From abbedbd514f612dc51ff997db8667616def25f84 Mon Sep 17 00:00:00 2001 From: 06kellyjac Date: Wed, 1 Feb 2023 15:27:41 +0000 Subject: tracee: 0.10.0 -> 0.11.0 Diff: https://github.com/aquasecurity/tracee/compare/v0.10.0...v0.11.0 Changelog: https://github.com/aquasecurity/tracee/releases/tag/v0.11.0 Fix integration test to work with new tests --- nixos/tests/tracee.nix | 27 +++++++++++++++++++-------- pkgs/tools/security/tracee/default.nix | 6 +++--- 2 files changed, 22 insertions(+), 11 deletions(-) diff --git a/nixos/tests/tracee.nix b/nixos/tests/tracee.nix index 1e0249056fe..1609d3abc69 100644 --- a/nixos/tests/tracee.nix +++ b/nixos/tests/tracee.nix @@ -2,21 +2,26 @@ import ./make-test-python.nix ({ pkgs, ... }: { name = "tracee-integration"; nodes = { machine = { config, pkgs, ... }: { - # EventFilters/trace_only_events_from_new_containers requires docker - # podman with docker compat will suffice - virtualisation.podman.enable = true; - virtualisation.podman.dockerCompat = true; + # EventFilters/trace_only_events_from_new_containers and + # Test_EventFilters/trace_only_events_from_"dockerd"_binary_and_contain_it's_pid + # require docker/dockerd + virtualisation.docker.enable = true; environment.systemPackages = [ + # required by Test_EventFilters/trace_events_from_ls_and_which_binary_in_separate_scopes + pkgs.which # build the go integration tests as a binary (pkgs.tracee.overrideAttrs (oa: { pname = oa.pname + "-integration"; postPatch = oa.postPatch or "" + '' - # prepare tester.sh + # prepare tester.sh (which will be embedded in the test binary) patchShebangs tests/integration/tester.sh + # fix the test to look at nixos paths for running programs substituteInPlace tests/integration/integration_test.go \ - --replace "/usr/bin" "/run" + --replace "bin=/usr/bin/" "comm=" \ + --replace "/usr/bin/dockerd" "dockerd" \ + --replace "/usr/bin" "/run/current-system/sw/bin" ''; nativeBuildInputs = oa.nativeBuildInputs or [ ] ++ [ pkgs.makeWrapper ]; buildPhase = '' @@ -40,10 +45,16 @@ import ./make-test-python.nix ({ pkgs, ... }: { }; testScript = '' + machine.wait_for_unit("docker.service") + with subtest("run integration tests"): # EventFilters/trace_only_events_from_new_containers also requires a container called "alpine" - machine.succeed('tar cv -C ${pkgs.pkgsStatic.busybox} . | podman import - alpine --change ENTRYPOINT=sleep') + machine.succeed('tar c -C ${pkgs.pkgsStatic.busybox} . | docker import - alpine --change "ENTRYPOINT [\"sleep\"]"') - print(machine.succeed('tracee-integration -test.v')) + # Test_EventFilters/trace_event_set_in_a_specific_scope expects to be in a dir that includes "integration" + print(machine.succeed( + 'mkdir /tmp/integration', + 'cd /tmp/integration && tracee-integration -test.v' + )) ''; }) diff --git a/pkgs/tools/security/tracee/default.nix b/pkgs/tools/security/tracee/default.nix index 6600faeed96..89a8ba6bcc2 100644 --- a/pkgs/tools/security/tracee/default.nix +++ b/pkgs/tools/security/tracee/default.nix @@ -19,15 +19,15 @@ let in buildGoModule rec { pname = "tracee"; - version = "0.10.0"; + version = "0.11.0"; src = fetchFromGitHub { owner = "aquasecurity"; repo = pname; rev = "v${version}"; - sha256 = "sha256-TSzvuPE4to6aN52fmcwC6mVBOWUFQSyWHDgNs8emPq4="; + sha256 = "sha256-fAbii/DEXx9WJpolc7amqF9TQj4oE5x0TCiNOtVasGo="; }; - vendorSha256 = "sha256-HGJ7Gtug+nSg+mAQH4jcNkeikWQW10cgAIoAqeAf9r4="; + vendorSha256 = "sha256-eenhIsiJhPLgwJo2spIGURPkcsec3kO4L5UJ0FWniQc="; patches = [ ./use-our-libbpf.patch -- cgit 1.4.1