Skip to content

Commit

Permalink
fix(tests/falco): adapt to new engine version scheme
Browse files Browse the repository at this point in the history
Signed-off-by: Jason Dellaluce <[email protected]>
  • Loading branch information
jasondellaluce authored and poiana committed Sep 29, 2023
1 parent a2a2c64 commit 214d1fb
Showing 1 changed file with 14 additions and 12 deletions.
26 changes: 14 additions & 12 deletions tests/falco/commands_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,7 @@ import (
"github.com/falcosecurity/testing/tests/data/rules"

"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
)

// todo(jasondellaluce): implement tests for the non-covered Falco cmds/args:
Expand Down Expand Up @@ -217,22 +218,23 @@ func TestFalco_Print_Rules(t *testing.T) {
falco.WithArgs("-o", "load_plugins[0]=json"),
falco.WithRules(rules.RulesDir000SingleRule, rules.RulesListWithPluginJSON),
)

infos := res.RulesetDescription()
assert.NotNil(t, infos)

// check required engine version
assert.Equal(t, "11", infos.RequiredEngineVersion)
assert.Equal(t, "0.11.0", infos.RequiredEngineVersion)

// check required plugin versions
assert.Len(t, infos.RequiredPluginVersions, 1)
require.Len(t, infos.RequiredPluginVersions, 1)
assert.Equal(t, "json", infos.RequiredPluginVersions[0].Name)
assert.Equal(t, "0.1.0", infos.RequiredPluginVersions[0].Version)

// check list elements
assert.Len(t, infos.Lists, 2)
require.Len(t, infos.Lists, 2)

assert.Equal(t, "cat_binaries", infos.Lists[0].Info.Name)
assert.Len(t, infos.Lists[0].Info.Items, 1)
require.Len(t, infos.Lists[0].Info.Items, 1)
assert.Equal(t, "cat", infos.Lists[0].Info.Items[0])
assert.True(t, infos.Lists[0].Details.Used)
assert.Len(t, infos.Lists[0].Details.Lists, 0)
Expand All @@ -243,14 +245,14 @@ func TestFalco_Print_Rules(t *testing.T) {
assert.Equal(t, "cat_capable_binaries", infos.Lists[1].Info.Name)
assert.Len(t, infos.Lists[1].Info.Items, 0)
assert.True(t, infos.Lists[1].Details.Used)
assert.Len(t, infos.Lists[1].Details.Lists, 1)
require.Len(t, infos.Lists[1].Details.Lists, 1)
assert.Equal(t, "cat_binaries", infos.Lists[1].Details.Lists[0])
assert.Len(t, infos.Lists[1].Details.Plugins, 0)
assert.Len(t, infos.Lists[1].Details.ItemsCompiled, 1)
require.Len(t, infos.Lists[1].Details.ItemsCompiled, 1)
assert.Equal(t, "cat", infos.Lists[1].Details.ItemsCompiled[0])

// check macro elements
assert.Len(t, infos.Macros, 1)
require.Len(t, infos.Macros, 1)

assert.Equal(t, "is_cat", infos.Macros[0].Info.Name)
assert.Equal(t, "proc.name in (cat_capable_binaries)", infos.Macros[0].Info.Condition)
Expand All @@ -262,12 +264,12 @@ func TestFalco_Print_Rules(t *testing.T) {
assert.NotEmpty(t, infos.Macros[0].Details.Events)
assert.Len(t, infos.Macros[0].Details.ConditionOperators, 1)
assert.Equal(t, "in", infos.Macros[0].Details.ConditionOperators[0])
assert.Len(t, infos.Macros[0].Details.ConditionFields, 1)
require.Len(t, infos.Macros[0].Details.ConditionFields, 1)
assert.Equal(t, "proc.name", infos.Macros[0].Details.ConditionFields[0])
assert.Equal(t, "proc.name in (cat)", infos.Macros[0].Details.ConditionCompiled)

// check rule elements
assert.Len(t, infos.Rules, 1)
require.Len(t, infos.Rules, 1)

assert.Equal(t, "open_from_cat", infos.Rules[0].Info.Name)
assert.Equal(t, `evt.type=open and is_cat and json.value[/test] = "test"`, infos.Rules[0].Info.Condition)
Expand All @@ -277,13 +279,13 @@ func TestFalco_Print_Rules(t *testing.T) {
assert.Equal(t, "Warning", infos.Rules[0].Info.Priority)
assert.Equal(t, "syscall", infos.Rules[0].Info.Source)
assert.Empty(t, infos.Rules[0].Info.Tags)
assert.Len(t, infos.Rules[0].Details.Plugins, 1)
require.Len(t, infos.Rules[0].Details.Plugins, 1)
assert.Equal(t, "json", infos.Rules[0].Details.Plugins[0])
assert.Len(t, infos.Rules[0].Details.OutputFields, 1)
require.Len(t, infos.Rules[0].Details.OutputFields, 1)
assert.Equal(t, "proc.cmdline", infos.Rules[0].Details.OutputFields[0])
assert.Equal(t, infos.Rules[0].Info.Output, infos.Rules[0].Details.OutputCompiled)
assert.Len(t, infos.Rules[0].Details.Macros, 1)
assert.Equal(t, "is_cat", infos.Rules[0].Details.Macros[0])
require.Equal(t, "is_cat", infos.Rules[0].Details.Macros[0])
assert.Len(t, infos.Rules[0].Details.Lists, 0)
assert.Len(t, infos.Rules[0].Details.ExceptionFields, 0)
assert.Len(t, infos.Rules[0].Details.ExceptionOperators, 0)
Expand Down

0 comments on commit 214d1fb

Please sign in to comment.