Skip to content

Commit

Permalink
cleanup: remove a duplicated test
Browse files Browse the repository at this point in the history 
Same assertions of `TestFalco_Legacy_FalcoEventGenerator`

Signed-off-by: Andrea Terzolo <[email protected]>
  • Loading branch information
@Andreagit97 @poiana
Andreagit97 authored and poiana committed Apr 29, 2024
1 parent a32cc1d commit e8eaf0a
Showing 1 changed file with 0 additions and 30 deletions.
30 changes: 0 additions & 30 deletions tests/falco/legacy_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2724,36 +2724,6 @@ func TestFalco_Legacy_SystemUserInteractive(t *testing.T) {
assert.Equal(t, 0, res.ExitCode())
}

func TestFalco_Legacy_DetectCounts(t *testing.T) {
t.Parallel()
checkConfig(t)
res := falco.Test(
tests.NewFalcoExecutableRunner(t),
falco.WithOutputJSON(),
falco.WithRules(rules.LegacyFalcoRules_v1_0_1),
falco.WithCaptureFile(captures.TracesPositiveFalcoEventGenerator),
falco.WithArgs("-o", "json_include_output_property=false"),
falco.WithArgs("-o", "json_include_tags_property=false"),
)
assert.NotZero(t, res.Detections().Count())
assert.NotZero(t, res.Detections().OfPriority("WARNING").Count())
assert.Equal(t, 1, res.Detections().OfRule("Write below binary dir").Count())
assert.Equal(t, 3, res.Detections().OfRule("Read sensitive file untrusted").Count())
assert.Equal(t, 1, res.Detections().OfRule("Run shell untrusted").Count())
assert.Equal(t, 1, res.Detections().OfRule("Write below rpm database").Count())
assert.Equal(t, 1, res.Detections().OfRule("Write below etc").Count())
assert.Equal(t, 1, res.Detections().OfRule("System procs network activity").Count())
assert.Equal(t, 1, res.Detections().OfRule("Mkdir binary dirs").Count())
assert.Equal(t, 0, res.Detections().OfRule("System user interactive").Count())
assert.Equal(t, 1, res.Detections().OfRule("DB program spawned process").Count())
assert.Equal(t, 1, res.Detections().OfRule("Non sudo setuid").Count())
assert.Equal(t, 1, res.Detections().OfRule("Create files below dev").Count())
assert.Equal(t, 2, res.Detections().OfRule("Modify binary dirs").Count())
assert.Equal(t, 0, res.Detections().OfRule("Change thread namespace").Count())
assert.NoError(t, res.Err(), "%s", res.Stderr())
assert.Equal(t, 0, res.ExitCode())
}

func TestFalco_Legacy_RuleNamesWithRegexChars(t *testing.T) {
t.Parallel()
checkConfig(t)
Expand Down

0 comments on commit e8eaf0a

Please sign in to comment.