wip: new falco builder + consequent travis and regression tests refinements #719

leodido · 2019-07-11T09:01:48Z

What type of PR is this?

/kind cleanup
/kind feature

Any specific area of the project related to this PR?

NONE

What this PR does / why we need it:

This PR approaches the reorganization and improvement of the current build and CI systems.

To do so it modifies various existing pieces in order to improve the degree of their robustness.

Namely, this PR:

makes the TravisCI build faster (-5min)
enforces the CMAKE_BUILD_TYPE (for CMake) and BUILD_TYPE (for docker images) variables to only accept "release" or "debug" values (case-insensitive)
fixes BUILD_TYPE=debug which was not respected until now
makes CMake able to compute the FALCO_VERSION from the git index

FALCO_VERSION variable is now equal to:
- the exact git tag (without leading "v" char) whether the current git revision has one
- to 0.<commit hash>[.dirty] (where "dirty" suffix indicates eventual changes detected by the git index).
It always starts with a digit because it is intended to be provided to DEB/RPM/etc. packages too.
simplifies the TravisCI file moving cmake, package, tests, regression tests commands into separate file inside the ./hack directory
makes CMake always use curl avoiding wget
reorganizes the way (some) docker images are done (structure, entry points, build arguments, environment, etc.)
introduces a new falco-builder docker images which has Centos7 as base layer
makes the falco-builder image use the toolset 7 (gcc 7.3.1, cpluplus 2014) and Cmake 3.5
forces falco-builder to use DNDEBUG to disable assertions while building BUILD_TYPE=debug
changes the base image of falco-tester docker image to be Fedora 28
provides usage commands for both the falco-builder and the falco-tester docker images
makes FALCO_VERSION mandatory has a build argument fro the falco docker image (./docker/local directory)
bumps the minimum CMake version to 3.3.2
improves the scripts used by Jenkins pipeline (internal CI)

Which issue(s) this PR fixes:

Fixes #723
Fixes #660
Fixes #623

Special notes for your reviewer:

~~This PR currently changes the TravisCI (and Jenkins) setup to use the falcosecurity/falco-builder:chore-travis and falcosecurity/falco-tester:chore-travis docker images.~~

As soon this is green and approved I'll push these images to the latest tag and I'll switch back the setups to use the latest tags. DONE.

Does this PR introduce a user-facing change?:

falco-builder docker image based on CentOS 7 with toolchain 7 now (gcc 7.3.1, cpluplus 2014, CMake 3.5)

However the summary of the developer facing changes is:

build: build type can now have only "release" or "debug" values (case-insensitive)
build: build type fallbacks to "release" value (the default one) if input value is not recognized
build: falco version is obtained from current git revision (exact tag with no leading "v" or 0.<commithash>[.dirty]).
new: falco-tester docker image based on Fedora 28
update: jenkins pipeline improvements
docs: usage (default) commands for falco-builder and falco-tester docker images

leodido · 2019-07-19T10:08:41Z

Ok, this is now blocked only from the BUILD_TYPE=debug build and the consequent testing phase.

Notice that before there was no evidence of this because the BUILD_TYPE=debug was executing the BUILD_TYPE=release too.

Running: avocado run --mux-yaml /source/falco/test/falco_traces.yaml --job-results-dir /source/falco/test/job-results -- /source/falco/test/falco_test.py
JOB ID     : e2fb98a58caadae0eed4380c98765aa03238201a
JOB LOG    : /source/falco/test/job-results/job-2019-07-19T09.47-e2fb98a/job.log
 (01/58) /source/falco/test/falco_test.py:FalcoTest.test;yes-change-thread-namespace-f9cf:  ERROR: Falco command "/build/debug/userspace/falco/falco -r /source/falco/test/../rules/falco_rules.yaml   -c /source/falco/test/../falco.yaml -e /build/debug/test/traces-positive/change-thread-namespace.scap -o json_output=True -o json_include_output_property=T... (0.41 s)
 (02/58) /source/falco/test/falco_test.py:FalcoTest.test;yes-container-privileged-b8ac:  ERROR: Falco command "/build/debug/userspace/falco/falco -r /source/falco/test/../rules/falco_rules.yaml   -c /source/falco/test/../falco.yaml -e /build/debug/test/traces-positive/container-privileged.scap -o json_output=True -o json_include_output_property=True... (0.32 s)
 (03/58) /source/falco/test/falco_test.py:FalcoTest.test;yes-container-sensitive-mount-52f8:  ERROR: Falco command "/build/debug/userspace/falco/falco -r /source/falco/test/../rules/falco_rules.yaml   -c /source/falco/test/../falco.yaml -e /build/debug/test/traces-positive/container-sensitive-mount.scap -o json_output=True -o json_include_output_property... (0.33 s)
 (04/58) /source/falco/test/falco_test.py:FalcoTest.test;yes-create-files-below-dev-3130:  ERROR: Falco command "/build/debug/userspace/falco/falco -r /source/falco/test/../rules/falco_rules.yaml   -c /source/falco/test/../falco.yaml -e /build/debug/test/traces-positive/create-files-below-dev.scap -o json_output=True -o json_include_output_property=Tr... (0.31 s)
 (05/58) /source/falco/test/falco_test.py:FalcoTest.test;yes-db-program-spawned-process-6fc5:  PASS (0.20 s)
 (06/58) /source/falco/test/falco_test.py:FalcoTest.test;yes-falco-event-generator-fd6c:  PASS (0.24 s)
 (07/58) /source/falco/test/falco_test.py:FalcoTest.test;yes-mkdir-binary-dirs-cf6d:  PASS (0.22 s)
 (08/58) /source/falco/test/falco_test.py:FalcoTest.test;yes-modify-binary-dirs-7a73:  ERROR: Falco command "/build/debug/userspace/falco/falco -r /source/falco/test/../rules/falco_rules.yaml   -c /source/falco/test/../falco.yaml -e /build/debug/test/traces-positive/modify-binary-dirs.scap -o json_output=True -o json_include_output_property=True -... (0.31 s)
 (09/58) /source/falco/test/falco_test.py:FalcoTest.test;yes-non-sudo-setuid-f049:  ERROR: Falco command "/build/debug/userspace/falco/falco -r /source/falco/test/../rules/falco_rules.yaml   -c /source/falco/test/../falco.yaml -e /build/debug/test/traces-positive/non-sudo-setuid.scap -o json_output=True -o json_include_output_property=True -o p... (0.31 s)
 (10/58) /source/falco/test/falco_test.py:FalcoTest.test;yes-read-sensitive-file-after-startup-1837:  ERROR: Falco command "/build/debug/userspace/falco/falco -r /source/falco/test/../rules/falco_rules.yaml   -c /source/falco/test/../falco.yaml -e /build/debug/test/traces-positive/read-sensitive-file-after-startup.scap -o json_output=True -o json_include_output_... (0.31 s)
 (11/58) /source/falco/test/falco_test.py:FalcoTest.test;yes-read-sensitive-file-untrusted-3f0f:  ERROR: Falco command "/build/debug/userspace/falco/falco -r /source/falco/test/../rules/falco_rules.yaml   -c /source/falco/test/../falco.yaml -e /build/debug/test/traces-positive/read-sensitive-file-untrusted.scap -o json_output=True -o json_include_output_prop... (0.31 s)
 (12/58) /source/falco/test/falco_test.py:FalcoTest.test;yes-run-shell-untrusted-6006:  PASS (0.22 s)
 (13/58) /source/falco/test/falco_test.py:FalcoTest.test;yes-system-binaries-network-activity-e04e:  ERROR: Falco command "/build/debug/userspace/falco/falco -r /source/falco/test/../rules/falco_rules.yaml   -c /source/falco/test/../falco.yaml -e /build/debug/test/traces-positive/system-binaries-network-activity.scap -o json_output=True -o json_include_output_p... (3.03 s)
 (14/58) /source/falco/test/falco_test.py:FalcoTest.test;yes-system-user-interactive-7071:  PASS (0.20 s)
 (15/58) /source/falco/test/falco_test.py:FalcoTest.test;yes-user-mgmt-binaries-f476:  ERROR: Falco command "/build/debug/userspace/falco/falco -r /source/falco/test/../rules/falco_rules.yaml   -c /source/falco/test/../falco.yaml -e /build/debug/test/traces-positive/user-mgmt-binaries.scap -o json_output=True -o json_include_output_property=True -... (0.30 s)
 (16/58) /source/falco/test/falco_test.py:FalcoTest.test;yes-write-binary-dir-b7f3:  PASS (0.20 s)
 (17/58) /source/falco/test/falco_test.py:FalcoTest.test;yes-write-etc-09f6:  PASS (0.20 s)
 (18/58) /source/falco/test/falco_test.py:FalcoTest.test;yes-write-rpm-database-c822:  PASS (0.20 s)
 (19/58) /source/falco/test/falco_test.py:FalcoTest.test;yes-curl-install-9717:  ERROR: Falco command "/build/debug/userspace/falco/falco -r /source/falco/test/../rules/falco_rules.yaml   -c /source/falco/test/../falco.yaml -e /build/debug/test/traces-negative/curl-install.scap -o json_output=True -o json_include_output_property=True -o prio... (0.33 s)
 (20/58) /source/falco/test/falco_test.py:FalcoTest.test;yes-curl-uninstall-68bf:  ERROR: Falco command "/build/debug/userspace/falco/falco -r /source/falco/test/../rules/falco_rules.yaml   -c /source/falco/test/../falco.yaml -e /build/debug/test/traces-negative/curl-uninstall.scap -o json_output=True -o json_include_output_property=True -o pr... (0.32 s)
 (21/58) /source/falco/test/falco_test.py:FalcoTest.test;yes-dhcpclient-renew-0f1f:  ERROR: Falco command "/build/debug/userspace/falco/falco -r /source/falco/test/../rules/falco_rules.yaml   -c /source/falco/test/../falco.yaml -e /build/debug/test/traces-negative/dhcpclient-renew.scap -o json_output=True -o json_include_output_property=True -o ... (0.32 s)
 (22/58) /source/falco/test/falco_test.py:FalcoTest.test;yes-docker-compose-dd82:  ERROR: Falco command "/build/debug/userspace/falco/falco -r /source/falco/test/../rules/falco_rules.yaml   -c /source/falco/test/../falco.yaml -e /build/debug/test/traces-negative/docker-compose.scap -o json_output=True -o json_include_output_property=True -o pr... (1.51 s)
 (23/58) /source/falco/test/falco_test.py:FalcoTest.test;yes-exim4-9707:  ERROR: Falco command "/build/debug/userspace/falco/falco -r /source/falco/test/../rules/falco_rules.yaml   -c /source/falco/test/../falco.yaml -e /build/debug/test/traces-negative/exim4.scap -o json_output=True -o json_include_output_property=True -o priority=de... (0.31 s)
 (24/58) /source/falco/test/falco_test.py:FalcoTest.test;yes-git-push-82ef:  ERROR: Falco command "/build/debug/userspace/falco/falco -r /source/falco/test/../rules/falco_rules.yaml   -c /source/falco/test/../falco.yaml -e /build/debug/test/traces-negative/git-push.scap -o json_output=True -o json_include_output_property=True -o priority... (0.32 s)
 (25/58) /source/falco/test/falco_test.py:FalcoTest.test;yes-kernel-upgrade-b489:  ERROR: Falco command "/build/debug/userspace/falco/falco -r /source/falco/test/../rules/falco_rules.yaml   -c /source/falco/test/../falco.yaml -e /build/debug/test/traces-negative/kernel-upgrade.scap -o json_output=True -o json_include_output_property=True -o pr... (4.31 s)
 (26/58) /source/falco/test/falco_test.py:FalcoTest.test;yes-kube-demo-0c2d:  ERROR: Falco command "/build/debug/userspace/falco/falco -r /source/falco/test/../rules/falco_rules.yaml   -c /source/falco/test/../falco.yaml -e /build/debug/test/traces-negative/kube-demo.scap -o json_output=True -o json_include_output_property=True -o priorit... (0.54 s)
 (27/58) /source/falco/test/falco_test.py:FalcoTest.test;yes-staging-collector-5a58:  PASS (6.97 s)
 (28/58) /source/falco/test/falco_test.py:FalcoTest.test;yes-staging-db-ccac:  PASS (2.33 s)
 (29/58) /source/falco/test/falco_test.py:FalcoTest.test;yes-staging-worker-f0b2:  PASS (4.04 s)
 (30/58) /source/falco/test/falco_test.py:FalcoTest.test;no-change-thread-namespace-a8b3:  ERROR: Falco command "/build/debug/userspace/falco/falco -r /source/falco/test/../rules/falco_rules.yaml   -c /source/falco/test/../falco.yaml -e /build/debug/test/traces-positive/change-thread-namespace.scap -o json_output=False -o json_include_output_property=... (0.31 s)
 (31/58) /source/falco/test/falco_test.py:FalcoTest.test;no-container-privileged-67f3:  ERROR: Falco command "/build/debug/userspace/falco/falco -r /source/falco/test/../rules/falco_rules.yaml   -c /source/falco/test/../falco.yaml -e /build/debug/test/traces-positive/container-privileged.scap -o json_output=False -o json_include_output_property=Tru... (0.31 s)
 (32/58) /source/falco/test/falco_test.py:FalcoTest.test;no-container-sensitive-mount-a843:  ERROR: Falco command "/build/debug/userspace/falco/falco -r /source/falco/test/../rules/falco_rules.yaml   -c /source/falco/test/../falco.yaml -e /build/debug/test/traces-positive/container-sensitive-mount.scap -o json_output=False -o json_include_output_propert... (0.33 s)
 (33/58) /source/falco/test/falco_test.py:FalcoTest.test;no-create-files-below-dev-8182:  ERROR: Falco command "/build/debug/userspace/falco/falco -r /source/falco/test/../rules/falco_rules.yaml   -c /source/falco/test/../falco.yaml -e /build/debug/test/traces-positive/create-files-below-dev.scap -o json_output=False -o json_include_output_property=T... (0.30 s)
 (34/58) /source/falco/test/falco_test.py:FalcoTest.test;no-db-program-spawned-process-41a4:  PASS (0.20 s)
 (35/58) /source/falco/test/falco_test.py:FalcoTest.test;no-falco-event-generator-8076:  PASS (1.28 s)
 (36/58) /source/falco/test/falco_test.py:FalcoTest.test;no-mkdir-binary-dirs-0d64:  PASS (0.22 s)
 (37/58) /source/falco/test/falco_test.py:FalcoTest.test;no-modify-binary-dirs-085b:  ERROR: Falco command "/build/debug/userspace/falco/falco -r /source/falco/test/../rules/falco_rules.yaml   -c /source/falco/test/../falco.yaml -e /build/debug/test/traces-positive/modify-binary-dirs.scap -o json_output=False -o json_include_output_property=True ... (0.31 s)
 (38/58) /source/falco/test/falco_test.py:FalcoTest.test;no-non-sudo-setuid-d651:  ERROR: Falco command "/build/debug/userspace/falco/falco -r /source/falco/test/../rules/falco_rules.yaml   -c /source/falco/test/../falco.yaml -e /build/debug/test/traces-positive/non-sudo-setuid.scap -o json_output=False -o json_include_output_property=True -o ... (0.30 s)
 (39/58) /source/falco/test/falco_test.py:FalcoTest.test;no-read-sensitive-file-after-startup-e787:  ERROR: Falco command "/build/debug/userspace/falco/falco -r /source/falco/test/../rules/falco_rules.yaml   -c /source/falco/test/../falco.yaml -e /build/debug/test/traces-positive/read-sensitive-file-after-startup.scap -o json_output=False -o json_include_output... (0.31 s)
 (40/58) /source/falco/test/falco_test.py:FalcoTest.test;no-read-sensitive-file-untrusted-16e7:  ERROR: Falco command "/build/debug/userspace/falco/falco -r /source/falco/test/../rules/falco_rules.yaml   -c /source/falco/test/../falco.yaml -e /build/debug/test/traces-positive/read-sensitive-file-untrusted.scap -o json_output=False -o json_include_output_pro... (0.31 s)
 (41/58) /source/falco/test/falco_test.py:FalcoTest.test;no-run-shell-untrusted-bb20:  PASS (0.22 s)
 (42/58) /source/falco/test/falco_test.py:FalcoTest.test;no-system-binaries-network-activity-e2a4:  ERROR: Falco command "/build/debug/userspace/falco/falco -r /source/falco/test/../rules/falco_rules.yaml   -c /source/falco/test/../falco.yaml -e /build/debug/test/traces-positive/system-binaries-network-activity.scap -o json_output=False -o json_include_output_... (0.32 s)
 (43/58) /source/falco/test/falco_test.py:FalcoTest.test;no-system-user-interactive-ef20:  PASS (0.20 s)
 (44/58) /source/falco/test/falco_test.py:FalcoTest.test;no-user-mgmt-binaries-d3ff:  ERROR: Falco command "/build/debug/userspace/falco/falco -r /source/falco/test/../rules/falco_rules.yaml   -c /source/falco/test/../falco.yaml -e /build/debug/test/traces-positive/user-mgmt-binaries.scap -o json_output=False -o json_include_output_property=True ... (0.31 s)
 (45/58) /source/falco/test/falco_test.py:FalcoTest.test;no-write-binary-dir-116c:  PASS (0.20 s)
 (46/58) /source/falco/test/falco_test.py:FalcoTest.test;no-write-etc-26fc:  PASS (0.20 s)
 (47/58) /source/falco/test/falco_test.py:FalcoTest.test;no-write-rpm-database-a591:  PASS (0.20 s)
 (48/58) /source/falco/test/falco_test.py:FalcoTest.test;no-curl-install-4f56:  ERROR: Falco command "/build/debug/userspace/falco/falco -r /source/falco/test/../rules/falco_rules.yaml   -c /source/falco/test/../falco.yaml -e /build/debug/test/traces-negative/curl-install.scap -o json_output=False -o json_include_output_property=True -o pri... (0.32 s)
 (49/58) /source/falco/test/falco_test.py:FalcoTest.test;no-curl-uninstall-4ecb:  ERROR: Falco command "/build/debug/userspace/falco/falco -r /source/falco/test/../rules/falco_rules.yaml   -c /source/falco/test/../falco.yaml -e /build/debug/test/traces-negative/curl-uninstall.scap -o json_output=False -o json_include_output_property=True -o p... (0.32 s)
 (50/58) /source/falco/test/falco_test.py:FalcoTest.test;no-dhcpclient-renew-6b9a:  ERROR: Falco command "/build/debug/userspace/falco/falco -r /source/falco/test/../rules/falco_rules.yaml   -c /source/falco/test/../falco.yaml -e /build/debug/test/traces-negative/dhcpclient-renew.scap -o json_output=False -o json_include_output_property=True -o... (0.32 s)
 (51/58) /source/falco/test/falco_test.py:FalcoTest.test;no-docker-compose-0073:  ERROR: Falco command "/build/debug/userspace/falco/falco -r /source/falco/test/../rules/falco_rules.yaml   -c /source/falco/test/../falco.yaml -e /build/debug/test/traces-negative/docker-compose.scap -o json_output=False -o json_include_output_property=True -o p... (1.49 s)
 (52/58) /source/falco/test/falco_test.py:FalcoTest.test;no-exim4-4b12:  ERROR: Falco command "/build/debug/userspace/falco/falco -r /source/falco/test/../rules/falco_rules.yaml   -c /source/falco/test/../falco.yaml -e /build/debug/test/traces-negative/exim4.scap -o json_output=False -o json_include_output_property=True -o priority=d... (0.32 s)
 (53/58) /source/falco/test/falco_test.py:FalcoTest.test;no-git-push-3dc6:  ERROR: Falco command "/build/debug/userspace/falco/falco -r /source/falco/test/../rules/falco_rules.yaml   -c /source/falco/test/../falco.yaml -e /build/debug/test/traces-negative/git-push.scap -o json_output=False -o json_include_output_property=True -o priorit... (0.31 s)
 (54/58) /source/falco/test/falco_test.py:FalcoTest.test;no-kernel-upgrade-9032:  ERROR: Falco command "/build/debug/userspace/falco/falco -r /source/falco/test/../rules/falco_rules.yaml   -c /source/falco/test/../falco.yaml -e /build/debug/test/traces-negative/kernel-upgrade.scap -o json_output=False -o json_include_output_property=True -o p... (4.30 s)
 (55/58) /source/falco/test/falco_test.py:FalcoTest.test;no-kube-demo-0b1b:  ERROR: Falco command "/build/debug/userspace/falco/falco -r /source/falco/test/../rules/falco_rules.yaml   -c /source/falco/test/../falco.yaml -e /build/debug/test/traces-negative/kube-demo.scap -o json_output=False -o json_include_output_property=True -o priori... (0.54 s)
 (56/58) /source/falco/test/falco_test.py:FalcoTest.test;no-staging-collector-48bb:  PASS (6.99 s)
 (57/58) /source/falco/test/falco_test.py:FalcoTest.test;no-staging-db-946c:  PASS (2.33 s)
 (58/58) /source/falco/test/falco_test.py:FalcoTest.test;no-staging-worker-f655:  PASS (4.06 s)
RESULTS    : PASS 22 | ERROR 36 | FAIL 0 | SKIP 0 | WARN 0 | INTERRUPT 0 | CANCEL 0

Running: avocado run --mux-yaml /source/falco/test/falco_tests.yaml --job-results-dir /source/falco/test/job-results -- /source/falco/test/falco_test.py
JOB ID     : 3e48b659e5cafe51d5b120318d2b85161b0de708
JOB LOG    : /source/falco/test/job-results/job-2019-07-19T09.48-3e48b65/job.log
 (01/85) /source/falco/test/falco_test.py:FalcoTest.test;builtin_rules_no_warnings-a141:  PASS (0.20 s)
 (02/85) /source/falco/test/falco_test.py:FalcoTest.test;test_warnings-d468:  PASS (0.09 s)
 (03/85) /source/falco/test/falco_test.py:FalcoTest.test;rule_names_with_spaces-7772:  PASS (0.04 s)
 (04/85) /source/falco/test/falco_test.py:FalcoTest.test;multiple_rules_first_empty-edb0:  PASS (0.04 s)
 (05/85) /source/falco/test/falco_test.py:FalcoTest.test;multiple_rules_last_empty-c1d9:  PASS (0.04 s)
 (06/85) /source/falco/test/falco_test.py:FalcoTest.test;multiple_rules-ac2f:  PASS (0.04 s)
 (07/85) /source/falco/test/falco_test.py:FalcoTest.test;rules_directory-c1d2:  PASS (0.04 s)
 (08/85) /source/falco/test/falco_test.py:FalcoTest.test;multiple_rules_suppress_info-8878:  PASS (0.04 s)
 (09/85) /source/falco/test/falco_test.py:FalcoTest.test;multiple_rules_overriding-4229:  PASS (0.04 s)
 (10/85) /source/falco/test/falco_test.py:FalcoTest.test;macro_overriding-5be2:  PASS (0.04 s)
 (11/85) /source/falco/test/falco_test.py:FalcoTest.test;list_overriding-3025:  PASS (0.04 s)
 (12/85) /source/falco/test/falco_test.py:FalcoTest.test;nested_list_overriding-31b6:  PASS (0.04 s)
 (13/85) /source/falco/test/falco_test.py:FalcoTest.test;list_substring-a87c:  PASS (0.04 s)
 (14/85) /source/falco/test/falco_test.py:FalcoTest.test;list_sub_front-7f06:  PASS (0.04 s)
 (15/85) /source/falco/test/falco_test.py:FalcoTest.test;list_sub_mid-fecd:  PASS (0.04 s)
 (16/85) /source/falco/test/falco_test.py:FalcoTest.test;list_sub_end-03e5:  PASS (0.04 s)
 (17/85) /source/falco/test/falco_test.py:FalcoTest.test;list_sub_bare-f19a:  PASS (0.04 s)
 (18/85) /source/falco/test/falco_test.py:FalcoTest.test;list_sub_whitespace-eefc:  PASS (0.04 s)
 (19/85) /source/falco/test/falco_test.py:FalcoTest.test;list_order-8ac3:  PASS (0.04 s)
 (20/85) /source/falco/test/falco_test.py:FalcoTest.test;macro_order-9e3f:  PASS (0.04 s)
 (21/85) /source/falco/test/falco_test.py:FalcoTest.test;rule_order-5413:  PASS (0.04 s)
 (22/85) /source/falco/test/falco_test.py:FalcoTest.test;endswith-bda6:  PASS (0.04 s)
 (23/85) /source/falco/test/falco_test.py:FalcoTest.test;invalid_not_yaml-937f:  PASS (0.03 s)
 (24/85) /source/falco/test/falco_test.py:FalcoTest.test;invalid_not_array-2ed3:  PASS (0.03 s)
 (25/85) /source/falco/test/falco_test.py:FalcoTest.test;invalid_array_item_not_object-0fc5:  PASS (0.03 s)
 (26/85) /source/falco/test/falco_test.py:FalcoTest.test;invalid_unexpected object-71ca:  PASS (0.03 s)
 (27/85) /source/falco/test/falco_test.py:FalcoTest.test;invalid_engine_version_not_number-a44a:  PASS (0.03 s)
 (28/85) /source/falco/test/falco_test.py:FalcoTest.test;invalid_yaml_parse_error-50ed:  PASS (0.03 s)
 (29/85) /source/falco/test/falco_test.py:FalcoTest.test;invalid_list_without_items-3d7b:  PASS (0.03 s)
 (30/85) /source/falco/test/falco_test.py:FalcoTest.test;invalid_macro_without_condition-6875:  PASS (0.03 s)
 (31/85) /source/falco/test/falco_test.py:FalcoTest.test;invalid_rule_without_output-2d87:  PASS (0.03 s)
 (32/85) /source/falco/test/falco_test.py:FalcoTest.test;invalid_append_rule_without_condition-dc8f:  PASS (0.03 s)
 (33/85) /source/falco/test/falco_test.py:FalcoTest.test;invalid_append_macro_dangling-665f:  PASS (0.03 s)
 (34/85) /source/falco/test/falco_test.py:FalcoTest.test;invalid_list_append_dangling-c28b:  PASS (0.03 s)
 (35/85) /source/falco/test/falco_test.py:FalcoTest.test;invalid_rule_append_dangling-e5b4:  PASS (0.03 s)
 (36/85) /source/falco/test/falco_test.py:FalcoTest.test;invalid_missing_rule_name-8071:  PASS (0.03 s)
 (37/85) /source/falco/test/falco_test.py:FalcoTest.test;invalid_missing_list_name-34d5:  PASS (0.03 s)
 (38/85) /source/falco/test/falco_test.py:FalcoTest.test;invalid_missing_macro_name-d4cf:  PASS (0.03 s)
 (39/85) /source/falco/test/falco_test.py:FalcoTest.test;invalid_rule_output-283b:  PASS (0.03 s)
 (40/85) /source/falco/test/falco_test.py:FalcoTest.test;disabled_rules-0085:  PASS (0.04 s)
 (41/85) /source/falco/test/falco_test.py:FalcoTest.test;disabled_rules_using_regex-e214:  PASS (0.04 s)
 (42/85) /source/falco/test/falco_test.py:FalcoTest.test;disabled_rules_using_enabled_flag-3698:  PASS (0.04 s)
 (43/85) /source/falco/test/falco_test.py:FalcoTest.test;disabled_and_enabled_rules_1-d1bb:  PASS (0.03 s)
 (44/85) /source/falco/test/falco_test.py:FalcoTest.test;disabled_and_enabled_rules_2-bb13:  PASS (0.03 s)
 (45/85) /source/falco/test/falco_test.py:FalcoTest.test;null_output_field-a452:  PASS (0.04 s)
 (46/85) /source/falco/test/falco_test.py:FalcoTest.test;file_output-c7ca:  PASS (0.04 s)
 (47/85) /source/falco/test/falco_test.py:FalcoTest.test;program_output-c741:  PASS (0.06 s)
 (48/85) /source/falco/test/falco_test.py:FalcoTest.test;detect_counts-9aba:  PASS (0.24 s)
 (49/85) /source/falco/test/falco_test.py:FalcoTest.test;disabled_tags_a-69d5:  PASS (0.06 s)
 (50/85) /source/falco/test/falco_test.py:FalcoTest.test;disabled_tags_b-6666:  PASS (0.06 s)
 (51/85) /source/falco/test/falco_test.py:FalcoTest.test;disabled_tags_c-c7f8:  PASS (0.06 s)
 (52/85) /source/falco/test/falco_test.py:FalcoTest.test;disabled_tags_ab-3141:  PASS (0.06 s)
 (53/85) /source/falco/test/falco_test.py:FalcoTest.test;disabled_tags_abc-fdb7:  PASS (0.06 s)
 (54/85) /source/falco/test/falco_test.py:FalcoTest.test;run_tags_a-3587:  PASS (0.06 s)
 (55/85) /source/falco/test/falco_test.py:FalcoTest.test;run_tags_b-7dc3:  PASS (0.06 s)
 (56/85) /source/falco/test/falco_test.py:FalcoTest.test;run_tags_c-7b49:  PASS (0.06 s)
 (57/85) /source/falco/test/falco_test.py:FalcoTest.test;run_tags_ab-4338:  PASS (0.06 s)
 (58/85) /source/falco/test/falco_test.py:FalcoTest.test;run_tags_bc-7ddf:  PASS (0.06 s)
 (59/85) /source/falco/test/falco_test.py:FalcoTest.test;run_tags_abc-683e:  PASS (0.06 s)
 (60/85) /source/falco/test/falco_test.py:FalcoTest.test;run_tags_d-f7ce:  PASS (0.06 s)
 (61/85) /source/falco/test/falco_test.py:FalcoTest.test;list_append_failure-99ba:  PASS (0.03 s)
 (62/85) /source/falco/test/falco_test.py:FalcoTest.test;list_append-b34b:  PASS (0.04 s)
 (63/85) /source/falco/test/falco_test.py:FalcoTest.test;list_append_false-5464:  PASS (0.04 s)
 (64/85) /source/falco/test/falco_test.py:FalcoTest.test;macro_append_failure-6b61:  PASS (0.03 s)
 (65/85) /source/falco/test/falco_test.py:FalcoTest.test;macro_append-3b19:  PASS (0.04 s)
 (66/85) /source/falco/test/falco_test.py:FalcoTest.test;macro_append_false-e29f:  PASS (0.04 s)
 (67/85) /source/falco/test/falco_test.py:FalcoTest.test;rule_append_failure-0f87:  PASS (0.03 s)
 (68/85) /source/falco/test/falco_test.py:FalcoTest.test;rule_append_skipped-3a66:  PASS (0.04 s)
 (69/85) /source/falco/test/falco_test.py:FalcoTest.test;rule_append-6922:  PASS (0.04 s)
 (70/85) /source/falco/test/falco_test.py:FalcoTest.test;rule_append_false-c29f:  PASS (0.04 s)
 (71/85) /source/falco/test/falco_test.py:FalcoTest.test;json_output_no_output_property-d3e7:  PASS (0.04 s)
 (72/85) /source/falco/test/falco_test.py:FalcoTest.test;in_operator_netmasks-ea28:  ERROR: Falco command "/build/debug/userspace/falco/falco -r /source/falco/test/rules/detect_connect_using_in.yaml   -c /source/falco/test/../falco.yaml -e /build/debug/test/trace_files/connect_localhost.scap -o json_output=False -o json_include_output_property=T... (0.15 s)
 (73/85) /source/falco/test/falco_test.py:FalcoTest.test;syscalls-6e27:  PASS (0.05 s)
 (74/85) /source/falco/test/falco_test.py:FalcoTest.test;catchall_order-19f7:  PASS (0.04 s)
 (75/85) /source/falco/test/falco_test.py:FalcoTest.test;skip_unknown_noevt-35cb:  PASS (0.04 s)
 (76/85) /source/falco/test/falco_test.py:FalcoTest.test;skip_unknown_prefix-ea34:  PASS (0.04 s)
 (77/85) /source/falco/test/falco_test.py:FalcoTest.test;skip_unknown_error-c76b:  PASS (0.03 s)
 (78/85) /source/falco/test/falco_test.py:FalcoTest.test;skip_unknown_unspec_error-776c:  PASS (0.03 s)
 (79/85) /source/falco/test/falco_test.py:FalcoTest.test;engine_version_mismatch-f49b:  PASS (0.03 s)
 (80/85) /source/falco/test/falco_test.py:FalcoTest.test;monitor_syscall_drops_none-abbf:  PASS (0.04 s)
 (81/85) /source/falco/test/falco_test.py:FalcoTest.test;monitor_syscall_drops_ignore-42f5:  PASS (0.04 s)
 (82/85) /source/falco/test/falco_test.py:FalcoTest.test;monitor_syscall_drops_log-e023:  PASS (0.04 s)
 (83/85) /source/falco/test/falco_test.py:FalcoTest.test;monitor_syscall_drops_alert-2132:  PASS (0.04 s)
 (84/85) /source/falco/test/falco_test.py:FalcoTest.test;monitor_syscall_drops_exit-7e64:  PASS (0.04 s)
 (85/85) /source/falco/test/falco_test.py:FalcoTest.test;time_iso_8601-8fea:  PASS (0.04 s)
RESULTS    : PASS 84 | ERROR 1 | FAIL 0 | SKIP 0 | WARN 0 | INTERRUPT 0 | CANCEL 0

Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>

poiana · 2019-07-25T17:07:05Z

LGTM label has been added.

Git tree hash: 7320cd997fba886a6b49a07454b328eef2307da5

leodido · 2019-07-25T17:34:11Z

The internal CI (jenkins) is failing because it seems to not pull the falcosecurity/falco-builder and falcosecurity/falco-tester (latest) images which I pushed to the the Falco docker hub account.

You can see this in the logs.

Log of the last build (notice the toolset-2 ..)

[build-pipeline_chore_travis-UPTQVL5WMKFIXYRUTRGWSQUFWN7ASZNXPIUR4IOTCSQB4PZMKISQ] Running shell script
+ ./falco/scripts/jenkins/build-pipeline/version
+ SOURCE_DIR=/source
+ BUILD_DIR=/build
+ TASK=cmake
+ MANPATH=
+ . /opt/rh/devtoolset-2/enable
++ export PATH=/opt/rh/devtoolset-2/root/usr/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
++ PATH=/opt/rh/devtoolset-2/root/usr/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
++ export MANPATH=/opt/rh/devtoolset-2/root/usr/share/man:
++ MANPATH=/opt/rh/devtoolset-2/root/usr/share/man:
++ export INFOPATH=/opt/rh/devtoolset-2/root/usr/share/info
++ INFOPATH=/opt/rh/devtoolset-2/root/usr/share/info
++ export PCP_DIR=/opt/rh/devtoolset-2/root
++ PCP_DIR=/opt/rh/devtoolset-2/root
++ export PERL5LIB=/opt/rh/devtoolset-2/root//usr/lib64/perl5/vendor_perl:/opt/rh/devtoolset-2/root/usr/lib/perl5:/opt/rh/devtoolset-2/root//usr/share/perl5/vendor_perl
++ PERL5LIB=/opt/rh/devtoolset-2/root//usr/lib64/perl5/vendor_perl:/opt/rh/devtoolset-2/root/usr/lib/perl5:/opt/rh/devtoolset-2/root//usr/share/perl5/vendor_perl
+++ rpm --eval '%{_libdir}'
++ rpmlibdir=/usr/lib64
++ '[' /usr/lib64 '!=' /usr/ ']'
++ rpmlibdir32=:/opt/rh/devtoolset-2/root/usr/lib
++ export LD_LIBRARY_PATH=/opt/rh/devtoolset-2/root/usr/lib64:/opt/rh/devtoolset-2/root/usr/lib
++ LD_LIBRARY_PATH=/opt/rh/devtoolset-2/root/usr/lib64:/opt/rh/devtoolset-2/root/usr/lib
+++ python -c 'import sys; print sys.version[:3]'
++ pythonvers=2.6
++ export PYTHONPATH=/opt/rh/devtoolset-2/root/usr/lib64/python2.6/site-packages:/opt/rh/devtoolset-2/root/usr/lib/python2.6/site-packages
++ PYTHONPATH=/opt/rh/devtoolset-2/root/usr/lib64/python2.6/site-packages:/opt/rh/devtoolset-2/root/usr/lib/python2.6/site-packages
+ CMAKE_DIR=/build/cmake
+ '[' '!' -e /build/cmake ']'
+ cd /build
+ mkdir -p /build/cmake
+ wget -nv https://s3.amazonaws.com/download.draios.com/dependencies/cmake-3.3.2.tar.gz
2019-07-25 16:26:11 URL:https://s3.amazonaws.com/download.draios.com/dependencies/cmake-3.3.2.tar.gz [6578184/6578184] -> "cmake-3.3.2.tar.gz" [1]
+ tar -C /build/cmake --strip-components 1 -xzf cmake-3.3.2.tar.gz
+ cd /build/cmake
+ ./bootstrap --system-curl
Curses libraries were not found. Curses GUI for CMake will not be built.
+ make -j4
+ '[' cmake == cmake ']'
+ mkdir -p /build/Release
+ cd /build/Release
+ /build/cmake/bin/cmake -DCMAKE_BUILD_TYPE=Release -DFALCO_VERSION=0.1.1dev -DCMAKE_INSTALL_PREFIX=/usr -DBUILD_DRIVER=OFF -DBUILD_BPF=OFF -DBUILD_WARNINGS_AS_ERRORS=ON /source/falco
+ exit 0

Log of the previous (successful) build:

[build-pipeline_chore_travis-UPTQVL5WMKFIXYRUTRGWSQUFWN7ASZNXPIUR4IOTCSQB4PZMKISQ] Running shell script
+ ./falco/scripts/jenkins/build-pipeline/version
Unable to find image 'falcosecurity/falco-builder:chore-travis' locally
chore-travis: Pulling from falcosecurity/falco-builder
8ba884070f61: Already exists
4faa8cb317e5: Pulling fs layer
eb6e5ea2d5ea: Pulling fs layer
2bfc9ff060c2: Pulling fs layer
43ea8a02d78b: Pulling fs layer
43ea8a02d78b: Waiting
eb6e5ea2d5ea: Download complete
2bfc9ff060c2: Verifying Checksum
2bfc9ff060c2: Download complete
43ea8a02d78b: Download complete
4faa8cb317e5: Verifying Checksum
4faa8cb317e5: Download complete
4faa8cb317e5: Pull complete
eb6e5ea2d5ea: Pull complete
2bfc9ff060c2: Pull complete
43ea8a02d78b: Pull complete
Digest: sha256:2eeb533c61907f12aa0d039a35ef89b89ec1e64f7b0f5129e4eccd26e992f887
Status: Downloaded newer image for falcosecurity/falco-builder:chore-travis

mfdii

My only question before approving is if documentation needs to be updated on the docs site?

… tester) Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>

leodido · 2019-07-25T18:32:31Z

@mfdii There is only a sentence or two (about the default value of FALCO_VERSION variable) to adjust in the "Build from source" section of the falco website AFAIK.

I'll submit that one tomorrow, but I do not think that it is blocking this one (as long checks turn all green, clearly).

poiana · 2019-07-25T20:33:27Z

LGTM label has been added.

Git tree hash: ad9d3a4b1c64d73c4099a96304b5b7de3e704136

poiana · 2019-07-25T20:33:29Z

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: mstemm

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

~~OWNERS~~ [mstemm]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

Fixes #52 Refs falcosecurity/falco#719 changes Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>

poiana added do-not-merge/work-in-progress kind/cleanup release-note-none labels Jul 11, 2019

poiana requested review from fntlnz and Kaizhe July 11, 2019 09:01

poiana added dco-signoff: yes size/L dco-signoff: no and removed dco-signoff: yes labels Jul 11, 2019

leodido force-pushed the chore/travis branch from 31cbe10 to 9a77408 Compare July 15, 2019 19:41

poiana added dco-signoff: yes and removed dco-signoff: no labels Jul 15, 2019

leodido force-pushed the chore/travis branch from 9a77408 to d5b2818 Compare July 15, 2019 19:41

leodido changed the title ~~wip: travis + regression tests refinements~~ wip: new falco builder + consequent travis and regression tests refinements Jul 16, 2019

poiana added dco-signoff: no size/XL and removed dco-signoff: yes size/L labels Jul 16, 2019

leodido force-pushed the chore/travis branch from eda6d56 to bd2f4f1 Compare July 16, 2019 15:09

poiana added dco-signoff: yes size/XXL and removed dco-signoff: no size/XL labels Jul 16, 2019

poiana added release-note kind/feature release-note-none and removed release-note-none release-note labels Jul 22, 2019

fntlnz mentioned this pull request Jul 22, 2019

ARM64 Build #520

Closed

chore: moving travis build script in scripts directory

10b2ce8

Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>

leodido dismissed fntlnz’s stale review via 10b2ce8 July 25, 2019 16:22

leodido force-pushed the chore/travis branch from 881d96e to 10b2ce8 Compare July 25, 2019 16:22

poiana removed the approved label Jul 25, 2019

leodido requested review from fntlnz and mstemm July 25, 2019 16:23

fntlnz previously approved these changes Jul 25, 2019

View reviewed changes

poiana added the lgtm label Jul 25, 2019

poiana added the approved label Jul 25, 2019

leodido dismissed fntlnz’s stale review via bedbd0a July 25, 2019 17:52

poiana removed lgtm approved labels Jul 25, 2019

leodido force-pushed the chore/travis branch from bedbd0a to e047563 Compare July 25, 2019 17:53

mfdii reviewed Jul 25, 2019

View reviewed changes

fix(scripts/jenkins): ensure to pull docker images (falco builder and…

32e399c

… tester) Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>

leodido force-pushed the chore/travis branch from e047563 to 32e399c Compare July 25, 2019 18:31

poiana added the lgtm label Jul 25, 2019

mstemm approved these changes Jul 25, 2019

View reviewed changes

poiana added the approved label Jul 25, 2019

leodido mentioned this pull request Jul 26, 2019

Change documentation about the (default) FALCO_VERSION falcosecurity/falco-website#52

Closed

leodido merged commit 4a4701b into dev Jul 26, 2019

poiana deleted the chore/travis branch July 26, 2019 01:23

leodido added a commit to falcosecurity/falco-website that referenced this pull request Jul 26, 2019

docs: update the instruction to build from source

47d6eaf

Fixes #52 Refs falcosecurity/falco#719 changes Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>

leodido mentioned this pull request Jul 26, 2019

docs: update the instruction to build from source falcosecurity/falco-website#53

Merged

leodido added a commit to falcosecurity/falco-website that referenced this pull request Jul 26, 2019

docs: update the instruction to build from source

f8bcfe9

Fixes #52 Refs falcosecurity/falco#719 changes Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

wip: new falco builder + consequent travis and regression tests refinements #719

wip: new falco builder + consequent travis and regression tests refinements #719

leodido commented Jul 11, 2019 •

edited

Loading

leodido commented Jul 19, 2019 •

edited

Loading

poiana commented Jul 25, 2019

leodido commented Jul 25, 2019

mfdii left a comment

leodido commented Jul 25, 2019 •

edited

Loading

poiana commented Jul 25, 2019

poiana commented Jul 25, 2019

wip: new falco builder + consequent travis and regression tests refinements #719

wip: new falco builder + consequent travis and regression tests refinements #719

Conversation

leodido commented Jul 11, 2019 • edited Loading

leodido commented Jul 19, 2019 • edited Loading

poiana commented Jul 25, 2019

leodido commented Jul 25, 2019

mfdii left a comment

Choose a reason for hiding this comment

leodido commented Jul 25, 2019 • edited Loading

poiana commented Jul 25, 2019

poiana commented Jul 25, 2019

leodido commented Jul 11, 2019 •

edited

Loading

leodido commented Jul 19, 2019 •

edited

Loading

leodido commented Jul 25, 2019 •

edited

Loading