Skip searching selinux alerts

In integration job, there is a task to search selinux alerts but any alerts don't effectively make the whole job fail, and we often observe timeout caused slow sealert command with many denial records. This change disables the task until we fix all of the current denials. We capture audit.log in CI so we can review that raw file to find out any denials. Change-Id: Ic850acfb2b576224c194ceb361e690c5fbf89838
2022-02-22 15:56:21 +09:00 · 2022-02-22 15:56:21 +09:00 · 682e8a0dda
parent d65f7b5f45
commit 682e8a0dda
1 changed files with 5 additions and 5 deletions
--- a/run_tests.sh
+++ b/run_tests.sh
@ -229,8 +229,8 @@ set -e
 if [ $RESULT -ne 0 ] && [ $RESULT -ne 2 ]; then
    print_header 'First Puppet run contains errors in catalog.'
    catch_puppet_failures
-    print_header 'SELinux Alerts (1st time)'
-    catch_selinux_alerts
+    #print_header 'SELinux Alerts (1st time)'
+    #catch_selinux_alerts
    exit 1
 fi
 timestamp_puppet_log
@ -244,8 +244,8 @@ set -e
 if [ $RESULT -ne 0 ]; then
    print_header 'Second Puppet run is not idempotent.'
    catch_puppet_failures
-    print_header 'SELinux Alerts (2nd time)'
-    catch_selinux_alerts
+    #print_header 'SELinux Alerts (2nd time)'
+    #catch_selinux_alerts
    exit 1
 fi
 timestamp_puppet_log
@ -402,7 +402,7 @@ elif [ -d .stestr ]; then
 fi
 subunit2html /tmp/openstack/tempest/testrepository.subunit /tmp/openstack/tempest/testr_results.html
 print_header 'SELinux Alerts (Tempest)'
-catch_selinux_alerts
+#catch_selinux_alerts

 print_header 'Done (run_tests.sh)'
 exit $RESULT