diff --git a/docker/tester/Dockerfile b/docker/tester/Dockerfile index 6f298e00..4e980bac 100644 --- a/docker/tester/Dockerfile +++ b/docker/tester/Dockerfile @@ -7,10 +7,10 @@ LABEL maintainer="cncf-falco-dev@lists.cncf.io" ENV FALCO_VERSION= ENV BUILD_TYPE=release -RUN dnf install -y python2-pip python2 docker findutils jq unzip && dnf clean all +RUN dnf install -y python-pip python docker findutils jq unzip && dnf clean all ENV PATH="/root/.local/bin/:${PATH}" -RUN pip2 install --user avocado-framework==69.0 -RUN pip2 install --user avocado-framework-plugin-varianter-yaml-to-mux==69.0 +RUN pip install --user avocado-framework==69.0 +RUN pip install --user avocado-framework-plugin-varianter-yaml-to-mux==69.0 COPY ./root / diff --git a/docker/tester/root/usr/bin/usage b/docker/tester/root/usr/bin/usage index c3d0c448..1dd170be 100755 --- a/docker/tester/root/usr/bin/usage +++ b/docker/tester/root/usr/bin/usage @@ -1,7 +1,7 @@ #!/usr/bin/env bash -pythonversion=$(python2 -c 'import sys; version=sys.version_info[:3]; print("{0}.{1}.{2}".format(*version))') -pipversion=$(pip2 --version | cut -d' ' -f 1,2,5,6) +pythonversion=$(python -c 'import sys; version=sys.version_info[:3]; print("{0}.{1}.{2}".format(*version))') +pipversion=$(pip --version | cut -d' ' -f 1,2,5,6) dockerversion=$(docker --version) avocadoversion=$(pip2 show avocado-framework | grep Version) avocadoversion=${avocadoversion#"Version: "} diff --git a/test/README.md b/test/README.md new file mode 100644 index 00000000..b4f95271 --- /dev/null +++ b/test/README.md @@ -0,0 +1,6 @@ +# Falco Regression tests + +This folder contains the Regression tests suite for Falco. + +You can find instructions on how to run this test suite on the Falco website [here](https://falco.org/docs/source/#run-regression-tests). + diff --git a/test/falco_test.py b/test/falco_test.py index 0f8f6477..37142691 100644 --- a/test/falco_test.py +++ b/test/falco_test.py @@ -18,7 +18,6 @@ import os import re import json -import sets import glob import shutil import stat @@ -27,8 +26,8 @@ import sys import urllib from avocado import Test +from avocado import main from avocado.utils import process -from avocado.utils import linux_modules class FalcoTest(Test): @@ -148,9 +147,9 @@ class FalcoTest(Test): self.rules_warning = self.params.get('rules_warning', '*', default=False) if self.rules_warning == False: - self.rules_warning = sets.Set() + self.rules_warning = set() else: - self.rules_warning = sets.Set(self.rules_warning) + self.rules_warning = set(self.rules_warning) # Maps from rule name to set of evttypes self.rules_events = self.params.get('rules_events', '*', default=False) @@ -160,7 +159,7 @@ class FalcoTest(Test): events = {} for item in self.rules_events: for item2 in item: - events[item2[0]] = sets.Set(item2[1]) + events[item2[0]] = set(item2[1]) self.rules_events = events if self.should_detect: @@ -214,9 +213,9 @@ class FalcoTest(Test): def check_rules_warnings(self, res): - found_warning = sets.Set() + found_warning = set() - for match in re.finditer('Rule ([^:]+): warning \(([^)]+)\):', res.stderr): + for match in re.finditer('Rule ([^:]+): warning \(([^)]+)\):', res.stderr.decode("utf-8")): rule = match.group(1) warning = match.group(2) found_warning.add(rule) @@ -231,9 +230,9 @@ class FalcoTest(Test): found_events = {} - for match in re.finditer('Event types for rule ([^:]+): (\S+)', res.stderr): + for match in re.finditer('Event types for rule ([^:]+): (\S+)', res.stderr.decode("utf-8")): rule = match.group(1) - events = sets.Set(match.group(2).split(",")) + events = set(match.group(2).split(",")) found_events[rule] = events self.log.debug("Expected events for rules: {}".format(self.rules_events)) @@ -245,7 +244,7 @@ class FalcoTest(Test): def check_detections(self, res): # Get the number of events detected. - match = re.search('Events detected: (\d+)', res.stdout) + match = re.search('Events detected: (\d+)', res.stdout.decode("utf-8")) if match is None: self.fail("Could not find a line 'Events detected: ' in falco output") @@ -260,7 +259,7 @@ class FalcoTest(Test): for level in self.detect_level: level_line = '(?i){}: (\d+)'.format(level) - match = re.search(level_line, res.stdout) + match = re.search(level_line, res.stdout.decode("utf-8")) if match is None: self.fail("Could not find a line '{}: ' in falco output".format(level)) @@ -272,13 +271,13 @@ class FalcoTest(Test): def check_detections_by_rule(self, res): # Get the number of events detected for each rule. Must match the expected counts. - match = re.search('Triggered rules by rule name:(.*)', res.stdout, re.DOTALL) + match = re.search('Triggered rules by rule name:(.*)', res.stdout.decode("utf-8"), re.DOTALL) if match is None: self.fail("Could not find a block 'Triggered rules by rule name: ...' in falco output") triggered_rules = match.group(1) - for rule, count in self.detect_counts.iteritems(): + for rule, count in self.detect_counts.items(): expected = '\s{}: (\d+)'.format(re.sub(r'([$\.*+?()[\]{}|^])', r'\\\1', rule)) match = re.search(expected, triggered_rules) @@ -313,7 +312,7 @@ class FalcoTest(Test): if self.json_output: # Just verify that any lines starting with '{' are valid json objects. # Doesn't do any deep inspection of the contents. - for line in res.stdout.splitlines(): + for line in res.stdout.decode("utf-8").splitlines(): if line.startswith('{'): obj = json.loads(line) if self.json_include_output_property: @@ -484,32 +483,32 @@ class FalcoTest(Test): if self.stdout_is != '': print(self.stdout_is) - if self.stdout_is != res.stdout: + if self.stdout_is != res.stdout.decode("utf-8"): self.fail("Stdout was not exactly {}".format(self.stdout_is)) if self.stderr_is != '': - if self.stderr_is != res.stdout: + if self.stderr_is != res.stdout.decode("utf-8"): self.fail("Stdout was not exactly {}".format(self.stderr_is)) for pattern in self.stderr_contains: - match = re.search(pattern, res.stderr) + match = re.search(pattern, res.stderr.decode("utf-8")) if match is None: self.fail("Stderr of falco process did not contain content matching {}".format(pattern)) for pattern in self.stdout_contains: - match = re.search(pattern, res.stdout) + match = re.search(pattern, res.stdout.decode("utf-8")) if match is None: - self.fail("Stdout of falco process '{}' did not contain content matching {}".format(res.stdout, pattern)) + self.fail("Stdout of falco process '{}' did not contain content matching {}".format(res.stdout.decode("utf-8"), pattern)) for pattern in self.stderr_not_contains: - match = re.search(pattern, res.stderr) + match = re.search(pattern, res.stderr.decode("utf-8")) if match is not None: self.fail("Stderr of falco process contained content matching {} when it should have not".format(pattern)) for pattern in self.stdout_not_contains: - match = re.search(pattern, res.stdout) + match = re.search(pattern, res.stdout.decode("utf-8")) if match is not None: - self.fail("Stdout of falco process '{}' did contain content matching {} when it should have not".format(res.stdout, pattern)) + self.fail("Stdout of falco process '{}' did contain content matching {} when it should have not".format(res.stdout.decode("utf-8"), pattern)) if res.exit_status != self.exit_status: self.error("Falco command \"{}\" exited with unexpected return value {} (!= {})".format(