mirrors/crowdsec
1
0
Fork 0
mirror of https://github.com/crowdsecurity/crowdsec.git synced 2025-05-10 20:05:55 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

lint: explicit error checks (#3388)

Browse source 
* errcheck: tests
* fflag errcheck
* http_test errcheck (avoid duplicate metric registration)
This commit is contained in:
mmetc 2025-01-02 12:33:54 +01:00 committed by GitHub
parent 5c0c4f9fa6
commit 4e6e6dec65
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
19 changed files with 185 additions and 99 deletions
Download patch file Download diff file Expand all files Collapse all files

8
cmd/crowdsec-cli/clihub/hub.go
View file

@ -177,11 +177,15 @@ func (cli *cliHub) upgrade(ctx context.Context, yes bool, dryRun bool, force boo
for _, itemType := range cwhub.ItemTypes {
for _, item := range hub.GetInstalledByType(itemType, true) {
plan.AddCommand(hubops.NewDownloadCommand(item, contentProvider, force))
if err := plan.AddCommand(hubops.NewDownloadCommand(item, contentProvider, force)); err != nil {
return err
}
}
}
plan.AddCommand(hubops.NewDataRefreshCommand(force))
if err := plan.AddCommand(hubops.NewDataRefreshCommand(force)); err != nil {
return err
}
verbose := (cfg.Cscli.Output == "raw")

18
pkg/acquisition/modules/file/file_test.go
View file

@ -333,14 +333,19 @@ force_inotify: true`, testPattern),
logLevel: log.DebugLevel,
name: "GlobInotifyChmod",
afterConfigure: func() {
f, _ := os.Create("test_files/a.log")
f.Close()
f, err := os.Create("test_files/a.log")
require.NoError(t, err)
err = f.Close()
require.NoError(t, err)
time.Sleep(1 * time.Second)
os.Chmod("test_files/a.log", 0o000)
err = os.Chmod("test_files/a.log", 0o000)
require.NoError(t, err)
},
teardown: func() {
os.Chmod("test_files/a.log", 0o644)
os.Remove("test_files/a.log")
err := os.Chmod("test_files/a.log", 0o644)
require.NoError(t, err)
err = os.Remove("test_files/a.log")
require.NoError(t, err)
},
},
{
@ -353,7 +358,8 @@ force_inotify: true`, testPattern),
logLevel: log.DebugLevel,
name: "InotifyMkDir",
afterConfigure: func() {
os.Mkdir("test_files/pouet/", 0o700)
err := os.Mkdir("test_files/pouet/", 0o700)
require.NoError(t, err)
},
teardown: func() {
os.Remove("test_files/pouet/")

89
pkg/acquisition/modules/http/http_test.go
View file

@ -218,7 +218,7 @@ func TestGetName(t *testing.T) {
assert.Equal(t, "http", h.GetName())
}
func SetupAndRunHTTPSource(t *testing.T, h *HTTPSource, config []byte, metricLevel int) (chan types.Event, *tomb.Tomb) {
func SetupAndRunHTTPSource(t *testing.T, h *HTTPSource, config []byte, metricLevel int) (chan types.Event, *prometheus.Registry, *tomb.Tomb) {
ctx := context.Background()
subLogger := log.WithFields(log.Fields{
"type": "http",
@ -230,16 +230,18 @@ func SetupAndRunHTTPSource(t *testing.T, h *HTTPSource, config []byte, metricLev
err = h.StreamingAcquisition(ctx, out, &tomb)
require.NoError(t, err)
testRegistry := prometheus.NewPedanticRegistry()
for _, metric := range h.GetMetrics() {
prometheus.Register(metric)
err = testRegistry.Register(metric)
require.NoError(t, err)
}
return out, &tomb
return out, testRegistry, &tomb
}
func TestStreamingAcquisitionWrongHTTPMethod(t *testing.T) {
h := &HTTPSource{}
_, tomb := SetupAndRunHTTPSource(t, h, []byte(`
_, _, tomb:= SetupAndRunHTTPSource(t, h, []byte(`
source: http
listen_addr: 127.0.0.1:8080
path: /test
@ -256,12 +258,13 @@ basic_auth:
h.Server.Close()
tomb.Kill(nil)
tomb.Wait()
err = tomb.Wait()
require.NoError(t, err)
}
func TestStreamingAcquisitionUnknownPath(t *testing.T) {
h := &HTTPSource{}
_, tomb := SetupAndRunHTTPSource(t, h, []byte(`
_, _, tomb := SetupAndRunHTTPSource(t, h, []byte(`
source: http
listen_addr: 127.0.0.1:8080
path: /test
@ -278,12 +281,13 @@ basic_auth:
h.Server.Close()
tomb.Kill(nil)
tomb.Wait()
err = tomb.Wait()
require.NoError(t, err)
}
func TestStreamingAcquisitionBasicAuth(t *testing.T) {
h := &HTTPSource{}
_, tomb := SetupAndRunHTTPSource(t, h, []byte(`
_, _, tomb := SetupAndRunHTTPSource(t, h, []byte(`
source: http
listen_addr: 127.0.0.1:8080
path: /test
@ -310,12 +314,13 @@ basic_auth:
h.Server.Close()
tomb.Kill(nil)
tomb.Wait()
err = tomb.Wait()
require.NoError(t, err)
}
func TestStreamingAcquisitionBadHeaders(t *testing.T) {
h := &HTTPSource{}
_, tomb := SetupAndRunHTTPSource(t, h, []byte(`
_, _, tomb := SetupAndRunHTTPSource(t, h, []byte(`
source: http
listen_addr: 127.0.0.1:8080
path: /test
@ -337,12 +342,13 @@ headers:
h.Server.Close()
tomb.Kill(nil)
tomb.Wait()
err = tomb.Wait()
require.NoError(t, err)
}
func TestStreamingAcquisitionMaxBodySize(t *testing.T) {
h := &HTTPSource{}
_, tomb := SetupAndRunHTTPSource(t, h, []byte(`
_, _, tomb := SetupAndRunHTTPSource(t, h, []byte(`
source: http
listen_addr: 127.0.0.1:8080
path: /test
@ -365,12 +371,13 @@ max_body_size: 5`), 0)
h.Server.Close()
tomb.Kill(nil)
tomb.Wait()
err = tomb.Wait()
require.NoError(t, err)
}
func TestStreamingAcquisitionSuccess(t *testing.T) {
h := &HTTPSource{}
out, tomb := SetupAndRunHTTPSource(t, h, []byte(`
out, reg, tomb := SetupAndRunHTTPSource(t, h, []byte(`
source: http
listen_addr: 127.0.0.1:8080
path: /test
@ -396,16 +403,17 @@ headers:
err = <-errChan
require.NoError(t, err)
assertMetrics(t, h.GetMetrics(), 1)
assertMetrics(t, reg, h.GetMetrics(), 1)
h.Server.Close()
tomb.Kill(nil)
tomb.Wait()
err = tomb.Wait()
require.NoError(t, err)
}
func TestStreamingAcquisitionCustomStatusCodeAndCustomHeaders(t *testing.T) {
h := &HTTPSource{}
out, tomb := SetupAndRunHTTPSource(t, h, []byte(`
out, reg, tomb := SetupAndRunHTTPSource(t, h, []byte(`
source: http
listen_addr: 127.0.0.1:8080
path: /test
@ -435,11 +443,12 @@ custom_headers:
err = <-errChan
require.NoError(t, err)
assertMetrics(t, h.GetMetrics(), 1)
assertMetrics(t, reg, h.GetMetrics(), 1)
h.Server.Close()
tomb.Kill(nil)
tomb.Wait()
err = tomb.Wait()
require.NoError(t, err)
}
type slowReader struct {
@ -495,7 +504,7 @@ func assertEvents(out chan types.Event, expected []string, errChan chan error) {
func TestStreamingAcquisitionTimeout(t *testing.T) {
h := &HTTPSource{}
_, tomb := SetupAndRunHTTPSource(t, h, []byte(`
_, _, tomb := SetupAndRunHTTPSource(t, h, []byte(`
source: http
listen_addr: 127.0.0.1:8080
path: /test
@ -525,12 +534,13 @@ timeout: 1s`), 0)
h.Server.Close()
tomb.Kill(nil)
tomb.Wait()
err = tomb.Wait()
require.NoError(t, err)
}
func TestStreamingAcquisitionTLSHTTPRequest(t *testing.T) {
h := &HTTPSource{}
_, tomb := SetupAndRunHTTPSource(t, h, []byte(`
_, _, tomb := SetupAndRunHTTPSource(t, h, []byte(`
source: http
listen_addr: 127.0.0.1:8080
auth_type: mtls
@ -549,12 +559,13 @@ tls:
h.Server.Close()
tomb.Kill(nil)
tomb.Wait()
err = tomb.Wait()
require.NoError(t, err)
}
func TestStreamingAcquisitionTLSWithHeadersAuthSuccess(t *testing.T) {
h := &HTTPSource{}
out, tomb := SetupAndRunHTTPSource(t, h, []byte(`
out, reg, tomb := SetupAndRunHTTPSource(t, h, []byte(`
source: http
listen_addr: 127.0.0.1:8080
path: /test
@ -600,16 +611,17 @@ tls:
err = <-errChan
require.NoError(t, err)
assertMetrics(t, h.GetMetrics(), 0)
assertMetrics(t, reg, h.GetMetrics(), 0)
h.Server.Close()
tomb.Kill(nil)
tomb.Wait()
err = tomb.Wait()
require.NoError(t, err)
}
func TestStreamingAcquisitionMTLS(t *testing.T) {
h := &HTTPSource{}
out, tomb := SetupAndRunHTTPSource(t, h, []byte(`
out, reg, tomb := SetupAndRunHTTPSource(t, h, []byte(`
source: http
listen_addr: 127.0.0.1:8080
path: /test
@ -657,16 +669,17 @@ tls:
err = <-errChan
require.NoError(t, err)
assertMetrics(t, h.GetMetrics(), 0)
assertMetrics(t, reg, h.GetMetrics(), 0)
h.Server.Close()
tomb.Kill(nil)
tomb.Wait()
err = tomb.Wait()
require.NoError(t, err)
}
func TestStreamingAcquisitionGzipData(t *testing.T) {
h := &HTTPSource{}
out, tomb := SetupAndRunHTTPSource(t, h, []byte(`
out, reg, tomb := SetupAndRunHTTPSource(t, h, []byte(`
source: http
listen_addr: 127.0.0.1:8080
path: /test
@ -709,16 +722,17 @@ headers:
err = <-errChan
require.NoError(t, err)
assertMetrics(t, h.GetMetrics(), 2)
assertMetrics(t, reg, h.GetMetrics(), 2)
h.Server.Close()
tomb.Kill(nil)
tomb.Wait()
err = tomb.Wait()
require.NoError(t, err)
}
func TestStreamingAcquisitionNDJson(t *testing.T) {
h := &HTTPSource{}
out, tomb := SetupAndRunHTTPSource(t, h, []byte(`
out, reg, tomb := SetupAndRunHTTPSource(t, h, []byte(`
source: http
listen_addr: 127.0.0.1:8080
path: /test
@ -747,15 +761,16 @@ headers:
err = <-errChan
require.NoError(t, err)
assertMetrics(t, h.GetMetrics(), 2)
assertMetrics(t, reg, h.GetMetrics(), 2)
h.Server.Close()
tomb.Kill(nil)
tomb.Wait()
err = tomb.Wait()
require.NoError(t, err)
}
func assertMetrics(t *testing.T, metrics []prometheus.Collector, expected int) {
promMetrics, err := prometheus.DefaultGatherer.Gather()
func assertMetrics(t *testing.T, reg *prometheus.Registry, metrics []prometheus.Collector, expected int) {
promMetrics, err := reg.Gather()
require.NoError(t, err)
isExist := false

4
pkg/acquisition/modules/journalctl/journalctl_test.go
View file

@ -12,6 +12,7 @@ import (
log "github.com/sirupsen/logrus"
"github.com/sirupsen/logrus/hooks/test"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
"gopkg.in/tomb.v2"
"github.com/crowdsecurity/go-cs-lib/cstest"
@ -268,7 +269,8 @@ journalctl_filter:
}
tomb.Kill(nil)
tomb.Wait()
err = tomb.Wait()
require.NoError(t, err)
output, _ := exec.Command("pgrep", "-x", "journalctl").CombinedOutput()
if len(output) != 0 {

6
pkg/acquisition/modules/kafka/kafka_test.go
View file

@ -194,7 +194,8 @@ topic: crowdsecplaintext`), subLogger, configuration.METRICS_NONE)
}
require.Equal(t, ts.expectedLines, actualLines)
tomb.Kill(nil)
tomb.Wait()
err = tomb.Wait()
require.NoError(t, err)
})
}
}
@ -271,7 +272,8 @@ tls:
}
require.Equal(t, ts.expectedLines, actualLines)
tomb.Kill(nil)
tomb.Wait()
err = tomb.Wait()
require.NoError(t, err)
})
}
}

12
pkg/acquisition/modules/kinesis/kinesis_test.go
View file

@ -63,7 +63,8 @@ func GenSubObject(t *testing.T, i int) []byte {
var b bytes.Buffer
gz := gzip.NewWriter(&b)
gz.Write(body)
_, err = gz.Write(body)
require.NoError(t, err)
gz.Close()
// AWS actually base64 encodes the data, but it looks like kinesis automatically decodes it at some point
// localstack does not do it, so let's just write a raw gzipped stream
@ -198,7 +199,8 @@ stream_name: stream-1-shard`,
}
tomb.Kill(nil)
tomb.Wait()
err = tomb.Wait()
require.NoError(t, err)
}
}
@ -246,7 +248,8 @@ stream_name: stream-2-shards`,
}
assert.Equal(t, test.count, c)
tomb.Kill(nil)
tomb.Wait()
err = tomb.Wait()
require.NoError(t, err)
}
}
@ -290,7 +293,8 @@ from_subscription: true`,
assert.Equal(t, fmt.Sprintf("%d", i), e.Line.Raw)
}
tomb.Kill(nil)
tomb.Wait()
err = tomb.Wait()
require.NoError(t, err)
}
}

6
pkg/acquisition/modules/kubernetesaudit/k8s_audit_test.go
View file

@ -85,7 +85,8 @@ webhook_path: /k8s-audit`,
err = f.Configure([]byte(test.config), subLogger, configuration.METRICS_NONE)
require.NoError(t, err)
f.StreamingAcquisition(ctx, out, tb)
err = f.StreamingAcquisition(ctx, out, tb)
require.NoError(t, err)
time.Sleep(1 * time.Second)
tb.Kill(nil)
@ -260,7 +261,8 @@ webhook_path: /k8s-audit`,
req := httptest.NewRequest(test.method, "/k8s-audit", strings.NewReader(test.body))
w := httptest.NewRecorder()
f.StreamingAcquisition(ctx, out, tb)
err = f.StreamingAcquisition(ctx, out, tb)
require.NoError(t, err)
f.webhookHandler(w, req)

4
pkg/acquisition/modules/syslog/syslog_test.go
View file

@ -10,6 +10,7 @@ import (
log "github.com/sirupsen/logrus"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
"gopkg.in/tomb.v2"
"github.com/crowdsecurity/go-cs-lib/cstest"
@ -168,7 +169,8 @@ listen_addr: 127.0.0.1`,
}
assert.Equal(t, ts.expectedLines, actualLines)
tomb.Kill(nil)
tomb.Wait()
err = tomb.Wait()
require.NoError(t, err)
})
}
}

18
pkg/apiclient/alerts_service_test.go
View file

@ -23,7 +23,8 @@ func TestAlertsListAsMachine(t *testing.T) {
mux, urlx, teardown := setup()
mux.HandleFunc("/watchers/login", func(w http.ResponseWriter, r *http.Request) {
w.WriteHeader(http.StatusOK)
w.Write([]byte(`{"code": 200, "expire": "2030-01-02T15:04:05Z", "token": "oklol"}`))
_, err := w.Write([]byte(`{"code": 200, "expire": "2030-01-02T15:04:05Z", "token": "oklol"}`))
assert.NoError(t, err)
})
log.Printf("URL is %s", urlx)
@ -202,7 +203,8 @@ func TestAlertsGetAsMachine(t *testing.T) {
mux, urlx, teardown := setup()
mux.HandleFunc("/watchers/login", func(w http.ResponseWriter, r *http.Request) {
w.WriteHeader(http.StatusOK)
w.Write([]byte(`{"code": 200, "expire": "2030-01-02T15:04:05Z", "token": "oklol"}`))
_, err := w.Write([]byte(`{"code": 200, "expire": "2030-01-02T15:04:05Z", "token": "oklol"}`))
assert.NoError(t, err)
})
log.Printf("URL is %s", urlx)
@ -368,13 +370,15 @@ func TestAlertsCreateAsMachine(t *testing.T) {
mux, urlx, teardown := setup()
mux.HandleFunc("/watchers/login", func(w http.ResponseWriter, r *http.Request) {
w.WriteHeader(http.StatusOK)
w.Write([]byte(`{"code": 200, "expire": "2030-01-02T15:04:05Z", "token": "oklol"}`))
_, err := w.Write([]byte(`{"code": 200, "expire": "2030-01-02T15:04:05Z", "token": "oklol"}`))
assert.NoError(t, err)
})
mux.HandleFunc("/alerts", func(w http.ResponseWriter, r *http.Request) {
testMethod(t, r, "POST")
w.WriteHeader(http.StatusOK)
w.Write([]byte(`["3"]`))
_, err := w.Write([]byte(`["3"]`))
assert.NoError(t, err)
})
log.Printf("URL is %s", urlx)
@ -408,14 +412,16 @@ func TestAlertsDeleteAsMachine(t *testing.T) {
mux, urlx, teardown := setup()
mux.HandleFunc("/watchers/login", func(w http.ResponseWriter, r *http.Request) {
w.WriteHeader(http.StatusOK)
w.Write([]byte(`{"code": 200, "expire": "2030-01-02T15:04:05Z", "token": "oklol"}`))
_, err := w.Write([]byte(`{"code": 200, "expire": "2030-01-02T15:04:05Z", "token": "oklol"}`))
assert.NoError(t, err)
})
mux.HandleFunc("/alerts", func(w http.ResponseWriter, r *http.Request) {
testMethod(t, r, "DELETE")
assert.Equal(t, "ip=1.2.3.4", r.URL.RawQuery)
w.WriteHeader(http.StatusOK)
w.Write([]byte(`{"message":"0 deleted alerts"}`))
_, err := w.Write([]byte(`{"message":"0 deleted alerts"}`))
assert.NoError(t, err)
})
log.Printf("URL is %s", urlx)

6
pkg/apiclient/auth_key_test.go
View file

@ -24,10 +24,12 @@ func TestApiAuth(t *testing.T) {
if r.Header.Get("X-Api-Key") == "ixu" {
assert.Equal(t, "ip=1.2.3.4", r.URL.RawQuery)
w.WriteHeader(http.StatusOK)
w.Write([]byte(`null`))
_, err := w.Write([]byte(`null`))
assert.NoError(t, err)
} else {
w.WriteHeader(http.StatusForbidden)
w.Write([]byte(`{"message":"access forbidden"}`))
_, err := w.Write([]byte(`{"message":"access forbidden"}`))
assert.NoError(t, err)
}
})

4
pkg/apiclient/client_http_test.go
View file

@ -7,6 +7,7 @@ import (
"testing"
"time"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
"github.com/crowdsecurity/go-cs-lib/cstest"
@ -31,7 +32,8 @@ func TestNewRequestInvalid(t *testing.T) {
/*mock login*/
mux.HandleFunc("/watchers/login", func(w http.ResponseWriter, r *http.Request) {
w.WriteHeader(http.StatusUnauthorized)
w.Write([]byte(`{"code": 401, "message" : "bad login/password"}`))
_, err := w.Write([]byte(`{"code": 401, "message" : "bad login/password"}`))
assert.NoError(t, err)
})
mux.HandleFunc("/alerts", func(w http.ResponseWriter, r *http.Request) {

24
pkg/apiclient/client_test.go
View file

@ -101,7 +101,8 @@ func TestNewClientOk(t *testing.T) {
/*mock login*/
mux.HandleFunc("/watchers/login", func(w http.ResponseWriter, r *http.Request) {
w.WriteHeader(http.StatusOK)
w.Write([]byte(`{"code": 200, "expire": "2030-01-02T15:04:05Z", "token": "oklol"}`))
_, err := w.Write([]byte(`{"code": 200, "expire": "2030-01-02T15:04:05Z", "token": "oklol"}`))
assert.NoError(t, err)
})
mux.HandleFunc("/alerts", func(w http.ResponseWriter, r *http.Request) {
@ -138,7 +139,8 @@ func TestNewClientOk_UnixSocket(t *testing.T) {
/*mock login*/
mux.HandleFunc("/watchers/login", func(w http.ResponseWriter, r *http.Request) {
w.WriteHeader(http.StatusOK)
w.Write([]byte(`{"code": 200, "expire": "2030-01-02T15:04:05Z", "token": "oklol"}`))
_, err := w.Write([]byte(`{"code": 200, "expire": "2030-01-02T15:04:05Z", "token": "oklol"}`))
assert.NoError(t, err)
})
mux.HandleFunc("/alerts", func(w http.ResponseWriter, r *http.Request) {
@ -174,7 +176,8 @@ func TestNewClientKo(t *testing.T) {
/*mock login*/
mux.HandleFunc("/watchers/login", func(w http.ResponseWriter, r *http.Request) {
w.WriteHeader(http.StatusUnauthorized)
w.Write([]byte(`{"code": 401, "message" : "bad login/password"}`))
_, err := w.Write([]byte(`{"code": 401, "message" : "bad login/password"}`))
assert.NoError(t, err)
})
mux.HandleFunc("/alerts", func(w http.ResponseWriter, r *http.Request) {
@ -200,7 +203,8 @@ func TestNewDefaultClient(t *testing.T) {
mux.HandleFunc("/alerts", func(w http.ResponseWriter, r *http.Request) {
w.WriteHeader(http.StatusUnauthorized)
w.Write([]byte(`{"code": 401, "message" : "brr"}`))
_, err := w.Write([]byte(`{"code": 401, "message" : "brr"}`))
assert.NoError(t, err)
})
_, _, err = client.Alerts.List(context.Background(), AlertsListOpts{})
@ -228,7 +232,8 @@ func TestNewDefaultClient_UnixSocket(t *testing.T) {
mux.HandleFunc("/alerts", func(w http.ResponseWriter, r *http.Request) {
w.WriteHeader(http.StatusUnauthorized)
w.Write([]byte(`{"code": 401, "message" : "brr"}`))
_, err := w.Write([]byte(`{"code": 401, "message" : "brr"}`))
assert.NoError(t, err)
})
_, _, err = client.Alerts.List(context.Background(), AlertsListOpts{})
@ -266,7 +271,8 @@ func TestNewClientRegisterOK(t *testing.T) {
mux.HandleFunc("/watchers", func(w http.ResponseWriter, r *http.Request) {
testMethod(t, r, "POST")
w.WriteHeader(http.StatusOK)
w.Write([]byte(`{"code": 200, "expire": "2030-01-02T15:04:05Z", "token": "oklol"}`))
_, err := w.Write([]byte(`{"code": 200, "expire": "2030-01-02T15:04:05Z", "token": "oklol"}`))
assert.NoError(t, err)
})
apiURL, err := url.Parse(urlx + "/")
@ -298,7 +304,8 @@ func TestNewClientRegisterOK_UnixSocket(t *testing.T) {
mux.HandleFunc("/watchers", func(w http.ResponseWriter, r *http.Request) {
testMethod(t, r, "POST")
w.WriteHeader(http.StatusOK)
w.Write([]byte(`{"code": 200, "expire": "2030-01-02T15:04:05Z", "token": "oklol"}`))
_, err := w.Write([]byte(`{"code": 200, "expire": "2030-01-02T15:04:05Z", "token": "oklol"}`))
assert.NoError(t, err)
})
apiURL, err := url.Parse(urlx)
@ -331,7 +338,8 @@ func TestNewClientBadAnswer(t *testing.T) {
mux.HandleFunc("/watchers", func(w http.ResponseWriter, r *http.Request) {
testMethod(t, r, "POST")
w.WriteHeader(http.StatusUnauthorized)
w.Write([]byte(`bad`))
_, err := w.Write([]byte(`bad`))
assert.NoError(t, err)
})
apiURL, err := url.Parse(urlx + "/")

31
pkg/apiclient/decisions_service_test.go
View file

@ -31,11 +31,12 @@ func TestDecisionsList(t *testing.T) {
assert.Equal(t, "ip=1.2.3.4", r.URL.RawQuery)
assert.Equal(t, "ixu", r.Header.Get("X-Api-Key"))
w.WriteHeader(http.StatusOK)
w.Write([]byte(`[{"duration":"3h59m55.756182786s","id":4,"origin":"cscli","scenario":"manual 'ban' from '82929df7ee394b73b81252fe3b4e50203yaT2u6nXiaN7Ix9'","scope":"Ip","type":"ban","value":"1.2.3.4"}]`))
_, err := w.Write([]byte(`[{"duration":"3h59m55.756182786s","id":4,"origin":"cscli","scenario":"manual 'ban' from '82929df7ee394b73b81252fe3b4e50203yaT2u6nXiaN7Ix9'","scope":"Ip","type":"ban","value":"1.2.3.4"}]`))
assert.NoError(t, err)
} else {
w.WriteHeader(http.StatusOK)
w.Write([]byte(`null`))
// no results
_, err := w.Write([]byte(`null`))
assert.NoError(t, err)
}
})
@ -90,10 +91,12 @@ func TestDecisionsStream(t *testing.T) {
if r.Method == http.MethodGet {
if strings.Contains(r.URL.RawQuery, "startup=true") {
w.WriteHeader(http.StatusOK)
w.Write([]byte(`{"deleted":null,"new":[{"duration":"3h59m55.756182786s","id":4,"origin":"cscli","scenario":"manual 'ban' from '82929df7ee394b73b81252fe3b4e50203yaT2u6nXiaN7Ix9'","scope":"Ip","type":"ban","value":"1.2.3.4"}]}`))
_, err := w.Write([]byte(`{"deleted":null,"new":[{"duration":"3h59m55.756182786s","id":4,"origin":"cscli","scenario":"manual 'ban' from '82929df7ee394b73b81252fe3b4e50203yaT2u6nXiaN7Ix9'","scope":"Ip","type":"ban","value":"1.2.3.4"}]}`))
assert.NoError(t, err)
} else {
w.WriteHeader(http.StatusOK)
w.Write([]byte(`{"deleted":null,"new":null}`))
_, err := w.Write([]byte(`{"deleted":null,"new":null}`))
assert.NoError(t, err)
}
}
})
@ -163,10 +166,12 @@ func TestDecisionsStreamV3Compatibility(t *testing.T) {
if r.Method == http.MethodGet {
if strings.Contains(r.URL.RawQuery, "startup=true") {
w.WriteHeader(http.StatusOK)
w.Write([]byte(`{"deleted":[{"scope":"ip","decisions":["1.2.3.5"]}],"new":[{"scope":"ip", "scenario": "manual 'ban' from '82929df7ee394b73b81252fe3b4e50203yaT2u6nXiaN7Ix9'", "decisions":[{"duration":"3h59m55.756182786s","value":"1.2.3.4"}]}]}`))
_, err := w.Write([]byte(`{"deleted":[{"scope":"ip","decisions":["1.2.3.5"]}],"new":[{"scope":"ip", "scenario": "manual 'ban' from '82929df7ee394b73b81252fe3b4e50203yaT2u6nXiaN7Ix9'", "decisions":[{"duration":"3h59m55.756182786s","value":"1.2.3.4"}]}]}`))
assert.NoError(t, err)
} else {
w.WriteHeader(http.StatusOK)
w.Write([]byte(`{"deleted":null,"new":null}`))
_, err := w.Write([]byte(`{"deleted":null,"new":null}`))
assert.NoError(t, err)
}
}
})
@ -227,9 +232,10 @@ func TestDecisionsStreamV3(t *testing.T) {
if r.Method == http.MethodGet {
w.WriteHeader(http.StatusOK)
w.Write([]byte(`{"deleted":[{"scope":"ip","decisions":["1.2.3.5"]}],
_, err := w.Write([]byte(`{"deleted":[{"scope":"ip","decisions":["1.2.3.5"]}],
"new":[{"scope":"ip", "scenario": "manual 'ban' from '82929df7ee394b73b81252fe3b4e50203yaT2u6nXiaN7Ix9'", "decisions":[{"duration":"3h59m55.756182786s","value":"1.2.3.4"}]}],
"links": {"blocklists":[{"name":"blocklist1","url":"/v3/blocklist","scope":"ip","remediation":"ban","duration":"24h"}]}}`))
assert.NoError(t, err)
}
})
@ -303,7 +309,8 @@ func TestDecisionsFromBlocklist(t *testing.T) {
if r.Method == http.MethodGet {
w.WriteHeader(http.StatusOK)
w.Write([]byte("1.2.3.4\r\n1.2.3.5"))
_, err := w.Write([]byte("1.2.3.4\r\n1.2.3.5"))
assert.NoError(t, err)
}
})
@ -388,14 +395,16 @@ func TestDeleteDecisions(t *testing.T) {
mux, urlx, teardown := setup()
mux.HandleFunc("/watchers/login", func(w http.ResponseWriter, r *http.Request) {
w.WriteHeader(http.StatusOK)
w.Write([]byte(`{"code": 200, "expire": "2030-01-02T15:04:05Z", "token": "oklol"}`))
_, err := w.Write([]byte(`{"code": 200, "expire": "2030-01-02T15:04:05Z", "token": "oklol"}`))
assert.NoError(t, err)
})
mux.HandleFunc("/decisions", func(w http.ResponseWriter, r *http.Request) {
testMethod(t, r, "DELETE")
assert.Equal(t, "ip=1.2.3.4", r.URL.RawQuery)
w.WriteHeader(http.StatusOK)
w.Write([]byte(`{"nbDeleted":"1"}`))
_, err := w.Write([]byte(`{"nbDeleted":"1"}`))
assert.NoError(t, err)
// w.Write([]byte(`{"message":"0 deleted alerts"}`))
})

3
pkg/apiserver/alerts_test.go
View file

@ -142,7 +142,8 @@ func TestCreateAlertChannels(t *testing.T) {
ctx := context.Background()
apiServer, config := NewAPIServer(t, ctx)
apiServer.controller.PluginChannel = make(chan csplugin.ProfileAlert)
apiServer.InitController()
err := apiServer.InitController()
require.NoError(t, err)
loginResp := LoginToTestAPI(t, ctx, apiServer.router, config)
lapi := LAPI{router: apiServer.router, loginResp: loginResp}

3
pkg/csprofiles/csprofiles_test.go
View file

@ -119,7 +119,8 @@ func TestEvaluateProfile(t *testing.T) {
Alert *models.Alert
}
exprhelpers.Init(nil)
err := exprhelpers.Init(nil)
require.NoError(t, err)
tests := []struct {
name string

6
pkg/cwhub/download_test.go
View file

@ -20,10 +20,12 @@ func TestFetchIndex(t *testing.T) {
mockServer := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
if r.URL.Query().Get("with_content") == "true" {
w.WriteHeader(http.StatusOK)
w.Write([]byte(`Hi I'm an index with content`))
_, err := w.Write([]byte(`Hi I'm an index with content`))
assert.NoError(t, err)
} else {
w.WriteHeader(http.StatusOK)
w.Write([]byte(`Hi I'm a regular index`))
_, err := w.Write([]byte(`Hi I'm a regular index`))
assert.NoError(t, err)
}
}))
defer mockServer.Close()

6
pkg/fflag/features_test.go
View file

@ -376,11 +376,13 @@ func TestGetEnabledFeatures(t *testing.T) {
feat1, err := fr.GetFeature("new_standard")
require.NoError(t, err)
feat1.Set(true)
err = feat1.Set(true)
require.Error(t, err, "the flag is deprecated")
feat2, err := fr.GetFeature("experimental1")
require.NoError(t, err)
feat2.Set(true)
err = feat2.Set(true)
require.NoError(t, err)
expected := []string{
"experimental1",

4
pkg/parser/whitelist_test.go
View file

@ -284,9 +284,9 @@ func TestWhitelistCheck(t *testing.T) {
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
var err error
node.Whitelist = tt.whitelist
node.CompileWLs()
_, err := node.CompileWLs()
require.NoError(t, err)
isWhitelisted := node.CheckIPsWL(tt.event)
if !isWhitelisted {
isWhitelisted, err = node.CheckExprWL(map[string]interface{}{"evt": tt.event}, tt.event)

32
pkg/setup/install.go
View file

@ -71,10 +71,14 @@ func InstallHubItems(ctx context.Context, hub *cwhub.Hub, contentProvider cwhub.
return fmt.Errorf("collection %s not found", collection)
}
plan.AddCommand(hubops.NewDownloadCommand(item, contentProvider, forceAction))
if err := plan.AddCommand(hubops.NewDownloadCommand(item, contentProvider, forceAction)); err != nil {
return err
}
if !downloadOnly {
plan.AddCommand(hubops.NewEnableCommand(item, forceAction))
if err := plan.AddCommand(hubops.NewEnableCommand(item, forceAction)); err != nil {
return err
}
}
}
@ -84,10 +88,14 @@ func InstallHubItems(ctx context.Context, hub *cwhub.Hub, contentProvider cwhub.
return fmt.Errorf("parser %s not found", parser)
}
plan.AddCommand(hubops.NewDownloadCommand(item, contentProvider, forceAction))
if err := plan.AddCommand(hubops.NewDownloadCommand(item, contentProvider, forceAction)); err != nil {
return err
}
if !downloadOnly {
plan.AddCommand(hubops.NewEnableCommand(item, forceAction))
if err := plan.AddCommand(hubops.NewEnableCommand(item, forceAction)); err != nil {
return err
}
}
}
@ -97,10 +105,14 @@ func InstallHubItems(ctx context.Context, hub *cwhub.Hub, contentProvider cwhub.
return fmt.Errorf("scenario %s not found", scenario)
}
plan.AddCommand(hubops.NewDownloadCommand(item, contentProvider, forceAction))
if err := plan.AddCommand(hubops.NewDownloadCommand(item, contentProvider, forceAction)); err != nil {
return err
}
if !downloadOnly {
plan.AddCommand(hubops.NewEnableCommand(item, forceAction))
if err := plan.AddCommand(hubops.NewEnableCommand(item, forceAction)); err != nil {
return err
}
}
}
@ -110,10 +122,14 @@ func InstallHubItems(ctx context.Context, hub *cwhub.Hub, contentProvider cwhub.
return fmt.Errorf("postoverflow %s not found", postoverflow)
}
plan.AddCommand(hubops.NewDownloadCommand(item, contentProvider, forceAction))
if err := plan.AddCommand(hubops.NewDownloadCommand(item, contentProvider, forceAction)); err != nil {
return err
}
if !downloadOnly {
plan.AddCommand(hubops.NewEnableCommand(item, forceAction))
if err := plan.AddCommand(hubops.NewEnableCommand(item, forceAction)); err != nil {
return err
}
}
}
}