fix(docker/tester): share rules and trace files with docker test runners

Co-authored-by: Lorenzo Fontana <lo@linux.com> Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
2025-08-15 21:03:54 +00:00 · 2020-01-23 13:31:51 +00:00 · 2020-01-23 13:31:51 +00:00 · f3dcacea5b
commit f3dcacea5b
parent cf803759ef
4 changed files with 10 additions and 12 deletions
--- a/docker/tester/root/runners/deb.Dockerfile
+++ b/docker/tester/root/runners/deb.Dockerfile
@ -15,7 +15,7 @@ RUN dpkg -i /falco-${FALCO_VERSION}-x86_64.deb
 RUN sed -e 's/time_format_iso_8601: false/time_format_iso_8601: true/' < /etc/falco/falco.yaml > /etc/falco/falco.yaml.new \
    && mv /etc/falco/falco.yaml.new /etc/falco/falco.yaml

-VOLUME ["/rules"]
-VOLUME ["/traces"]
+COPY rules/*.yaml /rules/
+COPY trace_files/*.scap /traces/

 CMD ["/usr/bin/falco"]
--- a/docker/tester/root/runners/rpm.Dockerfile
+++ b/docker/tester/root/runners/rpm.Dockerfile
@ -16,7 +16,7 @@ RUN yum install -y /falco-${FALCO_VERSION}-x86_64.rpm
 RUN sed -e 's/time_format_iso_8601: false/time_format_iso_8601: true/' < /etc/falco/falco.yaml > /etc/falco/falco.yaml.new \
    && mv /etc/falco/falco.yaml.new /etc/falco/falco.yaml

-VOLUME ["/rules"]
-VOLUME ["/traces"]
+COPY rules/*.yaml /rules/
+COPY trace_files/*.scap /traces/

 CMD ["/usr/bin/falco"]
--- a/docker/tester/root/usr/bin/entrypoint
+++ b/docker/tester/root/usr/bin/entrypoint
@ -30,9 +30,11 @@ build_image() {
    DOCKER_IMAGE_NAME="falcosecurity/falco:test-${PACKAGE_TYPE}"
    echo "Building local docker image $DOCKER_IMAGE_NAME from latest ${PACKAGE_TYPE} package..."

-    mkdir -p /packages
-    cp "$PACKAGE" /packages
-    docker build -f "/runners/$PACKAGE_TYPE.Dockerfile" --build-arg FALCO_VERSION="$FALCO_VERSION" -t "$DOCKER_IMAGE_NAME" /packages
+    mkdir -p /runner-rootfs
+    cp "$PACKAGE" /runner-rootfs
+    cp -R "$SOURCE_DIR/falco/test/rules" /runner-rootfs
+    cp -R "$SOURCE_DIR/falco/test/trace_files" /runner-rootfs
+    docker build -f "/runners/$PACKAGE_TYPE.Dockerfile" --build-arg FALCO_VERSION="$FALCO_VERSION" -t "$DOCKER_IMAGE_NAME" /runner-rootfs
 }

 clean_image() {
--- a/test/falco_test.py
+++ b/test/falco_test.py
@ -333,16 +333,12 @@ class FalcoTest(Test):
            # doesn't have an -i equivalent.
            res = process.run("docker rm falco-test", ignore_status=True)

-            rules_dir = os.path.abspath(os.path.join(self.basedir, "./rules"))
-            traces_dir = os.path.abspath(os.path.join(self.basedir, "./trace_files"))
            self.falco_binary_path = "docker run --rm --name falco-test --privileged " \
                                     "-v /var/run/docker.sock:/host/var/run/docker.sock " \
                                     "-v /dev:/host/dev -v /proc:/host/proc:ro -v /boot:/host/boot:ro " \
                                     "-v /lib/modules:/host/lib/modules:ro -v {}:/root/.sysdig:ro " \
-                                     "-v {}:/rules:ro " \
-                                     "-v {}:/traces:ro " \
                                     "-v /usr:/host/usr:ro {} {} falco".format(
-                                         self.module_dir, rules_dir, traces_dir, self.addl_docker_run_args, image)
+                                         self.module_dir, self.addl_docker_run_args, image)

        elif self.package.endswith(".deb"):
            self.falco_binary_path = '/usr/bin/falco';