diff --git a/.github/workflows/images_bumper.yml b/.github/workflows/images_bumper.yml index 9975ee3e..31d73e15 100644 --- a/.github/workflows/images_bumper.yml +++ b/.github/workflows/images_bumper.yml @@ -1,4 +1,4 @@ -name: Builder and Tester Images Bumper +name: Builder Image Bumper on: push: @@ -9,7 +9,6 @@ jobs: runs-on: ubuntu-latest outputs: builder_changed: ${{ steps.filter.outputs.builder }} - tester_changed: ${{ steps.filter.outputs.tester }} steps: - uses: actions/checkout@v2 - uses: dorny/paths-filter@v2 @@ -18,13 +17,11 @@ jobs: filters: | builder: - 'docker/builder/**' - tester: - - 'docker/tester/**' - update-builder-tester-images: + update-builder-images: runs-on: ubuntu-22.04 needs: paths-filter - if: needs.paths-filter.outputs.builder_changed == 'true' || needs.paths-filter.outputs.tester_changed == 'true' + if: needs.paths-filter.outputs.builder_changed == 'true' steps: - name: Checkout uses: actions/checkout@v3 @@ -53,12 +50,3 @@ jobs: platforms: linux/amd64,linux/arm64 tags: latest push: true - - - name: Build and push new tester image - if: needs.paths-filter.outputs.tester_changed == 'true' - uses: docker/build-push-action@v3 - with: - context: docker/tester - platforms: linux/amd64,linux/arm64 - tags: latest - push: true diff --git a/CMakeLists.txt b/CMakeLists.txt index d1228e10..87065b83 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -194,9 +194,6 @@ endif() # Rules include(rules) -# Dockerfiles -add_subdirectory(docker) - # Clang format # add_custom_target(format COMMAND clang-format --style=file -i $ COMMENT "Formatting ..." VERBATIM) diff --git a/docker/CMakeLists.txt b/docker/CMakeLists.txt deleted file mode 100644 index 0c647998..00000000 --- a/docker/CMakeLists.txt +++ /dev/null @@ -1 +0,0 @@ -add_subdirectory(local) diff --git a/docker/README.md b/docker/README.md index 1ab2832f..a714ba3d 100644 --- a/docker/README.md +++ b/docker/README.md @@ -11,7 +11,5 @@ This directory contains various ways to package Falco as a container and related | [falcosecurity/falco-driver-loader:latest](https://hub.docker.com/repository/docker/falcosecurity/falco-driver-loader), [falcosecurity/falco-driver-loader:_tag_](https://hub.docker.com/repository/docker/falcosecurity/falco-driver-loader), [falcosecurity/falco-driver-loader:master](https://hub.docker.com/repository/docker/falcosecurity/falco-driver-loader) | docker/driver-loader | `falco-driver-loader` as entrypoint with the building toolchain. | | [falcosecurity/falco-no-driver:latest](https://hub.docker.com/repository/docker/falcosecurity/falco-no-driver), [falcosecurity/falco-no-driver:_tag_](https://hub.docker.com/repository/docker/falcosecurity/falco-no-driver),[falcosecurity/falco-no-driver:master](https://hub.docker.com/repository/docker/falcosecurity/falco-no-driver) | docker/no-driver | Falco (TGZ built from git tag or from the master) without the building toolchain. | | [falcosecurity/falco-builder:latest](https://hub.docker.com/repository/docker/falcosecurity/falco-builder) | docker/builder | The complete build tool chain for compiling Falco from source. See [the documentation](https://falco.org/docs/getting-started/source/) for more details on building from source. Used to build Falco (CI). | -| [falcosecurity/falco-tester:latest](https://hub.docker.com/repository/docker/falcosecurity/falco-tester) | docker/tester | Container image for running the Falco test suite. Used to run Falco integration tests (CI). | -| _not to be published_ | docker/local | Built on-the-fly and used by falco-tester. | -> Note: `falco-builder`, `falco-tester` (and the `docker/local` image that it's built on the fly) are not integrated into the release process because they are development and CI tools that need to be manually pushed only when updated. +> Note: `falco-builder` is not integrated into the release process because they are development and CI tools that need to be manually pushed only when updated. diff --git a/docker/local/CMakeLists.txt b/docker/local/CMakeLists.txt deleted file mode 100644 index 614a527d..00000000 --- a/docker/local/CMakeLists.txt +++ /dev/null @@ -1,17 +0,0 @@ -add_subdirectory(traces) -add_subdirectory(rules) - -add_custom_target(local-Dockerfile ALL - DEPENDS ${CMAKE_CURRENT_BINARY_DIR}/Dockerfile) - -add_custom_command(OUTPUT ${CMAKE_CURRENT_BINARY_DIR}/Dockerfile - COMMAND ${CMAKE_COMMAND} -E copy ${CMAKE_CURRENT_SOURCE_DIR}/Dockerfile ${CMAKE_CURRENT_BINARY_DIR}/Dockerfile - DEPENDS ${CMAKE_CURRENT_SOURCE_DIR}/Dockerfile) - -add_custom_target(local-docker-entrypoint ALL - DEPENDS ${CMAKE_CURRENT_BINARY_DIR}/docker-entrypoint) - -add_custom_command(OUTPUT ${CMAKE_CURRENT_BINARY_DIR}/docker-entrypoint - COMMAND ${CMAKE_COMMAND} -E copy ${CMAKE_CURRENT_SOURCE_DIR}/docker-entrypoint.sh ${CMAKE_CURRENT_BINARY_DIR}/docker-entrypoint.sh - DEPENDS ${CMAKE_CURRENT_SOURCE_DIR}/docker-entrypoint.sh) - diff --git a/docker/local/Dockerfile b/docker/local/Dockerfile deleted file mode 100644 index d6677faa..00000000 --- a/docker/local/Dockerfile +++ /dev/null @@ -1,135 +0,0 @@ -FROM debian:buster - -LABEL usage="docker run -i -t -v /var/run/docker.sock:/host/var/run/docker.sock -v /dev:/host/dev -v /proc:/host/proc:ro -v /boot:/host/boot:ro -v /lib/modules:/host/lib/modules:ro -v /usr:/host/usr:ro --name NAME IMAGE" -LABEL maintainer="cncf-falco-dev@lists.cncf.io" -LABEL org.opencontainers.image.source="https://github.com/falcosecurity/falco" - -ARG TARGETARCH - -ARG FALCO_VERSION= -RUN test -n FALCO_VERSION -ENV FALCO_VERSION ${FALCO_VERSION} - -ENV HOST_ROOT /host - -ENV HOME /root - -RUN cp /etc/skel/.bashrc /root && cp /etc/skel/.profile /root - -RUN apt-get update \ - && apt-get install -y --no-install-recommends \ - bash-completion \ - bc \ - clang-7 \ - ca-certificates \ - curl \ - dkms \ - gnupg2 \ - gcc \ - jq \ - libc6-dev \ - libelf-dev \ - libyaml-0-2 \ - llvm-7 \ - netcat \ - xz-utils \ - libmpc3 \ - binutils \ - libgomp1 \ - libitm1 \ - libatomic1 \ - liblsan0 \ - libtsan0 \ - libcc1-0 \ - patchelf \ - && rm -rf /var/lib/apt/lists/* - -RUN if [ "$TARGETARCH" = "amd64" ]; \ - then apt-get install -y --no-install-recommends libmpx2 libquadmath0; \ - fi - -# gcc 6 is no longer included in debian stable, but we need it to -# build kernel modules on the default debian-based ami used by -# kops. So grab copies we've saved from debian snapshots with the -# prefix https://snapshot.debian.org/archive/debian/20170517T033514Z -# or so. - -RUN if [ "$TARGETARCH" = "amd64" ]; then curl -L -o libcilkrts5_6.3.0-18_${TARGETARCH}.deb https://download.falco.org/dependencies/libcilkrts5_6.3.0-18_${TARGETARCH}.deb; fi; \ - curl -L -o cpp-6_6.3.0-18_${TARGETARCH}.deb https://download.falco.org/dependencies/cpp-6_6.3.0-18_${TARGETARCH}.deb \ - && curl -L -o gcc-6-base_6.3.0-18_${TARGETARCH}.deb https://download.falco.org/dependencies/gcc-6-base_6.3.0-18_${TARGETARCH}.deb \ - && curl -L -o gcc-6_6.3.0-18_${TARGETARCH}.deb https://download.falco.org/dependencies/gcc-6_6.3.0-18_${TARGETARCH}.deb \ - && curl -L -o libasan3_6.3.0-18_${TARGETARCH}.deb https://download.falco.org/dependencies/libasan3_6.3.0-18_${TARGETARCH}.deb \ - && curl -L -o libgcc-6-dev_6.3.0-18_${TARGETARCH}.deb https://download.falco.org/dependencies/libgcc-6-dev_6.3.0-18_${TARGETARCH}.deb \ - && curl -L -o libubsan0_6.3.0-18_${TARGETARCH}.deb https://download.falco.org/dependencies/libubsan0_6.3.0-18_${TARGETARCH}.deb \ - && curl -L -o libmpfr4_3.1.3-2_${TARGETARCH}.deb https://download.falco.org/dependencies/libmpfr4_3.1.3-2_${TARGETARCH}.deb \ - && curl -L -o libisl15_0.18-1_${TARGETARCH}.deb https://download.falco.org/dependencies/libisl15_0.18-1_${TARGETARCH}.deb \ - && dpkg -i cpp-6_6.3.0-18_${TARGETARCH}.deb gcc-6-base_6.3.0-18_${TARGETARCH}.deb gcc-6_6.3.0-18_${TARGETARCH}.deb libasan3_6.3.0-18_${TARGETARCH}.deb; \ - if [ "$TARGETARCH" = "amd64" ]; then dpkg -i libcilkrts5_6.3.0-18_${TARGETARCH}.deb; fi; \ - dpkg -i libgcc-6-dev_6.3.0-18_${TARGETARCH}.deb libubsan0_6.3.0-18_${TARGETARCH}.deb libmpfr4_3.1.3-2_${TARGETARCH}.deb libisl15_0.18-1_${TARGETARCH}.deb \ - && rm -f cpp-6_6.3.0-18_${TARGETARCH}.deb gcc-6-base_6.3.0-18_${TARGETARCH}.deb gcc-6_6.3.0-18_${TARGETARCH}.deb libasan3_6.3.0-18_${TARGETARCH}.deb libcilkrts5_6.3.0-18_${TARGETARCH}.deb libgcc-6-dev_6.3.0-18_${TARGETARCH}.deb libubsan0_6.3.0-18_${TARGETARCH}.deb libmpfr4_3.1.3-2_${TARGETARCH}.deb libisl15_0.18-1_${TARGETARCH}.deb - -# gcc 5 is no longer included in debian stable, but we need it to -# build centos kernels, which are 3.x based and explicitly want a gcc -# version 3, 4, or 5 compiler. So grab copies we've saved from debian -# snapshots with the prefix https://snapshot.debian.org/archive/debian/20190122T000000Z. - -RUN if [ "$TARGETARCH" = "amd64" ]; then curl -L -o libmpx0_5.5.0-12_${TARGETARCH}.deb https://download.falco.org/dependencies/libmpx0_5.5.0-12_${TARGETARCH}.deb; fi; \ - curl -L -o cpp-5_5.5.0-12_${TARGETARCH}.deb https://download.falco.org/dependencies/cpp-5_5.5.0-12_${TARGETARCH}.deb \ - && curl -L -o gcc-5-base_5.5.0-12_${TARGETARCH}.deb https://download.falco.org/dependencies/gcc-5-base_5.5.0-12_${TARGETARCH}.deb \ - && curl -L -o gcc-5_5.5.0-12_${TARGETARCH}.deb https://download.falco.org/dependencies/gcc-5_5.5.0-12_${TARGETARCH}.deb \ - && curl -L -o libasan2_5.5.0-12_${TARGETARCH}.deb https://download.falco.org/dependencies/libasan2_5.5.0-12_${TARGETARCH}.deb \ - && curl -L -o libgcc-5-dev_5.5.0-12_${TARGETARCH}.deb https://download.falco.org/dependencies/libgcc-5-dev_5.5.0-12_${TARGETARCH}.deb \ - && curl -L -o libisl15_0.18-4_${TARGETARCH}.deb https://download.falco.org/dependencies/libisl15_0.18-4_${TARGETARCH}.deb \ - && dpkg -i cpp-5_5.5.0-12_${TARGETARCH}.deb gcc-5-base_5.5.0-12_${TARGETARCH}.deb gcc-5_5.5.0-12_${TARGETARCH}.deb libasan2_5.5.0-12_${TARGETARCH}.deb; \ - if [ "$TARGETARCH" = "amd64" ]; then dpkg -i libmpx0_5.5.0-12_${TARGETARCH}.deb; fi; \ - dpkg -i libgcc-5-dev_5.5.0-12_${TARGETARCH}.deb libisl15_0.18-4_${TARGETARCH}.deb \ - && rm -f cpp-5_5.5.0-12_${TARGETARCH}.deb gcc-5-base_5.5.0-12_${TARGETARCH}.deb gcc-5_5.5.0-12_${TARGETARCH}.deb libasan2_5.5.0-12_${TARGETARCH}.deb libgcc-5-dev_5.5.0-12_${TARGETARCH}.deb libisl15_0.18-4_${TARGETARCH}.deb libmpx0_5.5.0-12_${TARGETARCH}.deb - -# Since our base Debian image ships with GCC 7 which breaks older kernels, revert the -# default to gcc-5. -RUN rm -rf /usr/bin/gcc && ln -s /usr/bin/gcc-5 /usr/bin/gcc - -RUN rm -rf /usr/bin/clang \ - && rm -rf /usr/bin/llc \ - && ln -s /usr/bin/clang-7 /usr/bin/clang \ - && ln -s /usr/bin/llc-7 /usr/bin/llc - -# Some base images have an empty /lib/modules by default -# If it's not empty, docker build will fail instead of -# silently overwriting the existing directory -RUN rm -df /lib/modules \ - && ln -s $HOST_ROOT/lib/modules /lib/modules - -ADD falco-${FALCO_VERSION}-*.deb / -RUN dpkg -i /falco-${FALCO_VERSION}-$(uname -m).deb - -# Change the falco config within the container to enable ISO 8601 -# output. -RUN sed -e 's/time_format_iso_8601: false/time_format_iso_8601: true/' < /etc/falco/falco.yaml > /etc/falco/falco.yaml.new \ - && mv /etc/falco/falco.yaml.new /etc/falco/falco.yaml - -# debian:stable head contains binutils 2.31, which generates -# binaries that are incompatible with kernels < 4.16. So manually -# forcibly install binutils 2.30-22 instead. -RUN if [ "$TARGETARCH" = "amd64" ] ; then \ - curl -L -o binutils-x86-64-linux-gnu_2.30-22_${TARGETARCH}.deb https://download.falco.org/dependencies/binutils-x86-64-linux-gnu_2.30-22_${TARGETARCH}.deb; \ - else \ - curl -L -o binutils-aarch64-linux-gnu_2.30-22_${TARGETARCH}.deb https://download.falco.org/dependencies/binutils-aarch64-linux-gnu_2.30-22_${TARGETARCH}.deb; \ - fi - -RUN curl -L -o binutils_2.30-22_${TARGETARCH}.deb https://download.falco.org/dependencies/binutils_2.30-22_${TARGETARCH}.deb \ - && curl -L -o libbinutils_2.30-22_${TARGETARCH}.deb https://download.falco.org/dependencies/libbinutils_2.30-22_${TARGETARCH}.deb \ - && curl -L -o binutils-common_2.30-22_${TARGETARCH}.deb https://download.falco.org/dependencies/binutils-common_2.30-22_${TARGETARCH}.deb \ - && dpkg -i *binutils*.deb \ - && rm -f *binutils*.deb - -# The local container also copies some test trace files and -# corresponding rules that are used when running regression tests. -COPY rules/*.yaml /rules/ -COPY traces/*.scap /traces/ - -COPY ./docker-entrypoint.sh / - -ENTRYPOINT ["/docker-entrypoint.sh"] - -CMD ["/usr/bin/falco"] diff --git a/docker/local/docker-entrypoint.sh b/docker/local/docker-entrypoint.sh deleted file mode 100755 index 9fc61927..00000000 --- a/docker/local/docker-entrypoint.sh +++ /dev/null @@ -1,34 +0,0 @@ -#!/usr/bin/env bash -# -# Copyright (C) 2020 The Falco Authors. -# -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - - -# Set the SKIP_DRIVER_LOADER variable to skip loading the driver - -if [[ -z "${SKIP_DRIVER_LOADER}" ]]; then - echo "* Setting up /usr/src links from host" - - for i in "$HOST_ROOT/usr/src"/* - do - base=$(basename "$i") - ln -s "$i" "/usr/src/$base" - done - - /usr/bin/falco-driver-loader -fi - -exec "$@" diff --git a/docker/local/rules/CMakeLists.txt b/docker/local/rules/CMakeLists.txt deleted file mode 100644 index fdb84ffc..00000000 --- a/docker/local/rules/CMakeLists.txt +++ /dev/null @@ -1,7 +0,0 @@ -include(copy_files_to_build_dir) - -# Note: list of rules is created at cmake time, not build time -file(GLOB test_rule_files - "${CMAKE_CURRENT_SOURCE_DIR}/../../../test/rules/*.yaml") - -copy_files_to_build_dir("${test_rule_files}" docker-local-rules) diff --git a/docker/local/traces/CMakeLists.txt b/docker/local/traces/CMakeLists.txt deleted file mode 100644 index 95519bcb..00000000 --- a/docker/local/traces/CMakeLists.txt +++ /dev/null @@ -1,7 +0,0 @@ -include(copy_files_to_build_dir) - -# Note: list of traces is created at cmake time, not build time -file(GLOB test_trace_files - "${CMAKE_CURRENT_SOURCE_DIR}/../../../test/trace_files/*.scap") - -copy_files_to_build_dir("${test_trace_files}" docker-local-traces) diff --git a/docker/tester/Dockerfile b/docker/tester/Dockerfile deleted file mode 100644 index 5d1d8275..00000000 --- a/docker/tester/Dockerfile +++ /dev/null @@ -1,30 +0,0 @@ -FROM fedora:31 - -LABEL name="falcosecurity/falco-tester" -LABEL usage="docker run -v /boot:/boot:ro -v /var/run/docker.sock:/var/run/docker.sock -v $PWD/..:/source -v $PWD/build:/build --name falcosecurity/falco-tester test" -LABEL maintainer="cncf-falco-dev@lists.cncf.io" -LABEL org.opencontainers.image.source="https://github.com/falcosecurity/falco" - -ARG TARGETARCH - -ENV FALCO_VERSION= -ENV BUILD_TYPE=release - -RUN if [ "$TARGETARCH" = "amd64" ] ; then curl -L -o grpcurl.tar.gz \ - https://github.com/fullstorydev/grpcurl/releases/download/v1.8.6/grpcurl_1.8.6_linux_x86_64.tar.gz; \ - else curl -L -o grpcurl.tar.gz \ - https://github.com/fullstorydev/grpcurl/releases/download/v1.8.6/grpcurl_1.8.6_linux_arm64.tar.gz; \ - fi; - -RUN dnf install -y python-pip python docker findutils jq unzip sed curl && dnf clean all -ENV PATH="/root/.local/bin/:${PATH}" -RUN pip install --user avocado-framework==69.0 -RUN pip install --user avocado-framework-plugin-varianter-yaml-to-mux==69.0 -RUN pip install --user watchdog==0.10.2 -RUN pip install --user pathtools==0.1.2 -RUN tar -C /usr/bin -xvf grpcurl.tar.gz - -COPY ./root / - -ENTRYPOINT ["entrypoint"] -CMD ["usage"] diff --git a/docker/tester/root/runners/deb.Dockerfile b/docker/tester/root/runners/deb.Dockerfile deleted file mode 100644 index 5d9a24e6..00000000 --- a/docker/tester/root/runners/deb.Dockerfile +++ /dev/null @@ -1,21 +0,0 @@ -FROM ubuntu:18.04 -LABEL maintainer="cncf-falco-dev@lists.cncf.io" - -ARG FALCO_VERSION= -RUN test -n FALCO_VERSION -ENV FALCO_VERSION ${FALCO_VERSION} - -RUN apt update -y -RUN apt install dkms -y - -ADD falco-${FALCO_VERSION}-*.deb / -RUN dpkg -i /falco-${FALCO_VERSION}-$(uname -m).deb - -# Change the falco config within the container to enable ISO 8601 output. -RUN sed -e 's/time_format_iso_8601: false/time_format_iso_8601: true/' < /etc/falco/falco.yaml > /etc/falco/falco.yaml.new \ - && mv /etc/falco/falco.yaml.new /etc/falco/falco.yaml - -COPY rules/*.yaml /rules/ -COPY trace_files/*.scap /traces/ - -CMD ["/usr/bin/falco"] diff --git a/docker/tester/root/runners/rpm.Dockerfile b/docker/tester/root/runners/rpm.Dockerfile deleted file mode 100644 index 29b5b87f..00000000 --- a/docker/tester/root/runners/rpm.Dockerfile +++ /dev/null @@ -1,22 +0,0 @@ -FROM centos:7 - -LABEL maintainer="cncf-falco-dev@lists.cncf.io" - -ARG FALCO_VERSION= -RUN test -n FALCO_VERSION -ENV FALCO_VERSION ${FALCO_VERSION} - -RUN yum update -y -RUN yum install epel-release -y - -ADD falco-${FALCO_VERSION}-*.rpm / -RUN yum install -y /falco-${FALCO_VERSION}-$(uname -m).rpm - -# Change the falco config within the container to enable ISO 8601 output. -RUN sed -e 's/time_format_iso_8601: false/time_format_iso_8601: true/' < /etc/falco/falco.yaml > /etc/falco/falco.yaml.new \ - && mv /etc/falco/falco.yaml.new /etc/falco/falco.yaml - -COPY rules/*.yaml /rules/ -COPY trace_files/*.scap /traces/ - -CMD ["/usr/bin/falco"] diff --git a/docker/tester/root/runners/tar.gz.Dockerfile b/docker/tester/root/runners/tar.gz.Dockerfile deleted file mode 100644 index 03675b6a..00000000 --- a/docker/tester/root/runners/tar.gz.Dockerfile +++ /dev/null @@ -1,21 +0,0 @@ -FROM ubuntu:18.04 -LABEL maintainer="cncf-falco-dev@lists.cncf.io" - -ARG FALCO_VERSION= -RUN test -n FALCO_VERSION -ENV FALCO_VERSION ${FALCO_VERSION} - -RUN apt update -y -RUN apt install dkms curl -y - -ADD falco-${FALCO_VERSION}-*.tar.gz / -RUN cp -R /falco-${FALCO_VERSION}-$(uname -m)/* / - -# Change the falco config within the container to enable ISO 8601 output. -RUN sed -e 's/time_format_iso_8601: false/time_format_iso_8601: true/' < /etc/falco/falco.yaml > /etc/falco/falco.yaml.new \ - && mv /etc/falco/falco.yaml.new /etc/falco/falco.yaml - -COPY rules/*.yaml /rules/ -COPY trace_files/*.scap /traces/ - -CMD ["/usr/bin/falco"] diff --git a/docker/tester/root/usr/bin/entrypoint b/docker/tester/root/usr/bin/entrypoint deleted file mode 100755 index 89f09916..00000000 --- a/docker/tester/root/usr/bin/entrypoint +++ /dev/null @@ -1,93 +0,0 @@ -#!/usr/bin/env bash - -BUILD_DIR=${BUILD_DIR:-/build} -SOURCE_DIR=${SOURCE_DIR:-/source} -SKIP_PACKAGES_TESTS=${SKIP_PACKAGES_TESTS:-false} - -CMD=${1:-test} -shift - -# Stop the execution if a command in the pipeline has an error, from now on -set -e -u -o pipefail - -# build type can be "debug" or "release", fallbacks to "release" by default -BUILD_TYPE=$(echo "$BUILD_TYPE" | tr "[:upper:]" "[:lower:]") -case "$BUILD_TYPE" in -"debug") - ;; -*) - BUILD_TYPE="release" - ;; -esac - -build_image() { - BUILD_DIR=$1 - BUILD_TYPE=$2 - FALCO_VERSION=$3 - PACKAGE_TYPE=$4 - PACKAGE="$BUILD_DIR/$BUILD_TYPE/falco-$FALCO_VERSION-$(uname -m).${PACKAGE_TYPE}" - if [ ! -f "$PACKAGE" ]; then - echo "Package not found: ${PACKAGE}." >&2 - exit 1 - fi - DOCKER_IMAGE_NAME="falcosecurity/falco:test-${PACKAGE_TYPE}" - echo "Building local docker image $DOCKER_IMAGE_NAME from latest ${PACKAGE_TYPE} package..." - - mkdir -p /runner-rootfs - cp "$PACKAGE" /runner-rootfs - cp -R "$SOURCE_DIR/falco/test/rules" /runner-rootfs - cp -R "$SOURCE_DIR/falco/test/trace_files" /runner-rootfs - docker build -f "/runners/$PACKAGE_TYPE.Dockerfile" --build-arg FALCO_VERSION="$FALCO_VERSION" -t "$DOCKER_IMAGE_NAME" /runner-rootfs -} - -clean_image() { - PACKAGE_TYPE=$1 - DOCKER_IMAGE_NAME="falcosecurity/falco:test-${PACKAGE_TYPE}" - docker rmi -f "$DOCKER_IMAGE_NAME" -} - -case "$CMD" in -"test") - if [ -z "$FALCO_VERSION" ]; then - echo "Automatically figuring out Falco version." - FALCO_VERSION_FULL=$("$BUILD_DIR/$BUILD_TYPE/userspace/falco/falco" --version) - FALCO_VERSION=$(echo "$FALCO_VERSION_FULL" | head -n 1 | cut -d' ' -f3 | tr -d '\r') - echo "Falco version: $FALCO_VERSION" - fi - if [ -z "$FALCO_VERSION" ]; then - echo "Falco version cannot be guessed, please provide it with the FALCO_VERSION environment variable." >&2 - exit 1 - fi - - # build docker images - if [ "$SKIP_PACKAGES_TESTS" = false ] ; then - build_image "$BUILD_DIR" "$BUILD_TYPE" "$FALCO_VERSION" "deb" - build_image "$BUILD_DIR" "$BUILD_TYPE" "$FALCO_VERSION" "rpm" - build_image "$BUILD_DIR" "$BUILD_TYPE" "$FALCO_VERSION" "tar.gz" - fi - - # check that source directory contains Falco - if [ ! -d "$SOURCE_DIR/falco/test" ]; then - echo "Missing $SOURCE_DIR/falco/test directory." >&2 - exit 1 - fi - - # run tests - echo "Running regression tests ..." - cd "$SOURCE_DIR/falco/test" - SKIP_PACKAGES_TESTS=$SKIP_PACKAGES_TESTS ./run_regression_tests.sh -d "$BUILD_DIR/$BUILD_TYPE" - - # clean docker images - if [ "$SKIP_PACKAGES_TESTS" = false ] ; then - clean_image "deb" - clean_image "rpm" - clean_image "tar.gz" - fi - ;; -"bash") - CMD=/bin/bash - ;& # fallthrough -"usage") - exec "$CMD" "$@" - ;; -esac diff --git a/docker/tester/root/usr/bin/usage b/docker/tester/root/usr/bin/usage deleted file mode 100755 index 9a147e07..00000000 --- a/docker/tester/root/usr/bin/usage +++ /dev/null @@ -1,41 +0,0 @@ -#!/usr/bin/env bash - -pythonversion=$(python -c 'import sys; version=sys.version_info[:3]; print("{0}.{1}.{2}".format(*version))') -pipversion=$(pip --version | cut -d' ' -f 1,2,5,6) -dockerversion=$(docker --version) -avocadoversion=$(pip show avocado-framework | grep Version) -avocadoversion=${avocadoversion#"Version: "} - -cat < falcosecurity/falco-tester test - -How to build. - - * cd docker/tester && DOCKER_BUILDKIT=1 docker build -t falcosecurity/falco-tester . - -Environment. - - * python ${pythonversion} - * ${pipversion} - * avocado ${avocadoversion} - * ${dockerversion} -EOF