RepoMirrors
/
osquery-defense-kit
mirror of https://github.com/chainguard-dev/osquery-defense-kit
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add verify-ci Makefile rule

This commit is contained in:
Thomas Stromberg 2023-02-24 16:44:00 -05:00
parent 98be2abf1b
commit 39ad038c04
Failed to extract signature
3 changed files with 17 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
.github/workflows/ci.yml vendored
View File

@ -1,4 +1,4 @@
name: Go
name: verify
on:
push:
@ -11,18 +11,19 @@ jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: checkout
uses: actions/checkout@v3
- name: Set up Go
- name: setup-go
uses: actions/setup-go@v3
with:
go-version: 'stable'
- name: osquery
- name: setup-osquery
run: |
curl -LO https://pkg.osquery.io/deb/osquery_5.7.0-1.linux_amd64.deb
sudo dpkg -i osquery_5.7.0-1.linux_amd64.deb
- name: Verify
run: make verify
- name: verify
run: make verify-ci

10
Makefile
View File

@ -44,9 +44,17 @@ collection: ./out/osqtool-$(ARCH)
$(SUDO) ./out/osqtool-$(ARCH) run policy | tee $(COLLECT_DIR)/policy.txt
$(SUDO) ./out/osqtool-$(ARCH) run detection | tee $(COLLECT_DIR)/detection.txt
# Looser values for CI use
.PHONY: verify-ci
verify-ci: ./out/osqtool-$(ARCH)
$(SUDO) ./out/osqtool-$(ARCH) --max-results=150000 --max-query-duration=30s --max-total-daily-duration=90m verify incident_response
$(SUDO) ./out/osqtool-$(ARCH) --max-results=2 --max-query-duration=12s verify policy
$(SUDO) ./out/osqtool-$(ARCH) --max-results=15 --max-query-duration=12s --max-total-daily-duration=2h30m --max-query-daily-duration=1h verify detection
# Local verification
.PHONY: verify
verify: ./out/osqtool-$(ARCH)
$(SUDO) ./out/osqtool-$(ARCH) --max-results=150000 --max-query-duration=8s --max-total-daily-duration=90m verify incident_response
$(SUDO) ./out/osqtool-$(ARCH) --max-results=150000 --max-query-duration=15s --max-total-daily-duration=90m verify incident_response
$(SUDO) ./out/osqtool-$(ARCH) --max-results=0 --max-query-duration=6s verify policy
$(SUDO) ./out/osqtool-$(ARCH) --max-results=0 --max-query-duration=6s --max-total-daily-duration=2h30m --max-query-daily-duration=1h verify detection

2
README.md
View File

@ -1,6 +1,6 @@
# osquery-defense-kit
[![Actions Status](https://github.com/chainguard-dev/osquery-defense-kit/workflows/Go/badge.svg)](https://github.com/chainguard-dev/osquery-defense-kit/actions)
[![Actions Status](https://github.com/chainguard-dev/osquery-defense-kit/workflows/verify/badge.svg)](https://github.com/chainguard-dev/osquery-defense-kit/actions)
[![Latest Release](https://img.shields.io/github/v/release/chainguard-dev/osquery-defense-kit?include_prereleases)](https://github.com/chainguard-dev/osquery-defense-kit/releases/latest)
[![stable](https://badges.github.io/stability-badges/dist/stable.svg)](https://github.com/badges/stability-badges)