[IntelMQ-dev] Advice for setting up tests for bot chains

Fri Feb 19 12:55:49 CET 2021

> On 19.02.2021, at 12:52, Sebastian Wagner <wagner at cert.at> wrote:
> 
> Hi Aaron,
> 
> Before you start something new, let me add that we already created a bunch of vagrant+ansible scripts to test that deb/rpm packages work, including the API and the Manager. As you propose, it already includes configuring and starting bots and checking if they are running. Initially it was meant as just a test, and it got bigger and more complete over the last months. Now even package upgrades (2.2 -> 2.3) are tested. All of that needs to be done locally as of now, but that is already sufficient for our purposes and probably it can be integrated in GitHub Actions.
> 

Excellent!
So that old idea is taking hold then?

Nice see.

I think if we combine that with GitHub CI/CD and with tutorials on "flows" then we made some good progress.

> The repository containing everything is currently located at https://github.com/schacht-certat/intelmq-vagrant

ah, okay. yes, that's why I can't see it in the main repo :)

> You can find the tests as ansible scripts in ansible/tasks/
> As the README states, it is still very young and alpha, but it works well. Any ideas how to proceed with it and any contributions are welcome.
> 
> Many thanks to Birger for creating all that! :)
> 
> best regards
> Sebastian
> 
> On 2/19/21 12:32 PM, L. Aaron Kaplan wrote:
>> Hi Mika,
>> 
>> this is an old idea which I discussed with Sebastian in ~ 2014 (?) or 2015 already.
>> Somehow it never got implemented. But I agree, it's really important to test correctness.
>> 
>> I think what you would need to do is the following:
>> 
>> 1) define a pipeline which has as collector some file collectors.
>> The input shall come via a file
>> 2) define the run parameters for this
>> 3) define filters (filter out certain fields from the events before storing)
>> 4) store the results of the flow into a known output file (file output bot)
>> 5) compare these output file with known good output files.
>> 6) return error on diff
>> 
>> I would say we could call this a "unit-test-flow"
>> 
>> I think this could be easily implemented as a script / docker image which gets deployed via CI/CD.
>> 
>> Gitlab supports this approach. I guess gitHUB supports it as well.
>> 
>> How about writing a small proposal for this together?
>> Then we can put this proposal in an issue and see that it gets implemented.
>> 
>> 
>> Best,
>> a.
>> 
>> 
>> 
>>> On 19.02.2021, at 12:25, Mika Silander <mika.silander at csc.fi>
>>>  wrote:
>>> 
>>> Hi,
>>> 
>>> While writing tests to individual bots seems quite straightforward, what would be the recommended way for writing (unit?) tests for a chain of bots? Ideally, I'd like to feed in individual test events to the first bot and only check what is returned by the last bot (event or whatever the expected outcome should be).
>>> 
>>> I suppose there are many bad and clumsy ways of doing this so that's why I air this question on the dev list.
>>> 
>>> Thanks for all help in advance, Mika
>>> _______________________________________________
>>> IntelMQ-dev mailing list
>>> 
>>> IntelMQ-dev at lists.cert.at
>>> https://lists.cert.at/cgi-bin/mailman/listinfo/intelmq-dev
>> 
>> 
>> _______________________________________________
>> IntelMQ-dev mailing list
>> 
>> IntelMQ-dev at lists.cert.at
>> https://lists.cert.at/cgi-bin/mailman/listinfo/intelmq-dev
> --
> // Sebastian Wagner
> <wagner at cert.at>
>  - T: +43 1 5056416 7201
> // CERT Austria -
> https://www.cert.at/
> 
> // Eine Initiative der nic.at GmbH -
> https://www.nic.at/
> 
> // Firmenbuchnummer 172568b, LG Salzburg
> 

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: Message signed with OpenPGP
URL: <http://lists.cert.at/pipermail/intelmq-dev/attachments/20210219/099de2ef/attachment-0001.sig>