tracee: 0.9.2 -> 0.10.0
Diff: https://github.com/aquasecurity/tracee/compare/v0.9.2...v0.10.0 Changelog: https://github.com/aquasecurity/tracee/releases/tag/v0.10.0 Fix integration tests after recent changes
This commit is contained in:
parent
6379587de1
commit
22ebaedc73
@ -11,19 +11,19 @@ import ./make-test-python.nix ({ pkgs, ... }: {
|
|||||||
# build the go integration tests as a binary
|
# build the go integration tests as a binary
|
||||||
(pkgs.tracee.overrideAttrs (oa: {
|
(pkgs.tracee.overrideAttrs (oa: {
|
||||||
pname = oa.pname + "-integration";
|
pname = oa.pname + "-integration";
|
||||||
patches = oa.patches or [] ++ [
|
postPatch = oa.postPatch or "" + ''
|
||||||
# change the prefix from /usr/bin to /run to find nix processes
|
# prepare tester.sh
|
||||||
../../pkgs/tools/security/tracee/test-EventFilters-prefix-nix-friendly.patch
|
patchShebangs tests/integration/tester.sh
|
||||||
];
|
# fix the test to look at nixos paths for running programs
|
||||||
|
substituteInPlace tests/integration/integration_test.go \
|
||||||
|
--replace "/usr/bin" "/run"
|
||||||
|
'';
|
||||||
|
nativeBuildInputs = oa.nativeBuildInputs or [ ] ++ [ pkgs.makeWrapper ];
|
||||||
buildPhase = ''
|
buildPhase = ''
|
||||||
runHook preBuild
|
runHook preBuild
|
||||||
# just build the static lib we need for the go test binary
|
# just build the static lib we need for the go test binary
|
||||||
make $makeFlags ''${enableParallelBuilding:+-j$NIX_BUILD_CORES} bpf-core ./dist/btfhub
|
make $makeFlags ''${enableParallelBuilding:+-j$NIX_BUILD_CORES} bpf-core ./dist/btfhub
|
||||||
|
|
||||||
# remove the /usr/bin prefix to work with the patch above
|
|
||||||
substituteInPlace tests/integration/integration_test.go \
|
|
||||||
--replace "/usr/bin/ls" "ls"
|
|
||||||
|
|
||||||
# then compile the tests to be ran later
|
# then compile the tests to be ran later
|
||||||
CGO_LDFLAGS="$(pkg-config --libs libbpf)" go test -tags core,ebpf,integration -p 1 -c -o $GOPATH/tracee-integration ./tests/integration/...
|
CGO_LDFLAGS="$(pkg-config --libs libbpf)" go test -tags core,ebpf,integration -p 1 -c -o $GOPATH/tracee-integration ./tests/integration/...
|
||||||
runHook postBuild
|
runHook postBuild
|
||||||
@ -31,7 +31,7 @@ import ./make-test-python.nix ({ pkgs, ... }: {
|
|||||||
doCheck = false;
|
doCheck = false;
|
||||||
installPhase = ''
|
installPhase = ''
|
||||||
mkdir -p $out/bin
|
mkdir -p $out/bin
|
||||||
cp $GOPATH/tracee-integration $out/bin
|
mv $GOPATH/tracee-integration $out/bin/
|
||||||
'';
|
'';
|
||||||
doInstallCheck = false;
|
doInstallCheck = false;
|
||||||
}))
|
}))
|
||||||
@ -44,6 +44,6 @@ import ./make-test-python.nix ({ pkgs, ... }: {
|
|||||||
# EventFilters/trace_only_events_from_new_containers also requires a container called "alpine"
|
# EventFilters/trace_only_events_from_new_containers also requires a container called "alpine"
|
||||||
machine.succeed('tar cv -C ${pkgs.pkgsStatic.busybox} . | podman import - alpine --change ENTRYPOINT=sleep')
|
machine.succeed('tar cv -C ${pkgs.pkgsStatic.busybox} . | podman import - alpine --change ENTRYPOINT=sleep')
|
||||||
|
|
||||||
print(machine.succeed('TRC_BIN="${pkgs.tracee}" tracee-integration -test.v'))
|
print(machine.succeed('tracee-integration -test.v'))
|
||||||
'';
|
'';
|
||||||
})
|
})
|
||||||
|
@ -19,15 +19,15 @@ let
|
|||||||
in
|
in
|
||||||
buildGoModule rec {
|
buildGoModule rec {
|
||||||
pname = "tracee";
|
pname = "tracee";
|
||||||
version = "0.9.2";
|
version = "0.10.0";
|
||||||
|
|
||||||
src = fetchFromGitHub {
|
src = fetchFromGitHub {
|
||||||
owner = "aquasecurity";
|
owner = "aquasecurity";
|
||||||
repo = pname;
|
repo = pname;
|
||||||
rev = "v${version}";
|
rev = "v${version}";
|
||||||
sha256 = "sha256-w/x7KhopkADKvpDc5TE5Kf34pRY6HP3kX1Lqujnl0b8=";
|
sha256 = "sha256-TSzvuPE4to6aN52fmcwC6mVBOWUFQSyWHDgNs8emPq4=";
|
||||||
};
|
};
|
||||||
vendorSha256 = "sha256-5RXNRNoMydFcemNGgyfqcUPtfMVgMYdiyWo/sZi8GQw=";
|
vendorSha256 = "sha256-HGJ7Gtug+nSg+mAQH4jcNkeikWQW10cgAIoAqeAf9r4=";
|
||||||
|
|
||||||
patches = [
|
patches = [
|
||||||
./use-our-libbpf.patch
|
./use-our-libbpf.patch
|
||||||
@ -64,11 +64,10 @@ buildGoModule rec {
|
|||||||
|
|
||||||
mkdir -p $out/{bin,share/tracee}
|
mkdir -p $out/{bin,share/tracee}
|
||||||
|
|
||||||
cp ./dist/tracee-ebpf $out/bin
|
mv ./dist/tracee-{ebpf,rules} $out/bin/
|
||||||
cp ./dist/tracee-rules $out/bin
|
|
||||||
|
|
||||||
cp -r ./dist/rules $out/share/tracee/
|
mv ./dist/rules $out/share/tracee/
|
||||||
cp -r ./cmd/tracee-rules/templates $out/share/tracee/
|
mv ./cmd/tracee-rules/templates $out/share/tracee/
|
||||||
|
|
||||||
runHook postInstall
|
runHook postInstall
|
||||||
'';
|
'';
|
||||||
@ -105,7 +104,12 @@ buildGoModule rec {
|
|||||||
is delivered as a Docker image that monitors the OS and detects suspicious
|
is delivered as a Docker image that monitors the OS and detects suspicious
|
||||||
behavior based on a pre-defined set of behavioral patterns.
|
behavior based on a pre-defined set of behavioral patterns.
|
||||||
'';
|
'';
|
||||||
license = licenses.asl20;
|
license = with licenses; [
|
||||||
|
# general license
|
||||||
|
asl20
|
||||||
|
# pkg/ebpf/c/*
|
||||||
|
gpl2Plus
|
||||||
|
];
|
||||||
maintainers = with maintainers; [ jk ];
|
maintainers = with maintainers; [ jk ];
|
||||||
platforms = [ "x86_64-linux" ];
|
platforms = [ "x86_64-linux" ];
|
||||||
};
|
};
|
||||||
|
@ -1,15 +0,0 @@
|
|||||||
diff --git a/tests/integration/integration_test.go b/tests/integration/integration_test.go
|
|
||||||
index afbc5330..13745c70 100644
|
|
||||||
--- a/tests/integration/integration_test.go
|
|
||||||
+++ b/tests/integration/integration_test.go
|
|
||||||
@@ -246,8 +246,8 @@ func Test_EventFilters(t *testing.T) {
|
|
||||||
eventFunc: checkExecve,
|
|
||||||
},
|
|
||||||
{
|
|
||||||
- name: "trace only execve events that starts with /usr/bin",
|
|
||||||
- filterArgs: []string{"event=execve", "execve.pathname=/usr/bin*"},
|
|
||||||
+ name: "trace only execve events that starts with /run",
|
|
||||||
+ filterArgs: []string{"event=execve", "execve.pathname=/run*"},
|
|
||||||
eventFunc: checkExecve,
|
|
||||||
},
|
|
||||||
{
|
|
Loading…
Reference in New Issue
Block a user