tests: filter unit tests by PID + fix pidSet bugs #997
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
willfindlay
force-pushed
the
pr/willfindlay/add-filters-tests
branch
2 times, most recently
from
b37a0bc to
a4b6ade
Compare
willfindlay
changed the title
willfindlay
changed the title
willfindlay
changed the title
kkourt
requested changes
May 25, 2023
willfindlay
force-pushed
the
pr/willfindlay/add-filters-tests
branch
from
a4b6ade to
bfea44d
Compare
✅ Deploy Preview for tetragon ready!
To edit notification comments on pull requests, go to your Netlify site settings. |
willfindlay
force-pushed
the
pr/willfindlay/add-filters-tests
branch
3 times, most recently
from
7f58f57 to
1a12bc2
Compare
kkourt
reviewed
May 25, 2023
A recent commit introduced a new binary to the tester-progs directory, but it was not added to the gitignore. Let's do so here. Also remove an unnecessary entry from the top-level gitignore which is covered by the tester-progs gitignore. Signed-off-by: William Findlay <[email protected]>
willfindlay
force-pushed
the
pr/willfindlay/add-filters-tests
branch
from
1a12bc2 to
55842a6
Compare
kkourt
approved these changes
Jun 1, 2023
This commit adds some additional documentation around the pid_set filter explaining how it works and that it should not be used in production. Signed-off-by: William Findlay <[email protected]>
willfindlay
force-pushed
the
pr/willfindlay/add-filters-tests
branch
from
55842a6 to
6f2498d
Compare
The existing pidSet filter was broken in a few ways. First, we were using a single shared global variable to track PIDs. This meant that having multiple pidSet filters active would cause them to pollute each other's state. The existing implementation also did not properly track children of children, meaning that we would only pay attention to nodes of depth < 2 from the parent. This patch introduces refactors to the pidSet filters that resolve the above issues. Since we are maintaining a separate PID cache per filter, we implement the cache as an LRU of size 8192 to prevent unbounded memory usage. This should be more than enough for most practical contexts. Signed-off-by: William Findlay <[email protected]>
pidSet filters are not intended for production use and may not work as intended over extended periods of time. Disable them by default in ParseFilterList() and provide a command line flag to enable them. Signed-off-by: William Findlay <[email protected]>
Add options to the observer_test_helper package that enable test authors to configure export filters on their tests. We introduce three new options: - WithMyPid() adds a PidSet filter to the export allowlist that matches the current test process and any of its children - WithAllowList() adds a generic export allowlist to the test - WithDenyList() adds a generic export denylist to the test We also modify the observer creation helpers to support passing arbitrary options as variadic parameters. Signed-off-by: William Findlay <[email protected]>
Filtering unit tests with a PidSet can significantly reduce noise in the event checker logs, making it easier to debug tests. While it is possible that this could obfuscate events that are missing process information by preventing them from being written to the export log, I think the trade-off is probably worth it here. Signed-off-by: William Findlay <[email protected]>
willfindlay
force-pushed
the
pr/willfindlay/add-filters-tests
branch
from
6f2498d to
deb0dac
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Fix pidSet filter so that it properly accounts for children of children. Update observer_test_helper to support adding export filters on protojson and update existing tests to filter by PID with a pidSet filter.