Adding rule test

amitschendel · amitschendel · commit f3c7e168bc36 · 2024-07-02T14:00:42.000Z
Signed-off-by: Amit Schendel &lt;amitschendel@gmail.com&gt;
diff --git a/admission/rules/v1/r2000_exec_to_pod_test.go b/admission/rules/v1/r2000_exec_to_pod_test.go
@@ -0,0 +1,46 @@
+package rules
+
+import (
+	"testing"
+
+	"github.com/zeebo/assert"
+	"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
+	"k8s.io/apimachinery/pkg/runtime/schema"
+	"k8s.io/apiserver/pkg/admission"
+	"k8s.io/apiserver/pkg/authentication/user"
+)
+
+func TestProcessEvent(t *testing.T) {
+	event := admission.NewAttributesRecord(
+		&unstructured.Unstructured{
+			Object: map[string]interface{}{
+				"kind": "PodExecOptions",
+			},
+		},
+		nil,
+		schema.GroupVersionKind{
+			Kind: "PodExecOptions",
+		},
+		"test-namespace",
+		"test-pod",
+		schema.GroupVersionResource{
+			Resource: "pods",
+		},
+		"",
+		admission.Create,
+		nil,
+		false,
+		&user.DefaultInfo{
+			Name:   "test-user",
+			Groups: []string{"test-group"},
+		},
+	)
+
+	rule := CreateRuleR2000ExecToPod()
+	result := rule.ProcessEvent(event, nil)
+
+	assert.NotNil(t, result)
+	assert.Equal(t, "Exec to pod detected on pod test-pod", result.GetRuleAlert().RuleDescription)
+	assert.Equal(t, "test-pod", result.GetRuntimeAlertK8sDetails().PodName)
+	assert.Equal(t, "test-namespace", result.GetRuntimeAlertK8sDetails().Namespace)
+}
