Skip to content

Commit

Permalink
Added Python 3.13 CI test target
Browse files Browse the repository at this point in the history
  • Loading branch information
joachimmetz committed Oct 13, 2024
1 parent e60d91f commit 752570c
Show file tree
Hide file tree
Showing 28 changed files with 928 additions and 33 deletions.
141 changes: 137 additions & 4 deletions tests/cli/extraction_tool.py
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@
"""Tests for the extraction tool object."""

import argparse
import sys
import unittest

try:
Expand All @@ -20,7 +21,24 @@ class ExtractionToolTest(test_lib.CLIToolTestCase):

# pylint: disable=protected-access

_EXPECTED_PERFORMANCE_OPTIONS = """\
_PYTHON3_13_OR_LATER = sys.version_info[0:2] >= (3, 13)

if _PYTHON3_13_OR_LATER:
_EXPECTED_PERFORMANCE_OPTIONS = """\
usage: extraction_tool_test.py [--buffer_size BUFFER_SIZE]
[--queue_size QUEUE_SIZE]
Test argument parser.
{0:s}:
--buffer_size, --buffer-size, --bs BUFFER_SIZE
The buffer size for the output (defaults to 196MiB).
--queue_size, --queue-size QUEUE_SIZE
The maximum number of queued items per worker
(defaults to 125000)
""".format(test_lib.ARGPARSE_OPTIONS)
else:
_EXPECTED_PERFORMANCE_OPTIONS = """\
usage: extraction_tool_test.py [--buffer_size BUFFER_SIZE]
[--queue_size QUEUE_SIZE]
Expand All @@ -35,7 +53,43 @@ class ExtractionToolTest(test_lib.CLIToolTestCase):
""".format(test_lib.ARGPARSE_OPTIONS)

if resource is None:
_EXPECTED_PROCESSING_OPTIONS = """\
if _PYTHON3_13_OR_LATER:
_EXPECTED_PROCESSING_OPTIONS = """\
usage: extraction_tool_test.py [--single_process]
[--temporary_directory DIRECTORY]
[--vfs_back_end TYPE]
[--worker_memory_limit SIZE]
[--worker_timeout MINUTES] [--workers WORKERS]
Test argument parser.
{0:s}:
--single_process, --single-process
Indicate that the tool should run in a single process.
--temporary_directory, --temporary-directory DIRECTORY
Path to the directory that should be used to store
temporary files created during processing.
--vfs_back_end, --vfs-back-end TYPE
The preferred dfVFS back-end: "auto", "fsext",
"fsfat", "fshfs", "fsntfs", "tsk" or "vsgpt".
--worker_memory_limit, --worker-memory-limit SIZE
Maximum amount of memory (data segment and shared
memory) a worker process is allowed to consume in
bytes, where 0 represents no limit. The default limit
is 2147483648 (2 GiB). If a worker process exceeds
this limit it is killed by the main (foreman) process.
--worker_timeout, --worker-timeout MINUTES
Number of minutes before a worker process that is not
providing status updates is considered inactive. The
default timeout is 15.0 minutes. If a worker process
exceeds this timeout it is killed by the main
(foreman) process.
--workers WORKERS Number of worker processes. The default is the number
of available system CPUs minus one, for the main
(foreman) process.
""".format(test_lib.ARGPARSE_OPTIONS)
else:
_EXPECTED_PROCESSING_OPTIONS = """\
usage: extraction_tool_test.py [--single_process]
[--temporary_directory DIRECTORY]
[--vfs_back_end TYPE]
Expand Down Expand Up @@ -71,7 +125,53 @@ class ExtractionToolTest(test_lib.CLIToolTestCase):
""".format(test_lib.ARGPARSE_OPTIONS)

else:
_EXPECTED_PROCESSING_OPTIONS = """\
if _PYTHON3_13_OR_LATER:
_EXPECTED_PROCESSING_OPTIONS = """\
usage: extraction_tool_test.py [--single_process]
[--process_memory_limit SIZE]
[--temporary_directory DIRECTORY]
[--vfs_back_end TYPE]
[--worker_memory_limit SIZE]
[--worker_timeout MINUTES] [--workers WORKERS]
Test argument parser.
{0:s}:
--process_memory_limit, --process-memory-limit SIZE
Maximum amount of memory (data segment) a process is
allowed to allocate in bytes, where 0 represents no
limit. The default limit is 4294967296 (4 GiB). This
applies to both the main (foreman) process and the
worker processes. This limit is enforced by the
operating system and will supersede the worker memory
limit (--worker_memory_limit).
--single_process, --single-process
Indicate that the tool should run in a single process.
--temporary_directory, --temporary-directory DIRECTORY
Path to the directory that should be used to store
temporary files created during processing.
--vfs_back_end, --vfs-back-end TYPE
The preferred dfVFS back-end: "auto", "fsext",
"fsfat", "fshfs", "fsntfs", "tsk" or "vsgpt".
--worker_memory_limit, --worker-memory-limit SIZE
Maximum amount of memory (data segment and shared
memory) a worker process is allowed to consume in
bytes, where 0 represents no limit. The default limit
is 2147483648 (2 GiB). If a worker process exceeds
this limit it is killed by the main (foreman) process.
--worker_timeout, --worker-timeout MINUTES
Number of minutes before a worker process that is not
providing status updates is considered inactive. The
default timeout is 15.0 minutes. If a worker process
exceeds this timeout it is killed by the main
(foreman) process.
--workers WORKERS Number of worker processes. The default is the number
of available system CPUs minus one, for the main
(foreman) process.
""".format(test_lib.ARGPARSE_OPTIONS)

else:
_EXPECTED_PROCESSING_OPTIONS = """\
usage: extraction_tool_test.py [--single_process]
[--process_memory_limit SIZE]
[--temporary_directory DIRECTORY]
Expand Down Expand Up @@ -115,7 +215,40 @@ class ExtractionToolTest(test_lib.CLIToolTestCase):
(foreman) process.
""".format(test_lib.ARGPARSE_OPTIONS)

_EXPECTED_TIME_ZONE_OPTION = """\

if _PYTHON3_13_OR_LATER:
_EXPECTED_TIME_ZONE_OPTION = """\
usage: extraction_tool_test.py [--codepage CODEPAGE] [--language LANGUAGE_TAG]
[--no_extract_winevt_resources] [-z TIME_ZONE]
Test argument parser.
{0:s}:
--codepage CODEPAGE The preferred codepage, which is used for decoding
single-byte or multi-byte character extracted strings.
--language LANGUAGE_TAG
The preferred language, which is used for extracting
and formatting Windows EventLog message strings. Use "
--language list" to see a list of supported language
tags. The en-US (LCID 0x0409) language is used as
fallback if preprocessing could not determine the
system language or no language information is
available in the winevt-rc.db database.
--no_extract_winevt_resources, --no-extract-winevt-resources
Do not extract Windows EventLog resources such as
event message template strings. By default Windows
EventLog resources will be extracted when a Windows
EventLog parser is enabled.
-z, --zone, --timezone TIME_ZONE
preferred time zone of extracted date and time values
that are stored without a time zone indicator. The
time zone is determined based on the source data where
possible otherwise it will default to UTC. Use "list"
to see a list of available time zones.
""".format(test_lib.ARGPARSE_OPTIONS)

else:
_EXPECTED_TIME_ZONE_OPTION = """\
usage: extraction_tool_test.py [--codepage CODEPAGE] [--language LANGUAGE_TAG]
[--no_extract_winevt_resources] [-z TIME_ZONE]
Expand Down
26 changes: 25 additions & 1 deletion tests/cli/helpers/artifact_definitions.py
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@
"""Tests for the artifact definitions CLI arguments helper."""

import argparse
import sys
import unittest

from plaso.cli import tools
Expand All @@ -17,7 +18,8 @@ class ArtifactDefinitionsArgumentsHelperTest(cli_test_lib.CLIToolTestCase):

# pylint: disable=no-member,protected-access

_EXPECTED_OUTPUT = """\
if sys.version_info[0:2] < (3, 13):
_EXPECTED_OUTPUT = """\
usage: cli_helper.py [--artifact_definitions PATH]
[--custom_artifact_definitions PATH]
Expand All @@ -38,6 +40,28 @@ class ArtifactDefinitionsArgumentsHelperTest(cli_test_lib.CLIToolTestCase):
Windows Registry keys.
""".format(cli_test_lib.ARGPARSE_OPTIONS)

else:
_EXPECTED_OUTPUT = """\
usage: cli_helper.py [--artifact_definitions PATH]
[--custom_artifact_definitions PATH]
Test argument parser.
{0:s}:
--artifact_definitions, --artifact-definitions PATH
Path to a directory or file containing artifact
definitions, which are .yaml files. Artifact
definitions can be used to describe and quickly
collect data of interest, such as specific files or
Windows Registry keys.
--custom_artifact_definitions, --custom-artifact-definitions PATH
Path to a directory or file containing custom artifact
definitions, which are .yaml files. Artifact
definitions can be used to describe and quickly
collect data of interest, such as specific files or
Windows Registry keys.
""".format(cli_test_lib.ARGPARSE_OPTIONS)

def testAddArguments(self):
"""Tests the AddArguments function."""
argument_parser = argparse.ArgumentParser(
Expand Down
36 changes: 35 additions & 1 deletion tests/cli/helpers/artifact_filters.py
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@
"""Tests for the filter file CLI arguments helper."""

import argparse
import sys
import unittest

from plaso.cli import tools
Expand All @@ -17,7 +18,40 @@ class ArtifactFiltersArgumentsHelperTest(cli_test_lib.CLIToolTestCase):

# pylint: disable=no-member,protected-access

_EXPECTED_OUTPUT = """\
_PYTHON3_13_OR_LATER = sys.version_info[0:2] >= (3, 13)

if _PYTHON3_13_OR_LATER:
_EXPECTED_OUTPUT = """\
usage: cli_helper.py [--artifact_filters ARTIFACT_FILTERS]
[--artifact_filters_file PATH]
Test argument parser.
{0:s}:
--artifact_filters, --artifact-filters ARTIFACT_FILTERS
Names of forensic artifact definitions, provided on
the command command line (comma separated). Forensic
artifacts are stored in .yaml files that are directly
pulled from the artifact definitions project. You can
also specify a custom artifacts yaml file (see
--custom_artifact_definitions). Artifact definitions
can be used to describe and quickly collect data of
interest, such as specific files or Windows Registry
keys.
--artifact_filters_file, --artifact-filters_file PATH
Names of forensic artifact definitions, provided in a
file with one artifact name per line. Forensic
artifacts are stored in .yaml files that are directly
pulled from the artifact definitions project. You can
also specify a custom artifacts yaml file (see
--custom_artifact_definitions). Artifact definitions
can be used to describe and quickly collect data of
interest, such as specific files or Windows Registry
keys.
""".format(cli_test_lib.ARGPARSE_OPTIONS)

else:
_EXPECTED_OUTPUT = """\
usage: cli_helper.py [--artifact_filters ARTIFACT_FILTERS]
[--artifact_filters_file PATH]
Expand Down
27 changes: 26 additions & 1 deletion tests/cli/helpers/bloom_analysis.py
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@
"""Tests for the bloom database analysis plugin CLI arguments helper."""

import argparse
import sys
import unittest

try:
Expand All @@ -25,7 +26,31 @@ class BloomAnalysisArgumentsHelperTest(

# pylint: disable=no-member,protected-access

_EXPECTED_OUTPUT = """\
_PYTHON3_13_OR_LATER = sys.version_info[0:2] >= (3, 13)

if _PYTHON3_13_OR_LATER:
_EXPECTED_OUTPUT = """\
usage: cli_helper.py [--bloom-file PATH] [--bloom-hash HASH]
[--bloom-label LABEL]
Test argument parser.
{0:s}:
--bloom-file, --bloom_file PATH
Path to the bloom database file, the default is:
hashlookup-full.bloom
--bloom-hash, --bloom_hash HASH
Type of hash to use to query the bloom database file
(note that hash values must be stored in upper case),
the default is: sha1. Supported options: md5, sha1,
sha256.
--bloom-label, --bloom_label LABEL
Label to apply to events, the default is:
bloom_present.
""".format(cli_test_lib.ARGPARSE_OPTIONS)

else:
_EXPECTED_OUTPUT = """\
usage: cli_helper.py [--bloom-file PATH] [--bloom-hash HASH]
[--bloom-label LABEL]
Expand Down
34 changes: 33 additions & 1 deletion tests/cli/helpers/date_filters.py
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@
"""Tests for the date filters CLI arguments helper."""

import argparse
import sys
import unittest

from plaso.cli import tools
Expand All @@ -18,7 +19,38 @@ class DateFiltersArgumentsHelperTest(cli_test_lib.CLIToolTestCase):

# pylint: disable=no-member,protected-access

_EXPECTED_OUTPUT = """\
_PYTHON3_13_OR_LATER = sys.version_info[0:2] >= (3, 13)

if _PYTHON3_13_OR_LATER:
_EXPECTED_OUTPUT = """\
usage: cli_helper.py [--date-filter TYPE_START_END]
Test argument parser.
{0:s}:
--date-filter, --date_filter TYPE_START_END
Filter based on file entry date and time ranges. This
parameter is formatted as
"TIME_VALUE,START_DATE_TIME,END_DATE_TIME" where
TIME_VALUE defines which file entry timestamp the
filter applies to e.g. atime, ctime, crtime, bkup,
etc. START_DATE_TIME and END_DATE_TIME define
respectively the start and end of the date time range.
A date time range requires at minimum start or end to
time of the boundary and END defines the end time.
Both timestamps be set. The date time values are
formatted as: YYYY-MM-DD hh:mm:ss.######[+-]##:##
Where # are numeric digits ranging from 0 to 9 and the
seconds fraction can be either 3 or 6 digits. The time
of day, seconds fraction and time zone offset are
optional. The default time zone is UTC. E.g. "atime,
2013-01-01 23:12:14, 2013-02-23". This parameter can
be repeated as needed to add additional date
boundaries, e.g. once for atime, once for crtime, etc.
""".format(cli_test_lib.ARGPARSE_OPTIONS)

else:
_EXPECTED_OUTPUT = """\
usage: cli_helper.py [--date-filter TYPE_START_END]
Test argument parser.
Expand Down
Loading

0 comments on commit 752570c

Please sign in to comment.