search

chainguard-dev / malcontent

detect malicious program behaviors
Apache License 2.0
407 stars 26 forks source link

Cache bincapz-samples repository to speed up subsequent tests #448

Closed egibs closed 2 weeks ago

egibs commented 2 weeks ago

Closes: #445

Repeatedly cloning the bincapz-samples directory (which is >150MB) wastes a lot of time. This PR attempts to cache the output in out/ so that subsequent test runs do not need to re-clone the entire repository.

First run:

$ make test
mkdir -p out
git clone git@github.com:chainguard-dev/bincapz-samples.git out/samples-bdcb8c2e9bf557a0abe3e2b0144f437d456299b7
Cloning into 'out/samples-bdcb8c2e9bf557a0abe3e2b0144f437d456299b7'...
remote: Enumerating objects: 267, done.
remote: Counting objects: 100% (48/48), done.
remote: Compressing objects: 100% (44/44), done.
remote: Total 267 (delta 5), reused 35 (delta 2), pack-reused 219 (from 1)
Receiving objects: 100% (267/267), 157.86 MiB | 1.15 MiB/s, done.
Resolving deltas: 100% (22/22), done.
pushd out/samples-bdcb8c2e9bf557a0abe3e2b0144f437d456299b7; git checkout bdcb8c2e9bf557a0abe3e2b0144f437d456299b7; popd
~/repos/chainguard-dev/bincapz/out/samples-bdcb8c2e9bf557a0abe3e2b0144f437d456299b7 ~/repos/chainguard-dev/bincapz
Note: switching to 'bdcb8c2e9bf557a0abe3e2b0144f437d456299b7'.

You are in 'detached HEAD' state. You can look around, make experimental
changes and commit them, and you can discard any commits you make in this
state without impacting any branches by switching back to a branch.

If you want to create a new branch to retain commits you create, you may
do so (now or later) by using -c with the switch command. Example:

  git switch -c <new-branch-name>

Or undo this operation with:

  git switch -

Turn off this advice by setting config variable advice.detachedHead to false

HEAD is now at bdcb8c2 Add samples for: Darkcracks, helmet-validate, noblox, aspdasdksa2 (#4)
~/repos/chainguard-dev/bincapz
rm -rf samples; cp -a out/samples-bdcb8c2e9bf557a0abe3e2b0144f437d456299b7 samples/
cp -a test_data/. samples/
for file in caddy.xz chezmoi.xz minio_x86_64.xz mongosh.xz neuvector_agent_aarch64.xz opa.xz ; do \
        tar -xJvf samples/linux/clean/$file -C samples/linux/clean; \
    done
x caddy
x chezmoi
x minio.x86_64
x mongosh
x neuvector-agent.aarch64
x opa
tar -xJvf samples/macOS/clean/bincapz.xz -C samples/macOS/clean
x bincapz
go test github.com/chainguard-dev/bincapz github.com/chainguard-dev/bincapz/out/samples-bdcb8c2e9bf557a0abe3e2b0144f437d456299b7/does-nothing github.com/chainguard-dev/bincapz/pkg/action github.com/chainguard-dev/bincapz/pkg/bincapz github.com/chainguard-dev/bincapz/pkg/compile github.com/chainguard-dev/bincapz/pkg/profile github.com/chainguard-dev/bincapz/pkg/render github.com/chainguard-dev/bincapz/pkg/report github.com/chainguard-dev/bincapz/pkg/version github.com/chainguard-dev/bincapz/rules github.com/chainguard-dev/bincapz/samples github.com/chainguard-dev/bincapz/samples/does-nothing github.com/chainguard-dev/bincapz/third_party
?       github.com/chainguard-dev/bincapz   [no test files]
?       github.com/chainguard-dev/bincapz/out/samples-bdcb8c2e9bf557a0abe3e2b0144f437d456299b7/does-nothing [no test files]
?       github.com/chainguard-dev/bincapz/pkg/bincapz   [no test files]
?       github.com/chainguard-dev/bincapz/pkg/compile   [no test files]
?       github.com/chainguard-dev/bincapz/pkg/render    [no test files]
?       github.com/chainguard-dev/bincapz/pkg/version   [no test files]
?       github.com/chainguard-dev/bincapz/rules [no test files]
ok      github.com/chainguard-dev/bincapz/pkg/action    (cached)
ok      github.com/chainguard-dev/bincapz/pkg/profile   (cached)
ok      github.com/chainguard-dev/bincapz/pkg/report    (cached)
?       github.com/chainguard-dev/bincapz/samples/does-nothing  [no test files]
?       github.com/chainguard-dev/bincapz/third_party   [no test files]
ok      github.com/chainguard-dev/bincapz/samples   56.764s

Subsequent runs:

$ make test
rm -rf samples; cp -a out/samples-bdcb8c2e9bf557a0abe3e2b0144f437d456299b7 samples/
cp -a test_data/. samples/
for file in caddy.xz chezmoi.xz minio_x86_64.xz mongosh.xz neuvector_agent_aarch64.xz opa.xz ; do \
        tar -xJvf samples/linux/clean/$file -C samples/linux/clean; \
    done
x caddy
x chezmoi
x minio.x86_64
x mongosh
x neuvector-agent.aarch64
x opa
tar -xJvf samples/macOS/clean/bincapz.xz -C samples/macOS/clean
x bincapz
go test github.com/chainguard-dev/bincapz github.com/chainguard-dev/bincapz/out/samples-bdcb8c2e9bf557a0abe3e2b0144f437d456299b7/does-nothing github.com/chainguard-dev/bincapz/pkg/action github.com/chainguard-dev/bincapz/pkg/bincapz github.com/chainguard-dev/bincapz/pkg/compile github.com/chainguard-dev/bincapz/pkg/profile github.com/chainguard-dev/bincapz/pkg/render github.com/chainguard-dev/bincapz/pkg/report github.com/chainguard-dev/bincapz/pkg/version github.com/chainguard-dev/bincapz/rules github.com/chainguard-dev/bincapz/samples github.com/chainguard-dev/bincapz/samples/does-nothing github.com/chainguard-dev/bincapz/third_party
?       github.com/chainguard-dev/bincapz   [no test files]
?       github.com/chainguard-dev/bincapz/out/samples-bdcb8c2e9bf557a0abe3e2b0144f437d456299b7/does-nothing [no test files]
?       github.com/chainguard-dev/bincapz/pkg/bincapz   [no test files]
?       github.com/chainguard-dev/bincapz/pkg/compile   [no test files]
?       github.com/chainguard-dev/bincapz/pkg/render    [no test files]
?       github.com/chainguard-dev/bincapz/pkg/version   [no test files]
?       github.com/chainguard-dev/bincapz/rules [no test files]
ok      github.com/chainguard-dev/bincapz/pkg/action    (cached)
ok      github.com/chainguard-dev/bincapz/pkg/profile   (cached)
ok      github.com/chainguard-dev/bincapz/pkg/report    (cached)
?       github.com/chainguard-dev/bincapz/samples/does-nothing  [no test files]
?       github.com/chainguard-dev/bincapz/third_party   [no test files]
ok      github.com/chainguard-dev/bincapz/samples   55.816s
tstromberg commented 2 weeks ago

merging so I can work on bincapz without wifi :)