From 0f382a4d5d5bb81d952091361a67442b8f4ce013 Mon Sep 17 00:00:00 2001
From: Alexandre Pujol <alexandre@pujol.io>
Date: Wed, 29 May 2024 21:18:30 +0100
Subject: [PATCH] tests(aa): improve aa unit tests.

---
 pkg/aa/apparmor_test.go | 18 ++++++++++++++----
 pkg/aa/parse.go         |  3 +++
 2 files changed, 17 insertions(+), 4 deletions(-)

diff --git a/pkg/aa/apparmor_test.go b/pkg/aa/apparmor_test.go
index faef895dd..85bb1fc39 100644
--- a/pkg/aa/apparmor_test.go
+++ b/pkg/aa/apparmor_test.go
@@ -123,16 +123,22 @@ func TestAppArmorProfileFile_Sort(t *testing.T) {
 			origin: &AppArmorProfileFile{
 				Profiles: []*Profile{{
 					Rules: []Rule{
-						file2, network1, includeLocal1, dbus2, signal1, ptrace1,
-						capability2, file1, dbus1, unix2, signal2, mount2,
+						file2, network1, userns1, include1, dbus2, signal1,
+						ptrace1, includeLocal1, rlimit3, capability1, network2,
+						mqueue2, iouring2, dbus1, link2, capability2, file1,
+						unix2, signal2, mount2, all1, umount2, mount1, remount2,
+						pivotroot1, changeprofile2,
 					},
 				}},
 			},
 			want: &AppArmorProfileFile{
 				Profiles: []*Profile{{
 					Rules: []Rule{
-						capability2, network1, mount2, signal1, signal2, ptrace1,
-						unix2, dbus2, dbus1, file1, file2, includeLocal1,
+						include1, all1, rlimit3, userns1, capability1, capability2,
+						network2, network1, mount2, mount1, remount2, umount2,
+						pivotroot1, changeprofile2, mqueue2, iouring2, signal2,
+						signal1, ptrace1, unix2, dbus2, dbus1, file1, file2,
+						link2, includeLocal1,
 					},
 				}},
 			},
@@ -232,6 +238,10 @@ func TestAppArmorProfileFile_Integration(t *testing.T) {
 			tt.f.Sort()
 			tt.f.MergeRules()
 			tt.f.Format()
+			err := tt.f.Validate()
+			if err != nil {
+				t.Errorf("AppArmorProfile.Validate() = %v", err)
+			}
 			if got := tt.f.String(); got != tt.want {
 				t.Errorf("AppArmorProfile = |%v|, want |%v|", got, tt.want)
 			}
diff --git a/pkg/aa/parse.go b/pkg/aa/parse.go
index 7d949e150..0e07ebef8 100644
--- a/pkg/aa/parse.go
+++ b/pkg/aa/parse.go
@@ -35,6 +35,7 @@ var (
 	tok = map[Kind]string{
 		COMMENT:  "#",
 		VARIABLE: "@{",
+		HAT:      "^",
 	}
 	openBlocks  = []rune{tokOPENPAREN, tokOPENBRACE, tokOPENBRACKET}
 	closeBlocks = []rune{tokCLOSEPAREN, tokCLOSEBRACE, tokCLOSEBRACKET}
@@ -222,6 +223,8 @@ done:
 		case strings.HasPrefix(tmp, PROFILE.Tok()):
 			rawHeader = tmp
 			break done
+		case strings.HasPrefix(tmp, HAT.String()), strings.HasPrefix(tmp, HAT.Tok()):
+			break done
 		default:
 			rawPreamble = append(rawPreamble, tmp)
 		}