tetragon: Add test for exec events generated throgh main

Execute tetragon through main and make sure we get exec events generated. Signed-off-by: Jiri Olsa <jolsa@kernel.org>
cilium · Nov 10, 2024 · 75167f5 · 75167f5
1 parent 82281e2
commit 75167f5
Show file tree

Hide file tree

Showing 3 changed files with 75 additions and 2 deletions.
diff --git a/cmd/tetragon/main.go b/cmd/tetragon/main.go
@@ -205,7 +205,10 @@ func loadInitialSensor(ctx context.Context) error {
 func tetragonExecute() error {
 	ctx, cancel := context.WithCancel(context.Background())
 	defer cancel()
+	return tetragonExecuteCtx(ctx, cancel, func() {})
+}
 
+func tetragonExecuteCtx(ctx context.Context, cancel context.CancelFunc, ready func()) error {
 	sigs := make(chan os.Signal, 1)
 	signal.Notify(sigs, syscall.SIGINT, syscall.SIGTERM)
 
@@ -514,7 +517,7 @@ func tetragonExecute() error {
 		go logStatus(ctx, obs)
 	}
 
-	return obs.Start(ctx)
+	return obs.StartReady(ctx, ready)
 }
 
 func waitCRDs(config *rest.Config) error {

diff --git a/cmd/tetragon/main_test.go b/cmd/tetragon/main_test.go
@@ -0,0 +1,66 @@
+// SPDX-License-Identifier: Apache-2.0
+// Copyright Authors of Tetragon
+
+package main
+
+import (
+	"context"
+	"os"
+	"testing"
+
+	ec "github.com/cilium/tetragon/api/v1/tetragon/codegen/eventchecker"
+	"github.com/cilium/tetragon/pkg/defaults"
+	"github.com/cilium/tetragon/pkg/jsonchecker"
+	"github.com/cilium/tetragon/pkg/option"
+	"github.com/cilium/tetragon/pkg/testutils"
+	tus "github.com/cilium/tetragon/pkg/testutils/sensors"
+	"github.com/stretchr/testify/assert"
+)
+
+func TestMain(m *testing.M) {
+	ec := tus.TestSensorsRun(m, "Exec")
+	os.Exit(ec)
+}
+
+// The test starts tetragon with minimal setup and stops it
+// when it observer is ready. By that time we should have
+// exec events generated, make sure it's done.
+func TestGeneratedExecEvents(t *testing.T) {
+	ctx, cancel := context.WithCancel(context.Background())
+	ready := func() {
+		cancel()
+	}
+
+	// Minimal config to start tetragon
+	option.Config.ExportRateLimit = -1
+	option.Config.DataCacheSize = 1024
+	option.Config.ProcessCacheSize = 65536
+	option.Config.BpfDir = defaults.DefaultMapPrefix
+	option.Config.HubbleLib = tus.Conf().TetragonLib
+	option.Config.TracingPolicyDir = defaults.DefaultTpDir
+
+	// Configure export file
+	f, err := testutils.CreateExportFile(t)
+	if err != nil {
+		t.Fatalf("testutils.CreateExportFilefailed: %v\n", err)
+	}
+	defer f.Close()
+
+	fname, err := testutils.GetExportFilename(t)
+	if err != nil {
+		t.Fatalf("testutils.GetExportFilename failed: %v\n", err)
+	}
+	option.Config.ExportFilename = fname
+
+	err = tetragonExecuteCtx(ctx, cancel, ready)
+	assert.NoError(t, err)
+
+	// Make sure exec event with pid 1 was generated
+	checker := ec.NewUnorderedEventChecker(
+		ec.NewProcessExecChecker("").WithProcess(
+			ec.NewProcessChecker().WithPid(1)),
+	)
+
+	err = jsonchecker.JsonTestCheck(t, checker)
+	assert.NoError(t, err)
+}
diff --git a/pkg/observer/observer.go b/pkg/observer/observer.go
@@ -331,10 +331,14 @@ func (k *Observer) UpdateRuntimeConf(bpfDir string) error {
 
 // Start starts the observer
 func (k *Observer) Start(ctx context.Context) error {
+	return k.StartReady(ctx, func() {})
+}
+
+func (k *Observer) StartReady(ctx context.Context, ready func()) error {
 	k.PerfConfig = bpf.DefaultPerfEventConfig()
 
 	var err error
-	if err = k.RunEvents(ctx, func() {}); err != nil {
+	if err = k.RunEvents(ctx, ready); err != nil {
 		return fmt.Errorf("tetragon, aborting runtime error: %w", err)
 	}
 	return nil