testsAndMisc/linux_configuration/tests/test_android_guardian_post_fs_data.sh
Krzysztof kuhy Rudnicki 42a66a1419 refactor(linux_configuration/scripts): split all scripts into single_use/ and periodic_background/
- Move all linux_configuration scripts into two semantic categories:
  - single_use/: scripts run once manually (fresh install, fixes, setup)
  - periodic_background/: scripts run by systemd timers or daemons
- Preserve existing subdirectory structure within each category
- Fix lib/common.sh source paths for new directory depths
- Fix CONFIG_DIR depth in setup_periodic_system.sh and check_and_enable_services.sh
- Update all references in tests, fresh-install/main.sh, nix modules, and docs
- Fix check_polling_antipatterns.sh false positives (||, regex |, case patterns, jq strings)
- Fix pre-existing mypy exclusion path and type annotations for moved tools/ directory
- Rewrite check_polling_antipatterns.sh using awk (no bash regex loops); add require_serial: true
2026-05-15 00:32:35 +02:00

73 lines
2.5 KiB
Bash
Executable File

#!/bin/bash
# Regression tests for android_guardian post-fs-data watchdog generation.
set -euo pipefail
SCRIPT_DIR=$(cd -- "$(dirname -- "${BASH_SOURCE[0]}")" && pwd)
REPO_DIR=$(cd -- "$SCRIPT_DIR/.." && pwd)
TARGET_SCRIPT="$REPO_DIR/scripts/periodic_background/utils/android_guardian/post-fs-data.sh"
fail() {
printf 'FAIL: %s\n' "$1" >&2
exit 1
}
assert_file_contains() {
local file_path="$1"
local pattern="$2"
local context="$3"
grep -q -- "$pattern" "$file_path" || fail "$context"
}
assert_file_not_contains() {
local file_path="$1"
local pattern="$2"
local context="$3"
if grep -q -- "$pattern" "$file_path"; then
fail "$context"
fi
}
TMP_DIR=$(mktemp -d)
cleanup() {
rm -rf "$TMP_DIR"
}
trap cleanup EXIT
GUARDIAN_DIR="$TMP_DIR/guardian"
MODULE_DIR="$TMP_DIR/module"
WATCHDOG_SCRIPT="$GUARDIAN_DIR/watchdog.sh"
mkdir -p "$GUARDIAN_DIR" "$MODULE_DIR/system/etc"
printf 'Generating watchdog script in a temp Android guardian directory...\n'
ANDROID_GUARDIAN_DIR="$GUARDIAN_DIR" \
ANDROID_GUARDIAN_MODULE_DIR="$MODULE_DIR" \
ANDROID_GUARDIAN_WATCHDOG_SCRIPT="$WATCHDOG_SCRIPT" \
ANDROID_GUARDIAN_POST_FS_SKIP_WATCHDOG_START=1 \
sh "$TARGET_SCRIPT"
[[ -f "$WATCHDOG_SCRIPT" ]] || fail 'watchdog script should be generated'
[[ -x "$WATCHDOG_SCRIPT" ]] || fail 'watchdog script should be executable'
printf 'Checking generated watchdog cadence and lower-fork host protection...\n'
assert_file_contains "$WATCHDOG_SCRIPT" '^HOSTS_CHECK_EVERY_TICKS=10$' \
'watchdog should throttle host protection to every 10 ticks'
assert_file_contains "$WATCHDOG_SCRIPT" '^LOOP_SLEEP_SECONDS=3$' \
'watchdog should keep the 3 second base sleep'
assert_file_contains "$WATCHDOG_SCRIPT" 'cmp -s' \
'watchdog should use cmp for host integrity checks'
assert_file_not_contains "$WATCHDOG_SCRIPT" 'md5sum' \
'watchdog should not use md5sum in the hot loop anymore'
assert_file_not_contains "$WATCHDOG_SCRIPT" 'cut -d' \
'watchdog should not pipe hashes through cut anymore'
printf 'Checking test hooks and generation log entry...\n'
assert_file_contains "$TARGET_SCRIPT" 'ANDROID_GUARDIAN_POST_FS_SKIP_MAIN' \
'post-fs-data should support skipping main for tests'
assert_file_contains "$TARGET_SCRIPT" 'ANDROID_GUARDIAN_POST_FS_SKIP_WATCHDOG_START' \
'post-fs-data should support generating without starting the watchdog'
assert_file_contains "$GUARDIAN_DIR/guardian.log" 'Watchdog generation complete (start skipped)' \
'post-fs-data should log skipped watchdog starts during tests'
printf 'android_guardian post-fs-data regression checks passed.\n'