Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Added more tests to test_whitelist.py #565

Merged
merged 232 commits into from
Jun 4, 2024
Merged

Added more tests to test_whitelist.py #565

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
232 commits
Select commit Hold shift + click to select a range
f782e63
Update CI-production-testing.yml
Sekhar-Kumar-Dash Apr 8, 2024
63f255f
Update test_profiler.py
Sekhar-Kumar-Dash Apr 9, 2024
163bd45
Update threat_intelligence.py
Sekhar-Kumar-Dash Apr 10, 2024
14a075a
Merge branch 'develop' into patch-8
Sekhar-Kumar-Dash Apr 10, 2024
d89cec3
Update CI-production-testing.yml
Sekhar-Kumar-Dash Apr 13, 2024
1ce613d
Update CI-staging.yml
Sekhar-Kumar-Dash Apr 13, 2024
fe43dce
Update requirements.txt
Sekhar-Kumar-Dash Apr 13, 2024
5dcbb7c
Merge pull request #561 from stratosphereips/develop
AlyaGomaa Apr 16, 2024
033f103
Update CI-production-testing.yml
Sekhar-Kumar-Dash Apr 8, 2024
189024f
Update CI-production-testing.yml
Sekhar-Kumar-Dash Apr 13, 2024
43d387e
Update CI-staging.yml
Sekhar-Kumar-Dash Apr 13, 2024
0245b43
Update requirements.txt
Sekhar-Kumar-Dash Apr 13, 2024
50dbbee
run pre-commit hooks
AlyaGomaa Apr 17, 2024
6b1e4a3
CI-staging: run on PR to develop
AlyaGomaa Apr 17, 2024
b32cb6d
require the steps followed to test the PR in pull_request_template.md
AlyaGomaa Apr 9, 2024
68043e9
exporting_alerts.py: when there's no slack bot token log it with debu…
AlyaGomaa Apr 5, 2024
cd1ef22
add files with API keys/tokens to .dockerignore
AlyaGomaa Apr 5, 2024
f23dacb
add a test workflow for testing publishing p2p and ubuntu image using CI
AlyaGomaa Apr 5, 2024
0a0522c
dont install black library in docker because of its dependency confli…
AlyaGomaa Apr 5, 2024
3016667
test-publishing: clone slips with submodules in order for the dockerf…
AlyaGomaa Apr 5, 2024
e98aed1
dataset: dont ignore logfiles in the dataset/ dir
AlyaGomaa Apr 8, 2024
00eadf6
delete test-publishing.yml
AlyaGomaa Apr 9, 2024
3140cb9
add files with API keys/tokens to .dockerignore
AlyaGomaa Apr 5, 2024
3b25efa
add a test workflow for testing publishing p2p and ubuntu image using CI
AlyaGomaa Apr 5, 2024
d96f045
test-publishing: clone slips with submodules in order for the dockerf…
AlyaGomaa Apr 5, 2024
c42da6d
dataset: dont ignore logfiles in the dataset/ dir
AlyaGomaa Apr 8, 2024
11b36d3
delete test-publishing.yml
AlyaGomaa Apr 9, 2024
49a7775
daemon: use Locks to determine if another instance of the daemon is r…
AlyaGomaa Apr 15, 2024
f5ebead
daemon: don't call shotdown_gracefully on stop(), instead, signal the…
AlyaGomaa Apr 15, 2024
f229ba1
process_manager.py: explain what populates self.processes and why the…
AlyaGomaa Apr 15, 2024
aee8ff5
process_manager.py: add a function to check which print to use, the d…
AlyaGomaa Apr 15, 2024
1504484
slips: better handling of different error msgs returned by the daemon
AlyaGomaa Apr 15, 2024
9ae86cd
Ti feeds: remove smaphaus edrop.txt TI feed as its been merged to spa…
AlyaGomaa Apr 16, 2024
12dc777
update changelog
AlyaGomaa Apr 16, 2024
5838e83
Bump slips version to 1.0.13
AlyaGomaa Apr 16, 2024
6f94a14
whitelist: early return from is_part_of_a_whitelisted_org() if given …
AlyaGomaa Apr 16, 2024
e97c869
whitelist: convert all ASNs shipped with slips to uppercase
AlyaGomaa Apr 16, 2024
3507c20
whitelist: convert asns to uppercase before comparing with the asns …
AlyaGomaa Apr 16, 2024
ce9e283
whitelist: dont whitelist domain if it has a whitelisted organization…
AlyaGomaa Apr 16, 2024
7ec2f7b
whitelist: put the most famous domain/sld of each org at the top of t…
AlyaGomaa Apr 16, 2024
e6bf3d7
threat_intelligence.py: add a Victim field to "Blacklisted IP" evidence
AlyaGomaa Apr 16, 2024
4258230
threat_intelligence.py: split long lines
AlyaGomaa Apr 16, 2024
6d9dbff
threat_intelligence.py: add victim fields to most evidence
AlyaGomaa Apr 16, 2024
d718d18
CC: add victim fields to CC evidence
AlyaGomaa Apr 16, 2024
10a1930
whitelist.conf: whitelist microsoft alerts by default
AlyaGomaa Apr 16, 2024
5979455
threat_intelligence.py: add a victim field to "blacklisted CNAME" evi…
AlyaGomaa Apr 16, 2024
4deaa58
Integration test: add an incompatible CN flow while connecting to a s…
AlyaGomaa Apr 16, 2024
3b88205
update macos requirements.txt with install/requirements.txt
AlyaGomaa Apr 16, 2024
af2a00b
update slips.gif
AlyaGomaa Apr 16, 2024
5496c98
CI-production-testing.yml: don't install black as it has conflicts wi…
AlyaGomaa Apr 16, 2024
c83eebd
CI-production-testing.yml: fix "installing Python dependencies" commands
AlyaGomaa Apr 16, 2024
5b46ca7
CI-publishing.yml: clone slips with submodules when building p2p image
AlyaGomaa Apr 16, 2024
41ee2e6
Update branch with the latest develop
AlyaGomaa Apr 17, 2024
095f679
CI-staging: exclude black when installing slips dependencies due to c…
AlyaGomaa Apr 17, 2024
60df310
CI-staging: fix problem running multiple cmds in the "Install Python …
AlyaGomaa Apr 17, 2024
3c42045
Updated and added more tests to test_flow_handler.py
Sekhar-Kumar-Dash Apr 18, 2024
e93267f
document minimum slips RAM requirements and add mem and cpu limits to…
AlyaGomaa Apr 18, 2024
4cf3923
contributing.md: add a section for rejected PRs
AlyaGomaa Apr 18, 2024
c2b228a
contributing.md: add that new contributors should fork slips before c…
AlyaGomaa Apr 18, 2024
59b3862
Added more tests to test_whitelist.py
Sekhar-Kumar-Dash Apr 19, 2024
9c0fa84
Merge pull request #557 from Sekhar-Kumar-Dash/patch-8
AlyaGomaa Apr 19, 2024
74324d7
Merge remote-tracking branch 'origin/develop' into develop
AlyaGomaa Apr 19, 2024
ceed41d
CI-staging: don't run coverage on integration tests
AlyaGomaa Apr 19, 2024
9f4d4ec
Merge pull request #522 from Sekhar-Kumar-Dash/patch-6
AlyaGomaa Apr 19, 2024
92892bf
added proper path for whitelist.py
Sekhar-Kumar-Dash Apr 19, 2024
f5cb9c1
vertical_portscan.py: delete the logic for combining evidence and
AlyaGomaa Apr 19, 2024
3f6db9c
removed coverage test for config files and fixed typo in slips test
Sekhar-Kumar-Dash Apr 19, 2024
7e36ede
vertical_portscan.py: smaller methods
AlyaGomaa Apr 19, 2024
53bd0a9
horizontal_portscan.py: don't combine evidene and use the threshold i…
AlyaGomaa Apr 19, 2024
81beae8
horizontal_portscan.py: update portscans unit tests
AlyaGomaa Apr 19, 2024
dd2160c
horizontal_portscan.py: remove the logic for combining evidence
AlyaGomaa Apr 19, 2024
783e2c5
portscans: akways report if no past evidence to compare with
AlyaGomaa Apr 19, 2024
07cf5a8
fixed all the typos and added more specific coverage
Sekhar-Kumar-Dash Apr 19, 2024
60d01ff
Update the tests for the recent version of the code
Sekhar-Kumar-Dash Apr 19, 2024
bee5121
Made similar changes to CI-production workflow
Sekhar-Kumar-Dash Apr 19, 2024
1ede35f
portscans: update unit tests
AlyaGomaa Apr 19, 2024
b7bce81
Merge pull request #566 from stratosphereips/alya_optimize_combining_…
AlyaGomaa Apr 21, 2024
a9ea580
Update README.md
eldraco Apr 22, 2024
421dadb
Merge pull request #570 from stratosphereips/eldraco-patch-1
AlyaGomaa Apr 22, 2024
8497a31
fixed typo in vertical portscans test
Sekhar-Kumar-Dash Apr 22, 2024
c58883e
fixed typo in vertical portscan
Sekhar-Kumar-Dash Apr 22, 2024
1d1d49d
updated and added more tests to test_http_analyzer
Sekhar-Kumar-Dash Apr 23, 2024
467e099
Merge pull request #518 from Sekhar-Kumar-Dash/patch-4
AlyaGomaa Apr 24, 2024
c2b2899
split long lines
AlyaGomaa Apr 24, 2024
6725fab
fixed long lines
Sekhar-Kumar-Dash Apr 24, 2024
ba48e71
used asdict and fixed long lines
Sekhar-Kumar-Dash Apr 24, 2024
adc125f
set the remote branch of feel_project submodule to main
AlyaGomaa Apr 26, 2024
f1e19b6
set the remote branch of iris submodule to main
AlyaGomaa Apr 26, 2024
c96e811
docs: use -j in the cmd for installing slips with submodules
AlyaGomaa Apr 26, 2024
21258bc
db: only overwrite redis config file when the dafault options should …
AlyaGomaa Apr 26, 2024
c2c2c89
portscans: dont call combine_evidence
AlyaGomaa Apr 26, 2024
e2dbcde
Merge pull request #575 from stratosphereips/alya/check_why_redis_con…
AlyaGomaa Apr 28, 2024
b30dfa2
tests: update the path of module_factory
AlyaGomaa Apr 29, 2024
876d44b
Merge pull request #563 from Sekhar-Kumar-Dash/patch-9
AlyaGomaa Apr 29, 2024
19f3bca
Add Exporter interface
AlyaGomaa Apr 29, 2024
1f8e1f0
Imodule: force name, description, authors attributes in all modules
AlyaGomaa Apr 29, 2024
2d9bd11
Add slack exporter class
AlyaGomaa Apr 29, 2024
849531d
exporting_alerts.py: use SlackExporter class
AlyaGomaa Apr 29, 2024
2047bbc
Add a StixExporter class
AlyaGomaa Apr 29, 2024
213e745
exporting_alerts.py: use StixExporter class
AlyaGomaa Apr 29, 2024
ba3059d
exporting_alerts.py: remove_sensitive_info before exporting evidence
AlyaGomaa Apr 29, 2024
427c9f1
metadata_manager.py: add the cmd used to metadata/info
AlyaGomaa Apr 29, 2024
b805c91
flowalerts: fix reversed comments in detect_incompatible_CN()
AlyaGomaa Apr 29, 2024
3f8ece5
Merge pull request #577 from stratosphereips/alya/print_the_used_cmd_…
AlyaGomaa Apr 30, 2024
18adaab
Merge pull request #576 from stratosphereips/alya/check_exporting_of_…
AlyaGomaa Apr 30, 2024
932da7e
Added more tests to test_whitelist.py
Sekhar-Kumar-Dash Apr 19, 2024
4911dae
Update the tests for the recent version of the code
Sekhar-Kumar-Dash Apr 19, 2024
7e884f5
Merge remote-tracking branch 'Sekhar-Kumar-Dash/patch-10' into fork/p…
AlyaGomaa Apr 30, 2024
d023f0e
removed duplicates from test_http_analyzer.py
Sekhar-Kumar-Dash Apr 30, 2024
e22b866
db: add docs about where flows with timestamps == the start or end ti…
AlyaGomaa May 8, 2024
7b2cdec
remove dead code
AlyaGomaa May 13, 2024
4f837b3
Merge pull request #580 from stratosphereips/alya/fix_storing_timesta…
AlyaGomaa May 13, 2024
531cf06
update CHANGELOG.md
AlyaGomaa May 15, 2024
b7696d8
Bump slips version to 1.0.14
AlyaGomaa May 15, 2024
5bf4a3f
update slips.gif to use slips v1.0.14
AlyaGomaa May 15, 2024
da15859
installation: update instructions for building the docker image. [ski…
AlyaGomaa May 15, 2024
333a8e7
CI-prod: fix error finding test_vertical_portscan.py
AlyaGomaa May 15, 2024
3a1ca1c
Merge pull request #581 from stratosphereips/develop
AlyaGomaa May 15, 2024
5953190
CI-publishing: increase timeout for publishing ubuntu-image
AlyaGomaa May 15, 2024
dc831ff
CI-publishing: increase swap size for publishing ubuntu-image
AlyaGomaa May 15, 2024
cd29df0
CI-publishing: increase swap size for publishing ubuntu-image and Max…
AlyaGomaa May 15, 2024
28c0395
temporarily publish ubuntu image on push to this branch
AlyaGomaa May 15, 2024
a401622
ubunut-image: use apt-transport-https for adding an https source to s…
AlyaGomaa May 15, 2024
05e08ea
CI-publishing: use no-cache when building ubuntu docker image
AlyaGomaa May 15, 2024
d144b0b
CI-publishing: temporarily use the cur branch for building ubuntu image
AlyaGomaa May 15, 2024
8e4c69f
CI-publishing: use build-push-action@v5 instead of v3
AlyaGomaa May 15, 2024
1202058
Dockerfile: remove all apt dependencies that are not used by slips, e…
AlyaGomaa May 15, 2024
1210b56
ci-publishing: temporarily disable macos img building
AlyaGomaa May 15, 2024
ad2cc54
ci-publishing: add workaround to free up some space
AlyaGomaa May 15, 2024
900b1cc
ubuntu-image: remove deleted apt dependencies
AlyaGomaa May 15, 2024
0ec9be7
test if CI publishing of ubunutu image is working
AlyaGomaa May 15, 2024
13e7920
uncomment the rest of the ci file
AlyaGomaa May 15, 2024
ffaa02f
refactor test_extract_info_from_UA_valid()
AlyaGomaa May 23, 2024
03ab1bf
delete duplicate test_extract_info_from_UA_valid()
AlyaGomaa May 23, 2024
ecea753
http: use lowercase in most function names
AlyaGomaa May 23, 2024
c695b3b
tes_http_analyzer: refactor
AlyaGomaa May 23, 2024
8fb9fb6
disable exporting to slack by default [skip-ci]
AlyaGomaa May 23, 2024
9215805
CI-publishing: comment out macos image from the matrix
AlyaGomaa May 23, 2024
4857ef9
CI-publishing: uncomment the rest of the file
AlyaGomaa May 23, 2024
71a089a
CI-publishing: delete dependency image from container once published …
AlyaGomaa May 23, 2024
e418421
CI-publishing: delete dependency image from container once published …
AlyaGomaa May 23, 2024
89a6b2f
CI-publishing: delete docker images from container once published. an…
AlyaGomaa May 23, 2024
0e0cd19
CI-publishing: fix indentation err
AlyaGomaa May 23, 2024
a9fd175
CI-publishing: undo deleting published docker images as each job runs…
AlyaGomaa May 23, 2024
22deaed
CI-publishing: enable verbose debugging when building and pushing doc…
AlyaGomaa May 23, 2024
1464f5c
CI-publishing: try ubuntu-latest runner instead of ubuntu-20.04
AlyaGomaa May 23, 2024
58126ea
CI: more consistent job names
AlyaGomaa May 24, 2024
21c3c07
CI-publishing: undo all the changes made for testing
AlyaGomaa May 24, 2024
489cc62
CI-publishing: increase timeout for publishing ubuntu-image
AlyaGomaa May 15, 2024
b700155
CI-publishing: increase swap size for publishing ubuntu-image
AlyaGomaa May 15, 2024
6956797
CI-publishing: increase swap size for publishing ubuntu-image and Max…
AlyaGomaa May 15, 2024
886c329
temporarily publish ubuntu image on push to this branch
AlyaGomaa May 15, 2024
efc305d
ubunut-image: use apt-transport-https for adding an https source to s…
AlyaGomaa May 15, 2024
bd55bc8
CI-publishing: use no-cache when building ubuntu docker image
AlyaGomaa May 15, 2024
fe37ceb
CI-publishing: temporarily use the cur branch for building ubuntu image
AlyaGomaa May 15, 2024
fa7b38a
CI-publishing: use build-push-action@v5 instead of v3
AlyaGomaa May 15, 2024
7c68dc6
Dockerfile: remove all apt dependencies that are not used by slips, e…
AlyaGomaa May 15, 2024
84e67ca
ci-publishing: temporarily disable macos img building
AlyaGomaa May 15, 2024
ba61a3b
ci-publishing: add workaround to free up some space
AlyaGomaa May 15, 2024
761c837
ubuntu-image: remove deleted apt dependencies
AlyaGomaa May 15, 2024
0da70f0
test if CI publishing of ubunutu image is working
AlyaGomaa May 15, 2024
a884d04
uncomment the rest of the ci file
AlyaGomaa May 15, 2024
e96784e
CI-publishing: comment out macos image from the matrix
AlyaGomaa May 23, 2024
b197ce6
CI-publishing: uncomment the rest of the file
AlyaGomaa May 23, 2024
c6b71aa
CI-publishing: delete dependency image from container once published …
AlyaGomaa May 23, 2024
2d99123
CI-publishing: delete dependency image from container once published …
AlyaGomaa May 23, 2024
366ee61
CI-publishing: delete docker images from container once published. an…
AlyaGomaa May 23, 2024
e12297f
CI-publishing: fix indentation err
AlyaGomaa May 23, 2024
0c37049
CI-publishing: undo deleting published docker images as each job runs…
AlyaGomaa May 23, 2024
c63c60f
CI-publishing: enable verbose debugging when building and pushing doc…
AlyaGomaa May 23, 2024
db4aabb
CI-publishing: try ubuntu-latest runner instead of ubuntu-20.04
AlyaGomaa May 23, 2024
6bf587c
CI: more consistent job names
AlyaGomaa May 24, 2024
e87ca0a
CI-publishing: undo all the changes made for testing
AlyaGomaa May 24, 2024
392f538
Merge remote-tracking branch 'origin/alya/fix-publishing-docker-image…
AlyaGomaa May 24, 2024
657682b
delete the conda env file [skip-ci]
AlyaGomaa May 24, 2024
b2b75a2
timeline: handle the web interface displaying "failed" as the protoco…
AlyaGomaa May 24, 2024
f8483ef
Merge pull request #582 from stratosphereips/alya/fix-publishing-dock…
AlyaGomaa May 24, 2024
836795b
read the web interface port from slips.conf
AlyaGomaa May 24, 2024
71ac3ad
add web interface port from to test config files
AlyaGomaa May 24, 2024
fd54281
webinterface: set the host to "127.0.0.1" when running inside a conta…
AlyaGomaa May 24, 2024
ce9e239
change slips threshold to 3.86
AlyaGomaa May 24, 2024
c107b09
webinterface: alwys use "0.0.0.0" as the host even in docker
AlyaGomaa May 24, 2024
cd4a9fd
webinterface: print a warning that the port will stay open unless its…
AlyaGomaa May 24, 2024
07d8df8
popups: show only alert description instead of all evidence inside of…
AlyaGomaa May 24, 2024
764b5ab
delete azure from microsoft domains [skip-ci]
AlyaGomaa May 24, 2024
e39cb35
Merge pull request #584 from stratosphereips/alya/fix-popups
AlyaGomaa May 24, 2024
984df37
Merge pull request #583 from stratosphereips/alya/fix_failing_to_reco…
AlyaGomaa May 25, 2024
3039c68
Updated test_http_analyzer.py
Sekhar-Kumar-Dash May 27, 2024
9d8f4ba
add an interface for flowalerts helpers
AlyaGomaa May 27, 2024
ea8309c
flowalerts: move all dns logic to flowalerts/dns.py
AlyaGomaa May 27, 2024
25909ae
flowalerts: move all notice.log logic to flowalerts/notice.py
AlyaGomaa May 27, 2024
c309f0a
flowalerts: move all smtp logic to flowalerts/smtp.py
AlyaGomaa May 27, 2024
b07b0bc
flowalerts: move all ssl logic to flowalerts/ssl.py
AlyaGomaa May 27, 2024
09a4caa
flowalerts: move all new software logic to flowalerts/software.py
AlyaGomaa May 27, 2024
772113c
flowalerts: move all ssh logic to flowalerts/ssh.py
AlyaGomaa May 27, 2024
2871a61
flowalerts: move all downloaded file logic to flowalerts/downloaded_f…
AlyaGomaa May 27, 2024
be08ea7
Updated test_whitelist.py
Sekhar-Kumar-Dash May 27, 2024
9fe12d8
flowalerts: move all tunnel logic to flowalerts/tunnel.py
AlyaGomaa May 27, 2024
fc183f7
flowalerts: move all conn logic to flowalerts/conn.py
AlyaGomaa May 27, 2024
7539d59
flowalerts: rafactor
AlyaGomaa May 27, 2024
5e28a5b
flowalerts: move check_non_ssl_port_443_conns() from conn.py to ssl.py
AlyaGomaa May 27, 2024
19ffbb1
ssl.py: refactor
AlyaGomaa May 27, 2024
7439467
update unit tests
AlyaGomaa May 27, 2024
467673b
flowalerts: use Software() class
AlyaGomaa May 27, 2024
c924bc3
Merge pull request #572 from Sekhar-Kumar-Dash/patch-11
AlyaGomaa May 28, 2024
6ce22cf
Merge pull request #585 from stratosphereips/alya/split_flow_alerts_i…
AlyaGomaa May 28, 2024
95053ea
flowalerts.ssl: fix unable to find ssl_waiting_thread
AlyaGomaa May 28, 2024
5d9f555
flowalerts.ssl: fix unable oto find pending_ssl_flows
AlyaGomaa May 28, 2024
d8917d1
flowalerts.ssl: set evidence with threat level=info when DoH is found
AlyaGomaa May 28, 2024
4b4c1ca
go_director.py: delete dead code
AlyaGomaa May 28, 2024
e8c8de6
go_director.py: db: rename setInfoForIPs to set_ip_info
AlyaGomaa May 28, 2024
aa9915f
flowalerts.conn: dont alert conn without dns if the daddr is a soh se…
AlyaGomaa May 28, 2024
e27cffb
db: keep track of doh servers in ipsinfo
AlyaGomaa May 28, 2024
6008c5c
update unit tests
AlyaGomaa May 28, 2024
36ad42e
CI-staging: use dependencies image
AlyaGomaa May 28, 2024
15b38f6
CI-staging: run unit and integrataion tests in parallel
AlyaGomaa May 28, 2024
b4fd0de
split test_dataset.py into multiple files
AlyaGomaa May 28, 2024
352b258
cI-staging: run the new integration test files in parallel
AlyaGomaa May 28, 2024
2df0328
cI-staging: fix typo in test_portscans.py filename
AlyaGomaa May 28, 2024
5f914b5
flowalerts.ssl: fix issue extracting approto
AlyaGomaa May 28, 2024
2e23129
ci-staging: fix running portscan tests twice
AlyaGomaa May 28, 2024
5d051cf
db: fix errors calling set_ip_info()
AlyaGomaa May 29, 2024
78130dd
Merge pull request #586 from stratosphereips/alya/detect_doh
AlyaGomaa May 29, 2024
25b93d4
Added more tests to test_whitelist.py
Sekhar-Kumar-Dash Apr 19, 2024
dc963aa
Update the tests for the recent version of the code
Sekhar-Kumar-Dash Apr 19, 2024
3715b0e
Added more tests to test_whitelist.py
Sekhar-Kumar-Dash Apr 19, 2024
2d3055e
Update the tests for the recent version of the code
Sekhar-Kumar-Dash Apr 19, 2024
bf6d71d
Updated test_whitelist.py
Sekhar-Kumar-Dash May 27, 2024
6a0b5ce
Merge remote-tracking branch 'Sekhar-Kumar-Dash/patch-10' into fork/p…
AlyaGomaa May 29, 2024
215a6d6
test_whitelist.py: add 1 more test case to test_is_whitelisted_domain…
AlyaGomaa May 30, 2024
a6ecbab
test_whitelist.py: remove functions that were already tested in test_…
AlyaGomaa May 30, 2024
2df662b
test_whitelist.py: fix test_read_configuration()
AlyaGomaa May 30, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
131 changes: 125 additions & 6 deletions .github/workflows/CI-production-testing.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -42,28 +42,146 @@ jobs:
run: |
python -m pip install --upgrade pip
grep -v 'black' install/requirements.txt | xargs pip3 install --no-cache-dir
pip install coverage

- name: Start redis server
run: redis-server --daemonize yes

- name: Run unit tests
run: python3 -m pytest tests/ --ignore="tests/test_database.py" --ignore="tests/integration_tests" -n 7 -p no:warnings -vv -s
run: coverage run --source=./ -m pytest tests/ --ignore="tests/test_database.py" --ignore="tests/integration_tests" -n 7 -p no:warnings -vv -s


- name: Run database unit tests
run: python3 -m pytest tests/test_database.py -p no:warnings -vv
run: |
coverage run --source=./ -m pytest tests/test_database.py -p no:warnings -vv
coverage report --include="slips_files/core/database/*"
coverage html --include="slips_files/core/database/*" -d coverage_reports/database

- name: Flowalerts Unit Tests
run: |
coverage run --source=./ -m pytest tests/test_flowalerts.py -p no:warnings -vv
coverage report --include="modules/flowalerts/*"
coverage html --include="modules/flowalerts/*" -d coverage_reports/flowalerts

- name: Whitelist Unit Tests
run: |
coverage run --source=./ -m pytest tests/test_whitelist.py -p no:warnings -vv
coverage report --include="slips_files/core/helpers/whitelist.py*"
coverage html --include="slips_files/core/helpers/whitelist.py*" -d coverage_reports/whitelist

- name: ARP Unit Tests
run: |
coverage run --source=./ -m pytest tests/test_arp.py -p no:warnings -vv
coverage report --include="modules/arp/*"
coverage html --include="modules/arp/*" -d coverage_reports/arp

- name: Blocking Unit Tests
run: |
coverage run --source=./ -m pytest tests/test_blocking.py -p no:warnings -vv
coverage report --include="modules/blocking/*"
coverage html --include="modules/blocking/*" -d coverage_reports/blocking

- name: Flowhandler Unit Test
run: |
coverage run --source=./ -m pytest tests/test_flow_handler.py -p no:warnings -vv
coverage report --include="slips_files/core/helpers/flow_handler.py*"
coverage html --include="slips_files/core/helpers/flow_handler.py*" -d coverage_reports/flowhandler

- name: Horizontal Portscans Unit Tests
run: |
coverage run --source=./ -m pytest tests/test_horizontal_portscans.py -p no:warnings -vv
coverage report --include="modules/network_discovery/horizontal_portscan.py*"
coverage html --include="modules/network_discovery/horizontal_portscan.py*" -d coverage_reports/horizontal_portscan

- name: HTTP Analyzer Unit Tests
run: |
coverage run --source=./ -m pytest tests/test_http_analyzer.py -p no:warnings -vv
coverage report --include="modules/http_analyzer/http_analyzer.py*"
coverage html --include="modules/http_analyzer/http_analyzer.py*" -d coverage_reports/http_analyzer

- name: Vertical Portscans Unit Tests
run: |
coverage run --source=./ -m pytest tests/test_vertical_portscans.py -p no:warnings -vv
coverage report --include="modules/network_discovery/vertical_portscan.py*"
coverage html --include="modules/network_discovery/vertical_portscan.py*" -d coverage_reports/vertical_portscan

- name: Virustotal Unit Tests
run: |
coverage run --source=./ -m pytest tests/test_virustotal.py -p no:warnings -vv
coverage report --include="modules/virustotal/virustotal.py*"
coverage html --include="modules/virustotal/virustotal.py*" -d coverage_reports/virustotal

- name: Update Manager Unit tests
run: |
coverage run --source=./ -m pytest tests/test_update_file_manager.py -p no:warnings -vv
coverage report --include="modules/update_manager/update_manager.py*"
coverage html --include="modules/update_manager/update_manager.py*" -d coverage_reports/updatemanager

- name: Threat Intelligence Unit tests
run: |
coverage run --source=./ -m pytest tests/test_threat_intelligence.py -p no:warnings -vv
coverage report --include="modules/threat_intelligence/threat_intelligence.py*"
coverage html --include="modules/threat_intelligence/threat_intelligence.py*" -d coverage_reports/threat_intelligence

- name: Slips Utils Unit tests
run: |
coverage run --source=./ -m pytest tests/test_slips_utils.py -p no:warnings -vv
coverage report --include="slips_files/common/slips_utils.py*"
coverage html --include="slips_files/common/slips_utils.py*" -d coverage_reports/slips_utils

- name: Slips.py Unit Tests
run: |
coverage run --source=./ -m pytest tests/test_slips.py -p no:warnings -vv
coverage report --include="slips.py*"
coverage html --include="slips.py*" -d coverage_reports/slips

- name: Profiler Unit Tests
run: |
coverage run --source=./ -m pytest tests/test_profiler.py -p no:warnings -vv
coverage report --include="slips_files/core/profiler.py*"
coverage html --include="slips_files/core/profiler.py*" -d coverage_reports/profiler

- name: Leak Detector Unit Tests
run: |
coverage run --source=./ -m pytest tests/test_leak_detector.py -p no:warnings -vv
coverage report --include="modules/leak_detector/leak_detector.py*"
coverage html --include="modules/leak_detector/leak_detector.py*" -d coverage_reports/leak_detector

- name: Ipinfo Unit Tests
run: |
coverage run --source=./ -m pytest tests/test_ip_info.py -p no:warnings -vv
coverage report --include="modules/ip_info/ip_info.py*"
coverage html --include="modules/ip_info/ip_info.py*" -d coverage_reports/ip_info

- name: Input Unit Tests
run: |
coverage run --source=./ -m pytest tests/test_inputProc.py -p no:warnings -vv
coverage report --include="slips_files/core/input.py*"
coverage html --include="slips_files/core/input.py*" -d coverage_reports/input

- name: Clear redis cache
run: ./slips.py -cc

- name: Portscan tests
run: python3 -m pytest -s tests/integration_tests/test_portscans.py -p no:warnings -vv
run: |
coverage run --source=./ -m pytest -s tests/integration_tests/test_portscans.py -p no:warnings -vv
coverage report --include="modules/network_discovery/*"
coverage html --include="modules/network_discovery/*" -d coverage_reports/network_discovery

- name: Integration tests
run: python3 -m pytest -s tests/integration_tests/test_dataset.py -p no:warnings -vv
run: |
python3 -m pytest -s tests/integration_tests/test_dataset.py -p no:warnings -vv
# coverage run --source=./ -m pytest -s tests/integration_tests/test_dataset.py -p no:warnings -vv
# coverage report --include="dataset/*"
# coverage html --include="dataset/*" -d coverage_reports/dataset

- name: Config file tests
run: python3 -m pytest -s tests/integration_tests/test_config_files.py -p no:warnings -vv

- name: Config file tests
run: |
python3 -m pytest -s tests/integration_tests/test_config_files.py -p no:warnings -vv
# coverage run --source=./ -m pytest -s tests/integration_tests/test_config_files.py -p no:warnings -vv
# coverage report --include="dataset/*"
# coverage html --include="dataset/*" -d coverage_reports/dataset

- name: Upload Artifact
# run this job whether the above jobs failed or passed
Expand All @@ -73,3 +191,4 @@ jobs:
name: test_slips_locally-integration-tests-output
path: |
output/integration_tests
coverage_reports/
44 changes: 39 additions & 5 deletions .github/workflows/CI-publishing.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ on:
- '!develop'

jobs:
# auto add release tag
# auto add release tag
create_tag:
runs-on: ubuntu-latest

Expand Down Expand Up @@ -41,7 +41,31 @@ jobs:
path: ./docker/macosm1-image/Dockerfile

steps:
- name: Get slips version
- name: Maximize build space
uses: easimon/maximize-build-space@master
with:
root-reserve-mb: 512
swap-size-mb: 1024

- name: Free some space
run: |
rm -rf /usr/share/dotnet
rm -rf /opt/ghc
rm -rf "/usr/local/share/boost"
rm -rf "$AGENT_TOOLSDIRECTORY"

- name: Free disk space on Ubuntu runner
uses: kfir4444/free-disk-space@main
with:
# frees about 6 GB, warning: may remove required tools
tool-cache: false
android: true
dotnet: true
haskell: true
large-packages: true
swap-storage: true

- name: Get Slips version
run: |
VER=$(curl -s https://raw.githubusercontent.com/stratosphereips/StratosphereLinuxIPS/develop/VERSION)
echo "SLIPS_VERSION=$VER" >> $GITHUB_ENV
Expand All @@ -54,18 +78,28 @@ jobs:
# Fetch all history for all tags and branches
fetch-depth: ''


- name: Login to DockerHub
uses: docker/login-action@v2
with:
username: stratosphereips
password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}

- name: Free some space
run: |
rm -rf /usr/share/dotnet
rm -rf /opt/ghc
rm -rf "/usr/local/share/boost"
rm -rf "$AGENT_TOOLSDIRECTORY"

# build slips from target dockerfile
- name: Build our ${{ matrix.name }} from dockerfile
- name: Build ${{ matrix.name }} from Dockerfile
id: docker_build_slips
uses: docker/build-push-action@v2
timeout-minutes: 15
uses: docker/build-push-action@v5
with:
debug: true
verbose-debug: true
no-cache: true
context: ./
file: ${{ matrix.path }}
tags: stratosphereips/${{ matrix.image_name }}:latest, stratosphereips/${{ matrix.image_name }}:${{ env.SLIPS_VERSION }}
Expand Down
Loading
Loading