diff options
author | 06kellyjac <dev@j-k.io> | 2023-01-30 15:22:50 +0000 |
---|---|---|
committer | 06kellyjac <dev@j-k.io> | 2023-01-30 15:22:50 +0000 |
commit | 22ebaedc73f3c221cba2ea12cc3e6a688bbe3457 (patch) | |
tree | 61602021133547d35515a481843035dedb0733c3 | |
parent | 6379587de10b756695ff30dfc54bb33005413255 (diff) |
tracee: 0.9.2 -> 0.10.0
Diff: https://github.com/aquasecurity/tracee/compare/v0.9.2...v0.10.0 Changelog: https://github.com/aquasecurity/tracee/releases/tag/v0.10.0 Fix integration tests after recent changes
-rw-r--r-- | nixos/tests/tracee.nix | 20 | ||||
-rw-r--r-- | pkgs/tools/security/tracee/default.nix | 20 | ||||
-rw-r--r-- | pkgs/tools/security/tracee/test-EventFilters-prefix-nix-friendly.patch | 15 |
3 files changed, 22 insertions, 33 deletions
diff --git a/nixos/tests/tracee.nix b/nixos/tests/tracee.nix index 6ef7e5342bee0..1e0249056feae 100644 --- a/nixos/tests/tracee.nix +++ b/nixos/tests/tracee.nix @@ -11,19 +11,19 @@ import ./make-test-python.nix ({ pkgs, ... }: { # build the go integration tests as a binary (pkgs.tracee.overrideAttrs (oa: { pname = oa.pname + "-integration"; - patches = oa.patches or [] ++ [ - # change the prefix from /usr/bin to /run to find nix processes - ../../pkgs/tools/security/tracee/test-EventFilters-prefix-nix-friendly.patch - ]; + postPatch = oa.postPatch or "" + '' + # prepare tester.sh + patchShebangs tests/integration/tester.sh + # fix the test to look at nixos paths for running programs + substituteInPlace tests/integration/integration_test.go \ + --replace "/usr/bin" "/run" + ''; + nativeBuildInputs = oa.nativeBuildInputs or [ ] ++ [ pkgs.makeWrapper ]; buildPhase = '' runHook preBuild # just build the static lib we need for the go test binary make $makeFlags ''${enableParallelBuilding:+-j$NIX_BUILD_CORES} bpf-core ./dist/btfhub - # remove the /usr/bin prefix to work with the patch above - substituteInPlace tests/integration/integration_test.go \ - --replace "/usr/bin/ls" "ls" - # then compile the tests to be ran later CGO_LDFLAGS="$(pkg-config --libs libbpf)" go test -tags core,ebpf,integration -p 1 -c -o $GOPATH/tracee-integration ./tests/integration/... runHook postBuild @@ -31,7 +31,7 @@ import ./make-test-python.nix ({ pkgs, ... }: { doCheck = false; installPhase = '' mkdir -p $out/bin - cp $GOPATH/tracee-integration $out/bin + mv $GOPATH/tracee-integration $out/bin/ ''; doInstallCheck = false; })) @@ -44,6 +44,6 @@ import ./make-test-python.nix ({ pkgs, ... }: { # EventFilters/trace_only_events_from_new_containers also requires a container called "alpine" machine.succeed('tar cv -C ${pkgs.pkgsStatic.busybox} . | podman import - alpine --change ENTRYPOINT=sleep') - print(machine.succeed('TRC_BIN="${pkgs.tracee}" tracee-integration -test.v')) + print(machine.succeed('tracee-integration -test.v')) ''; }) diff --git a/pkgs/tools/security/tracee/default.nix b/pkgs/tools/security/tracee/default.nix index bb4b558fc6855..6600faeed9633 100644 --- a/pkgs/tools/security/tracee/default.nix +++ b/pkgs/tools/security/tracee/default.nix @@ -19,15 +19,15 @@ let in buildGoModule rec { pname = "tracee"; - version = "0.9.2"; + version = "0.10.0"; src = fetchFromGitHub { owner = "aquasecurity"; repo = pname; rev = "v${version}"; - sha256 = "sha256-w/x7KhopkADKvpDc5TE5Kf34pRY6HP3kX1Lqujnl0b8="; + sha256 = "sha256-TSzvuPE4to6aN52fmcwC6mVBOWUFQSyWHDgNs8emPq4="; }; - vendorSha256 = "sha256-5RXNRNoMydFcemNGgyfqcUPtfMVgMYdiyWo/sZi8GQw="; + vendorSha256 = "sha256-HGJ7Gtug+nSg+mAQH4jcNkeikWQW10cgAIoAqeAf9r4="; patches = [ ./use-our-libbpf.patch @@ -64,11 +64,10 @@ buildGoModule rec { mkdir -p $out/{bin,share/tracee} - cp ./dist/tracee-ebpf $out/bin - cp ./dist/tracee-rules $out/bin + mv ./dist/tracee-{ebpf,rules} $out/bin/ - cp -r ./dist/rules $out/share/tracee/ - cp -r ./cmd/tracee-rules/templates $out/share/tracee/ + mv ./dist/rules $out/share/tracee/ + mv ./cmd/tracee-rules/templates $out/share/tracee/ runHook postInstall ''; @@ -105,7 +104,12 @@ buildGoModule rec { is delivered as a Docker image that monitors the OS and detects suspicious behavior based on a pre-defined set of behavioral patterns. ''; - license = licenses.asl20; + license = with licenses; [ + # general license + asl20 + # pkg/ebpf/c/* + gpl2Plus + ]; maintainers = with maintainers; [ jk ]; platforms = [ "x86_64-linux" ]; }; diff --git a/pkgs/tools/security/tracee/test-EventFilters-prefix-nix-friendly.patch b/pkgs/tools/security/tracee/test-EventFilters-prefix-nix-friendly.patch deleted file mode 100644 index 88a3e49725079..0000000000000 --- a/pkgs/tools/security/tracee/test-EventFilters-prefix-nix-friendly.patch +++ /dev/null @@ -1,15 +0,0 @@ -diff --git a/tests/integration/integration_test.go b/tests/integration/integration_test.go -index afbc5330..13745c70 100644 ---- a/tests/integration/integration_test.go -+++ b/tests/integration/integration_test.go -@@ -246,8 +246,8 @@ func Test_EventFilters(t *testing.T) { - eventFunc: checkExecve, - }, - { -- name: "trace only execve events that starts with /usr/bin", -- filterArgs: []string{"event=execve", "execve.pathname=/usr/bin*"}, -+ name: "trace only execve events that starts with /run", -+ filterArgs: []string{"event=execve", "execve.pathname=/run*"}, - eventFunc: checkExecve, - }, - { |