflows/os_hardening_vm.yml index 3454aceb..c10d68ed 100644 --- a/.github/workflows/os_hardening_vm.yml +++ b/.github/workflows/os_hardening_vm.yml @@ -14,6 +14,8 @@ on: # yamllint disable-line rule:truthy - 'roles/os_hardening/**' - 'molecule/os_hardening_vm/**' - '.github/workflows/os_hardening_vm.yml' + schedule: + - cron: '0 6 * * 2' concurrency: group: >- diff --git a/.github/workflows/ssh_hardening.yml b/.github/workflows/ssh_hardening.yml index bfc30dac..e3c2fefb 100644 --- a/.github/workflows/ssh_hardening.yml +++ b/.github/workflows/ssh_hardening.yml @@ -14,6 +14,8 @@ on: # yamllint disable-line rule:truthy - 'roles/ssh_hardening/**' - 'molecule/ssh_hardening/**' - '.github/workflows/ssh_hardening.yml' + schedule: + - cron: '0 6 * * 5' concurrency: group: >- diff --git a/.github/workflows/ssh_hardening_custom_tests.yml b/.github/workflows/ssh_hardening_custom_tests.yml index 2d6c2dac..d5e4c40a 100644 --- a/.github/workflows/ssh_hardening_custom_tests.yml +++ b/.github/workflows/ssh_hardening_custom_tests.yml @@ -14,6 +14,8 @@ on: # yamllint disable-line rule:truthy - 'roles/ssh_hardening/**' - 'molecule/ssh_hardening_custom_tests/**' - '.github/workflows/ssh_hardening_custom_tests.yml' + schedule: + - cron: '0 6 * * 4' concurrency: group: >- diff --git a/molecule/os_hardening_vm/molecule.yml b/molecule/os_hardening_vm/molecule.yml index 7174d787..7904d693 100644 --- a/molecule/os_hardening_vm/molecule.yml +++ b/molecule/os_hardening_vm/molecule.yml @@ -8,7 +8,10 @@ driver: provider: name: libvirt platforms: - - name: instance + # we need to name every instance differntly to start multiple VMs on the same host (parallelization) + # since we also need to use different OS users to run the tests because of how molecule operates, + # the VM names must be predictable by OS user (to clean up canceled runs) + - name: "${USER}" box: "generic/${MOLECULE_DISTRO}" memory: 1024 cpus: 2