Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Onboarding MDE for Linux to LISA #3113

Draft
wants to merge 11 commits into
base: main
Choose a base branch
from
Draft

Onboarding MDE for Linux to LISA #3113

Changes from 1 commit
Commits
Show all changes
11 commits
Select commit Hold shift + click to select a range
7577bcb
Onboard MDE for Linux to LISA
Dec 7, 2023
61b0bbc
Azure
Dec 9, 2023
0a001c4
Azure Runbook with test case support
Dec 9, 2023
5ac45d1
Tests
Dec 21, 2023
49560a6
Cleanup
Dec 21, 2023
a7d6c14
Using Azure SAS Uri for getting onboarding script
Dec 22, 2023
749d8d4
Review comments
Dec 22, 2023
dd10768
Cleanup
Dec 22, 2023
bf68667
Linter
Dec 22, 2023
9e1e46f
Linter
Dec 22, 2023
9118563
Merge branch 'main' into zeeshan1995/mde_onboarding
atbagga Nov 13, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
Review comments
  • Loading branch information
Zeeshan Akhter committed Dec 22, 2023
commit 749d8d4f41320d0ed4f384f31489211f6ea296b8
31 changes: 14 additions & 17 deletions lisa/tools/mde.py
View file
Original file line number Diff line number Diff line change
@@ -9,6 +9,7 @@

from lisa.executable import Tool
from lisa.executable import CustomScriptBuilder, CustomScript
from .chmod import Chmod
from lisa.base_tools import Wget

class MDE(Tool):
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It's used by MDE test suite only, so it can be in the same file with the test suite.

@@ -21,27 +22,25 @@ def can_install(self) -> bool:
return True

def get_mde_installer(self) -> bool:
if not hasattr(self, '_mde_installer'):
response = requests.get("https://raw.githubusercontent.com/microsoft/mdatp-xplat/master/linux/installation/mde_installer.sh")
if response.ok:
script = response.text
import tempfile
_, self.mde_installer_script = tempfile.mkstemp(prefix='mde_installer', suffix='.sh')
with open(self.mde_installer_script, 'w') as writer:
writer.write(script)
self._mde_installer = CustomScriptBuilder(Path(os.path.dirname(self.mde_installer_script)),
[os.path.basename(self.mde_installer_script)])
return True
return False
if not hasattr(self, 'mde_installer'):
wget = self.node.tools[Wget]

download_path = wget.get(
url="https://raw.githubusercontent.com/microsoft/mdatp-xplat/master/linux/installation/mde_installer.sh",
filename="mde_installer.sh",
)
self.mde_installer = download_path
self._log.info(self.mde_installer)
self.node.tools[Chmod].update_folder(
self.mde_installer, "777", sudo=True)
return True

def _install(self) -> bool:
if not self.get_mde_installer():
self._log.error("Unable to download mde_installer.sh script. MDE can't be installed")

mde_installer: CustomScript = self.node.tools[self._mde_installer]
self._log.info('Installing MDE')
result1 = mde_installer.run(parameters="--install", sudo=True)
result1 = self.node.execute(f"{self.mde_installer} --install", shell=True, sudo=True)
self._log.info(result1)

return self._check_exists()
@@ -62,10 +61,8 @@ def onboard(self, onboarding_script_sas_uri: str) -> bool:
if not self.get_mde_installer():
self._log.error("Unable to download mde_installer.sh script. MDE can't be onboarded")

script: CustomScript = self.node.tools[self._mde_installer]

self._log.info('Onboarding MDE')
result1 = script.run(parameters=f"--onboard {download_path}", sudo=True)
result1 = self.node.execute(f"{self.mde_installer} --onboard {download_path}", shell=True, sudo=True)
self._log.info(result1)

output = self.get_result('health --field licensed')
29 changes: 21 additions & 8 deletions microsoft/testsuites/vm_extensions/mde.py
View file
Original file line number Diff line number Diff line change
@@ -22,7 +22,19 @@
area="vm_extension",
category="functional",
description="""
MDE Test Suite
Verify MDE installation
Microsoft Defender for Endpoint(MDE) for Linux includes antimalware and endpoint detection and response (EDR) capabilities.

This test suites validates if MDE can be installed, onboarded and detect an EICAR file.

The test requires the onboarding script to be kept in Azure Storage Account and provide the SAS url for downloading
under the secret variable `onboarding_script_sas_uri`.

The suite runs the following tests:
1. Installation test
2. Onboarding test
3. Health test
4. EICAR detection test
""",
)
class MDE(TestSuite):
@@ -35,7 +47,7 @@ def before_case(self, log: Logger, **kwargs: Any) -> None:

@TestCaseMetadata(
description="""
Verify MDE installation
Verify MDE installation, onboarding, health and EICAR detection.
""",
priority=1,
requirement=simple_requirement(min_core_count=2,
@@ -46,7 +58,8 @@ def verify_mde(self, node: Node, log: Logger, result: TestResult) -> None:

#Invoking tools first time, intalls the tool.
try:
output = node.tools[mdatp]._check_exists()
node.tools[mdatp]
output = True
except LisaException as e:
log.error(e)
output = False
@@ -63,26 +76,26 @@ def verify_onboard(self, node: Node, log: Logger, result: TestResult) -> None:

onboarding_result = node.tools[mdatp].onboard(self.onboarding_script_sas_uri)

assert_that(onboarding_result).is_equal_to(True)
assert_that(onboarding_result).described_as('Unable to onboard MDE').is_equal_to(True)

output = node.tools[mdatp].get_result('health --field licensed')

assert_that(output).is_equal_to(['true'])
assert_that(output).described_as('MDE is not licensed').is_equal_to(['true'])

def verify_health(self, node: Node, log: Logger, result: TestResult) -> None:
output = node.tools[mdatp].get_result('health', json_out=True)

log.info(output)

assert_that(output['healthy']).is_equal_to(True)
assert_that(output['healthy']).described_as('MDE is not healthy').is_equal_to(True)

def verify_eicar_detection(self, node: Node, log: Logger, result: TestResult) -> None:
log.info('Running EICAR test')

output = node.tools[mdatp].get_result('health --field real_time_protection_enabled')
if output == ['false']:
output = node.tools[mdatp].get_result('config real-time-protection --value enabled', sudo=True)
assert_that(' '.join(output)).is_equal_to('Configuration property updated.')
assert_that(' '.join(output)).described_as('Unable to enable RTP for MDE').is_equal_to('Configuration property updated.')

current_threat_list= node.tools[mdatp].get_result('threat list')
log.info(current_threat_list)
@@ -99,6 +112,6 @@ def verify_eicar_detection(self, node: Node, log: Logger, result: TestResult) ->
eicar_detect = ' '.join(new_threat_list).replace(' '.join(current_threat_list), '')

log.info(eicar_detect)
assert_that('Name: Virus:DOS/EICAR_Test_File' in eicar_detect).is_equal_to(True)
assert_that('Name: Virus:DOS/EICAR_Test_File' in eicar_detect).described_as('MDE is not able to detect EICAR file').is_equal_to(True)