{"id":19556599,"url":"https://github.com/falcosecurity/kernel-testing","last_synced_at":"2025-04-26T22:33:09.403Z","repository":{"id":128777368,"uuid":"561813367","full_name":"falcosecurity/kernel-testing","owner":"falcosecurity","description":"Ansible playbooks to provision firecracker VMs and run Falco kernel tests","archived":false,"fork":false,"pushed_at":"2025-03-17T15:42:10.000Z","size":24741,"stargazers_count":12,"open_issues_count":1,"forks_count":6,"subscribers_count":4,"default_branch":"main","last_synced_at":"2025-04-04T18:12:00.725Z","etag":null,"topics":["ansible","ebpf","falco","firecracker","ignite","kernel","runtime-security","tests"],"latest_commit_sha":null,"homepage":"https://falcosecurity.github.io/libs/matrix/","language":"Dockerfile","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/falcosecurity.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2022-11-04T14:49:30.000Z","updated_at":"2025-03-30T14:19:31.000Z","dependencies_parsed_at":"2024-01-30T11:44:41.878Z","dependency_job_id":"3a1cd5ae-0c0a-4ff1-80b4-f41b6a54a1a4","html_url":"https://github.com/falcosecurity/kernel-testing","commit_stats":null,"previous_names":["alacuku/kernel-testing","falcosecurity/kernel-testing"],"tags_count":8,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/falcosecurity%2Fkernel-testing","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/falcosecurity%2Fkernel-testing/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/falcosecurity%2Fkernel-testing/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/falcosecurity%2Fkernel-testing/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/falcosecurity","download_url":"https://codeload.github.com/falcosecurity/kernel-testing/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":251063667,"owners_count":21530837,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ansible","ebpf","falco","firecracker","ignite","kernel","runtime-security","tests"],"created_at":"2024-11-11T04:38:30.640Z","updated_at":"2025-04-26T22:33:06.133Z","avatar_url":"https://github.com/falcosecurity.png","language":"Dockerfile","readme":"[![Falco kernel tests Repository](https://github.com/falcosecurity/evolution/blob/main/repos/badges/falco-infra-blue.svg)](https://github.com/falcosecurity/evolution/blob/main/REPOSITORIES.md#infra-scope) \n[![Incubating](https://img.shields.io/badge/status-incubating-orange?style=for-the-badge)](https://github.com/falcosecurity/evolution/blob/main/REPOSITORIES.md#incubating)\n![Architectures](https://img.shields.io/badge/ARCHS-x86__64%7Caarch64-blueviolet?style=for-the-badge)\n[![Latest release](https://img.shields.io/github/v/release/falcosecurity/kernel-testing?style=for-the-badge)](https://github.com/falcosecurity/kernel-testing/releases/latest)\n\n# Falco drivers tests\n\nThis repository automatically runs Falco [scap-open](https://github.com/falcosecurity/libs/tree/master/userspace/libscap/examples/01-open) binary on all supported drivers through Ansible, spawning Firecracker microVMs to test Falco drivers against multiple kernels.  \nYou can find list of machines being used [here](./ansible-playbooks/group_vars/all/vars.yml#L18).\n\n## Prerequisites\n\n* Install [Ansible](https://docs.ansible.com/ansible/latest/installation_guide/intro_installation.html)\n* Install [Ignite](https://ignite.readthedocs.io/en/stable/installation/) from `therealbobo` fork (use `main` branch): https://github.com/therealbobo/ignite; just issue `make` and then `sudo make install` to install everything needed under `/usr/local/`.\n* Install ignite CNI plugins by following this guide: https://ignite.readthedocs.io/en/stable/installation/#cni-plugins:\n```bash\nexport CNI_VERSION=v0.9.1\nexport ARCH=$([ $(uname -m) = \"x86_64\" ] \u0026\u0026 echo amd64 || echo arm64)\nsudo mkdir -p /opt/cni/bin\ncurl -sSL https://github.com/containernetworking/plugins/releases/download/${CNI_VERSION}/cni-plugins-linux-${ARCH}-${CNI_VERSION}.tgz | sudo tar -xz -C /opt/cni/bin\n```\n\n## Configure\n\nIt is advised to avoid directly modifying [`vars.yml`](ansible-playbooks/group_vars/all/vars.yml) file;  \ninstead one can create a local vars.yml file to override keys from the default vars.  \n\nThe only mandatory thing to be configured is an ssh key pair:\n```yml\n#Path to the generated SSH private key file\nssh_key_path: \"\" # \u003c-- Replace here with the key path\nssh_key_name: \"\" # \u003c-- Replace here with the key name\n```\n## Run\n\nFrom the `ansible-playbooks` directory you can run tests on all machines by typing:\n\n```bash\nansible-playbook main-playbook.yml --ask-become --extra-vars \"@/path/to/local/vars.yaml\"\n```\n\nTo rerun tests:\n\n```bash\nansible-playbook scap-open.yml --ask-become --extra-vars \"@/path/to/local/vars.yaml\"\n```\n\nTo cleanup all machines\n\n```bash\nansible-playbook clean-up.yml --ask-become --extra-vars \"@/path/to/local/vars.yaml\"\n```\n\n## CI Usage\n\nTo better suit the CI usage, a [Github composite action](https://docs.github.com/en/actions/creating-actions/creating-a-composite-action) has been developed.  \nTherefore, running kernel-testing in your Github workflow is as easy as adding this step:\n```\n- uses: falcosecurity/kernel-testing@main\n  # Give it an id to be able to later use its outputs\n  id: kernel_tests\n  with:\n    # libs version to be tested, eg: master.\n    # Default: 'master'\n    libsversion: master\n    \n    # libs repo to be tested, eg: falcosecurity/libs.\n    # Default: 'falcosecurity/libs'\n    libsrepo: falcosecurity/libs\n    \n    # Whether to generate matrixes as matrix artifact.\n    # Default: false\n    build_matrix: 'true'\n```\nThen you can use action outputs to retrieve artifacts:\n```\n- uses: actions/upload-artifact@latest\n  with:\n    name: ansible_output\n    path: ${{ steps.kernel_tests.outputs.ansible_output }}\n        \n- uses: actions/upload-artifact@latest\n  with:\n    name: matrix\n    path: ${{ steps.kernel_tests.outputs.matrix_output }}\n```\n\nAs an example, see [libs reusable workflow](https://github.com/falcosecurity/libs/blob/master/.github/workflows/reusable_kernel_tests.yaml).\n\n\u003e __NOTE:__ Since we don't use annotated tags, one cannot use eg: falcosecurity/kernel-testing@v0, but only either exact tag name or master.\n\n\u003e __NOTE:__ Of course, you'll need to run your tests on virtualization-enabled nodes.\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ffalcosecurity%2Fkernel-testing","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ffalcosecurity%2Fkernel-testing","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ffalcosecurity%2Fkernel-testing/lists"}