nordic-dev.net/nixpkgs
nordic-dev.net/nixpkgs
2
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2025-02-22 20:14:37 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #213781 from 06kellyjac/tracee

Browse Source 
tracee: 0.10.0 -> 0.11.0
This commit is contained in:
Nick Cao 2023-02-02 11:10:29 +08:00 committed by GitHub
commit 035527d61f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 22 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
nixos/tests/tracee.nix
View File

@ -2,21 +2,26 @@ import ./make-test-python.nix ({ pkgs, ... }: {
name = "tracee-integration"; name = "tracee-integration";
nodes = { nodes = {
machine = { config, pkgs, ... }: { machine = { config, pkgs, ... }: {
# EventFilters/trace_only_events_from_new_containers requires docker # EventFilters/trace_only_events_from_new_containers and
# podman with docker compat will suffice # Test_EventFilters/trace_only_events_from_"dockerd"_binary_and_contain_it's_pid
virtualisation.podman.enable = true; # require docker/dockerd
virtualisation.podman.dockerCompat = true; virtualisation.docker.enable = true;
environment.systemPackages = [ environment.systemPackages = [
# required by Test_EventFilters/trace_events_from_ls_and_which_binary_in_separate_scopes
pkgs.which
# build the go integration tests as a binary # build the go integration tests as a binary
(pkgs.tracee.overrideAttrs (oa: { (pkgs.tracee.overrideAttrs (oa: {
pname = oa.pname + "-integration"; pname = oa.pname + "-integration";
postPatch = oa.postPatch or "" + '' postPatch = oa.postPatch or "" + ''
# prepare tester.sh # prepare tester.sh (which will be embedded in the test binary)
patchShebangs tests/integration/tester.sh patchShebangs tests/integration/tester.sh
# fix the test to look at nixos paths for running programs # fix the test to look at nixos paths for running programs
substituteInPlace tests/integration/integration_test.go \ substituteInPlace tests/integration/integration_test.go \
--replace "/usr/bin" "/run" --replace "bin=/usr/bin/" "comm=" \
--replace "/usr/bin/dockerd" "dockerd" \
--replace "/usr/bin" "/run/current-system/sw/bin"
''; '';
nativeBuildInputs = oa.nativeBuildInputs or [ ] ++ [ pkgs.makeWrapper ]; nativeBuildInputs = oa.nativeBuildInputs or [ ] ++ [ pkgs.makeWrapper ];
buildPhase = '' buildPhase = ''
@ -40,10 +45,16 @@ import ./make-test-python.nix ({ pkgs, ... }: {
}; };
testScript = '' testScript = ''
machine.wait_for_unit("docker.service")
with subtest("run integration tests"): with subtest("run integration tests"):
# EventFilters/trace_only_events_from_new_containers also requires a container called "alpine" # EventFilters/trace_only_events_from_new_containers also requires a container called "alpine"
machine.succeed('tar cv -C ${pkgs.pkgsStatic.busybox} . | podman import - alpine --change ENTRYPOINT=sleep') machine.succeed('tar c -C ${pkgs.pkgsStatic.busybox} . | docker import - alpine --change "ENTRYPOINT [\"sleep\"]"')
print(machine.succeed('tracee-integration -test.v')) # Test_EventFilters/trace_event_set_in_a_specific_scope expects to be in a dir that includes "integration"
print(machine.succeed(
'mkdir /tmp/integration',
'cd /tmp/integration && tracee-integration -test.v'
))
''; '';
}) })

6
pkgs/tools/security/tracee/default.nix
View File

@ -19,15 +19,15 @@ let
in in
buildGoModule rec { buildGoModule rec {
pname = "tracee"; pname = "tracee";
version = "0.10.0"; version = "0.11.0";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "aquasecurity"; owner = "aquasecurity";
repo = pname; repo = pname;
rev = "v${version}"; rev = "v${version}";
sha256 = "sha256-TSzvuPE4to6aN52fmcwC6mVBOWUFQSyWHDgNs8emPq4="; sha256 = "sha256-fAbii/DEXx9WJpolc7amqF9TQj4oE5x0TCiNOtVasGo=";
}; };
vendorSha256 = "sha256-HGJ7Gtug+nSg+mAQH4jcNkeikWQW10cgAIoAqeAf9r4="; vendorSha256 = "sha256-eenhIsiJhPLgwJo2spIGURPkcsec3kO4L5UJ0FWniQc=";
patches = [ patches = [
./use-our-libbpf.patch ./use-our-libbpf.patch