tracee: 0.10.0 -> 0.11.0

Diff: https://github.com/aquasecurity/tracee/compare/v0.10.0...v0.11.0

Changelog: https://github.com/aquasecurity/tracee/releases/tag/v0.11.0

Fix integration test to work with new tests

1 files changed, 19 insertions, 8 deletions

diff --git a/nixos/tests/tracee.nix b/nixos/tests/tracee.nix
index 1e0249056fe..1609d3abc69 100644
--- a/nixos/tests/tracee.nix
+++ b/nixos/tests/tracee.nix
@@ -2,21 +2,26 @@ import ./make-test-python.nix ({ pkgs, ... }: {
   name = "tracee-integration";
   nodes = {
     machine = { config, pkgs, ... }: {
-      # EventFilters/trace_only_events_from_new_containers requires docker
-      # podman with docker compat will suffice
-      virtualisation.podman.enable = true;
-      virtualisation.podman.dockerCompat = true;
+      # EventFilters/trace_only_events_from_new_containers and
+      # Test_EventFilters/trace_only_events_from_"dockerd"_binary_and_contain_it's_pid
+      # require docker/dockerd
+      virtualisation.docker.enable = true;
 
       environment.systemPackages = [
+        # required by Test_EventFilters/trace_events_from_ls_and_which_binary_in_separate_scopes
+        pkgs.which
         # build the go integration tests as a binary
         (pkgs.tracee.overrideAttrs (oa: {
           pname = oa.pname + "-integration";
           postPatch = oa.postPatch or "" + ''
-            # prepare tester.sh
+            # prepare tester.sh (which will be embedded in the test binary)
             patchShebangs tests/integration/tester.sh
+
             # fix the test to look at nixos paths for running programs
             substituteInPlace tests/integration/integration_test.go \
-              --replace "/usr/bin" "/run"
+              --replace "bin=/usr/bin/" "comm=" \
+              --replace "/usr/bin/dockerd" "dockerd" \
+              --replace "/usr/bin" "/run/current-system/sw/bin"
           '';
           nativeBuildInputs = oa.nativeBuildInputs or [ ] ++ [ pkgs.makeWrapper ];
           buildPhase = ''
@@ -40,10 +45,16 @@ import ./make-test-python.nix ({ pkgs, ... }: {
   };
 
   testScript = ''
+    machine.wait_for_unit("docker.service")
+
     with subtest("run integration tests"):
       # EventFilters/trace_only_events_from_new_containers also requires a container called "alpine"
-      machine.succeed('tar cv -C ${pkgs.pkgsStatic.busybox} . | podman import - alpine --change ENTRYPOINT=sleep')
+      machine.succeed('tar c -C ${pkgs.pkgsStatic.busybox} . | docker import - alpine --change "ENTRYPOINT [\"sleep\"]"')
 
-      print(machine.succeed('tracee-integration -test.v'))
+      # Test_EventFilters/trace_event_set_in_a_specific_scope expects to be in a dir that includes "integration"
+      print(machine.succeed(
+        'mkdir /tmp/integration',
+        'cd /tmp/integration && tracee-integration -test.v'
+      ))
   '';
 })