from mamba import description, it, before, context from expects import expect, have_key, be_none import securecscc from securecscc import origins from specs.support import fixtures from specs.support.matchers import be_an_uuid with description(origins.Falco) as self: with before.each: self.settings = securecscc.Settings() self.mapper = origins.Falco(self.settings) with it('uses the source_id assigned to us from Google'): finding = self.mapper.create_from(fixtures.event_falco()) expect(finding).to(have_key('source_id', self.settings.source_id())) with it('uses the rule as category'): category = 'Terminal shell in container' finding = self.mapper.create_from(fixtures.event_falco()) expect(finding).to(have_key('category', category)) with it('uses only seconds from event time'): event_time = 1526547969 finding = self.mapper.create_from(fixtures.event_falco())
def __init__(self): self.settings = securecscc.Settings()