From 39ad038c041b8e2c159ffbbf55b70d1b7dfef20b Mon Sep 17 00:00:00 2001 From: Thomas Stromberg Date: Fri, 24 Feb 2023 16:44:00 -0500 Subject: [PATCH] Add verify-ci Makefile rule --- .github/workflows/ci.yml | 13 +++++++------ Makefile | 10 +++++++++- README.md | 2 +- 3 files changed, 17 insertions(+), 8 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 71f2f61..d2d659b 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -1,4 +1,4 @@ -name: Go +name: verify on: push: @@ -11,18 +11,19 @@ jobs: build: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - name: checkout + uses: actions/checkout@v3 - - name: Set up Go + - name: setup-go uses: actions/setup-go@v3 with: go-version: 'stable' - - name: osquery + - name: setup-osquery run: | curl -LO https://pkg.osquery.io/deb/osquery_5.7.0-1.linux_amd64.deb sudo dpkg -i osquery_5.7.0-1.linux_amd64.deb - - name: Verify - run: make verify + - name: verify + run: make verify-ci diff --git a/Makefile b/Makefile index 273db2b..32a6fea 100644 --- a/Makefile +++ b/Makefile @@ -44,9 +44,17 @@ collection: ./out/osqtool-$(ARCH) $(SUDO) ./out/osqtool-$(ARCH) run policy | tee $(COLLECT_DIR)/policy.txt $(SUDO) ./out/osqtool-$(ARCH) run detection | tee $(COLLECT_DIR)/detection.txt +# Looser values for CI use +.PHONY: verify-ci +verify-ci: ./out/osqtool-$(ARCH) + $(SUDO) ./out/osqtool-$(ARCH) --max-results=150000 --max-query-duration=30s --max-total-daily-duration=90m verify incident_response + $(SUDO) ./out/osqtool-$(ARCH) --max-results=2 --max-query-duration=12s verify policy + $(SUDO) ./out/osqtool-$(ARCH) --max-results=15 --max-query-duration=12s --max-total-daily-duration=2h30m --max-query-daily-duration=1h verify detection + +# Local verification .PHONY: verify verify: ./out/osqtool-$(ARCH) - $(SUDO) ./out/osqtool-$(ARCH) --max-results=150000 --max-query-duration=8s --max-total-daily-duration=90m verify incident_response + $(SUDO) ./out/osqtool-$(ARCH) --max-results=150000 --max-query-duration=15s --max-total-daily-duration=90m verify incident_response $(SUDO) ./out/osqtool-$(ARCH) --max-results=0 --max-query-duration=6s verify policy $(SUDO) ./out/osqtool-$(ARCH) --max-results=0 --max-query-duration=6s --max-total-daily-duration=2h30m --max-query-daily-duration=1h verify detection diff --git a/README.md b/README.md index 93d0a42..8b5b584 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ # osquery-defense-kit -[![Actions Status](https://github.com/chainguard-dev/osquery-defense-kit/workflows/Go/badge.svg)](https://github.com/chainguard-dev/osquery-defense-kit/actions) +[![Actions Status](https://github.com/chainguard-dev/osquery-defense-kit/workflows/verify/badge.svg)](https://github.com/chainguard-dev/osquery-defense-kit/actions) [![Latest Release](https://img.shields.io/github/v/release/chainguard-dev/osquery-defense-kit?include_prereleases)](https://github.com/chainguard-dev/osquery-defense-kit/releases/latest) [![stable](https://badges.github.io/stability-badges/dist/stable.svg)](https://github.com/badges/stability-badges)