41 lines
1.6 KiB
Nix
41 lines
1.6 KiB
Nix
{ pkgs ? import ../../../../. { } }:
|
|
|
|
# manually run `nix-build ./pkgs/tools/security/tracee/test.nix` to test
|
|
pkgs.nixosTest ({
|
|
name = "tracee-test";
|
|
nodes = {
|
|
machine = { config, pkgs, ... }: {
|
|
environment.systemPackages = [
|
|
pkgs.tracee
|
|
# build the go integration tests as a binary
|
|
(pkgs.tracee.overrideAttrs (oa: {
|
|
pname = oa.pname + "-integration";
|
|
patches = oa.patches or [] ++ [
|
|
# skip test that runs `init -q` which is incompatible with systemd init
|
|
./skip-init-test.patch
|
|
# skip magic_write test that currently fails
|
|
./skip-magic_write-test.patch
|
|
];
|
|
# just build the static lib we need for the go test binary
|
|
makeFlags = oa.makeFlags ++ [ "./dist/libbpf/libbpf.a" ];
|
|
postBuild = ''
|
|
# by default the tests are disabled and this is intended to be commented out
|
|
sed -i '/t.Skip("This test requires root privileges")/d' ./tests/integration/integration_test.go
|
|
CGO_CFLAGS="-I$PWD/dist/libbpf" CGO_LDFLAGS="-lelf -lz $PWD/dist/libbpf/libbpf.a" go test -tags ebpf,integration -c -o $GOPATH/tracee-integration ./tests/integration
|
|
'';
|
|
doCheck = false;
|
|
installPhase = ''
|
|
mkdir -p $out/bin
|
|
cp $GOPATH/tracee-integration $out/bin
|
|
'';
|
|
doInstallCheck = false;
|
|
}))
|
|
];
|
|
};
|
|
};
|
|
|
|
testScript = ''
|
|
with subtest("run integration tests"):
|
|
print(machine.succeed('TRC_BIN="$(which tracee-ebpf)" tracee-integration -test.v -test.run "Test_Events"'))
|
|
'';
|
|
})
|