github/falco
1
0
Fork 0
mirror of https://github.com/falcosecurity/falco.git synced 2026-05-11 05:05:31 +00:00
Code Issues Projects Releases Wiki Activity
Files
91a7bcae86bc4dc5cdebfb3fb341e21130238a43
falco/test/falco_tests_plugins.yaml
Mark Stemm 531bc3eb5a Falco test changes (small output matches) for actions 
With the split of falco_init into application:: methods, including a
notion of a success/error/proceed result, there is a
more concrete line between runtime errors (e.g. things that throw
exceptions) and errors returned by methods that run the application.

Some of the plugins tests were expecting errors to be returned by
exceptions (e.g. with a leading "Runtime error: and a trailing "
Exiting.").

Now, the errors are just returned directly in application::run(), so
drop the leading and trailing bits in expected test outputs.

Signed-off-by: Mark Stemm <mark.stemm@gmail.com>
2022-04-22 13:27:52 +02:00

123 lines
4.4 KiB
YAML
Raw Blame History

#
# Copyright (C) 2021 The Falco Authors.
#
# This file is part of Falco.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
trace_files: !mux
list_plugins:
check_detection_counts: False
rules_file:
- rules/plugins/cloudtrail_create_instances.yaml
conf_file: BUILD_DIR/test/confs/plugins/cloudtrail_json_create_instances.yaml
addl_cmdline_opts: --list-plugins
stdout_contains: "2 Plugins Loaded.*Name: cloudtrail.*Type: source plugin.*Name: json.*Type: extractor plugin"
list_plugin_fields:
check_detection_counts: False
rules_file:
- rules/plugins/cloudtrail_create_instances.yaml
conf_file: BUILD_DIR/test/confs/plugins/cloudtrail_json_create_instances.yaml
addl_cmdline_opts: --list
stdout_contains: "ct.id"
detect_create_instance:
detect: True
detect_level: INFO
rules_file:
- rules/plugins/cloudtrail_create_instances.yaml
detect_counts:
- 'Cloudtrail Create Instance': 1
conf_file: BUILD_DIR/test/confs/plugins/cloudtrail_json_create_instances.yaml
detect_create_instance_bigevent:
detect: True
detect_level: INFO
rules_file:
- rules/plugins/cloudtrail_create_instances.yaml
detect_counts:
- 'Cloudtrail Create Instance': 1
conf_file: BUILD_DIR/test/confs/plugins/cloudtrail_json_create_instances_bigevent.yaml
multiple_source_plugins:
exit_status: 1
stderr_contains: "Can not load multiple source plugins. cloudtrail already loaded."
conf_file: BUILD_DIR/test/confs/plugins/multiple_source_plugins.yaml
rules_file:
- rules/plugins/cloudtrail_create_instances.yaml
incompatible_extract_sources:
exit_status: 1
stderr_contains: "Extractor plugin not compatible with event source aws_cloudtrail."
conf_file: BUILD_DIR/test/confs/plugins/incompatible_extract_sources.yaml
rules_file:
- rules/plugins/cloudtrail_create_instances.yaml
overlap_extract_sources:
exit_status: 1
stderr_contains: "Extractor plugins have overlapping compatible event source test_source."
conf_file: BUILD_DIR/test/confs/plugins/overlap_extract_sources.yaml
rules_file:
- rules/plugins/cloudtrail_create_instances.yaml
incompat_plugin_api:
exit_status: 1
stderr_contains: "Unsupported plugin required api version 10000000.0.0"
conf_file: BUILD_DIR/test/confs/plugins/incompatible_plugin_api.yaml
rules_file:
- rules/plugins/cloudtrail_create_instances.yaml
incompat_plugin_rules_version:
exit_status: 1
stderr_contains: "Plugin cloudtrail version .* not compatible with required plugin version 100000.0.0."
conf_file: BUILD_DIR/test/confs/plugins/cloudtrail_json_create_instances.yaml
rules_file:
- rules/plugins/cloudtrail_incompat_plugin_version.yaml
wrong_plugin_path:
exit_status: 1
stderr_contains: "error loading plugin.*No such file or directory. Exiting"
conf_file: BUILD_DIR/test/confs/plugins/wrong_plugin_path.yaml
rules_file:
- rules/plugins/cloudtrail_incompat_plugin_version.yaml
no_plugins_unknown_source:
detect: False
rules_file:
- rules/plugins/cloudtrail_create_instances.yaml
trace_file: trace_files/empty.scap
rules_warning:
- Cloudtrail Create Instance
stderr_contains: "Rule Cloudtrail Create Instance: warning .unknown-source.: unknown source aws_cloudtrail, skipping"
no_plugins_unknown_source_macro:
detect: False
rules_file:
- rules/plugins/cloudtrail_macro.yaml
trace_file: trace_files/empty.scap
stderr_contains: "Macro Some Cloudtrail Macro: warning .unknown-source.: unknown source aws_cloudtrail, skipping"
no_plugins_unknown_source_rule_exception:
detect: False
rules_file:
- rules/plugins/cloudtrail_create_instances_exceptions.yaml
trace_file: trace_files/empty.scap
rules_warning:
- Cloudtrail Create Instance
stderr_contains: "Rule Cloudtrail Create Instance: warning .unknown-source.: unknown source aws_cloudtrail, skipping"
Reference in New Issue View Git Blame Copy Permalink