diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 4fe55bc..7ea565b 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -34,13 +34,7 @@ jobs: run: make asan - name: Run comprehensive tests - run: | - make test - make connection-limit-test - cd tests - ./test_security_features.sh - # Skipping anonymous access test in CI as it requires interactive pty handling which might be flaky - # ./test_anonymous_access.sh + run: make ci-test - name: Run release preflight run: make release-check diff --git a/Makefile b/Makefile index 7375971..cdce94e 100644 --- a/Makefile +++ b/Makefile @@ -29,8 +29,9 @@ PREFIX ?= /usr/local BINDIR ?= $(PREFIX)/bin MANDIR ?= $(PREFIX)/share/man SYSTEMD_UNIT_DIR ?= $(PREFIX)/lib/systemd/system +CI_TEST_PORT ?= $(if $(PORT),$(PORT),2222) -.PHONY: all clean install install-systemd uninstall uninstall-systemd debug release release-check release-check-strict asan valgrind check test test-advisory unit-test integration-test connection-limit-test info +.PHONY: all clean install install-systemd uninstall uninstall-systemd debug release release-check release-check-strict asan valgrind check test test-advisory ci-test unit-test integration-test connection-limit-test security-test info all: $(TARGET) @@ -116,6 +117,15 @@ connection-limit-test: all @echo "Running connection limit tests..." @cd tests && PORT=$${PORT:-2222} ./test_connection_limits.sh +security-test: all + @echo "Running security feature tests..." + @cd tests && PORT=$${PORT:-13600} ./test_security_features.sh + +ci-test: + @$(MAKE) test PORT=$(CI_TEST_PORT) + @$(MAKE) connection-limit-test PORT=$$(($(CI_TEST_PORT) + 10)) + @$(MAKE) security-test PORT=$$(($(CI_TEST_PORT) + 20)) + # Show build info info: @echo "Compiler: $(CC)" diff --git a/README.md b/README.md index 11b0b19..541bf20 100644 --- a/README.md +++ b/README.md @@ -203,6 +203,8 @@ make clean # clean build artifacts make test # run comprehensive test suite and fail on regressions make test-advisory # run integration tests as advisory checks make connection-limit-test # verify per-IP concurrency and rate limits +make security-test # run security feature checks +make ci-test # run the same checks as GitHub Actions # Individual tests cd tests diff --git a/docs/CHANGELOG.md b/docs/CHANGELOG.md index 216efba..068e52c 100644 --- a/docs/CHANGELOG.md +++ b/docs/CHANGELOG.md @@ -51,6 +51,8 @@ - Security feature checks now use isolated ports and temporary state directories, so they no longer require `timeout`/`gtimeout` or write `host_key` / `messages.log` into the test directory. +- Added `make security-test` and `make ci-test` so local runs can use the same + full verification path as GitHub Actions. - NORMAL mode now opens at the latest visible messages instead of the oldest in-memory message. Use `k`/PageUp to browse older history and `G`/End to return to the latest messages. diff --git a/docs/CICD.md b/docs/CICD.md index 63ba3c1..3d2672b 100644 --- a/docs/CICD.md +++ b/docs/CICD.md @@ -6,8 +6,7 @@ AUTOMATIC TESTING Every push or PR automatically runs: - Build on Ubuntu - AddressSanitizer build - - Unit and strict integration tests - - Per-IP concurrency and connection-rate limit tests + - `make ci-test` - Release/package preflight (`make release-check`) Check status: diff --git a/docs/Development-Guide.md b/docs/Development-Guide.md index 29a99eb..163a33b 100644 --- a/docs/Development-Guide.md +++ b/docs/Development-Guide.md @@ -162,6 +162,8 @@ make install # Install to /usr/local/bin make test # Run all tests and fail on regressions make test-advisory # Run integration tests as advisory checks make connection-limit-test # Verify per-IP concurrency and rate limits +make security-test # Run security feature checks +make ci-test # Run the same checks as GitHub Actions # Individual tests cd tests