mirror of
https://github.com/google/santa.git
synced 2026-01-14 16:58:02 -05:00
fcb49701b3
* Initial structure for ES wrappers, enriched types, logging * Basic working ES and logging functionality * Add in oneTBB and thread-safe-lru deps * Added a bunch of enriched types * Auto-mute self when establishing ES client * Basic auth, tamper client. Syslog of all events. Basic compiler tracking. * Update copyright header blobs, convert some tabs to spaces * Auth result cache. Fix getting translocation path. * Added remaining cache methods * Add AuthResultCache to Recorder client. Cache now operates on es_file_t. * Hooked up SNTPrefixTree * Fix CompilerController for RENAME. Fix AllowList logging missing path. * Block loading Santa kext * Added device manager client * Properly log DiskAppear events * Fix build to adopt new adhoc build * Handle clearing cache on UNMOUNT events * Ignore other ES clients if configured * Remove SNTAllowlistInfo. Rename AllowList to Allowlist. Minor cleanup. * Recorder now logs asynchronously. Enricher now returns shared_ptrs. * Added File writer. Added timestamps to BasicStream serializer. * Skip calling stat in SNTFileInfo when path given by ES. * Fix build issue * Address draft PR feedback * santactl integrated, XPC works, fix file writer bug * Integrate syncservice. Start observing some config changes. * Add metrics service wrapper * Add metrics config observers and metrics interval reset. * Start better dependency control. Add Null logger support. * Added more deps * Added more deps * Fix issue where metric service wasn't starting * Add missing variant include * Fix missing parent proc name * Added googletest and new unit test macro * Started expanding AuthResultCacheTest * Properly mock EndpointSecurityAPI * Finished AuthResultCacheTest * bazelrc now builds all C++ as C++17. Added LoggerTest. * Add FileTest. Abstract some File constants to Logger. * Added Empty serializer test * Started work on BasicStringTest. Fixed some BasicString serialization bugs. * Added Unlink BasicString serialization test * Added some more tests. Commonized some test code * Finished BasicStringTest. Converted to XCTest. * Standardize esapi variable naming * Bubble up gTest expect failures to XCTest failures * AuthResultCacheTest now uses XCTest. Added common TestUtils.h * EmptyTest now uses XCTest. * FileTest now uses XCTest * LoggerTest now uses XCTest. Removed santa_unit_gtest bazel macro. * Added ClientTest * Add basic Enricher tests * Add MessageTest. Make more TestUtils. * Rename metrics to Metrics * Add MetricsTest. * Apply template pattern to Serializer * Add SNTDecisionCacheTest. * Add SNTCachedDecisionTest. * Testing with coveralls debug mode * Allow manual CI runs * Remove unused property * Started work on SNTEndpointSecurityClientTest. * WIP SNTEndpointSecurityClientTest, fix test run issue * Added more base ES client tests * Add more base ES client tests * Base ES client tests done. Added serializer utils/tests. Expanded basic string tests. * Add utils test to test suite * Add copy ctor. Add test output to bazel coverage. * Single thread bazel coverage * Updaload coverage file * Updaload coverage file * Old gen cov test * Restructure message handlers to enable better testability * Added enable tests for all ES clients * Made a single MockEndpointSecurityAPI class to share everywhere * Added most of SNTCompilerControllerTest * Cleanup SNTCompilerControllerTest * Started expanding Auth client test * Finished up the Authorizer tests * Move to using enum class for notify/auth instead of bool * WIP for tamper resistance test. ASAN issues. * Add OCMock patch to fix test issue on ARM Macs * Changed patches directory name to external_patches * Update WORKSPACE path * Finished up Tamper Resistance tests * Finished up Recorder tests. * Move SNTExecutionControllerTest to ObjC++ * Initial work to port SNTExecutionControllerTest * Finished porting SNTExecutionControllerTest. * Added SNTExecutionControllerTest to list of unit tests * Ported SNTEndpointSecurityDeviceManager. * Test cleanup, use MockESAPI expectation helpers * Verify SNTEndpointSecurityDeviceManager expectations differently * Test cleanup, omit gTest param list where unused * Log message cleanup * Rename SNTApplicationTest to santad_test.mm * Finished porting santad_test, formerly SNTApplicationTest * Fix SNTEndpointSecurityDeviceManager issues * Pulled in missed fixes. Updated tests. * Renamed lowercase filenames to match rest of codebase * Fix non-static dispatch_once_t, and noisy watching compiler log message * WIP Started process of removing components no longer used * WIP Continued process of removing components no longer used * BUILD file cleanup. Proto warning. Removed unused global * Rename SNTEventProvider to SNTEndpointSecurityEventHandler * Rename SNTEndpointSecurityEventHandler protocol * Remove EnableSysxCache option. Remove --quick flag used during dev. * Ran testing/fix.sh * Addmissing param to fix.sh that was omitting .mm files. * clang-format * Fix linter: find cmd missing .mm ext, git grep exclude patch files. * Use MakeESProcess default params in tests * Move variables to camelCase in objc classes * More case changes * Sanitize strings * Change dispatch queue priorities and standardize daemon queue naming * Exclude patch files in markdown check * Ensure string log messages end with newline * Fix BasicStringTest * Disable clang-format in code producing different results in local/remote versions * Moved to using date ranges in copyright notices as per current guidelines * Update Source/common/SNTConfigurator.h Suggestion adding whitespace in comment to fix clang-format mangling Co-authored-by: Russell Hancox <russellhancox@users.noreply.github.com> * Removed santa_panic macro used in one place * Updated comment about ES cachability * Pin oneTBB to specific commit * Address outstanding WORKSPACE 'canonical reproducible form' messages * Use string append instead of ostringstream due to benchmark results * Remove use of freind classes in EnrichedTypes.h * Added SNTKVOManager, removed observers from SNTConfigurator. * Fixed SNTEndpointSecurityRecorderTest class name * Reduce usage of the auto keyword * Each SNTKVOManager instance now adds its own observer * Replaced more auto keywords with real types. * Remove leftover code coverage debugging from ci.yml * Updated comment * Memoize SNTFileInfo sha256. Reduce some cache sizes. * Fix issue checking for translocated paths * Use more performant NSURL creation method * Fix lint issue * Address PR feedback * Use an array literal for kvo objects * Fix some clang tidy and import issues * Replace third party LRU cache with SantaCache for now * Fix clang tidy issues * Address PR feedback * Fix comment typo Co-authored-by: Pete Markowsky <pmarkowsky@users.noreply.github.com> * Added todo for when we adopt macOS 13 Co-authored-by: Russell Hancox <russellhancox@users.noreply.github.com> Co-authored-by: Pete Markowsky <pmarkowsky@users.noreply.github.com>
145 lines
4.3 KiB
Python
145 lines
4.3 KiB
Python
workspace(name = "santa")
|
|
|
|
load(
|
|
"@bazel_tools//tools/build_defs/repo:git.bzl",
|
|
"git_repository",
|
|
"new_git_repository",
|
|
)
|
|
load("@bazel_tools//tools/build_defs/repo:http.bzl", "http_archive")
|
|
|
|
http_archive(
|
|
name = "build_bazel_rules_apple",
|
|
sha256 = "f003875c248544009c8e8ae03906bbdacb970bc3e5931b40cd76cadeded99632", # 1.1.0
|
|
urls = ["https://github.com/bazelbuild/rules_apple/releases/download/1.1.0/rules_apple.1.1.0.tar.gz"],
|
|
)
|
|
|
|
http_archive(
|
|
name = "rules_proto_grpc",
|
|
sha256 = "28724736b7ff49a48cb4b2b8cfa373f89edfcb9e8e492a8d5ab60aa3459314c8",
|
|
strip_prefix = "rules_proto_grpc-4.0.1",
|
|
urls = ["https://github.com/rules-proto-grpc/rules_proto_grpc/archive/4.0.1.tar.gz"],
|
|
)
|
|
|
|
load("@rules_proto_grpc//:repositories.bzl", "rules_proto_grpc_repos", "rules_proto_grpc_toolchains")
|
|
|
|
rules_proto_grpc_toolchains()
|
|
|
|
rules_proto_grpc_repos()
|
|
|
|
load("@rules_proto//proto:repositories.bzl", "rules_proto_dependencies", "rules_proto_toolchains")
|
|
|
|
rules_proto_dependencies()
|
|
|
|
rules_proto_toolchains()
|
|
|
|
load("@rules_proto_grpc//objc:repositories.bzl", rules_proto_grpc_objc_repos = "objc_repos")
|
|
|
|
rules_proto_grpc_objc_repos()
|
|
|
|
load("@build_bazel_rules_apple//apple:repositories.bzl", "apple_rules_dependencies")
|
|
|
|
apple_rules_dependencies()
|
|
|
|
load("@build_bazel_apple_support//lib:repositories.bzl", "apple_support_dependencies")
|
|
|
|
apple_support_dependencies()
|
|
|
|
# Hedron Bazel Compile Commands Extractor
|
|
# Allows integrating with clangd
|
|
# https://github.com/hedronvision/bazel-compile-commands-extractor
|
|
git_repository(
|
|
name = "hedron_compile_commands",
|
|
commit = "92db741ee6dee0c4a83a5c58be7747df7b89ed10",
|
|
remote = "https://github.com/hedronvision/bazel-compile-commands-extractor.git",
|
|
shallow_since = "1640416382 -0800",
|
|
)
|
|
|
|
load("@hedron_compile_commands//:workspace_setup.bzl", "hedron_compile_commands_setup")
|
|
|
|
hedron_compile_commands_setup()
|
|
|
|
# Googletest - tag: release-1.12.1
|
|
http_archive(
|
|
name = "com_google_googletest",
|
|
sha256 = "ab78fa3f912d44d38b785ec011a25f26512aaedc5291f51f3807c592b506d33a",
|
|
strip_prefix = "googletest-58d77fa8070e8cec2dc1ed015d66b454c8d78850",
|
|
urls = ["https://github.com/google/googletest/archive/58d77fa8070e8cec2dc1ed015d66b454c8d78850.zip"],
|
|
)
|
|
|
|
# Macops MOL* dependencies
|
|
|
|
git_repository(
|
|
name = "MOLAuthenticatingURLSession",
|
|
commit = "7ef7af5c732eb8b9375af29a65262be5d97ad391", # tag = v3.0
|
|
remote = "https://github.com/google/macops-molauthenticatingurlsession.git",
|
|
shallow_since = "1620062009 -0400",
|
|
)
|
|
|
|
git_repository(
|
|
name = "MOLCertificate",
|
|
commit = "288553b8ac75d7dd68159ef5b57652a506b8217c", # tag = "v2.1",
|
|
remote = "https://github.com/google/macops-molcertificate.git",
|
|
shallow_since = "1561303966 -0400",
|
|
)
|
|
|
|
git_repository(
|
|
name = "MOLCodesignChecker",
|
|
commit = "7ef66f1df15997defd7651b0ea5d6d9ec65a5b4f", # tag = "v2.2",
|
|
remote = "https://github.com/google/macops-molcodesignchecker.git",
|
|
shallow_since = "1561303990 -0400",
|
|
)
|
|
|
|
git_repository(
|
|
name = "MOLXPCConnection",
|
|
commit = "2c67c925c2b57fea9af551295d2b6711b38bb224", # tag = v2.1
|
|
remote = "https://github.com/google/macops-molxpcconnection.git",
|
|
shallow_since = "1564684202 -0400",
|
|
)
|
|
|
|
# FMDB
|
|
|
|
new_git_repository(
|
|
name = "FMDB",
|
|
build_file_content = """
|
|
objc_library(
|
|
name = "FMDB",
|
|
srcs = glob(["src/fmdb/*.m"], exclude=["src/fmdb.m"]),
|
|
hdrs = glob(["src/fmdb/*.h"]),
|
|
includes = ["src"],
|
|
sdk_dylibs = ["sqlite3"],
|
|
visibility = ["//visibility:public"],
|
|
)
|
|
""",
|
|
commit = "61e51fde7f7aab6554f30ab061cc588b28a97d04", # tag = 2.7.7
|
|
remote = "https://github.com/ccgus/fmdb.git",
|
|
shallow_since = "1589301502 -0700",
|
|
)
|
|
|
|
# OCMock
|
|
|
|
new_git_repository(
|
|
name = "OCMock",
|
|
build_file_content = """
|
|
objc_library(
|
|
name = "OCMock",
|
|
testonly = 1,
|
|
hdrs = glob(["Source/OCMock/*.h"]),
|
|
copts = [
|
|
"-Wno-vla",
|
|
],
|
|
includes = [
|
|
"Source",
|
|
"Source/OCMock",
|
|
],
|
|
non_arc_srcs = glob(["Source/OCMock/*.m"]),
|
|
pch = "Source/OCMock/OCMock-Prefix.pch",
|
|
visibility = ["//visibility:public"],
|
|
)
|
|
""",
|
|
commit = "afd2c6924e8a36cb872bc475248b978f743c6050", # tag = v3.9.1
|
|
patch_args = ["-p1"],
|
|
patches = ["//external_patches/OCMock:503.patch"],
|
|
remote = "https://github.com/erikdoe/ocmock",
|
|
shallow_since = "1609349457 +0100",
|
|
)
|