Skip to content

All-purpose test suite for Falco and its ecosystem

License

Notifications You must be signed in to change notification settings

ecbadeaux/testing

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Falco Regression Tests

Falco Infra Repository Incubating License

A regression test suite for Falco and other tools in its ecosystem. This is meant to be and end-to-end suite for black-box testing, for both individual tools and their integration, trying to emulate the same usage and patterns of the average user.

Usage

This testing suite is implemented in Go, and Go is the only dependency required in your system.

Tests are defined as code, and as such the artifact released with the testing suite is the code itself.

First, you need to run go generate. This will generate part of the testing code and date required by the suite.

go generate ./...

After this, the build directory will be created and will contain the testing binaries and the supporting test files.

build/falco.test # run this to launch tests on Falco
build/falcoctl.test # run this to launch tests on falctocl
build/k8saudit.test # run this to launch tests on the k8saudit plugin

You can provide custom options to the testing binaries, like a custom path to the Falco executable. You just need to specify the -falco-binary option followed by the path:

build/falco.test -falco-binary <path_to_falco>

You could also run a single test with the -test.run option:

build/falco.test -test.run 'TestFalco_Legacy_WriteBinaryDir'

To check all other options use the --help flag.

Keep tests updated with the latest Falco version

Some of these tests might become incompatible with a new Falco version, for example after a fix an old scap-file could trigger more rules than the ones expected or maybe the rule is no more triggered for a valid reason.

Falco CI runs these tests so we need to fix them before merging the new Falco version upstream. This is the usual flow to follow:

  1. Face a test failure in a pull request on the Falco repository (or detect the failure locally running Falco dev against this repo).
  2. Understand why these tests are failing, if there are no regressions and the Falco behavior is incompatible with actual tests, we change them accordingly.
  3. Open a pull request against this repo with the necessary changes.
  4. Once the pull request is merged use the derived commit to bump the submodule in the Falco repository. From the Falco source directory:
cd submodules/falcosecurity-testing
git fetch
git merge origin/main # or git checkout <specific-commit>
  1. Commit these changes in the same pull request with the new Falco version that caused test failures. Now tests should pass.

About

All-purpose test suite for Falco and its ecosystem

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • Go 100.0%