From f3dcacea5be90929cdc20c06789c1117308a2ff7 Mon Sep 17 00:00:00 2001 From: Leonardo Di Donato Date: Thu, 23 Jan 2020 13:31:51 +0000 Subject: [PATCH] fix(docker/tester): share rules and trace files with docker test runners Co-authored-by: Lorenzo Fontana Signed-off-by: Leonardo Di Donato --- docker/tester/root/runners/deb.Dockerfile | 4 ++-- docker/tester/root/runners/rpm.Dockerfile | 4 ++-- docker/tester/root/usr/bin/entrypoint | 8 +++++--- test/falco_test.py | 6 +----- 4 files changed, 10 insertions(+), 12 deletions(-) diff --git a/docker/tester/root/runners/deb.Dockerfile b/docker/tester/root/runners/deb.Dockerfile index 98bf4ed8..547c87ce 100644 --- a/docker/tester/root/runners/deb.Dockerfile +++ b/docker/tester/root/runners/deb.Dockerfile @@ -15,7 +15,7 @@ RUN dpkg -i /falco-${FALCO_VERSION}-x86_64.deb RUN sed -e 's/time_format_iso_8601: false/time_format_iso_8601: true/' < /etc/falco/falco.yaml > /etc/falco/falco.yaml.new \ && mv /etc/falco/falco.yaml.new /etc/falco/falco.yaml -VOLUME ["/rules"] -VOLUME ["/traces"] +COPY rules/*.yaml /rules/ +COPY trace_files/*.scap /traces/ CMD ["/usr/bin/falco"] diff --git a/docker/tester/root/runners/rpm.Dockerfile b/docker/tester/root/runners/rpm.Dockerfile index cc9adbb5..430a417d 100644 --- a/docker/tester/root/runners/rpm.Dockerfile +++ b/docker/tester/root/runners/rpm.Dockerfile @@ -16,7 +16,7 @@ RUN yum install -y /falco-${FALCO_VERSION}-x86_64.rpm RUN sed -e 's/time_format_iso_8601: false/time_format_iso_8601: true/' < /etc/falco/falco.yaml > /etc/falco/falco.yaml.new \ && mv /etc/falco/falco.yaml.new /etc/falco/falco.yaml -VOLUME ["/rules"] -VOLUME ["/traces"] +COPY rules/*.yaml /rules/ +COPY trace_files/*.scap /traces/ CMD ["/usr/bin/falco"] diff --git a/docker/tester/root/usr/bin/entrypoint b/docker/tester/root/usr/bin/entrypoint index e1d19cbf..ea367a3b 100755 --- a/docker/tester/root/usr/bin/entrypoint +++ b/docker/tester/root/usr/bin/entrypoint @@ -30,9 +30,11 @@ build_image() { DOCKER_IMAGE_NAME="falcosecurity/falco:test-${PACKAGE_TYPE}" echo "Building local docker image $DOCKER_IMAGE_NAME from latest ${PACKAGE_TYPE} package..." - mkdir -p /packages - cp "$PACKAGE" /packages - docker build -f "/runners/$PACKAGE_TYPE.Dockerfile" --build-arg FALCO_VERSION="$FALCO_VERSION" -t "$DOCKER_IMAGE_NAME" /packages + mkdir -p /runner-rootfs + cp "$PACKAGE" /runner-rootfs + cp -R "$SOURCE_DIR/falco/test/rules" /runner-rootfs + cp -R "$SOURCE_DIR/falco/test/trace_files" /runner-rootfs + docker build -f "/runners/$PACKAGE_TYPE.Dockerfile" --build-arg FALCO_VERSION="$FALCO_VERSION" -t "$DOCKER_IMAGE_NAME" /runner-rootfs } clean_image() { diff --git a/test/falco_test.py b/test/falco_test.py index 58900c2d..0f8f6477 100644 --- a/test/falco_test.py +++ b/test/falco_test.py @@ -333,16 +333,12 @@ class FalcoTest(Test): # doesn't have an -i equivalent. res = process.run("docker rm falco-test", ignore_status=True) - rules_dir = os.path.abspath(os.path.join(self.basedir, "./rules")) - traces_dir = os.path.abspath(os.path.join(self.basedir, "./trace_files")) self.falco_binary_path = "docker run --rm --name falco-test --privileged " \ "-v /var/run/docker.sock:/host/var/run/docker.sock " \ "-v /dev:/host/dev -v /proc:/host/proc:ro -v /boot:/host/boot:ro " \ "-v /lib/modules:/host/lib/modules:ro -v {}:/root/.sysdig:ro " \ - "-v {}:/rules:ro " \ - "-v {}:/traces:ro " \ "-v /usr:/host/usr:ro {} {} falco".format( - self.module_dir, rules_dir, traces_dir, self.addl_docker_run_args, image) + self.module_dir, self.addl_docker_run_args, image) elif self.package.endswith(".deb"): self.falco_binary_path = '/usr/bin/falco';