From 3387a1b51f0187651ad6b5dde7403607d6b93beb Mon Sep 17 00:00:00 2001 From: Sylvain Baubeau Date: Mon, 18 Nov 2024 19:36:36 +0100 Subject: [PATCH] [CWS] Move JSON schemas to secl package (#30913) --- .../generators/schemas/policy/main.go | 2 +- pkg/security/secl/rules/policy_test.go | 2 +- .../schemas/activity_dump.schema.json | 0 .../schemas/activity_dump_proto.schema.json | 0 .../schemas/agent_context.schema.json} | 6 +- .../{tests => secl}/schemas/bind.schema.json | 10 +- .../{tests => secl}/schemas/bpf.schema.json | 10 +- .../{tests => secl}/schemas/chmod.schema.json | 6 +- .../{tests => secl}/schemas/chown.schema.json | 6 +- .../schemas/connect.schema.json | 10 +- .../schemas/container.schema.json} | 2 +- .../schemas/container_context.schema.json} | 4 +- .../secl/schemas/container_event.schema.json | 12 + .../container_event_no_file.schema.json | 12 + .../schemas/datetime.schema.json} | 2 +- .../{tests => secl}/schemas/dns.schema.json | 12 +- .../schemas/event.schema.json} | 4 +- .../{tests => secl}/schemas/exec.schema.json | 6 +- .../{tests => secl}/schemas/exit.schema.json | 6 +- .../schemas/file.schema.json} | 6 +- .../{tests => secl}/schemas/hash.schema.json | 2 +- .../schemas/heartbeat.schema.json | 4 +- .../secl/schemas/host_event.schema.json | 23 ++ .../schemas/host_event_no_file.schema.json | 20 ++ .../{tests => secl}/schemas/imds.schema.json | 12 +- .../{tests => secl}/schemas/kill.schema.json | 10 +- .../{tests => secl}/schemas/link.schema.json | 8 +- .../schemas/load_module.schema.json | 6 +- .../schemas/load_module_no_file.schema.json | 6 +- .../schemas/message.schema.json | 4 +- .../{tests => secl}/schemas/mmap.schema.json | 10 +- .../{tests => secl}/schemas/mount.schema.json | 6 +- .../schemas/mprotect.schema.json | 10 +- .../schemas/network.schema.json} | 2 +- .../{tests => secl}/schemas/open.schema.json | 6 +- .../schemas/policy.schema.json | 0 .../schemas/process.schema.json} | 12 +- .../schemas/process_context.schema.json} | 10 +- .../schemas/ptrace.schema.json | 12 +- .../schemas/rename.schema.json | 8 +- .../schemas/ruleset_loaded.schema.json | 4 +- pkg/security/secl/schemas/schemas.go | 16 ++ .../schemas/self_test_schema.json | 12 +- .../schemas/selinux.schema.json | 6 +- .../schemas/signal.schema.json | 12 +- .../{tests => secl}/schemas/span.schema.json | 8 +- .../schemas/span_context.schema.json} | 2 +- .../schemas/splice.schema.json | 6 +- .../schemas/unload_module.schema.json | 6 +- .../schemas/user_session.schema.json | 8 +- .../schemas/user_session_context.schema.json} | 2 +- .../usr.json => secl/schemas/usr.schema.json} | 2 +- pkg/security/tests/schemas.go | 217 +++++++++--------- .../tests/schemas/container_event.json | 12 - .../schemas/container_event_no_file.json | 12 - pkg/security/tests/schemas/host_event.json | 23 -- .../tests/schemas/host_event_no_file.json | 20 -- 57 files changed, 334 insertions(+), 323 deletions(-) rename pkg/security/{tests => secl}/schemas/activity_dump.schema.json (100%) rename pkg/security/{tests => secl}/schemas/activity_dump_proto.schema.json (100%) rename pkg/security/{tests/schemas/agent_context.json => secl/schemas/agent_context.schema.json} (86%) rename pkg/security/{tests => secl}/schemas/bind.schema.json (86%) rename pkg/security/{tests => secl}/schemas/bpf.schema.json (91%) rename pkg/security/{tests => secl}/schemas/chmod.schema.json (85%) rename pkg/security/{tests => secl}/schemas/chown.schema.json (78%) rename pkg/security/{tests => secl}/schemas/connect.schema.json (85%) rename pkg/security/{tests/schemas/container.json => secl/schemas/container.schema.json} (85%) rename pkg/security/{tests/schemas/container_context.json => secl/schemas/container_context.schema.json} (68%) create mode 100644 pkg/security/secl/schemas/container_event.schema.json create mode 100644 pkg/security/secl/schemas/container_event_no_file.schema.json rename pkg/security/{tests/schemas/datetime.json => secl/schemas/datetime.schema.json} (90%) rename pkg/security/{tests => secl}/schemas/dns.schema.json (87%) rename pkg/security/{tests/schemas/event.json => secl/schemas/event.schema.json} (92%) rename pkg/security/{tests => secl}/schemas/exec.schema.json (81%) rename pkg/security/{tests => secl}/schemas/exit.schema.json (86%) rename pkg/security/{tests/schemas/file.json => secl/schemas/file.schema.json} (92%) rename pkg/security/{tests => secl}/schemas/hash.schema.json (93%) rename pkg/security/{tests => secl}/schemas/heartbeat.schema.json (92%) create mode 100644 pkg/security/secl/schemas/host_event.schema.json create mode 100644 pkg/security/secl/schemas/host_event_no_file.schema.json rename pkg/security/{tests => secl}/schemas/imds.schema.json (92%) rename pkg/security/{tests => secl}/schemas/kill.schema.json (90%) rename pkg/security/{tests => secl}/schemas/link.schema.json (76%) rename pkg/security/{tests => secl}/schemas/load_module.schema.json (84%) rename pkg/security/{tests => secl}/schemas/load_module_no_file.schema.json (82%) rename pkg/security/{tests => secl}/schemas/message.schema.json (81%) rename pkg/security/{tests => secl}/schemas/mmap.schema.json (82%) rename pkg/security/{tests => secl}/schemas/mount.schema.json (92%) rename pkg/security/{tests => secl}/schemas/mprotect.schema.json (84%) rename pkg/security/{tests/schemas/network.json => secl/schemas/network.schema.json} (98%) rename pkg/security/{tests => secl}/schemas/open.schema.json (78%) rename pkg/security/{tests => secl}/schemas/policy.schema.json (100%) rename pkg/security/{tests/schemas/process.json => secl/schemas/process.schema.json} (95%) rename pkg/security/{tests/schemas/process_context.json => secl/schemas/process_context.schema.json} (74%) rename pkg/security/{tests => secl}/schemas/ptrace.schema.json (76%) rename pkg/security/{tests => secl}/schemas/rename.schema.json (76%) rename pkg/security/{tests => secl}/schemas/ruleset_loaded.schema.json (98%) create mode 100644 pkg/security/secl/schemas/schemas.go rename pkg/security/{tests => secl}/schemas/self_test_schema.json (86%) rename pkg/security/{tests => secl}/schemas/selinux.schema.json (95%) rename pkg/security/{tests => secl}/schemas/signal.schema.json (76%) rename pkg/security/{tests => secl}/schemas/span.schema.json (57%) rename pkg/security/{tests/schemas/span_context.json => secl/schemas/span_context.schema.json} (91%) rename pkg/security/{tests => secl}/schemas/splice.schema.json (86%) rename pkg/security/{tests => secl}/schemas/unload_module.schema.json (79%) rename pkg/security/{tests => secl}/schemas/user_session.schema.json (56%) rename pkg/security/{tests/schemas/user_session_context.json => secl/schemas/user_session_context.schema.json} (95%) rename pkg/security/{tests/schemas/usr.json => secl/schemas/usr.schema.json} (92%) delete mode 100644 pkg/security/tests/schemas/container_event.json delete mode 100644 pkg/security/tests/schemas/container_event_no_file.json delete mode 100644 pkg/security/tests/schemas/host_event.json delete mode 100644 pkg/security/tests/schemas/host_event_no_file.json diff --git a/pkg/security/generators/schemas/policy/main.go b/pkg/security/generators/schemas/policy/main.go index 0dc6181eabead..e39d15ebb8a64 100644 --- a/pkg/security/generators/schemas/policy/main.go +++ b/pkg/security/generators/schemas/policy/main.go @@ -3,7 +3,7 @@ // This product includes software developed at Datadog (https://www.datadoghq.com/). // Copyright 2016-present Datadog, Inc. -//go:generate go run github.com/DataDog/datadog-agent/pkg/security/generators/schemas/policy -output ../../../tests/schemas/policy.schema.json +//go:generate go run github.com/DataDog/datadog-agent/pkg/security/generators/schemas/policy -output ../../../secl/schemas/policy.schema.json // Package main holds main related files package main diff --git a/pkg/security/secl/rules/policy_test.go b/pkg/security/secl/rules/policy_test.go index fefbd3320551a..9f7d11e9668a2 100644 --- a/pkg/security/secl/rules/policy_test.go +++ b/pkg/security/secl/rules/policy_test.go @@ -1028,7 +1028,7 @@ func TestPolicySchema(t *testing.T) { }, } - fs := os.DirFS("../../../../pkg/security/tests/schemas") + fs := os.DirFS("../../../../pkg/security/secl/schemas") schemaLoader := gojsonschema.NewReferenceLoaderFileSystem("file:///policy.schema.json", http.FS(fs)) for _, test := range tests { diff --git a/pkg/security/tests/schemas/activity_dump.schema.json b/pkg/security/secl/schemas/activity_dump.schema.json similarity index 100% rename from pkg/security/tests/schemas/activity_dump.schema.json rename to pkg/security/secl/schemas/activity_dump.schema.json diff --git a/pkg/security/tests/schemas/activity_dump_proto.schema.json b/pkg/security/secl/schemas/activity_dump_proto.schema.json similarity index 100% rename from pkg/security/tests/schemas/activity_dump_proto.schema.json rename to pkg/security/secl/schemas/activity_dump_proto.schema.json diff --git a/pkg/security/tests/schemas/agent_context.json b/pkg/security/secl/schemas/agent_context.schema.json similarity index 86% rename from pkg/security/tests/schemas/agent_context.json rename to pkg/security/secl/schemas/agent_context.schema.json index daf8233065056..f524a02c9986e 100644 --- a/pkg/security/tests/schemas/agent_context.json +++ b/pkg/security/secl/schemas/agent_context.schema.json @@ -1,6 +1,6 @@ { "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "agent_context.json", + "$id": "agent_context.schema.json", "type": "object", "properties": { "rule_id": { @@ -32,10 +32,10 @@ "items": { "oneOf": [ { - "$ref": "/schemas/kill.schema.json" + "$ref": "kill.schema.json" }, { - "$ref": "/schemas/hash.schema.json" + "$ref": "hash.schema.json" } ] } diff --git a/pkg/security/tests/schemas/bind.schema.json b/pkg/security/secl/schemas/bind.schema.json similarity index 86% rename from pkg/security/tests/schemas/bind.schema.json rename to pkg/security/secl/schemas/bind.schema.json index a0351a64a6c75..0e8503fa071c5 100644 --- a/pkg/security/tests/schemas/bind.schema.json +++ b/pkg/security/secl/schemas/bind.schema.json @@ -1,20 +1,20 @@ { "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "bind.json", + "$id": "bind.schema.json", "type": "object", "allOf": [ { - "$ref": "/schemas/event.json" + "$ref": "event.schema.json" }, { - "$ref": "/schemas/usr.json" + "$ref": "usr.schema.json" }, { - "$ref": "/schemas/process_context.json" + "$ref": "process_context.schema.json" }, { "date": { - "$ref": "/schemas/datetime.json" + "$ref": "datetime.schema.json" } }, { diff --git a/pkg/security/tests/schemas/bpf.schema.json b/pkg/security/secl/schemas/bpf.schema.json similarity index 91% rename from pkg/security/tests/schemas/bpf.schema.json rename to pkg/security/secl/schemas/bpf.schema.json index dd423ab153771..c315002647f53 100644 --- a/pkg/security/tests/schemas/bpf.schema.json +++ b/pkg/security/secl/schemas/bpf.schema.json @@ -1,20 +1,20 @@ { "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "bpf.json", + "$id": "bpf.schema.json", "type": "object", "allOf": [ { - "$ref": "/schemas/event.json" + "$ref": "event.schema.json" }, { - "$ref": "/schemas/usr.json" + "$ref": "usr.schema.json" }, { - "$ref": "/schemas/process_context.json" + "$ref": "process_context.schema.json" }, { "date": { - "$ref": "/schemas/datetime.json" + "$ref": "datetime.schema.json" } }, { diff --git a/pkg/security/tests/schemas/chmod.schema.json b/pkg/security/secl/schemas/chmod.schema.json similarity index 85% rename from pkg/security/tests/schemas/chmod.schema.json rename to pkg/security/secl/schemas/chmod.schema.json index cf56e011e0e3d..6bd85b45ae8b4 100644 --- a/pkg/security/tests/schemas/chmod.schema.json +++ b/pkg/security/secl/schemas/chmod.schema.json @@ -1,13 +1,13 @@ { "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "chmod.json", + "$id": "chmod.schema.json", "type": "object", "anyOf": [ { - "$ref": "/schemas/container_event.json" + "$ref": "container_event.schema.json" }, { - "$ref": "/schemas/host_event.json" + "$ref": "host_event.schema.json" } ], "allOf": [ diff --git a/pkg/security/tests/schemas/chown.schema.json b/pkg/security/secl/schemas/chown.schema.json similarity index 78% rename from pkg/security/tests/schemas/chown.schema.json rename to pkg/security/secl/schemas/chown.schema.json index 9fc6f29e5996a..6c8d52399f538 100644 --- a/pkg/security/tests/schemas/chown.schema.json +++ b/pkg/security/secl/schemas/chown.schema.json @@ -1,13 +1,13 @@ { "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "chown.json", + "$id": "chown.schema.json", "type": "object", "anyOf": [ { - "$ref": "/schemas/container_event.json" + "$ref": "container_event.schema.json" }, { - "$ref": "/schemas/host_event.json" + "$ref": "host_event.schema.json" } ], "allOf": [ diff --git a/pkg/security/tests/schemas/connect.schema.json b/pkg/security/secl/schemas/connect.schema.json similarity index 85% rename from pkg/security/tests/schemas/connect.schema.json rename to pkg/security/secl/schemas/connect.schema.json index 6f94bc0852e89..add7097809aba 100644 --- a/pkg/security/tests/schemas/connect.schema.json +++ b/pkg/security/secl/schemas/connect.schema.json @@ -1,20 +1,20 @@ { "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "connect.json", + "$id": "connect.schema.json", "type": "object", "allOf": [ { - "$ref": "/schemas/event.json" + "$ref": "event.schema.json" }, { - "$ref": "/schemas/usr.json" + "$ref": "usr.schema.json" }, { - "$ref": "/schemas/process_context.json" + "$ref": "process_context.schema.json" }, { "date": { - "$ref": "/schemas/datetime.json" + "$ref": "datetime.schema.json" } }, { diff --git a/pkg/security/tests/schemas/container.json b/pkg/security/secl/schemas/container.schema.json similarity index 85% rename from pkg/security/tests/schemas/container.json rename to pkg/security/secl/schemas/container.schema.json index 42db4215b7d25..9ce795d204fd2 100644 --- a/pkg/security/tests/schemas/container.json +++ b/pkg/security/secl/schemas/container.schema.json @@ -1,6 +1,6 @@ { "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "container.json", + "$id": "container.schema.json", "type": "object", "properties": { "id": { diff --git a/pkg/security/tests/schemas/container_context.json b/pkg/security/secl/schemas/container_context.schema.json similarity index 68% rename from pkg/security/tests/schemas/container_context.json rename to pkg/security/secl/schemas/container_context.schema.json index dc65196a9e48a..5def87884bb87 100644 --- a/pkg/security/tests/schemas/container_context.json +++ b/pkg/security/secl/schemas/container_context.schema.json @@ -1,10 +1,10 @@ { "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "container_context.json", + "$id": "container_context.schema.json", "type": "object", "properties": { "container": { - "$ref": "/schemas/container.json" + "$ref": "container.schema.json" } }, "required": [ diff --git a/pkg/security/secl/schemas/container_event.schema.json b/pkg/security/secl/schemas/container_event.schema.json new file mode 100644 index 0000000000000..4485b5a35c4b7 --- /dev/null +++ b/pkg/security/secl/schemas/container_event.schema.json @@ -0,0 +1,12 @@ +{ + "$schema": "https://json-schema.org/draft/2020-12/schema", + "$id": "container_event.schema.json", + "allOf": [ + { + "$ref": "host_event.schema.json" + }, + { + "$ref": "container_context.schema.json" + } + ] +} diff --git a/pkg/security/secl/schemas/container_event_no_file.schema.json b/pkg/security/secl/schemas/container_event_no_file.schema.json new file mode 100644 index 0000000000000..42481aac800b9 --- /dev/null +++ b/pkg/security/secl/schemas/container_event_no_file.schema.json @@ -0,0 +1,12 @@ +{ + "$schema": "https://json-schema.org/draft/2020-12/schema", + "$id": "container_event_no_file.schema.json", + "allOf": [ + { + "$ref": "host_event_no_file.schema.json" + }, + { + "$ref": "container_context.schema.json" + } + ] +} diff --git a/pkg/security/tests/schemas/datetime.json b/pkg/security/secl/schemas/datetime.schema.json similarity index 90% rename from pkg/security/tests/schemas/datetime.json rename to pkg/security/secl/schemas/datetime.schema.json index 03cfc3d81cdc5..e0e6e8eed8b96 100644 --- a/pkg/security/tests/schemas/datetime.json +++ b/pkg/security/secl/schemas/datetime.schema.json @@ -1,6 +1,6 @@ { "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "datetime.json", + "$id": "datetime.schema.json", "allOf": [ { "type": "string", diff --git a/pkg/security/tests/schemas/dns.schema.json b/pkg/security/secl/schemas/dns.schema.json similarity index 87% rename from pkg/security/tests/schemas/dns.schema.json rename to pkg/security/secl/schemas/dns.schema.json index d9d62483a5bc2..3e697ead51f0a 100644 --- a/pkg/security/tests/schemas/dns.schema.json +++ b/pkg/security/secl/schemas/dns.schema.json @@ -1,23 +1,23 @@ { "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "dns.json", + "$id": "dns.schema.json", "type": "object", "allOf": [ { - "$ref": "/schemas/event.json" + "$ref": "event.schema.json" }, { - "$ref": "/schemas/usr.json" + "$ref": "usr.schema.json" }, { - "$ref": "/schemas/process_context.json" + "$ref": "process_context.schema.json" }, { - "$ref": "/schemas/network.json" + "$ref": "network.schema.json" }, { "date": { - "$ref": "/schemas/datetime.json" + "$ref": "datetime.schema.json" } }, { diff --git a/pkg/security/tests/schemas/event.json b/pkg/security/secl/schemas/event.schema.json similarity index 92% rename from pkg/security/tests/schemas/event.json rename to pkg/security/secl/schemas/event.schema.json index 94b83627e7ebd..2aa68f82d5a1e 100644 --- a/pkg/security/tests/schemas/event.json +++ b/pkg/security/secl/schemas/event.schema.json @@ -1,6 +1,6 @@ { "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "event.json", + "$id": "event.schema.json", "type": "object", "properties": { "evt": { @@ -32,7 +32,7 @@ "type": "object" }, "date": { - "$ref": "/schemas/datetime.json" + "$ref": "datetime.schema.json" } }, "required": [ diff --git a/pkg/security/tests/schemas/exec.schema.json b/pkg/security/secl/schemas/exec.schema.json similarity index 81% rename from pkg/security/tests/schemas/exec.schema.json rename to pkg/security/secl/schemas/exec.schema.json index ba466e3327ad9..2f7d44b03cc5d 100644 --- a/pkg/security/tests/schemas/exec.schema.json +++ b/pkg/security/secl/schemas/exec.schema.json @@ -1,13 +1,13 @@ { "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "exec.json", + "$id": "exec.schema.json", "type": "object", "anyOf": [ { - "$ref": "/schemas/container_event.json" + "$ref": "container_event.schema.json" }, { - "$ref": "/schemas/host_event.json" + "$ref": "host_event.schema.json" } ], "allOf": [ diff --git a/pkg/security/tests/schemas/exit.schema.json b/pkg/security/secl/schemas/exit.schema.json similarity index 86% rename from pkg/security/tests/schemas/exit.schema.json rename to pkg/security/secl/schemas/exit.schema.json index d8e9820a80432..341107a379185 100644 --- a/pkg/security/tests/schemas/exit.schema.json +++ b/pkg/security/secl/schemas/exit.schema.json @@ -1,13 +1,13 @@ { "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "exit.json", + "$id": "exit.schema.json", "type": "object", "anyOf": [ { - "$ref": "/schemas/container_event.json" + "$ref": "container_event.schema.json" }, { - "$ref": "/schemas/host_event.json" + "$ref": "host_event.schema.json" } ], "allOf": [ diff --git a/pkg/security/tests/schemas/file.json b/pkg/security/secl/schemas/file.schema.json similarity index 92% rename from pkg/security/tests/schemas/file.json rename to pkg/security/secl/schemas/file.schema.json index 4a082bdacbe5b..fb3407feeb3c7 100644 --- a/pkg/security/tests/schemas/file.json +++ b/pkg/security/secl/schemas/file.schema.json @@ -1,6 +1,6 @@ { "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "file.json", + "$id": "file.schema.json", "type": "object", "properties": { "path": { @@ -29,10 +29,10 @@ "type": "string" }, "modification_time": { - "$ref": "/schemas/datetime.json" + "$ref": "datetime.schema.json" }, "change_time": { - "$ref": "/schemas/datetime.json" + "$ref": "datetime.schema.json" }, "flags": { "type": "array", diff --git a/pkg/security/tests/schemas/hash.schema.json b/pkg/security/secl/schemas/hash.schema.json similarity index 93% rename from pkg/security/tests/schemas/hash.schema.json rename to pkg/security/secl/schemas/hash.schema.json index 1415e736a96b8..229a60483fe20 100644 --- a/pkg/security/tests/schemas/hash.schema.json +++ b/pkg/security/secl/schemas/hash.schema.json @@ -1,6 +1,6 @@ { "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "kill.json", + "$id": "kill.schema.json", "type": "object", "properties": { "type": { diff --git a/pkg/security/tests/schemas/heartbeat.schema.json b/pkg/security/secl/schemas/heartbeat.schema.json similarity index 92% rename from pkg/security/tests/schemas/heartbeat.schema.json rename to pkg/security/secl/schemas/heartbeat.schema.json index 038fb54411c5f..45086fab8415e 100644 --- a/pkg/security/tests/schemas/heartbeat.schema.json +++ b/pkg/security/secl/schemas/heartbeat.schema.json @@ -1,6 +1,6 @@ { "$schema": "http://json-schema.org/draft-04/schema#", - "$id": "heartbeat.json", + "$id": "heartbeat.schema.json", "type": "object", "properties": { "policy": { @@ -9,7 +9,7 @@ } }, "date": { - "$ref": "/schemas/datetime.json" + "$ref": "datetime.schema.json" } }, "required": [ diff --git a/pkg/security/secl/schemas/host_event.schema.json b/pkg/security/secl/schemas/host_event.schema.json new file mode 100644 index 0000000000000..357955d548ce7 --- /dev/null +++ b/pkg/security/secl/schemas/host_event.schema.json @@ -0,0 +1,23 @@ +{ + "$schema": "https://json-schema.org/draft/2020-12/schema", + "$id": "host_event.schema.json", + "allOf": [ + { + "$ref": "event.schema.json" + }, + { + "file": { "$ref": "file.schema.json" } + }, + { + "$ref": "usr.schema.json" + }, + { + "$ref": "process_context.schema.json" + }, + { + "date": { + "$ref": "datetime.schema.json" + } + } + ] +} diff --git a/pkg/security/secl/schemas/host_event_no_file.schema.json b/pkg/security/secl/schemas/host_event_no_file.schema.json new file mode 100644 index 0000000000000..2d260efa55250 --- /dev/null +++ b/pkg/security/secl/schemas/host_event_no_file.schema.json @@ -0,0 +1,20 @@ +{ + "$schema": "https://json-schema.org/draft/2020-12/schema", + "$id": "host_event_no_file.schema.json", + "allOf": [ + { + "$ref": "event.schema.json" + }, + { + "$ref": "usr.schema.json" + }, + { + "$ref": "process_context.schema.json" + }, + { + "date": { + "$ref": "datetime.schema.json" + } + } + ] +} diff --git a/pkg/security/tests/schemas/imds.schema.json b/pkg/security/secl/schemas/imds.schema.json similarity index 92% rename from pkg/security/tests/schemas/imds.schema.json rename to pkg/security/secl/schemas/imds.schema.json index 2ac17ef236ad7..a8fd8ed7bcb7b 100644 --- a/pkg/security/tests/schemas/imds.schema.json +++ b/pkg/security/secl/schemas/imds.schema.json @@ -1,23 +1,23 @@ { "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "imds.json", + "$id": "imds.schema.json", "type": "object", "allOf": [ { - "$ref": "/schemas/event.json" + "$ref": "event.schema.json" }, { - "$ref": "/schemas/usr.json" + "$ref": "usr.schema.json" }, { - "$ref": "/schemas/process_context.json" + "$ref": "process_context.schema.json" }, { - "$ref": "/schemas/network.json" + "$ref": "network.schema.json" }, { "date": { - "$ref": "/schemas/datetime.json" + "$ref": "datetime.schema.json" } }, { diff --git a/pkg/security/tests/schemas/kill.schema.json b/pkg/security/secl/schemas/kill.schema.json similarity index 90% rename from pkg/security/tests/schemas/kill.schema.json rename to pkg/security/secl/schemas/kill.schema.json index 7b91ef1008a18..7ad33dcf8a0be 100644 --- a/pkg/security/tests/schemas/kill.schema.json +++ b/pkg/security/secl/schemas/kill.schema.json @@ -1,6 +1,6 @@ { "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "kill.json", + "$id": "kill.schema.json", "type": "object", "properties": { "type": { @@ -13,16 +13,16 @@ "type": "string" }, "created_at": { - "$ref": "/schemas/datetime.json" + "$ref": "datetime.schema.json" }, "detected_at": { - "$ref": "/schemas/datetime.json" + "$ref": "datetime.schema.json" }, "killed_at": { - "$ref": "/schemas/datetime.json" + "$ref": "datetime.schema.json" }, "exited_at": { - "$ref": "/schemas/datetime.json" + "$ref": "datetime.schema.json" }, "ttr": { "type": "string" diff --git a/pkg/security/tests/schemas/link.schema.json b/pkg/security/secl/schemas/link.schema.json similarity index 76% rename from pkg/security/tests/schemas/link.schema.json rename to pkg/security/secl/schemas/link.schema.json index 98b94a81f285c..e618ebd5172fa 100644 --- a/pkg/security/tests/schemas/link.schema.json +++ b/pkg/security/secl/schemas/link.schema.json @@ -1,13 +1,13 @@ { "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "link.json", + "$id": "link.schema.json", "type": "object", "anyOf": [ { - "$ref": "/schemas/container_event.json" + "$ref": "container_event.schema.json" }, { - "$ref": "/schemas/host_event.json" + "$ref": "host_event.schema.json" } ], "allOf": [ @@ -20,7 +20,7 @@ ], "properties": { "destination": { - "$ref": "/schemas/file.json" + "$ref": "file.schema.json" } } } diff --git a/pkg/security/tests/schemas/load_module.schema.json b/pkg/security/secl/schemas/load_module.schema.json similarity index 84% rename from pkg/security/tests/schemas/load_module.schema.json rename to pkg/security/secl/schemas/load_module.schema.json index 4e86932fa111c..2fc2d99e86ae3 100644 --- a/pkg/security/tests/schemas/load_module.schema.json +++ b/pkg/security/secl/schemas/load_module.schema.json @@ -1,13 +1,13 @@ { "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "load_module.json", + "$id": "load_module.schema.json", "type": "object", "anyOf": [ { - "$ref": "/schemas/container_event.json" + "$ref": "container_event.schema.json" }, { - "$ref": "/schemas/host_event.json" + "$ref": "host_event.schema.json" } ], "allOf": [ diff --git a/pkg/security/tests/schemas/load_module_no_file.schema.json b/pkg/security/secl/schemas/load_module_no_file.schema.json similarity index 82% rename from pkg/security/tests/schemas/load_module_no_file.schema.json rename to pkg/security/secl/schemas/load_module_no_file.schema.json index c878d0f3b3933..c3a1e7c1c1ddb 100644 --- a/pkg/security/tests/schemas/load_module_no_file.schema.json +++ b/pkg/security/secl/schemas/load_module_no_file.schema.json @@ -1,13 +1,13 @@ { "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "load_module_no_file.json", + "$id": "load_module_no_file.schema.json", "type": "object", "anyOf": [ { - "$ref": "/schemas/container_event_no_file.json" + "$ref": "container_event_no_file.schema.json" }, { - "$ref": "/schemas/host_event_no_file.json" + "$ref": "host_event_no_file.schema.json" } ], "allOf": [ diff --git a/pkg/security/tests/schemas/message.schema.json b/pkg/security/secl/schemas/message.schema.json similarity index 81% rename from pkg/security/tests/schemas/message.schema.json rename to pkg/security/secl/schemas/message.schema.json index 3eac5ec0bd039..f3d8d2534bc97 100644 --- a/pkg/security/tests/schemas/message.schema.json +++ b/pkg/security/secl/schemas/message.schema.json @@ -1,11 +1,11 @@ { "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "message.json", + "$id": "message.schema.json", "allOf": [ { "properties": { "agent": { - "$ref": "/schemas/agent_context.json" + "$ref": "agent_context.schema.json" } } }, diff --git a/pkg/security/tests/schemas/mmap.schema.json b/pkg/security/secl/schemas/mmap.schema.json similarity index 82% rename from pkg/security/tests/schemas/mmap.schema.json rename to pkg/security/secl/schemas/mmap.schema.json index 21244fc74cc6e..06090e86ed626 100644 --- a/pkg/security/tests/schemas/mmap.schema.json +++ b/pkg/security/secl/schemas/mmap.schema.json @@ -1,20 +1,20 @@ { "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "mmap.json", + "$id": "mmap.schema.json", "type": "object", "allOf": [ { - "$ref": "/schemas/event.json" + "$ref": "event.schema.json" }, { - "$ref": "/schemas/usr.json" + "$ref": "usr.schema.json" }, { - "$ref": "/schemas/process_context.json" + "$ref": "process_context.schema.json" }, { "date": { - "$ref": "/schemas/datetime.json" + "$ref": "datetime.schema.json" } }, { diff --git a/pkg/security/tests/schemas/mount.schema.json b/pkg/security/secl/schemas/mount.schema.json similarity index 92% rename from pkg/security/tests/schemas/mount.schema.json rename to pkg/security/secl/schemas/mount.schema.json index 1b2570ea2e2b4..b4fa7741e516a 100644 --- a/pkg/security/tests/schemas/mount.schema.json +++ b/pkg/security/secl/schemas/mount.schema.json @@ -1,13 +1,13 @@ { "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "mount.json", + "$id": "mount.schema.json", "type": "object", "anyOf": [ { - "$ref": "/schemas/container_event.json" + "$ref": "container_event.schema.json" }, { - "$ref": "/schemas/host_event.json" + "$ref": "host_event.schema.json" } ], "allOf": [ diff --git a/pkg/security/tests/schemas/mprotect.schema.json b/pkg/security/secl/schemas/mprotect.schema.json similarity index 84% rename from pkg/security/tests/schemas/mprotect.schema.json rename to pkg/security/secl/schemas/mprotect.schema.json index 5d10f010f467e..9d48937725a73 100644 --- a/pkg/security/tests/schemas/mprotect.schema.json +++ b/pkg/security/secl/schemas/mprotect.schema.json @@ -1,20 +1,20 @@ { "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "mprotect.json", + "$id": "mprotect.schema.json", "type": "object", "allOf": [ { - "$ref": "/schemas/event.json" + "$ref": "event.schema.json" }, { - "$ref": "/schemas/usr.json" + "$ref": "usr.schema.json" }, { - "$ref": "/schemas/process_context.json" + "$ref": "process_context.schema.json" }, { "date": { - "$ref": "/schemas/datetime.json" + "$ref": "datetime.schema.json" } }, { diff --git a/pkg/security/tests/schemas/network.json b/pkg/security/secl/schemas/network.schema.json similarity index 98% rename from pkg/security/tests/schemas/network.json rename to pkg/security/secl/schemas/network.schema.json index 814f2ab76255a..22d8c2374c802 100644 --- a/pkg/security/tests/schemas/network.json +++ b/pkg/security/secl/schemas/network.schema.json @@ -1,6 +1,6 @@ { "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "network.json", + "$id": "network.schema.json", "type": "object", "properties": { "network": { diff --git a/pkg/security/tests/schemas/open.schema.json b/pkg/security/secl/schemas/open.schema.json similarity index 78% rename from pkg/security/tests/schemas/open.schema.json rename to pkg/security/secl/schemas/open.schema.json index 00d79202b53ac..96f8936906c08 100644 --- a/pkg/security/tests/schemas/open.schema.json +++ b/pkg/security/secl/schemas/open.schema.json @@ -1,13 +1,13 @@ { "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "open.json", + "$id": "open.schema.json", "type": "object", "anyOf": [ { - "$ref": "/schemas/container_event.json" + "$ref": "container_event.schema.json" }, { - "$ref": "/schemas/host_event.json" + "$ref": "host_event.schema.json" } ], "allOf": [ diff --git a/pkg/security/tests/schemas/policy.schema.json b/pkg/security/secl/schemas/policy.schema.json similarity index 100% rename from pkg/security/tests/schemas/policy.schema.json rename to pkg/security/secl/schemas/policy.schema.json diff --git a/pkg/security/tests/schemas/process.json b/pkg/security/secl/schemas/process.schema.json similarity index 95% rename from pkg/security/tests/schemas/process.json rename to pkg/security/secl/schemas/process.schema.json index 5042d135181a4..9969228ebc1d9 100644 --- a/pkg/security/tests/schemas/process.json +++ b/pkg/security/secl/schemas/process.schema.json @@ -1,6 +1,6 @@ { "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "process.json", + "$id": "process.schema.json", "type": "object", "properties": { "tid": { @@ -37,10 +37,10 @@ ] }, "fork_time": { - "$ref": "/schemas/datetime.json" + "$ref": "datetime.schema.json" }, "exec_time": { - "$ref": "/schemas/datetime.json" + "$ref": "datetime.schema.json" }, "is_kthread": { "type": "boolean" @@ -153,10 +153,10 @@ "type": "integer" }, "modification_time": { - "$ref": "/schemas/datetime.json" + "$ref": "datetime.schema.json" }, "change_time": { - "$ref": "/schemas/datetime.json" + "$ref": "datetime.schema.json" }, "mount_path": { "type": "string" @@ -205,7 +205,7 @@ } }, "container": { - "$ref": "/schemas/container.json" + "$ref": "container.schema.json" } }, "oneOf": [ diff --git a/pkg/security/tests/schemas/process_context.json b/pkg/security/secl/schemas/process_context.schema.json similarity index 74% rename from pkg/security/tests/schemas/process_context.json rename to pkg/security/secl/schemas/process_context.schema.json index 3e60de7d63caa..84147f66c81dc 100644 --- a/pkg/security/tests/schemas/process_context.json +++ b/pkg/security/secl/schemas/process_context.schema.json @@ -1,26 +1,26 @@ { "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "process_context.json", + "$id": "process_context.schema.json", "type": "object", "properties": { "process": { "allOf": [ { - "$ref": "/schemas/process.json" + "$ref": "process.schema.json" }, { "properties": { "parent": { - "$ref": "/schemas/process.json" + "$ref": "process.schema.json" }, "ancestors": { "type": "array", "items": { - "$ref": "/schemas/process.json" + "$ref": "process.schema.json" } }, "container": { - "$ref": "/schemas/container.json" + "$ref": "container.schema.json" } }, "required": [ diff --git a/pkg/security/tests/schemas/ptrace.schema.json b/pkg/security/secl/schemas/ptrace.schema.json similarity index 76% rename from pkg/security/tests/schemas/ptrace.schema.json rename to pkg/security/secl/schemas/ptrace.schema.json index a8a023197ea74..d30872b27e64c 100644 --- a/pkg/security/tests/schemas/ptrace.schema.json +++ b/pkg/security/secl/schemas/ptrace.schema.json @@ -1,20 +1,20 @@ { "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "ptrace.json", + "$id": "ptrace.schema.json", "type": "object", "allOf": [ { - "$ref": "/schemas/event.json" + "$ref": "event.schema.json" }, { - "$ref": "/schemas/usr.json" + "$ref": "usr.schema.json" }, { - "$ref": "/schemas/process_context.json" + "$ref": "process_context.schema.json" }, { "date": { - "$ref": "/schemas/datetime.json" + "$ref": "datetime.schema.json" } }, { @@ -32,7 +32,7 @@ "type": "string" }, "tracee": { - "$ref": "/schemas/process.json" + "$ref": "process.schema.json" } } } diff --git a/pkg/security/tests/schemas/rename.schema.json b/pkg/security/secl/schemas/rename.schema.json similarity index 76% rename from pkg/security/tests/schemas/rename.schema.json rename to pkg/security/secl/schemas/rename.schema.json index a972cfd8692b9..d7dc7f38d4c8a 100644 --- a/pkg/security/tests/schemas/rename.schema.json +++ b/pkg/security/secl/schemas/rename.schema.json @@ -1,13 +1,13 @@ { "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "rename.json", + "$id": "rename.schema.json", "type": "object", "anyOf": [ { - "$ref": "/schemas/container_event.json" + "$ref": "container_event.schema.json" }, { - "$ref": "/schemas/host_event.json" + "$ref": "host_event.schema.json" } ], "allOf": [ @@ -20,7 +20,7 @@ ], "properties": { "destination": { - "$ref": "/schemas/file.json" + "$ref": "file.schema.json" } } } diff --git a/pkg/security/tests/schemas/ruleset_loaded.schema.json b/pkg/security/secl/schemas/ruleset_loaded.schema.json similarity index 98% rename from pkg/security/tests/schemas/ruleset_loaded.schema.json rename to pkg/security/secl/schemas/ruleset_loaded.schema.json index 878db14ef3628..0c4ae4b54469a 100644 --- a/pkg/security/tests/schemas/ruleset_loaded.schema.json +++ b/pkg/security/secl/schemas/ruleset_loaded.schema.json @@ -1,6 +1,6 @@ { "$schema": "http://json-schema.org/draft-04/schema#", - "$id": "ruleset_loaded.json", + "$id": "ruleset_loaded.schema.json", "type": "object", "properties": { "policies": { @@ -10,7 +10,7 @@ } }, "date": { - "$ref": "/schemas/datetime.json" + "$ref": "datetime.schema.json" } }, "required": [ diff --git a/pkg/security/secl/schemas/schemas.go b/pkg/security/secl/schemas/schemas.go new file mode 100644 index 0000000000000..8c3866583f1a8 --- /dev/null +++ b/pkg/security/secl/schemas/schemas.go @@ -0,0 +1,16 @@ +// Unless explicitly stated otherwise all files in this repository are licensed +// under the Apache License Version 2.0. +// This product includes software developed at Datadog (https://www.datadoghq.com/). +// Copyright 2016-present Datadog, Inc. + +// Package schemas holds JSON schemas validation code +package schemas + +import ( + "embed" +) + +// AssetFS holds the embedded JSON schemas +// +//go:embed *.schema.json +var AssetFS embed.FS diff --git a/pkg/security/tests/schemas/self_test_schema.json b/pkg/security/secl/schemas/self_test_schema.json similarity index 86% rename from pkg/security/tests/schemas/self_test_schema.json rename to pkg/security/secl/schemas/self_test_schema.json index e8676ef253ba1..4c2604c21cd7e 100644 --- a/pkg/security/tests/schemas/self_test_schema.json +++ b/pkg/security/secl/schemas/self_test_schema.json @@ -1,6 +1,6 @@ { "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "self_test.json", + "$id": "self_test.schema.json", "type": "object", "properties": { "agent": { @@ -16,7 +16,7 @@ "required": ["rule_id", "version"] }, "date": { - "$ref": "/schemas/datetime.json" + "$ref": "datetime.schema.json" }, "hostname": { "type": "string" @@ -49,16 +49,16 @@ "type": "object", "properties": { "datadog_agent_cws_self_test_rule_open": { - "$ref": "/schemas/open.schema.json" + "$ref": "open.schema.json" }, "datadog_agent_cws_self_test_rule_chmod": { - "$ref": "/schemas/chmod.schema.json" + "$ref": "chmod.schema.json" }, "datadog_agent_cws_self_test_rule_chown": { - "$ref": "/schemas/chown.schema.json" + "$ref": "chown.schema.json" }, "datadog_agent_cws_self_test_rule_exec": { - "$ref": "/schemas/exec.schema.json" + "$ref": "exec.schema.json" } } } diff --git a/pkg/security/tests/schemas/selinux.schema.json b/pkg/security/secl/schemas/selinux.schema.json similarity index 95% rename from pkg/security/tests/schemas/selinux.schema.json rename to pkg/security/secl/schemas/selinux.schema.json index 5cff42b712ef4..54619cf41f650 100644 --- a/pkg/security/tests/schemas/selinux.schema.json +++ b/pkg/security/secl/schemas/selinux.schema.json @@ -1,6 +1,6 @@ { "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "selinux.json", + "$id": "selinux.schema.json", "definitions": { "bool": { "type": "object", @@ -74,10 +74,10 @@ "type": "object", "anyOf": [ { - "$ref": "/schemas/container_event.json" + "$ref": "container_event.schema.json" }, { - "$ref": "/schemas/host_event.json" + "$ref": "host_event.schema.json" } ], "properties": { diff --git a/pkg/security/tests/schemas/signal.schema.json b/pkg/security/secl/schemas/signal.schema.json similarity index 76% rename from pkg/security/tests/schemas/signal.schema.json rename to pkg/security/secl/schemas/signal.schema.json index a1c0fdff43191..ec9851a087e37 100644 --- a/pkg/security/tests/schemas/signal.schema.json +++ b/pkg/security/secl/schemas/signal.schema.json @@ -1,20 +1,20 @@ { "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "signal.json", + "$id": "signal.schema.json", "type": "object", "allOf": [ { - "$ref": "/schemas/event.json" + "$ref": "event.schema.json" }, { - "$ref": "/schemas/usr.json" + "$ref": "usr.schema.json" }, { - "$ref": "/schemas/process_context.json" + "$ref": "process_context.schema.json" }, { "date": { - "$ref": "/schemas/datetime.json" + "$ref": "datetime.schema.json" } }, { @@ -34,7 +34,7 @@ "type": "integer" }, "target": { - "$ref": "/schemas/process.json" + "$ref": "process.schema.json" } } } diff --git a/pkg/security/tests/schemas/span.schema.json b/pkg/security/secl/schemas/span.schema.json similarity index 57% rename from pkg/security/tests/schemas/span.schema.json rename to pkg/security/secl/schemas/span.schema.json index 8ef452ac1bb6f..f12ab4c05b96b 100644 --- a/pkg/security/tests/schemas/span.schema.json +++ b/pkg/security/secl/schemas/span.schema.json @@ -1,20 +1,20 @@ { "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "span.json", + "$id": "span.schema.json", "type": "object", "allOf": [ { "anyOf": [ { - "$ref": "/schemas/container_event.json" + "$ref": "container_event.schema.json" }, { - "$ref": "/schemas/host_event.json" + "$ref": "host_event.schema.json" } ] }, { - "$ref": "/schemas/span_context.json" + "$ref": "span_context.schema.json" } ] } \ No newline at end of file diff --git a/pkg/security/tests/schemas/span_context.json b/pkg/security/secl/schemas/span_context.schema.json similarity index 91% rename from pkg/security/tests/schemas/span_context.json rename to pkg/security/secl/schemas/span_context.schema.json index a382dde92d865..42e423c782e70 100644 --- a/pkg/security/tests/schemas/span_context.json +++ b/pkg/security/secl/schemas/span_context.schema.json @@ -1,6 +1,6 @@ { "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "span_context.json", + "$id": "span_context.schema.json", "type": "object", "properties": { "dd": { diff --git a/pkg/security/tests/schemas/splice.schema.json b/pkg/security/secl/schemas/splice.schema.json similarity index 86% rename from pkg/security/tests/schemas/splice.schema.json rename to pkg/security/secl/schemas/splice.schema.json index 36220d5e69a8b..aaf433f77915f 100644 --- a/pkg/security/tests/schemas/splice.schema.json +++ b/pkg/security/secl/schemas/splice.schema.json @@ -1,13 +1,13 @@ { "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "splice.json", + "$id": "splice.schema.json", "type": "object", "anyOf": [ { - "$ref": "/schemas/container_event.json" + "$ref": "container_event.schema.json" }, { - "$ref": "/schemas/host_event.json" + "$ref": "host_event.schema.json" } ], "allOf": [ diff --git a/pkg/security/tests/schemas/unload_module.schema.json b/pkg/security/secl/schemas/unload_module.schema.json similarity index 79% rename from pkg/security/tests/schemas/unload_module.schema.json rename to pkg/security/secl/schemas/unload_module.schema.json index fbec0b070d951..d026c73578ca3 100644 --- a/pkg/security/tests/schemas/unload_module.schema.json +++ b/pkg/security/secl/schemas/unload_module.schema.json @@ -1,13 +1,13 @@ { "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "unload_module.json", + "$id": "unload_module.schema.json", "type": "object", "anyOf": [ { - "$ref": "/schemas/container_event_no_file.json" + "$ref": "container_event_no_file.schema.json" }, { - "$ref": "/schemas/host_event_no_file.json" + "$ref": "host_event_no_file.schema.json" } ], "allOf": [ diff --git a/pkg/security/tests/schemas/user_session.schema.json b/pkg/security/secl/schemas/user_session.schema.json similarity index 56% rename from pkg/security/tests/schemas/user_session.schema.json rename to pkg/security/secl/schemas/user_session.schema.json index 8f7ba10082fb9..9fd49e1fb5ac9 100644 --- a/pkg/security/tests/schemas/user_session.schema.json +++ b/pkg/security/secl/schemas/user_session.schema.json @@ -1,20 +1,20 @@ { "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "user_session.json", + "$id": "user_session.schema.json", "type": "object", "allOf": [ { "anyOf": [ { - "$ref": "/schemas/container_event.json" + "$ref": "container_event.schema.json" }, { - "$ref": "/schemas/host_event.json" + "$ref": "host_event.schema.json" } ] }, { - "$ref": "/schemas/user_session_context.json" + "$ref": "user_session_context.schema.json" } ] } diff --git a/pkg/security/tests/schemas/user_session_context.json b/pkg/security/secl/schemas/user_session_context.schema.json similarity index 95% rename from pkg/security/tests/schemas/user_session_context.json rename to pkg/security/secl/schemas/user_session_context.schema.json index 4e380a3c30d43..04c03f4233d66 100644 --- a/pkg/security/tests/schemas/user_session_context.json +++ b/pkg/security/secl/schemas/user_session_context.schema.json @@ -1,6 +1,6 @@ { "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "user_session_context.json", + "$id": "user_session_context.schema.json", "type": "object", "properties": { "process": { diff --git a/pkg/security/tests/schemas/usr.json b/pkg/security/secl/schemas/usr.schema.json similarity index 92% rename from pkg/security/tests/schemas/usr.json rename to pkg/security/secl/schemas/usr.schema.json index 132e029f6aaa3..4279c1430aa6a 100644 --- a/pkg/security/tests/schemas/usr.json +++ b/pkg/security/secl/schemas/usr.schema.json @@ -1,6 +1,6 @@ { "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "usr.json", + "$id": "usr.schema.json", "type": "object", "properties": { "usr": { diff --git a/pkg/security/tests/schemas.go b/pkg/security/tests/schemas.go index bfaae44321d15..0ee7d7767b9e7 100644 --- a/pkg/security/tests/schemas.go +++ b/pkg/security/tests/schemas.go @@ -9,19 +9,18 @@ package tests import ( - "embed" "fmt" "math/big" "net/http" "os" "testing" - "github.com/xeipuuv/gojsonschema" - "github.com/DataDog/datadog-agent/pkg/security/events" "github.com/DataDog/datadog-agent/pkg/security/resolvers/dentry" "github.com/DataDog/datadog-agent/pkg/security/secl/model" + "github.com/DataDog/datadog-agent/pkg/security/secl/schemas" "github.com/DataDog/datadog-agent/pkg/security/serializers" + "github.com/xeipuuv/gojsonschema" ) func getUpstreamEventSchema() string { @@ -35,90 +34,18 @@ func getUpstreamEventSchema() string { var upstreamEventSchema = getUpstreamEventSchema() //nolint:deadcode,unused -//go:embed schemas -var schemaAssetFS embed.FS - -// ValidInodeFormatChecker defines the format inode checker -// -//nolint:deadcode,unused -type ValidInodeFormatChecker struct{} - -// IsFormat check inode format -// -//nolint:deadcode,unused -func (v ValidInodeFormatChecker) IsFormat(input interface{}) bool { - - var inode uint64 - switch t := input.(type) { - case float64: - inode = uint64(t) - case *big.Int: - inode = t.Uint64() - case *big.Float: - inode, _ = t.Uint64() - case *big.Rat: - f, _ := t.Float64() - inode = uint64(f) - default: - return false - } - return !dentry.IsFakeInode(inode) -} - -func validateSchema(t *testing.T, schemaLoader gojsonschema.JSONLoader, documentLoader gojsonschema.JSONLoader) bool { - result, err := gojsonschema.Validate(schemaLoader, documentLoader) - if err != nil { - t.Error(err) - return false - } - - success := true - - if !result.Valid() { - for _, err := range result.Errors() { - // allow addition properties - if err.Type() == "additional_property_not_allowed" { - continue - } - - t.Error(err) - success = false - } - } - return success -} - -//nolint:deadcode,unused -func validateStringSchema(t *testing.T, json string, path string) bool { +func validateActivityDumpProtoSchema(t *testing.T, ad string) bool { t.Helper() - - fs := http.FS(schemaAssetFS) - gojsonschema.FormatCheckers.Add("ValidInode", ValidInodeFormatChecker{}) - - documentLoader := gojsonschema.NewStringLoader(json) - schemaLoader := gojsonschema.NewReferenceLoaderFileSystem(path, fs) - - if !validateSchema(t, schemaLoader, documentLoader) { - t.Error(json) - return false - } - - return true + return validateUrlSchema(t, ad, "file:///activity_dump_proto.schema.json") } //nolint:deadcode,unused -func validateUrlSchema(t *testing.T, json string, url string) bool { +func validateMessageSchema(t *testing.T, msg string) bool { t.Helper() - - documentLoader := gojsonschema.NewStringLoader(json) - schemaLoader := gojsonschema.NewReferenceLoader(url) - - if !validateSchema(t, schemaLoader, documentLoader) { - t.Error(json) + if !validateUrlSchema(t, msg, "file:///message.schema.json") { return false } - - return true + return validateUrlSchema(t, msg, upstreamEventSchema) } //nolint:deadcode,unused @@ -137,7 +64,7 @@ func (tm *testModule) validateEventSchema(t *testing.T, event *model.Event, path //nolint:deadcode,unused func (tm *testModule) validateExecSchema(t *testing.T, event *model.Event) bool { t.Helper() - return tm.validateEventSchema(t, event, "file:///schemas/exec.schema.json") + return tm.validateEventSchema(t, event, "file:///exec.schema.json") } //nolint:deadcode,unused @@ -147,7 +74,7 @@ func (tm *testModule) validateExitSchema(t *testing.T, event *model.Event) bool } t.Helper() - return tm.validateEventSchema(t, event, "file:///schemas/exit.schema.json") + return tm.validateEventSchema(t, event, "file:///exit.schema.json") } //nolint:deadcode,unused @@ -157,7 +84,7 @@ func (tm *testModule) validateOpenSchema(t *testing.T, event *model.Event) bool } t.Helper() - return tm.validateEventSchema(t, event, "file:///schemas/open.schema.json") + return tm.validateEventSchema(t, event, "file:///open.schema.json") } //nolint:deadcode,unused @@ -167,7 +94,7 @@ func (tm *testModule) validateRenameSchema(t *testing.T, event *model.Event) boo } t.Helper() - return tm.validateEventSchema(t, event, "file:///schemas/rename.schema.json") + return tm.validateEventSchema(t, event, "file:///rename.schema.json") } //nolint:deadcode,unused @@ -177,7 +104,7 @@ func (tm *testModule) validateChmodSchema(t *testing.T, event *model.Event) bool } t.Helper() - return tm.validateEventSchema(t, event, "file:///schemas/chmod.schema.json") + return tm.validateEventSchema(t, event, "file:///chmod.schema.json") } //nolint:deadcode,unused @@ -187,13 +114,13 @@ func (tm *testModule) validateChownSchema(t *testing.T, event *model.Event) bool } t.Helper() - return tm.validateEventSchema(t, event, "file:///schemas/chown.schema.json") + return tm.validateEventSchema(t, event, "file:///chown.schema.json") } //nolint:deadcode,unused func (tm *testModule) validateSELinuxSchema(t *testing.T, event *model.Event) bool { t.Helper() - return tm.validateEventSchema(t, event, "file:///schemas/selinux.schema.json") + return tm.validateEventSchema(t, event, "file:///selinux.schema.json") } //nolint:deadcode,unused @@ -203,7 +130,7 @@ func (tm *testModule) validateLinkSchema(t *testing.T, event *model.Event) bool } t.Helper() - return tm.validateEventSchema(t, event, "file:///schemas/link.schema.json") + return tm.validateEventSchema(t, event, "file:///link.schema.json") } //nolint:deadcode,unused @@ -213,37 +140,37 @@ func (tm *testModule) validateSpanSchema(t *testing.T, event *model.Event) bool } t.Helper() - return tm.validateEventSchema(t, event, "file:///schemas/span.schema.json") + return tm.validateEventSchema(t, event, "file:///span.schema.json") } //nolint:deadcode,unused func (tm *testModule) validateUserSessionSchema(t *testing.T, event *model.Event) bool { t.Helper() - return tm.validateEventSchema(t, event, "file:///schemas/user_session.schema.json") + return tm.validateEventSchema(t, event, "file:///user_session.schema.json") } //nolint:deadcode,unused func (tm *testModule) validateBPFSchema(t *testing.T, event *model.Event) bool { t.Helper() - return tm.validateEventSchema(t, event, "file:///schemas/bpf.schema.json") + return tm.validateEventSchema(t, event, "file:///bpf.schema.json") } //nolint:deadcode,unused func (tm *testModule) validateMMapSchema(t *testing.T, event *model.Event) bool { t.Helper() - return tm.validateEventSchema(t, event, "file:///schemas/mmap.schema.json") + return tm.validateEventSchema(t, event, "file:///mmap.schema.json") } //nolint:deadcode,unused func (tm *testModule) validateMProtectSchema(t *testing.T, event *model.Event) bool { t.Helper() - return tm.validateEventSchema(t, event, "file:///schemas/mprotect.schema.json") + return tm.validateEventSchema(t, event, "file:///mprotect.schema.json") } //nolint:deadcode,unused func (tm *testModule) validatePTraceSchema(t *testing.T, event *model.Event) bool { t.Helper() - return tm.validateEventSchema(t, event, "file:///schemas/ptrace.schema.json") + return tm.validateEventSchema(t, event, "file:///ptrace.schema.json") } //nolint:deadcode,unused @@ -253,7 +180,7 @@ func (tm *testModule) validateLoadModuleSchema(t *testing.T, event *model.Event) } t.Helper() - return tm.validateEventSchema(t, event, "file:///schemas/load_module.schema.json") + return tm.validateEventSchema(t, event, "file:///load_module.schema.json") } //nolint:deadcode,unused @@ -263,7 +190,7 @@ func (tm *testModule) validateLoadModuleNoFileSchema(t *testing.T, event *model. } t.Helper() - return tm.validateEventSchema(t, event, "file:///schemas/load_module_no_file.schema.json") + return tm.validateEventSchema(t, event, "file:///load_module_no_file.schema.json") } //nolint:deadcode,unused @@ -273,43 +200,43 @@ func (tm *testModule) validateUnloadModuleSchema(t *testing.T, event *model.Even } t.Helper() - return tm.validateEventSchema(t, event, "file:///schemas/unload_module.schema.json") + return tm.validateEventSchema(t, event, "file:///unload_module.schema.json") } //nolint:deadcode,unused func (tm *testModule) validateSignalSchema(t *testing.T, event *model.Event) bool { t.Helper() - return tm.validateEventSchema(t, event, "file:///schemas/signal.schema.json") + return tm.validateEventSchema(t, event, "file:///signal.schema.json") } //nolint:deadcode,unused func (tm *testModule) validateSpliceSchema(t *testing.T, event *model.Event) bool { t.Helper() - return tm.validateEventSchema(t, event, "file:///schemas/splice.schema.json") + return tm.validateEventSchema(t, event, "file:///splice.schema.json") } //nolint:deadcode,unused func (tm *testModule) validateDNSSchema(t *testing.T, event *model.Event) bool { t.Helper() - return tm.validateEventSchema(t, event, "file:///schemas/dns.schema.json") + return tm.validateEventSchema(t, event, "file:///dns.schema.json") } //nolint:deadcode,unused func (tm *testModule) validateIMDSSchema(t *testing.T, event *model.Event) bool { t.Helper() - return tm.validateEventSchema(t, event, "file:///schemas/imds.schema.json") + return tm.validateEventSchema(t, event, "file:///imds.schema.json") } //nolint:deadcode,unused func (tm *testModule) validateBindSchema(t *testing.T, event *model.Event) bool { t.Helper() - return tm.validateEventSchema(t, event, "file:///schemas/bind.schema.json") + return tm.validateEventSchema(t, event, "file:///bind.schema.json") } //nolint:deadcode,unused func (tm *testModule) validateConnectSchema(t *testing.T, event *model.Event) bool { t.Helper() - return tm.validateEventSchema(t, event, "file:///schemas/connect.schema.json") + return tm.validateEventSchema(t, event, "file:///connect.schema.json") } //nolint:deadcode,unused @@ -319,7 +246,7 @@ func (tm *testModule) validateMountSchema(t *testing.T, event *model.Event) bool } t.Helper() - return tm.validateEventSchema(t, event, "file:///schemas/mount.schema.json") + return tm.validateEventSchema(t, event, "file:///mount.schema.json") } //nolint:deadcode,unused @@ -332,7 +259,7 @@ func validateRuleSetLoadedSchema(t *testing.T, event *events.CustomEvent) bool { return false } - return validateStringSchema(t, string(eventJSON), "file:///schemas/ruleset_loaded.schema.json") + return validateUrlSchema(t, string(eventJSON), "file:///ruleset_loaded.schema.json") } //nolint:deadcode,unused @@ -345,20 +272,88 @@ func validateHeartbeatSchema(t *testing.T, event *events.CustomEvent) bool { return false } - return validateStringSchema(t, string(eventJSON), "file:///schemas/heartbeat.schema.json") + return validateUrlSchema(t, string(eventJSON), "file:///heartbeat.schema.json") } +// ValidInodeFormatChecker defines the format inode checker +// //nolint:deadcode,unused -func validateActivityDumpProtoSchema(t *testing.T, ad string) bool { +type ValidInodeFormatChecker struct{} + +// IsFormat check inode format +// +//nolint:deadcode,unused +func (v ValidInodeFormatChecker) IsFormat(input interface{}) bool { + + var inode uint64 + switch t := input.(type) { + case float64: + inode = uint64(t) + case *big.Int: + inode = t.Uint64() + case *big.Float: + inode, _ = t.Uint64() + case *big.Rat: + f, _ := t.Float64() + inode = uint64(f) + default: + return false + } + return !dentry.IsFakeInode(inode) +} + +func validateSchema(t *testing.T, schemaLoader gojsonschema.JSONLoader, documentLoader gojsonschema.JSONLoader) bool { + result, err := gojsonschema.Validate(schemaLoader, documentLoader) + if err != nil { + t.Error(err) + return false + } + + success := true + + if !result.Valid() { + for _, err := range result.Errors() { + // allow addition properties + if err.Type() == "additional_property_not_allowed" { + continue + } + + t.Error(err) + success = false + } + } + return success +} + +//nolint:deadcode,unused +func validateStringSchema(t *testing.T, json string, path string) bool { t.Helper() - return validateStringSchema(t, ad, "file:///schemas/activity_dump_proto.schema.json") + + fs := http.FS(schemas.AssetFS) + gojsonschema.FormatCheckers.Add("ValidInode", ValidInodeFormatChecker{}) + + documentLoader := gojsonschema.NewStringLoader(json) + schemaLoader := gojsonschema.NewReferenceLoaderFileSystem(path, fs) + + if !validateSchema(t, schemaLoader, documentLoader) { + t.Error(json) + return false + } + + return true } //nolint:deadcode,unused -func validateMessageSchema(t *testing.T, msg string) bool { +func validateUrlSchema(t *testing.T, json string, url string) bool { t.Helper() - if !validateStringSchema(t, msg, "file:///schemas/message.schema.json") { + + documentLoader := gojsonschema.NewStringLoader(json) + schemaLoader := gojsonschema.NewReferenceLoader(url) + + if !validateSchema(t, schemaLoader, documentLoader) { + t.Error(json) return false } - return validateUrlSchema(t, msg, upstreamEventSchema) + + return true } diff --git a/pkg/security/tests/schemas/container_event.json b/pkg/security/tests/schemas/container_event.json deleted file mode 100644 index 8da9674f17f6b..0000000000000 --- a/pkg/security/tests/schemas/container_event.json +++ /dev/null @@ -1,12 +0,0 @@ -{ - "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "container_event.json", - "allOf": [ - { - "$ref": "/schemas/host_event.json" - }, - { - "$ref": "/schemas/container_context.json" - } - ] -} diff --git a/pkg/security/tests/schemas/container_event_no_file.json b/pkg/security/tests/schemas/container_event_no_file.json deleted file mode 100644 index 6adba61b6bd40..0000000000000 --- a/pkg/security/tests/schemas/container_event_no_file.json +++ /dev/null @@ -1,12 +0,0 @@ -{ - "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "container_event_no_file.json", - "allOf": [ - { - "$ref": "/schemas/host_event_no_file.json" - }, - { - "$ref": "/schemas/container_context.json" - } - ] -} diff --git a/pkg/security/tests/schemas/host_event.json b/pkg/security/tests/schemas/host_event.json deleted file mode 100644 index 9971c36e7c619..0000000000000 --- a/pkg/security/tests/schemas/host_event.json +++ /dev/null @@ -1,23 +0,0 @@ -{ - "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "host_event.json", - "allOf": [ - { - "$ref": "/schemas/event.json" - }, - { - "file": { "$ref": "/schemas/file.json" } - }, - { - "$ref": "/schemas/usr.json" - }, - { - "$ref": "/schemas/process_context.json" - }, - { - "date": { - "$ref": "/schemas/datetime.json" - } - } - ] -} diff --git a/pkg/security/tests/schemas/host_event_no_file.json b/pkg/security/tests/schemas/host_event_no_file.json deleted file mode 100644 index eb83c82682b75..0000000000000 --- a/pkg/security/tests/schemas/host_event_no_file.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "host_event_no_file.json", - "allOf": [ - { - "$ref": "/schemas/event.json" - }, - { - "$ref": "/schemas/usr.json" - }, - { - "$ref": "/schemas/process_context.json" - }, - { - "date": { - "$ref": "/schemas/datetime.json" - } - } - ] -}