Add a CI and a basic integration test #194
Conversation
…ssion that went through PyRDP to assert that various features of PyRDP are respected
hope these dont show up in the gosecure slack
|
This is very cool! I think it's a great first step towards having proper unit testing and integration testing in PyRDP. I have a few comments but the general approach looks good to me. Good use of dependency injection for the configs, too. |
|
If you can rebase this and |
|
@alxbl wouldn't squash and merge do the job? Edit: wording as the first message seemed passive-agressive |
|
@alxbl I would like to review before you merge, please. I'm very interested in GitHub Actions beyond just this repo. |
It will, but your commits will disappear. I was offering you to keep your commit history in master. |
|
Ahhh I don't really care about having multiple commits for this PR, and the branch is still kept in GitHub if we really need the information |
There was a problem hiding this comment.
This is amazing! Thanks a lot for taking the time to build it.
Some general notes:
- I'm not fond of the 16-megabyte pcap addition. It's large. I suspect it can be compressed efficiently (especially if it's the text PDUs). If the compression ratio is good, I'm probably going to compress it and decompress it from the test suite when testing.
- How did you do the coverage analysis? Can you provide instructions in
docs/devel.adoc, please.
|
|
||
|
|
||
| class RDPMITM: | ||
| """ | ||
| Main MITM class. The job of this class is to orchestrate the components for all the protocols. | ||
| """ | ||
|
|
||
| def __init__(self, mainLogger: SessionLogger, crawlerLogger: SessionLogger, config: MITMConfig): | ||
| def __init__(self, mainLogger: SessionLogger, crawlerLogger: SessionLogger, config: MITMConfig, state: RDPMITMState=None, recorder: Recorder=None): |
There was a problem hiding this comment.
Note to self: this is duplicated from another active PR
| return ".".join(str(b) for b in data) | ||
|
|
||
|
|
||
| def parseExportedPdu(packet: packet.Raw): |
There was a problem hiding this comment.
Code duplicated from an active PR. One of us will rebase and refactor to avoid this useless duplication.
Co-Authored-By: Olivier Bilodeau <obilodeau@gosecure.net>
|
A simple zip of the pcap gave a 5.9M binary (from 16M). It's not as good as I have expected. Since git stores it's pack metadata already compressed (so also on the network), I'm going to let go on this. I might revisit if we add more pcap-based tests to reduce checkout size. |
Should I revert the commit then? |
Since it's already done I'm tempted to say no. That said, are you sure this directory will always be writable to the user running the tests? It looks like the GitHub action worked so we can keep it. |
There is no garantee indeed, i'm not sure what would be the best approach. It will always work for the CI though |
|
For the code coverage, I could add it to the CI if you want using https://www.codecov.io/, thoughts? |
|
Actually I can do it inside the CI without a third party |
then
Do what you prefer. |
|
Added windows installation and test, as a treat :) It does the same thing as the ubuntu one but on windows. My reasonning behind this is that even though installation does not fail per se, execution can fail because dependencies sometime have a hard time testing for both windows and linux, so I'd rather run the test twice. |
|
I added the coverage report to the CI, and it will fail if it falls under 50% (currently 53% coverage). @obilodeau Should I still add documentation for the coverage in docs or it's not needed? |
Not needed. This is self-explanatory now. Thanks! |
I had a burst of motivation and did this, I don't really care if you want it or not but offer it nonetheless, I mostly did this as a personnal challenge :)
Basically, I added a Github Actions workflow that does two things on push and on Pull Request on the repo:
1. Try to build the Docker Image.
2. Try to install PyRDP and run a new integration test I made on ubuntu and windows.
3. Show a coverage report and fail it it falls under 50%
This test is based on an RDP session I just recorded which try to use as most RDP features that PyRDP supports as possible.
Right now, it does assertions on these:
Beyond those assertions, it executes a large portion of the PyRDP codebase:
It does NOT test these:
This test could be better (and can be improved in the future), but I believe it will catch most low-hanging fruits/bugs!
Because of (what I believe is) a synchronization problem, I disabled testing for the device redirection channel.
It is heavily based on the pyrdp-replay branch (requires scapy as well).