pyrox.dev
fork
Configure Feed
Select the types of activity you want to include in your feed.
lol
fork
Configure Feed
Select the types of activity you want to include in your feed.
1import ./make-test-python.nix (
2 { pkgs, ... }:
3 rec {
4 name = "tracee-integration";
5 meta.maintainers = pkgs.tracee.meta.maintainers;
6
7 passthru.hello-world-builder =
8 pkgs:
9 pkgs.dockerTools.buildImage {
10 name = "hello-world";
11 tag = "latest";
12 config.Cmd = [ "${pkgs.hello}/bin/hello" ];
13 };
14
15 nodes = {
16 machine =
17 { config, pkgs, ... }:
18 {
19 # EventFilters/trace_only_events_from_new_containers and
20 # Test_EventFilters/trace_only_events_from_"dockerd"_binary_and_contain_it's_pid
21 # require docker/dockerd
22 virtualisation.docker.enable = true;
23 environment = {
24 variables.PATH = "/tmp/testdir";
25 systemPackages = with pkgs; [
26 # 'ls', 'uname' and 'who' are required by many tests in event_filters_test.go
27 coreutils
28 # the go integration tests as a binary
29 tracee.passthru.tests.integration-test-cli
30 ];
31 };
32 };
33 };
34
35 testScript =
36 let
37 skippedTests = [
38 # these comm tests for some reason do not resolve.
39 # something about the test is different as it works fine if I replicate
40 # the policies and run tracee myself but doesn't work in the integration
41 # test either with the automatic run or running the commands by hand
42 # while it's searching.
43 "Test_EventFilters/comm:_event:_data:_trace_event_magic_write_set_in_multiple_policies_using_multiple_filter_types"
44 "Test_EventFilters/comm:_event:_data:_trace_event_security_file_open_and_magic_write_using_multiple_filter_types"
45 "Test_EventFilters/comm:_event:_data:_trace_event_security_file_open_and_magic_write_using_multiple_filter_types_combined"
46 "Test_EventFilters/comm:_event:_data:_trace_event_security_file_open_set_in_multiple_policies_\\(with_and_without_in-kernel_filter\\)"
47 "Test_EventFilters/comm:_event:_data:_trace_event_security_file_open_set_in_multiple_policies_using_multiple_filter_types"
48 "Test_EventFilters/comm:_event:_data:_trace_event_set_in_a_specific_policy_with_data_from_ls_command"
49 "Test_EventFilters/comm:_event:_trace_events_set_in_two_specific_policies_from_ls_and_uname_commands"
50 "Test_EventFilters/pid:_event:_data:_trace_event_sched_switch_with_data_from_pid_0"
51 "Test_EventsDependencies/non_existing_ksymbol_dependency_with_sanity"
52 "Test_EventsDependencies/non_existing_probe_function_with_sanity"
53 "Test_EventsDependencies/sanity_of_exec_test_event"
54 "Test_TraceeCapture/capture_packet_context"
55 ];
56 in
57 ''
58 with subtest("prepare for integration tests"):
59 machine.wait_for_unit("docker.service")
60 machine.succeed('which bash')
61
62 # EventFilters/trace_only_events_from_new_containers also requires a container called "hello-world"
63 machine.succeed('docker load < ${passthru.hello-world-builder pkgs}')
64
65 # exec= needs fully resolved paths
66 machine.succeed(
67 'mkdir /tmp/testdir',
68 'cp $(which who) /tmp/testdir/who',
69 'cp $(which uname) /tmp/testdir/uname',
70 )
71
72 with subtest("run integration tests"):
73 # Test_EventFilters/comm:_event:_data:_trace_event_set_in_a_specific_policy_with_data_from_ls_command expects to be in a dir that includes "integration"
74 # tests must be ran with 1 process
75 print(machine.succeed(
76 'mkdir /tmp/integration',
77 'cd /tmp/integration && integration.test -test.v -test.parallel 1 -test.skip="^${builtins.concatStringsSep "$|^" skippedTests}$"'
78 ))
79 '';
80 }
81)