Test For command falco -i (ignore default events)

tests/falco/commands_test.go

@@ -18,6 +18,8 @@ limitations under the License.
 package testfalco
 
 import (
+	"encoding/json"
+	"os"
 	"regexp"
 	"testing"
 
@@ -132,3 +134,38 @@ func TestFalco_Cmd_PluginInfo(t *testing.T) {
 			`No suggested open params available.*`),
 		res.Stdout())
 }
+
+func TestFalco_Print_IgnoredEvents(t *testing.T) {
+	t.Parallel()
+	checkDefaultConfig(t)
+	type Data struct {
+		Events []string `json:"events"`
+	}
+	evntfile, err := os.Open("events.json")
+	if err != nil {
+		panic(err)
+	}
+	defer evntfile.Close()
+
+	var events Data
+	err = json.NewDecoder(evntfile).Decode(&events)
+	if err != nil {
+		panic(err)
+	}
+
+	runner := tests.NewFalcoExecutableRunner(t)
+	t.Run("all-events-ignored-by-default", func(t *testing.T) {
+		res := falco.Test(
+			runner,
+			falco.WithArgs("-i"),
+		)
+		assert.Regexp(t, regexp.MustCompile(
+			`Ignored\sEvent\(s\):\n`,
+		), res.Stdout())
+		for _, event := range events.Events {
+			assert.Regexp(t, regexp.MustCompile(`\b`+event+`\b`), res.Stdout())
+		}
+		assert.NoError(t, res.Err(), "%s", res.Stderr())
+		assert.Equal(t, res.ExitCode(), 0)
+	})
+}

tests/falco/events.json

@@ -0,0 +1,278 @@
+{
+  "events": [
+    "getdents64",
+    "getdents",
+    "getresgid",
+    "getresuid",
+    "getegid",
+    "geteuid",
+    "munmap",
+    "sendmmsg",
+    "splice",
+    "getpeername",
+    "write",
+    "stat",
+    "getsockname",
+    "access",
+    "nanosleep",
+    "setsockopt",
+    "read",
+    "futex",
+    "semget",
+    "getgid",
+    "page_fault",
+    "brk",
+    "readahead",
+    "set_mempolicy_home_node",
+    "io_pgetevents",
+    "setreuid",
+    "rt_sigtimedwait",
+    "process_madvise",
+    "vmsplice",
+    "lstat",
+    "preadv2",
+    "io_uring_register",
+    "rt_sigreturn",
+    "sched_get_priority_min",
+    "pread",
+    "sched_setscheduler",
+    "sched_getparam",
+    "init_module",
+    "sched_setparam",
+    "rt_sigpending",
+    "rt_sigsuspend",
+    "getpgid",
+    "delete_module",
+    "fremovexattr",
+    "msgsnd",
+    "uname",
+    "syslog",
+    "ioperm",
+    "fstatfs",
+    "getpgrp",
+    "sched_getscheduler",
+    "setpriority",
+    "open_tree",
+    "kcmp",
+    "getuid",
+    "prctl",
+    "llistxattr",
+    "waitid",
+    "arch_prctl",
+    "getpriority",
+    "send",
+    "ftruncate",
+    "truncate",
+    "mremap",
+    "reboot",
+    "settimeofday",
+    "pidfd_get_fd",
+    "readlink",
+    "gettimeofday",
+    "clock_gettime",
+    "getrusage",
+    "sethostname",
+    "timer_settime",
+    "mmap2",
+    "sysinfo",
+    "setdomainname",
+    "io_setup",
+    "inotify_add_watch",
+    "recvmmsg",
+    "pidfd_send_signal",
+    "getxattr",
+    "ppoll",
+    "move_mount",
+    "getpid",
+    "utime",
+    "mknod",
+    "semop",
+    "getppid",
+    "exit",
+    "recv",
+    "munlockall",
+    "sched_get_priority_max",
+    "sched_yield",
+    "mmap",
+    "restart_syscall",
+    "fchownat",
+    "getrlimit",
+    "fstat64",
+    "pkey_free",
+    "copy_file_range",
+    "fdatasync",
+    "clock_settime",
+    "get_mempolicy",
+    "pwritev",
+    "iopl",
+    "getsid",
+    "msgrcv",
+    "semctl",
+    "finit_module",
+    "writev",
+    "statx",
+    "lchown",
+    "set_mempolicy",
+    "listxattr",
+    "shmdt",
+    "sched_rr_get_interval",
+    "fsync",
+    "lgetxattr",
+    "getitimer",
+    "timerfd_settime",
+    "memfd_secret",
+    "mknodat",
+    "mlock2",
+    "pause",
+    "llseek",
+    "syncfs",
+    "uselib",
+    "keyctl",
+    "swapoff",
+    "umask",
+    "readv",
+    "add_key",
+    "select",
+    "getcwd",
+    "alarm",
+    "rt_sigprocmask",
+    "name_to_handle_at",
+    "lseek",
+    "poll",
+    "rt_tgsigqueueinfo",
+    "_sysctl",
+    "vhangup",
+    "timerfd_gettime",
+    "io_uring_enter",
+    "mlock",
+    "lstat64",
+    "futex_waitv",
+    "move_pages",
+    "clock_getres",
+    "munlock",
+    "query_module",
+    "adjtimex",
+    "swapon",
+    "mq_unlink",
+    "pidfd_open",
+    "capget",
+    "set_thread_area",
+    "faccessat",
+    "newfstatat",
+    "timer_delete",
+    "fspick",
+    "io_getevents",
+    "sysfs",
+    "get_kernel_syms",
+    "epoll_pwait",
+    "acct",
+    "preadv",
+    "epoll_wait",
+    "times",
+    "ioprio_set",
+    "pwrite",
+    "setxattr",
+    "mq_timedsend",
+    "personality",
+    "rt_sigaction",
+    "wait4",
+    "fstat",
+    "setgroups",
+    "flistxattr",
+    "sync",
+    "pluginevent",
+    "clock_adjtime",
+    "mprotect",
+    "timer_getoverrun",
+    "statfs",
+    "sched_getaffinity",
+    "utimensat",
+    "mq_timedreceive",
+    "switch",
+    "landlock_add_rule",
+    "setregid",
+    "inotify_rm_watch",
+    "tee",
+    "epoll_wait_old",
+    "ustat",
+    "fchown",
+    "remap_file_pages",
+    "chown",
+    "setfsuid",
+    "setfsgid",
+    "pivot_root",
+    "mincore",
+    "madvise",
+    "timer_create",
+    "gettid",
+    "lsetxattr",
+    "shmat",
+    "fsetxattr",
+    "quotactl_fd",
+    "lookup_dcookie",
+    "fgetxattr",
+    "lremovexattr",
+    "landlock_create_ruleset",
+    "sched_setaffinity",
+    "setitimer",
+    "io_submit",
+    "fsconfig",
+    "request_key",
+    "fanotify_init",
+    "fsopen",
+    "perf_event_open",
+    "epoll_pwait2",
+    "sched_setattr",
+    "get_thread_area",
+    "io_destroy",
+    "exit_group",
+    "fsmount",
+    "epoll_ctl",
+    "signaldeliver",
+    "set_tid_address",
+    "get_robust_list",
+    "timer_gettime",
+    "clock_nanosleep",
+    "pkey_mprotect",
+    "utimes",
+    "mq_open",
+    "mq_notify",
+    "pwritev2",
+    "mq_getsetattr",
+    "kexec_load",
+    "io_cancel",
+    "ioprio_get",
+    "futimesat",
+    "mount_setattr",
+    "readlinkat",
+    "stat64",
+    "shmget",
+    "pselect6",
+    "set_robust_list",
+    "time",
+    "shmctl",
+    "getcpu",
+    "msgctl",
+    "fallocate",
+    "process_vm_readv",
+    "getgroups",
+    "removexattr",
+    "process_vm_writev",
+    "sigaltstack",
+    "getrandom",
+    "fadvise64",
+    "rt_sigqueueinfo",
+    "memfd_create",
+    "mlockall",
+    "kexec_file_load",
+    "pkey_alloc",
+    "msgget",
+    "landlock_restrict_self",
+    "msync",
+    "modify_ldt",
+    "migrate_pages",
+    "sendfile",
+    "mbind",
+    "epoll_ctl_old"
+  ]
+}