Use falcoctl 0.0.4+ tests for space/dash psp names

Use falcoctl, which properly handles psp names containing spaces/dashes. Also add tests that verify that the resulting rules are valid. Signed-off-by: Mark Stemm <mark.stemm@gmail.com>
2025-06-30 16:42:14 +00:00 · 2019-10-24 10:53:23 -07:00 · 2019-10-24 10:53:23 -07:00 · daec9cb30d
commit daec9cb30d
parent 5c61276695
4 changed files with 38 additions and 2 deletions
--- a/test/falco_test.py
+++ b/test/falco_test.py
@ -43,7 +43,7 @@ class FalcoTest(Test):
        self.falcodir = self.params.get('falcodir', '/', default=build_dir)

        self.psp_conv_path = os.path.join(build_dir, "falcoctl")
-        self.psp_conv_url = "https://github.com/falcosecurity/falcoctl/releases/download/v0.0.3/falcoctl-0.0.3-linux-amd64"
+        self.psp_conv_url = "https://github.com/falcosecurity/falcoctl/releases/download/v0.0.4/falcoctl-0.0.4-linux-amd64"

        self.stdout_is = self.params.get('stdout_is', '*', default='')
        self.stderr_is = self.params.get('stderr_is', '*', default='')
--- a/test/falco_tests_psp.yaml
+++ b/test/falco_tests_psp.yaml
@ -644,3 +644,23 @@ trace_files: !mux
    conf_file: confs/psp.yaml
    psp_file: psps/allowed_proc_mount_types.yaml
    trace_file: trace_files/psp/proc_mount_type_default.json
+
+  psp_name_with_dashes:
+    detect: True
+    detect_level: WARNING
+    detect_counts:
+      - "PSP no_privileged Violation (privileged) System Activity": 1
+    rules_file: []
+    conf_file: confs/psp.yaml
+    psp_file: psps/privileged_name_with_dashes.yaml
+    trace_file: trace_files/psp/privileged.scap
+
+  psp_name_with_spaces:
+    detect: True
+    detect_level: WARNING
+    detect_counts:
+      - "PSP no_privileged Violation (privileged) System Activity": 1
+    rules_file: []
+    conf_file: confs/psp.yaml
+    psp_file: psps/privileged_name_with_spaces.yaml
+    trace_file: trace_files/psp/privileged.scap
--- a/test/psps/privileged_name_with_dashes.yaml
+++ b/test/psps/privileged_name_with_dashes.yaml
@ -0,0 +1,8 @@
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  annotations:
+    falco-rules-psp-images: "[nginx]"
+  name: no-privileged
+spec:
+  privileged: false
--- a/test/psps/privileged_name_with_spaces.yaml
+++ b/test/psps/privileged_name_with_spaces.yaml
@ -0,0 +1,8 @@
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  annotations:
+    falco-rules-psp-images: "[nginx]"
+  name: no privileged
+spec:
+  privileged: false