filters: add unit tests for namespace regex filter

This commit adds tests to verify the namespace regex filter works correctly.

Signed-off-by: Aritra Dey <[email protected]>

Author: AritraDey-Dev

pkg/filters/namespace_test.go

@@ -66,3 +66,102 @@ func TestNamespace(t *testing.T) {
 	ev = event.Event{Event: &tetragon.GetEventsResponse{Event: &tetragon.GetEventsResponse_ProcessExec{ProcessExec: &tetragon.ProcessExec{Process: &tetragon.Process{}}}}}
 	assert.True(t, fl.MatchOne(&ev))
 }
+
+func TestNamespaceRegex(t *testing.T) {
+	f := []*tetragon.Filter{{NamespaceRegex: []string{"test-.*"}}}
+	fl, err := BuildFilterList(context.Background(), f, []OnBuildFilter{&NamespaceRegexFilter{}})
+	require.NoError(t, err)
+
+	ev := event.Event{
+		Event: &tetragon.GetEventsResponse{
+			Event: &tetragon.GetEventsResponse_ProcessExec{
+				ProcessExec: &tetragon.ProcessExec{Process: &tetragon.Process{Pod: &tetragon.Pod{Namespace: "test-app"}}},
+			},
+		},
+	}
+	assert.True(t, fl.MatchOne(&ev), "should match test-app namespace")
+
+	ev = event.Event{
+		Event: &tetragon.GetEventsResponse{
+			Event: &tetragon.GetEventsResponse_ProcessExec{
+				ProcessExec: &tetragon.ProcessExec{Process: &tetragon.Process{Pod: &tetragon.Pod{Namespace: "test-system"}}},
+			},
+		},
+	}
+	assert.True(t, fl.MatchOne(&ev), "should match test-system namespace")
+
+	ev = event.Event{
+		Event: &tetragon.GetEventsResponse{
+			Event: &tetragon.GetEventsResponse_ProcessExec{
+				ProcessExec: &tetragon.ProcessExec{Process: &tetragon.Process{Pod: &tetragon.Pod{Namespace: "kube-system"}}},
+			},
+		},
+	}
+	assert.False(t, fl.MatchOne(&ev), "should not match kube-system namespace")
+
+	ev = event.Event{
+		Event: &tetragon.GetEventsResponse{
+			Event: &tetragon.GetEventsResponse_ProcessExec{
+				ProcessExec: &tetragon.ProcessExec{Process: &tetragon.Process{Pod: &tetragon.Pod{Namespace: "default"}}},
+			},
+		},
+	}
+	assert.False(t, fl.MatchOne(&ev), "should not match default namespace")
+
+	ev = event.Event{
+		Event: &tetragon.GetEventsResponse{
+			Event: &tetragon.GetEventsResponse_ProcessExec{
+				ProcessExec: &tetragon.ProcessExec{Process: &tetragon.Process{}},
+			},
+		},
+	}
+	assert.False(t, fl.MatchOne(&ev), "should not match process without pod info")
+
+	ev = event.Event{
+		Event: &tetragon.GetEventsResponse{
+			Event: &tetragon.GetEventsResponse_ProcessExec{
+				ProcessExec: &tetragon.ProcessExec{},
+			},
+		},
+	}
+	assert.False(t, fl.MatchOne(&ev), "should not match nil process")
+}
+
+func TestNamespaceRegexMultiplePatterns(t *testing.T) {
+	f := []*tetragon.Filter{{NamespaceRegex: []string{"prod-.*", "staging-.*"}}}
+	fl, err := BuildFilterList(context.Background(), f, []OnBuildFilter{&NamespaceRegexFilter{}})
+	require.NoError(t, err)
+
+	ev := event.Event{
+		Event: &tetragon.GetEventsResponse{
+			Event: &tetragon.GetEventsResponse_ProcessExec{
+				ProcessExec: &tetragon.ProcessExec{Process: &tetragon.Process{Pod: &tetragon.Pod{Namespace: "prod-app"}}},
+			},
+		},
+	}
+	assert.True(t, fl.MatchOne(&ev), "should match prod-app namespace")
+
+	ev = event.Event{
+		Event: &tetragon.GetEventsResponse{
+			Event: &tetragon.GetEventsResponse_ProcessExec{
+				ProcessExec: &tetragon.ProcessExec{Process: &tetragon.Process{Pod: &tetragon.Pod{Namespace: "staging-app"}}},
+			},
+		},
+	}
+	assert.True(t, fl.MatchOne(&ev), "should match staging-app namespace")
+
+	ev = event.Event{
+		Event: &tetragon.GetEventsResponse{
+			Event: &tetragon.GetEventsResponse_ProcessExec{
+				ProcessExec: &tetragon.ProcessExec{Process: &tetragon.Process{Pod: &tetragon.Pod{Namespace: "dev-app"}}},
+			},
+		},
+	}
+	assert.False(t, fl.MatchOne(&ev), "should not match dev-app namespace")
+}
+
+func TestNamespaceRegexInvalidPattern(t *testing.T) {
+	f := []*tetragon.Filter{{NamespaceRegex: []string{"[invalid"}}}
+	_, err := BuildFilterList(context.Background(), f, []OnBuildFilter{&NamespaceRegexFilter{}})
+	require.Error(t, err, "should return error for invalid regex")
+}