8000 policy: fix validation of args and retval by josedonizetti · Pull Request #3144 · aquasecurity/tracee · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

policy: fix validation of args and retval #3144

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
May 26, 2023
Merged

policy: fix validation of args and retval #3144

merged 1 commit into from
May 26, 2023

Conversation

josedonizetti
Copy link
Contributor

1. Explain what the PR does

Fix #3143

Fixes validation for filter args and retval on policies.

2. Explain how to test it

create file p.yaml with policy below

name: openat_args_pathname
description: traces openat under /tmp/*
scope:
  - global
defaultAction: log
rules:
  - event: openat
    filter:
      - args.pathname=/tmp*

Pass policy to tracee

sudo tracee -p p.yaml

3. Other comments

@josedonizetti josedonizetti force-pushed the fix-args-validation branch from 889e254 to 191afd7 Compare May 25, 2023 23:28
@josedonizetti josedonizetti force-pushed the fix-args-validation branch from 191afd7 to ad1e465 Compare May 25, 2023 23:32
geyslan
geyslan approved these changes May 26, 2023
View reviewed changes
Copy link
Member
@geyslan geyslan left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

pkg/policy/policy_file_test.go
},
},
},
expectedError: errors.New("policy.PolicyFile.validateRules: policy invalid_retval, invalid filter operator: retval"),
Copy link
Member
@geyslan geyslan May 26, 2023
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just a note to ourselves of the future: We should use error variables to be possible to compare them in tests and further code path. I've put a comment about this in https://github.com/aquasecurity/tracee/pull/3137/files#diff-f70250a062f09eebb2d5b94837022723ff90b7175790d0d7326da75f1ade0222R360-R361

The unique concern is how to make it comparable when the error is a formatted one.

@rafaeldtinoco rafaeldtinoco merged commit 7fc5816 into aquasecurity:main May 26, 2023
@josedonizetti josedonizetti deleted the fix-args-validation branch May 26, 2023 02:44
geyslan pushed a commit to geyslan/tracee that referenced this pull request Jun 5, 2023
@josedonizetti @geyslan
policy: fix validation of args and retval (aquasecurity#3144)
e963f61
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@geyslan geyslan geyslan approved these changes

Assignees

@josedonizetti josedonizetti

Labels
area/testing
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

policy: error processing policy with arguments
3 participants
@josedonizetti @geyslan @rafaeldtinoco
0