diff --git a/build/dockerfile b/build/dockerfile index e7a3b6a..50fdc0a 100644 --- a/build/dockerfile +++ b/build/dockerfile @@ -4,8 +4,8 @@ RUN useradd -d /home/mario -m -s /bin/bash mario COPY words /usr/local/tomcat/webapps/ -USER mario - RUN apt-get update && apt-get install -y vim +USER mario + CMD catalina.sh run diff --git a/build/tester.go b/build/tester.go index c56dbdc..f382ea3 100644 --- a/build/tester.go +++ b/build/tester.go @@ -172,8 +172,8 @@ func Assert2Ephemeral(command *parser.Command) (*parser.Command, error) { } test += "-f " + command.Args[2] ephemeral.Args = append(ephemeral.Args, test) - - case "CURRENT_USER_IS": + + case "CURRENT_USER_IS": if len(command.Args) != 3 { return nil, fmt.Errorf("Condition %s accept one and only one argument (found %d)", "CURRENT_USER_IS", len(command.Args)-2) } @@ -182,7 +182,7 @@ func Assert2Ephemeral(command *parser.Command) (*parser.Command, error) { if command.Args[0] == commands.AssertFalse { test += "! " } - test += "$(whoami) = \"" + command.Args[2] + "\"" + test += "$(whoami) = \"" + command.Args[2] + "\"" ephemeral.Args = append(ephemeral.Args, test) case "IS_INSTALLED": @@ -194,12 +194,23 @@ func Assert2Ephemeral(command *parser.Command) (*parser.Command, error) { if command.Args[0] == commands.AssertFalse { test += "! " } - test += isInstalledGeneric(command.Args[2]) + test += isInstalledGeneric(command.Args[2]) + ephemeral.Args = append(ephemeral.Args, test) + + case "IS_RUNNING": + if len(command.Args) != 3 { + return nil, fmt.Errorf("Condition %s accept one and only one argument (found %d)", "IS_RUNNING", len(command.Args)-2) + } + ephemeral.Args = append(ephemeral.Args, "bash", "-c") + test := "pidof " + if command.Args[0] == commands.AssertFalse { + test += "! " + } + test += command.Args[2] ephemeral.Args = append(ephemeral.Args, test) - default: - return nil, fmt.Errorf("Condition %s is not supported. Only %s, %s, %s and %s are currently supported. Please open an issue if you want to add support for it.", command.Args[1], "USER_EXISTS", "FILE_EXISTS", "CURRENT_USER_IS", "IS_INSTALLED") + return nil, fmt.Errorf("Condition %s is not supported. Only %s, %s, %s and %s are currently supported. Please open an issue if you want to add support for it.", command.Args[1], "USER_EXISTS", "FILE_EXISTS", "CURRENT_USER_IS", "IS_INSTALLED", "IS_RUNNING") } return ephemeral, nil @@ -222,10 +233,10 @@ func PrintTestsStats(stats *TestStats) { // func isInstalledDebian(packagename string) string { // return "\"$(dpkg-query -W -f='${Status}' " + -// packagename + +// packagename + // ")\" = \"install ok installed\"" // } func isInstalledGeneric(packagename string) string { - return "command -v \"" + packagename + "\" 1>/dev/null 2>&1" + return "command -v \"" + packagename + "\" 1>/dev/null 2>&1" } diff --git a/build/tester_test.go b/build/tester_test.go index 09b0e3d..c2c7103 100644 --- a/build/tester_test.go +++ b/build/tester_test.go @@ -25,8 +25,8 @@ func TestNewTester(t *testing.T) { t.Errorf("Failed to test file %s", tests) } - if blockNum := len(tests.testBlocks); blockNum != 7 { - t.Errorf("Expected 7 blocks, found %d", blockNum) + if blockNum := len(tests.testBlocks); blockNum != 8 { + t.Errorf("Expected 8 blocks, found %d", blockNum) } } @@ -40,15 +40,16 @@ func TestInjection(t *testing.T) { {Args: []string{"EPHEMERAL", "bash", "-c", "test ! -f /usr/local/tomcat/webapps/words"}}, {Args: []string{"COPY", "words", "/usr/local/tomcat/webapps/"}}, {Args: []string{"EPHEMERAL", "bash", "-c", "test -f /usr/local/tomcat/webapps/words"}}, - {Args: []string{"EPHEMERAL", "bash", "-c", "test $(whoami) = \"root\""}}, - {Args: []string{"USER", "mario"}}, - {Args: []string{"EPHEMERAL", "bash", "-c", "test $(whoami) = \"mario\""}}, -// {Args: []string{"EPHEMERAL", "bash", "-c", "test ! \"$(dpkg-query -W -f='${Status}' vim)\" = \"install ok installed\""}}, - {Args: []string{"EPHEMERAL", "bash", "-c", "! command -v \"vim\" 1>/dev/null 2>&1"}}, + // {Args: []string{"EPHEMERAL", "bash", "-c", "test ! \"$(dpkg-query -W -f='${Status}' vim)\" = \"install ok installed\""}}, + {Args: []string{"EPHEMERAL", "bash", "-c", "! command -v \"vim\" 1>/dev/null 2>&1"}}, {Args: []string{"RUN", "apt-get", "update", "&&", "apt-get", "install", "-y", "vim"}}, - {Args: []string{"EPHEMERAL", "bash", "-c", "command -v \"vim\" 1>/dev/null 2>&1"}}, -// {Args: []string{"EPHEMERAL", "bash", "-c", "test \"$(dpkg-query -W -f='${Status}' vim)\" = \"install ok installed\""}}, + {Args: []string{"EPHEMERAL", "bash", "-c", "command -v \"vim\" 1>/dev/null 2>&1"}}, + // {Args: []string{"EPHEMERAL", "bash", "-c", "test \"$(dpkg-query -W -f='${Status}' vim)\" = \"install ok installed\""}}, + {Args: []string{"EPHEMERAL", "bash", "-c", "test $(whoami) = \"root\""}}, + {Args: []string{"USER", "mario"}}, + {Args: []string{"EPHEMERAL", "bash", "-c", "test $(whoami) = \"mario\""}}, {Args: []string{"CMD", "catalina.sh", "run"}}, + {Args: []string{"EPHEMERAL", "bash", "-c", "pidof java"}}, } const ( diff --git a/build/testfile b/build/testfile index 414901a..0f8fae5 100644 --- a/build/testfile +++ b/build/testfile @@ -8,14 +8,17 @@ ASSERT_FALSE FILE_EXISTS '/usr/local/tomcat/webapps/words' @AFTER COPY_WORDS ASSERT_TRUE FILE_EXISTS '/usr/local/tomcat/webapps/words' +@BEFORE RUN_APT +ASSERT_FALSE IS_INSTALLED 'vim' + +@AFTER RUN_APT +ASSERT_TRUE IS_INSTALLED 'vim' + @BEFORE USER_MARIO ASSERT_TRUE CURRENT_USER_IS 'root' @AFTER USER_MARIO ASSERT_TRUE CURRENT_USER_IS 'mario' -@BEFORE RUN_APT -ASSERT_FALSE IS_INSTALLED 'vim' - -@AFTER RUN_APT -ASSERT_TRUE IS_INSTALLED 'vim' \ No newline at end of file +@AFTER CMD_CATALINA +ASSERT_TRUE IS_RUNNING 'java'