Comment CopyFile callstack test

rabbitstack · Dec 22, 2023 · 67ea4b8 · 67ea4b8
1 parent a5a84f7
commit 67ea4b8
Showing 1 changed file with 25 additions and 27 deletions.
diff --git a/pkg/kstream/consumer_windows_test.go b/pkg/kstream/consumer_windows_test.go
@@ -779,33 +779,31 @@ func TestCallstackEnrichment(t *testing.T) {
 			},
 			false,
 		},
-		{
-			"copy file callstack",
-			func() error {
-				// TODO: Investigate CopyFile API call not working in Github CI
-				return nil
-				f, err := os.CreateTemp(os.TempDir(), "fibratus-copy-file")
-				if err != nil {
-					return err
-				}
-				f.Close()
-				from, _ := windows.UTF16PtrFromString(f.Name())
-				to, _ := windows.UTF16PtrFromString(filepath.Join(os.TempDir(), "copied-file"))
-				return copyFile(from, to)
-			},
-			func(e *kevent.Kevent) bool {
-				return true
-				if e.CurrentPid() && e.Type == ktypes.CreateFile &&
-					strings.HasPrefix(filepath.Base(e.GetParamAsString(kparams.FileName)), "copied-file") &&
-					e.GetParamAsString(kparams.FileOperation) != "OPEN" {
-					callstack := e.Callstack.String()
-					return callstackContainsTestExe(callstack) &&
-						strings.Contains(strings.ToLower(callstack), strings.ToLower("\\WINDOWS\\System32\\KERNELBASE.dll!CopyFileExW"))
-				}
-				return false
-			},
-			false,
-		},
+		//{
+		//	"copy file callstack",
+		//	func() error {
+		//		// TODO: Investigate CopyFile API call not working in Github CI
+		//		f, err := os.CreateTemp(os.TempDir(), "fibratus-copy-file")
+		//		if err != nil {
+		//			return err
+		//		}
+		//		f.Close()
+		//		from, _ := windows.UTF16PtrFromString(f.Name())
+		//		to, _ := windows.UTF16PtrFromString(filepath.Join(os.TempDir(), "copied-file"))
+		//		return copyFile(from, to)
+		//	},
+		//	func(e *kevent.Kevent) bool {
+		//		if e.CurrentPid() && e.Type == ktypes.CreateFile &&
+		//			strings.HasPrefix(filepath.Base(e.GetParamAsString(kparams.FileName)), "copied-file") &&
+		//			e.GetParamAsString(kparams.FileOperation) != "OPEN" {
+		//			callstack := e.Callstack.String()
+		//			return callstackContainsTestExe(callstack) &&
+		//				strings.Contains(strings.ToLower(callstack), strings.ToLower("\\WINDOWS\\System32\\KERNELBASE.dll!CopyFileExW"))
+		//		}
+		//		return false
+		//	},
+		//	false,
+		//},
 		{
 			"delete file callstack",
 			func() error {