Update test-setup.yml

Author: buildplan

.github/workflows/test-setup.yml

@@ -9,10 +9,10 @@ on:
 
 jobs:
   test-on-distro:
-    # Use a matrix to run the same job on both Debian and Ubuntu
     strategy:
+      # Run the test on both Debian and multiple Ubuntu versions
       matrix:
-        distro: [debian:12, ubuntu:22.04]
+        distro: [debian:12, ubuntu:22.04, ubuntu:24.04]
     runs-on: ubuntu-latest
     container:
       image: ${{ matrix.distro }}
@@ -24,50 +24,68 @@ jobs:
       - name: Install Dependencies
         run: |
           apt-get update -qq
-          # Install all potential dependencies your script needs to avoid failures
-          apt-get install -y -qq curl wget openssh-server openssh-client sudo ufw gpg chrony
+          # Install all potential script dependencies to ensure a clean run
+          apt-get install -y -qq curl wget openssh-server openssh-client sudo ufw gpg chrony procps
 
       - name: Make Script Executable
         run: chmod +x ./setup_harden_debian_ubuntu.sh
 
       - name: Run Hardening Script Non-Interactively
         run: |
-          # Use a "here document" to pipe answers to all interactive prompts
+          # Use a "here document" to pipe a precise sequence of answers to all interactive prompts
           # This simulates a user providing input for a fully automated test.
           sudo ./setup_harden_debian_ubuntu.sh --quiet <<'EOF'
           testadmin
           testhost
           My Test Server
           2222
           y
+          n
+          
+          
           n
           y
           y
           n
           n
           n
           y
+          y
+          n
+          y
           2G
           n
           n
           EOF
-        # Explanation of the inputs above:
+        # --- Explanation of the inputs above ---
         # testadmin         -> New admin username
         # testhost          -> Server hostname
         # My Test Server    -> Pretty hostname
         # 2222              -> Custom SSH port
-        # y                 -> Confirm configuration
+        # y                 -> Confirm main configuration
         # n                 -> Skip interactive locale config
-        # n                 -> Don't add another SSH key (assumes ssh-copy-id step is skipped in CI)
-        # y                 -> Confirm SSH connection was "tested"
+        # "" (empty line)   -> New password (skips)
+        # "" (empty line)   -> Retype password (skips)
+        # n                 -> Add SSH key(s) from local machine? (No, triggers auto-generation)
+        # y                 -> Confirm local key login was "successful" (to proceed)
+        # y                 -> Confirm new SSH port connection was "successful" (to proceed)
         # n                 -> Don't allow HTTP
         # n                 -> Don't allow HTTPS
         # n                 -> Don't add custom UFW ports
         # y                 -> Enable auto-updates
+        # y                 -> Install Docker?
+        # n                 -> Install Tailscale?
+        # y                 -> Configure swap?
         # 2G                -> Swap size
         # n                 -> Don't customize swap settings
         # n                 -> Don't reboot at the end
 
+      - name: Display Log on Failure
+        if: failure()
+        run: |
+          echo "::error::Script failed. Displaying last 50 lines of log:"
+          tail -n 50 /var/log/setup_harden*.log
+
       - name: Verify Final SSH Configuration
         run: sudo sshd -t