* Remove use of entitlements field for santad
* Create a local keychain instead of using the system keychain and drop sudo from most of the build stages
This refactors the SNTFormat tests to use the SNTMetricSet to generate the
test data. This keeps the metric service and the SNTMetricSet in sync and
reduces repeated data.
Initial commit of santametricservice.
The santametricservice is an XPC helper service to write metrics. It consists of Formatters and Writers. This initial commit only has support for the rawJSON format and writing to a file.
This is a new daemon to be included. Docs and packaging will be updated in future PRs.
Co-authored-by: Russell Hancox <russellhancox@users.noreply.github.com>
* Added types for recording and storing performance metrics.
This adds SNTMetricSet and various gauge and counter types to allow for
exporting metrics such as CPU,Memory usage and other properties that are useful
for tracking reliability and debugging.
This is the first commit of a series to add support for monitoring systems.
Co-authored-by: Kent Ma <tnek@google.com>
* Reorder init lists for -Wreorder-init-lists
* Add nullability annotations to the rest of EndpointSecurityTestUtil
* Added fake uses for -Wunused-variable
* Corrected signed/unsigned int conversions in SNTPrefixTree
* Explicitly convert implicit conversions in Santacache
* Set bazelrc to -Werror -Wall
* Include SNTEndpointSecurityManagerTest in the main test_suite and clean it up.
This commit (1) adds es_unsubscribe and es_delete_client to our ESF shim
to fix the test segfaulting, and (2) cleans up the unit tests themselves by
breaking out the timeout test from the regular unlink test
This adds a full functional test for starting up an SNTApplication
(with as few mocks as possible) and executing it with a directly
recorded & collected EndpointSecurity event.
This also fixes a potential race condition and segfault on Santa startup: due
to es_subscribe being called first, it's possible for an es event to arrive
before listenForDecisionRequests or listenForLogRequests are called,
causing the SNTEndpointSecurityManager callbacks to call a nil pointer.
* Project: Bump dependency versions, fix reload command
The reload command would fail if you used multiple compilation modes for
building as it would try extracting the versions from both comp modes.
The dependency bump includes a fix for #553
