ge-aerospace/pxe-server
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
db1cdf7aeec33564edf8e38df2330fb94203c5a3
pxe-server/playbook/shopfloor-setup/common/test/matrix.json
cproudlock db1cdf7aee test harness: Path B (manifest-engine) for Standard-Machine 
Initial harness scaffolding per SCOPE.md. Drives the win11 analyzer VM
via qemu-guest-agent (runs as NT AUTHORITY\SYSTEM, same context as
GE-Enforce in production - see reference-vm-qga-as-system memory note
for why this is preferred over WinRM).

Pieces:

- lib/qga.sh - host-side helpers (qga round-trip, snapshot revert,
  share mount via cmdkey + net use, file upload). Source from any
  harness script.
- lib/verify-state.ps1 - VM-side detection runner. Parses matrix.json,
  walks each app's verify block, prints PASS/FAIL with detail, exits
  0 only if every check passes. Methods: Registry, File, FileVersion,
  Hash, FileGrep.
- matrix.json - PC-type matrix data. Currently only Standard/Machine
  rows populated (apps + drift scenarios). Extending to other PC types
  is just adding rows.
- B-enforce/run.sh - 5-phase orchestrator (stage / baseline / tamper /
  heal / idempotent). Defaults to Standard/Machine. SKIP_REVERT=1 for
  faster iteration without burning the snapshot revert.
- B-enforce/tamper.ps1 - applies driftScenarios from matrix.json.
  Methods: RegRemove, RegSet, FileDelete, FileOverwrite, FileGrepDelete.

Path A (imaging-time install) and remaining 8 PC-type rows are next.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-02 17:15:37 -04:00

31 lines
3.5 KiB
JSON
Raw Blame History

{
"_comment": "Test matrix for shopfloor harness. Each PC-type entry lists apps to verify + drift scenarios for Path B's tamper+heal phase. Verify methods mirror the v2 manifest's DetectionMethod so harness verification == GE-Enforce detection.",
"pcTypes": [
{
"PCType": "Standard",
"PCSubType": "Machine",
"scopes": ["common", "standard-machine"],
"apps": [
{ "name": "Adobe Acrobat Reader DC", "verify": { "method": "Registry", "path": "HKLM:\\SOFTWARE\\WOW6432Node\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}", "name": "DisplayVersion", "value": "25.001.20531" } },
{ "name": "WJF Defect Tracker", "verify": { "method": "File", "path": "C:\\Program Files (x86)\\WJF_Defect_Tracker\\Defect_Tracker.exe" } },
{ "name": "3OF9 barcode font", "verify": { "method": "File", "path": "C:\\Windows\\Fonts\\3OF9.ttf" } },
{ "name": "Edge IE-Mode site list", "verify": { "method": "Hash", "path": "C:\\ProgramData\\Edge\\enterprise-mode-site-list.xml", "value": "16F2A6E45EFA19ED7B1C54B264D6B33597678D3A5303255BC7CEB7E8510C60FC" } },
{ "name": "OpenText HostExplorer", "verify": { "method": "Registry", "path": "HKLM:\\SOFTWARE\\GE\\OpenText", "name": "Installed", "value": "15.0.SP1.2" } },
{ "name": "FMS hosts pin", "verify": { "method": "FileGrep", "path": "C:\\Windows\\System32\\drivers\\etc\\hosts", "pattern": "10\\.233\\.112\\.158\\s+wjfms3\\.ae\\.ge\\.com" } },
{ "name": "FMS Primary host", "verify": { "method": "Registry", "path": "HKLM:\\SOFTWARE\\WOW6432Node\\GE Aircraft Engines\\Dnc\\FMS", "name": "FMSHostPrimary", "value": "wjfms3.ae.ge.com" } },
{ "name": "FMS Secondary host", "verify": { "method": "Registry", "path": "HKLM:\\SOFTWARE\\WOW6432Node\\GE Aircraft Engines\\Dnc\\FMS", "name": "FMSHostSecondary", "value": "10.233.112.158" } },
{ "name": "eDNC bundles NTLARS", "verify": { "method": "FileVersion", "path": "C:\\Program Files (x86)\\Dnc\\bin\\DncMain.exe", "value": "6.4.5.0" } }
],
"driftScenarios": [
{ "name": "OpenText marker reset", "tamper": { "method": "RegRemove", "path": "HKLM:\\SOFTWARE\\GE\\OpenText", "regName": "Installed" }, "expectedHeal": "OpenText HostExplorer" },
{ "name": "Hosts pin removed", "tamper": { "method": "FileGrepDelete", "path": "C:\\Windows\\System32\\drivers\\etc\\hosts", "pattern": "wjfms3\\.ae\\.ge\\.com" }, "expectedHeal": "FMS hosts pin" },
{ "name": "FMS Primary clobbered", "tamper": { "method": "RegSet", "path": "HKLM:\\SOFTWARE\\WOW6432Node\\GE Aircraft Engines\\Dnc\\FMS", "regName": "FMSHostPrimary", "value": "WJFMS3" }, "expectedHeal": "FMS Primary host" },
{ "name": "FMS Secondary clobbered", "tamper": { "method": "RegSet", "path": "HKLM:\\SOFTWARE\\WOW6432Node\\GE Aircraft Engines\\Dnc\\FMS", "regName": "FMSHostSecondary", "value": "WJFMS4" }, "expectedHeal": "FMS Secondary host" },
{ "name": "Edge IE site list overwrite", "tamper": { "method": "FileOverwrite", "path": "C:\\ProgramData\\Edge\\enterprise-mode-site-list.xml", "content": "<!--tampered-->" }, "expectedHeal": "Edge IE-Mode site list" },
{ "name": "3OF9 font deleted", "tamper": { "method": "FileDelete", "path": "C:\\Windows\\Fonts\\3OF9.ttf" }, "expectedHeal": "3OF9 barcode font" }
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink