From 6f5e970f502f06185401e8182c9976f11d5b47df Mon Sep 17 00:00:00 2001 From: mmetc <92726601+mmetc@users.noreply.github.com> Date: Wed, 10 Jul 2024 12:57:16 +0200 Subject: [PATCH] func tests: update curl wrapper (#3121) --- test/bats/00_wait_for.bats | 1 - test/bats/01_crowdsec_lapi.bats | 1 - test/bats/01_cscli.bats | 1 - test/bats/07_setup.bats | 1 - test/bats/10_bouncers.bats | 2 +- test/bats/11_bouncers_tls.bats | 16 ++++++++------ test/bats/20_hub_items.bats | 4 ++-- test/bats/20_hub_scenarios.bats | 2 +- test/bats/30_machines_tls.bats | 1 - test/bats/90_decisions.bats | 1 - test/bats/97_ipv4_single.bats | 12 +++++------ test/bats/97_ipv6_single.bats | 16 +++++++------- test/bats/98_ipv4_range.bats | 16 +++++++------- test/bats/98_ipv6_range.bats | 24 ++++++++++----------- test/bats/99_lapi-stream-mode-scenario.bats | 24 ++++++++++----------- test/bats/99_lapi-stream-mode-scopes.bats | 8 +++---- test/bats/99_lapi-stream-mode.bats | 8 +++---- test/lib/setup_file.sh | 16 ++++++++------ 18 files changed, 76 insertions(+), 78 deletions(-) diff --git a/test/bats/00_wait_for.bats b/test/bats/00_wait_for.bats index ffc6802d9..94c65033b 100644 --- a/test/bats/00_wait_for.bats +++ b/test/bats/00_wait_for.bats @@ -68,4 +68,3 @@ setup() { 2 EOT } - diff --git a/test/bats/01_crowdsec_lapi.bats b/test/bats/01_crowdsec_lapi.bats index 0f6c41cc5..21e1d7a09 100644 --- a/test/bats/01_crowdsec_lapi.bats +++ b/test/bats/01_crowdsec_lapi.bats @@ -48,4 +48,3 @@ teardown() { rune -0 config_set 'del(.api.server.listen_socket) | .api.server.listen_uri="127.0.0.1:0"' rune -0 wait-for --err "CrowdSec Local API listening on 127.0.0.1:" "$CROWDSEC" -no-cs } - diff --git a/test/bats/01_cscli.bats b/test/bats/01_cscli.bats index a0878ad0e..792274cc4 100644 --- a/test/bats/01_cscli.bats +++ b/test/bats/01_cscli.bats @@ -130,7 +130,6 @@ teardown() { EOT } - @test "cscli - required configuration paths" { config=$(cat "$CONFIG_YAML") configdir=$(config_get '.config_paths.config_dir') diff --git a/test/bats/07_setup.bats b/test/bats/07_setup.bats index 9e3f55337..2106d3ab6 100644 --- a/test/bats/07_setup.bats +++ b/test/bats/07_setup.bats @@ -822,4 +822,3 @@ update-notifier-motd.timer enabled enabled assert_output "while unmarshaling setup file: yaml: line 2: could not find expected ':'" assert_stderr --partial "invalid setup file" } - diff --git a/test/bats/10_bouncers.bats b/test/bats/10_bouncers.bats index 9e795e584..b6efbd066 100644 --- a/test/bats/10_bouncers.bats +++ b/test/bats/10_bouncers.bats @@ -68,7 +68,7 @@ teardown() { assert_output --regexp 'ciTestBouncer.*api-key.*' # the first connection sets last_pull and ip address - rune -0 lapi-get '/v1/decisions' + rune -0 curl-with-key '/v1/decisions' rune -0 cscli bouncers list -o json rune -0 jq -r '.[] | .ip_address' <(output) assert_output 127.0.0.1 diff --git a/test/bats/11_bouncers_tls.bats b/test/bats/11_bouncers_tls.bats index 765e93ebe..849b3a5b3 100644 --- a/test/bats/11_bouncers_tls.bats +++ b/test/bats/11_bouncers_tls.bats @@ -146,12 +146,13 @@ teardown() { } @test "simulate a bouncer request with a valid cert" { - rune -0 curl -f -s \ + rune -0 curl --fail-with-body -sS \ --cert "$tmpdir/leaf.pem" \ --key "$tmpdir/leaf-key.pem" \ --cacert "$tmpdir/bundle.pem" \ https://localhost:8080/v1/decisions\?ip=42.42.42.42 assert_output "null" + refute_stderr rune -0 cscli bouncers list -o json rune -0 jq '. | length' <(output) assert_output '1' @@ -162,22 +163,24 @@ teardown() { } @test "simulate a bouncer request with an invalid cert" { - rune -77 curl -f -s \ + rune -77 curl --fail-with-body -sS \ --cert "$tmpdir/leaf_invalid.pem" \ --key "$tmpdir/leaf_invalid-key.pem" \ --cacert "$tmpdir/root-key.pem" \ https://localhost:8080/v1/decisions\?ip=42.42.42.42 + assert_stderr --partial 'error setting certificate file' rune -0 cscli bouncers list -o json assert_output "[]" } @test "simulate a bouncer request with an invalid OU" { - rune -0 curl -s \ + rune -22 curl --fail-with-body -sS \ --cert "$tmpdir/leaf_bad_ou.pem" \ --key "$tmpdir/leaf_bad_ou-key.pem" \ --cacert "$tmpdir/bundle.pem" \ https://localhost:8080/v1/decisions\?ip=42.42.42.42 - assert_json '{message:"access forbidden"}' + assert_json '{message: "access forbidden"}' + assert_stderr --partial 'error: 403' rune -0 cscli bouncers list -o json assert_output "[]" } @@ -187,13 +190,14 @@ teardown() { # we connect twice to test the cache too for cert in "leaf_rev1" "leaf_rev2" "leaf_rev1" "leaf_rev2"; do truncate_log - rune -0 curl -s \ + rune -22 curl --fail-with-body -sS \ --cert "$tmpdir/$cert.pem" \ --key "$tmpdir/$cert-key.pem" \ --cacert "$tmpdir/bundle.pem" \ https://localhost:8080/v1/decisions\?ip=42.42.42.42 assert_log --partial "certificate revoked by CRL" - assert_output --partial "access forbidden" + assert_json '{message: "access forbidden"}' + assert_stderr --partial "error: 403" rune -0 cscli bouncers list -o json assert_output "[]" done diff --git a/test/bats/20_hub_items.bats b/test/bats/20_hub_items.bats index c6dbafc09..1846b3e42 100644 --- a/test/bats/20_hub_items.bats +++ b/test/bats/20_hub_items.bats @@ -46,7 +46,7 @@ teardown() { '. * {collections:{"crowdsecurity/sshd":{"versions":{"1.2":{"digest":$DIGEST, "deprecated": false}, "1.10": {"digest":$DIGEST, "deprecated": false}}}}}' \ ) echo "$new_hub" >"$INDEX_PATH" - + rune -0 cscli collections install crowdsecurity/sshd truncate -s 0 "$CONFIG_DIR/collections/sshd.yaml" @@ -78,7 +78,7 @@ teardown() { '. * {collections:{"crowdsecurity/sshd":{"versions":{"1.2.3.4":{"digest":"foo", "deprecated": false}}}}}' \ ) echo "$new_hub" >"$INDEX_PATH" - + rune -0 cscli collections install crowdsecurity/sshd rune -1 cscli collections inspect crowdsecurity/sshd --no-metrics -o json # XXX: we are on the verbose side here... diff --git a/test/bats/20_hub_scenarios.bats b/test/bats/20_hub_scenarios.bats index 3089e244c..4e4b28e77 100644 --- a/test/bats/20_hub_scenarios.bats +++ b/test/bats/20_hub_scenarios.bats @@ -96,7 +96,7 @@ teardown() { # non-existent rune -1 cscli scenario install foo/bar assert_stderr --partial "can't find 'foo/bar' in scenarios" - + # not installed rune -0 cscli scenarios list crowdsecurity/ssh-bf assert_output --regexp 'crowdsecurity/ssh-bf.*disabled' diff --git a/test/bats/30_machines_tls.bats b/test/bats/30_machines_tls.bats index ef2915e38..ef02d1b57 100644 --- a/test/bats/30_machines_tls.bats +++ b/test/bats/30_machines_tls.bats @@ -3,7 +3,6 @@ set -u - # root: root CA # inter: intermediate CA # inter_rev: intermediate CA revoked by root (CRL3) diff --git a/test/bats/90_decisions.bats b/test/bats/90_decisions.bats index be6e90535..c7ed214ff 100644 --- a/test/bats/90_decisions.bats +++ b/test/bats/90_decisions.bats @@ -179,7 +179,6 @@ teardown() { # disarding only some invalid decisions - rune -0 cscli alerts delete --all truncate -s 0 "$LOGFILE" diff --git a/test/bats/97_ipv4_single.bats b/test/bats/97_ipv4_single.bats index f02d9ebd5..b709930e2 100644 --- a/test/bats/97_ipv4_single.bats +++ b/test/bats/97_ipv4_single.bats @@ -30,7 +30,7 @@ setup() { } @test "API - first decisions list: must be empty" { - rune -0 lapi-get '/v1/decisions' + rune -0 curl-with-key '/v1/decisions' assert_output 'null' } @@ -46,7 +46,7 @@ setup() { } @test "API - all decisions" { - rune -0 lapi-get '/v1/decisions' + rune -0 curl-with-key '/v1/decisions' rune -0 jq -c '[ . | length, .[0].value ]' <(output) assert_output '[1,"1.2.3.4"]' } @@ -60,7 +60,7 @@ setup() { } @test "API - decision for 1.2.3.4" { - rune -0 lapi-get '/v1/decisions?ip=1.2.3.4' + rune -0 curl-with-key '/v1/decisions?ip=1.2.3.4' rune -0 jq -r '.[0].value' <(output) assert_output '1.2.3.4' } @@ -71,7 +71,7 @@ setup() { } @test "API - decision for 1.2.3.5" { - rune -0 lapi-get '/v1/decisions?ip=1.2.3.5' + rune -0 curl-with-key '/v1/decisions?ip=1.2.3.5' assert_output 'null' } @@ -83,7 +83,7 @@ setup() { } @test "API - decision for 1.2.3.0/24" { - rune -0 lapi-get '/v1/decisions?range=1.2.3.0/24' + rune -0 curl-with-key '/v1/decisions?range=1.2.3.0/24' assert_output 'null' } @@ -94,7 +94,7 @@ setup() { } @test "API - decisions where IP in 1.2.3.0/24" { - rune -0 lapi-get '/v1/decisions?range=1.2.3.0/24&contains=false' + rune -0 curl-with-key '/v1/decisions?range=1.2.3.0/24&contains=false' rune -0 jq -r '.[0].value' <(output) assert_output '1.2.3.4' } diff --git a/test/bats/97_ipv6_single.bats b/test/bats/97_ipv6_single.bats index 3cb1cedd0..c7aea030f 100644 --- a/test/bats/97_ipv6_single.bats +++ b/test/bats/97_ipv6_single.bats @@ -41,7 +41,7 @@ setup() { } @test "API - all decisions" { - rune -0 lapi-get "/v1/decisions" + rune -0 curl-with-key "/v1/decisions" rune -0 jq -r '.[].value' <(output) assert_output '1111:2222:3333:4444:5555:6666:7777:8888' } @@ -53,7 +53,7 @@ setup() { } @test "API - decisions for ip 1111:2222:3333:4444:5555:6666:7777:888" { - rune -0 lapi-get '/v1/decisions?ip=1111:2222:3333:4444:5555:6666:7777:8888' + rune -0 curl-with-key '/v1/decisions?ip=1111:2222:3333:4444:5555:6666:7777:8888' rune -0 jq -r '.[].value' <(output) assert_output '1111:2222:3333:4444:5555:6666:7777:8888' } @@ -64,7 +64,7 @@ setup() { } @test "API - decisions for ip 1211:2222:3333:4444:5555:6666:7777:888" { - rune -0 lapi-get '/v1/decisions?ip=1211:2222:3333:4444:5555:6666:7777:8888' + rune -0 curl-with-key '/v1/decisions?ip=1211:2222:3333:4444:5555:6666:7777:8888' assert_output 'null' } @@ -74,7 +74,7 @@ setup() { } @test "API - decisions for ip 1111:2222:3333:4444:5555:6666:7777:8887" { - rune -0 lapi-get '/v1/decisions?ip=1111:2222:3333:4444:5555:6666:7777:8887' + rune -0 curl-with-key '/v1/decisions?ip=1111:2222:3333:4444:5555:6666:7777:8887' assert_output 'null' } @@ -84,7 +84,7 @@ setup() { } @test "API - decisions for range 1111:2222:3333:4444:5555:6666:7777:8888/48" { - rune -0 lapi-get '/v1/decisions?range=1111:2222:3333:4444:5555:6666:7777:8888/48' + rune -0 curl-with-key '/v1/decisions?range=1111:2222:3333:4444:5555:6666:7777:8888/48' assert_output 'null' } @@ -95,7 +95,7 @@ setup() { } @test "API - decisions for ip/range in 1111:2222:3333:4444:5555:6666:7777:8888/48" { - rune -0 lapi-get '/v1/decisions?range=1111:2222:3333:4444:5555:6666:7777:8888/48&&contains=false' + rune -0 curl-with-key '/v1/decisions?range=1111:2222:3333:4444:5555:6666:7777:8888/48&&contains=false' rune -0 jq -r '.[].value' <(output) assert_output '1111:2222:3333:4444:5555:6666:7777:8888' } @@ -106,7 +106,7 @@ setup() { } @test "API - decisions for range 1111:2222:3333:4444:5555:6666:7777:8888/64" { - rune -0 lapi-get '/v1/decisions?range=1111:2222:3333:4444:5555:6666:7777:8888/64' + rune -0 curl-with-key '/v1/decisions?range=1111:2222:3333:4444:5555:6666:7777:8888/64' assert_output 'null' } @@ -117,7 +117,7 @@ setup() { } @test "API - decisions for ip/range in 1111:2222:3333:4444:5555:6666:7777:8888/64" { - rune -0 lapi-get '/v1/decisions?range=1111:2222:3333:4444:5555:6666:7777:8888/64&&contains=false' + rune -0 curl-with-key '/v1/decisions?range=1111:2222:3333:4444:5555:6666:7777:8888/64&&contains=false' rune -0 jq -r '.[].value' <(output) assert_output '1111:2222:3333:4444:5555:6666:7777:8888' } diff --git a/test/bats/98_ipv4_range.bats b/test/bats/98_ipv4_range.bats index a58f144b8..c85e40267 100644 --- a/test/bats/98_ipv4_range.bats +++ b/test/bats/98_ipv4_range.bats @@ -41,7 +41,7 @@ setup() { } @test "API - all decisions" { - rune -0 lapi-get '/v1/decisions' + rune -0 curl-with-key '/v1/decisions' rune -0 jq -r '.[0].value' <(output) assert_output '4.4.4.0/24' } @@ -55,7 +55,7 @@ setup() { } @test "API - decisions for ip 4.4.4." { - rune -0 lapi-get '/v1/decisions?ip=4.4.4.3' + rune -0 curl-with-key '/v1/decisions?ip=4.4.4.3' rune -0 jq -r '.[0].value' <(output) assert_output '4.4.4.0/24' } @@ -66,7 +66,7 @@ setup() { } @test "API - decisions for ip contained in 4.4.4." { - rune -0 lapi-get '/v1/decisions?ip=4.4.4.4&contains=false' + rune -0 curl-with-key '/v1/decisions?ip=4.4.4.4&contains=false' assert_output 'null' } @@ -76,7 +76,7 @@ setup() { } @test "API - decisions for ip 5.4.4." { - rune -0 lapi-get '/v1/decisions?ip=5.4.4.3' + rune -0 curl-with-key '/v1/decisions?ip=5.4.4.3' assert_output 'null' } @@ -86,7 +86,7 @@ setup() { } @test "API - decisions for range 4.4.0.0/1" { - rune -0 lapi-get '/v1/decisions?range=4.4.0.0/16' + rune -0 curl-with-key '/v1/decisions?range=4.4.0.0/16' assert_output 'null' } @@ -97,7 +97,7 @@ setup() { } @test "API - decisions for ip/range in 4.4.0.0/1" { - rune -0 lapi-get '/v1/decisions?range=4.4.0.0/16&contains=false' + rune -0 curl-with-key '/v1/decisions?range=4.4.0.0/16&contains=false' rune -0 jq -r '.[0].value' <(output) assert_output '4.4.4.0/24' } @@ -111,7 +111,7 @@ setup() { } @test "API - decisions for range 4.4.4.2/2" { - rune -0 lapi-get '/v1/decisions?range=4.4.4.2/28' + rune -0 curl-with-key '/v1/decisions?range=4.4.4.2/28' rune -0 jq -r '.[].value' <(output) assert_output '4.4.4.0/24' } @@ -122,6 +122,6 @@ setup() { } @test "API - decisions for range 4.4.3.2/2" { - rune -0 lapi-get '/v1/decisions?range=4.4.3.2/28' + rune -0 curl-with-key '/v1/decisions?range=4.4.3.2/28' assert_output 'null' } diff --git a/test/bats/98_ipv6_range.bats b/test/bats/98_ipv6_range.bats index 065f32b74..531122a55 100644 --- a/test/bats/98_ipv6_range.bats +++ b/test/bats/98_ipv6_range.bats @@ -41,7 +41,7 @@ setup() { } @test "API - all decisions (2)" { - rune -0 lapi-get '/v1/decisions' + rune -0 curl-with-key '/v1/decisions' rune -0 jq -r '.[].value' <(output) assert_output 'aaaa:2222:3333:4444::/64' } @@ -55,7 +55,7 @@ setup() { } @test "API - decisions for ip aaaa:2222:3333:4444:5555:6666:7777:8888" { - rune -0 lapi-get '/v1/decisions?ip=aaaa:2222:3333:4444:5555:6666:7777:8888' + rune -0 curl-with-key '/v1/decisions?ip=aaaa:2222:3333:4444:5555:6666:7777:8888' rune -0 jq -r '.[].value' <(output) assert_output 'aaaa:2222:3333:4444::/64' } @@ -66,7 +66,7 @@ setup() { } @test "API - decisions for ip aaaa:2222:3333:4445:5555:6666:7777:8888" { - rune -0 lapi-get '/v1/decisions?ip=aaaa:2222:3333:4445:5555:6666:7777:8888' + rune -0 curl-with-key '/v1/decisions?ip=aaaa:2222:3333:4445:5555:6666:7777:8888' assert_output 'null' } @@ -76,7 +76,7 @@ setup() { } @test "API - decisions for ip aaa1:2222:3333:4444:5555:6666:7777:8887" { - rune -0 lapi-get '/v1/decisions?ip=aaa1:2222:3333:4444:5555:6666:7777:8887' + rune -0 curl-with-key '/v1/decisions?ip=aaa1:2222:3333:4444:5555:6666:7777:8887' assert_output 'null' } @@ -89,7 +89,7 @@ setup() { } @test "API - decisions for range aaaa:2222:3333:4444:5555::/80" { - rune -0 lapi-get '/v1/decisions?range=aaaa:2222:3333:4444:5555::/80' + rune -0 curl-with-key '/v1/decisions?range=aaaa:2222:3333:4444:5555::/80' rune -0 jq -r '.[].value' <(output) assert_output 'aaaa:2222:3333:4444::/64' } @@ -101,7 +101,7 @@ setup() { } @test "API - decisions for range aaaa:2222:3333:4441:5555::/80" { - rune -0 lapi-get '/v1/decisions?range=aaaa:2222:3333:4441:5555::/80' + rune -0 curl-with-key '/v1/decisions?range=aaaa:2222:3333:4441:5555::/80' assert_output 'null' } @@ -111,7 +111,7 @@ setup() { } @test "API - decisions for range aaa1:2222:3333:4444:5555::/80" { - rune -0 lapi-get '/v1/decisions?range=aaa1:2222:3333:4444:5555::/80' + rune -0 curl-with-key '/v1/decisions?range=aaa1:2222:3333:4444:5555::/80' assert_output 'null' } @@ -123,7 +123,7 @@ setup() { } @test "API - decisions for range aaaa:2222:3333:4444:5555:6666:7777:8888/48" { - rune -0 lapi-get '/v1/decisions?range=aaaa:2222:3333:4444:5555:6666:7777:8888/48' + rune -0 curl-with-key '/v1/decisions?range=aaaa:2222:3333:4444:5555:6666:7777:8888/48' assert_output 'null' } @@ -134,7 +134,7 @@ setup() { } @test "API - decisions for ip/range in aaaa:2222:3333:4444:5555:6666:7777:8888/48" { - rune -0 lapi-get '/v1/decisions?range=aaaa:2222:3333:4444:5555:6666:7777:8888/48&contains=false' + rune -0 curl-with-key '/v1/decisions?range=aaaa:2222:3333:4444:5555:6666:7777:8888/48&contains=false' rune -0 jq -r '.[].value' <(output) assert_output 'aaaa:2222:3333:4444::/64' } @@ -145,7 +145,7 @@ setup() { } @test "API - decisions for ip/range in aaaa:2222:3333:4445:5555:6666:7777:8888/48" { - rune -0 lapi-get '/v1/decisions?range=aaaa:2222:3333:4445:5555:6666:7777:8888/48' + rune -0 curl-with-key '/v1/decisions?range=aaaa:2222:3333:4445:5555:6666:7777:8888/48' assert_output 'null' } @@ -163,7 +163,7 @@ setup() { } @test "API - decisions for ip in bbbb:db8:0000:0000:0000:6fff:ffff:ffff" { - rune -0 lapi-get '/v1/decisions?ip=bbbb:db8:0000:0000:0000:6fff:ffff:ffff' + rune -0 curl-with-key '/v1/decisions?ip=bbbb:db8:0000:0000:0000:6fff:ffff:ffff' rune -0 jq -r '.[].value' <(output) assert_output 'bbbb:db8::/81' } @@ -174,7 +174,7 @@ setup() { } @test "API - decisions for ip in bbbb:db8:0000:0000:0000:8fff:ffff:ffff" { - rune -0 lapi-get '/v1/decisions?ip=bbbb:db8:0000:0000:0000:8fff:ffff:ffff' + rune -0 curl-with-key '/v1/decisions?ip=bbbb:db8:0000:0000:0000:8fff:ffff:ffff' assert_output 'null' } diff --git a/test/bats/99_lapi-stream-mode-scenario.bats b/test/bats/99_lapi-stream-mode-scenario.bats index 1cd44c1ae..32c346061 100644 --- a/test/bats/99_lapi-stream-mode-scenario.bats +++ b/test/bats/99_lapi-stream-mode-scenario.bats @@ -26,7 +26,6 @@ output_new_decisions() { jq -c '.new | map(select(.origin!="CAPI")) | .[] | del(.id) | (.. | .duration?) |= capture("(?[[:digit:]]+h[[:digit:]]+m)").d' <(output) | sort } - @test "adding decisions with different duration, scenario, origin" { # origin: test rune -0 cscli decisions add -i 127.0.0.1 -d 1h -R crowdsecurity/test @@ -55,7 +54,7 @@ output_new_decisions() { } @test "test startup" { - rune -0 lapi-get "/v1/decisions/stream?startup=true" + rune -0 curl-with-key "/v1/decisions/stream?startup=true" rune -0 output_new_decisions assert_output - <<-EOT {"duration":"2h59m","origin":"test","scenario":"crowdsecurity/test","scope":"Ip","type":"ban","value":"127.0.0.2"} @@ -64,7 +63,7 @@ output_new_decisions() { } @test "test startup with scenarios containing" { - rune -0 lapi-get "/v1/decisions/stream?startup=true&scenarios_containing=ssh_bf" + rune -0 curl-with-key "/v1/decisions/stream?startup=true&scenarios_containing=ssh_bf" rune -0 output_new_decisions assert_output - <<-EOT {"duration":"2h59m","origin":"another_origin","scenario":"crowdsecurity/ssh_bf","scope":"Ip","type":"ban","value":"127.0.0.1"} @@ -73,7 +72,7 @@ output_new_decisions() { } @test "test startup with multiple scenarios containing" { - rune -0 lapi-get "/v1/decisions/stream?startup=true&scenarios_containing=ssh_bf,test" + rune -0 curl-with-key "/v1/decisions/stream?startup=true&scenarios_containing=ssh_bf,test" rune -0 output_new_decisions assert_output - <<-EOT {"duration":"2h59m","origin":"another_origin","scenario":"crowdsecurity/ssh_bf","scope":"Ip","type":"ban","value":"127.0.0.1"} @@ -82,12 +81,12 @@ output_new_decisions() { } @test "test startup with unknown scenarios containing" { - rune -0 lapi-get "/v1/decisions/stream?startup=true&scenarios_containing=unknown" + rune -0 curl-with-key "/v1/decisions/stream?startup=true&scenarios_containing=unknown" assert_output '{"deleted":null,"new":null}' } @test "test startup with scenarios containing and not containing" { - rune -0 lapi-get "/v1/decisions/stream?startup=true&scenarios_containing=test&scenarios_not_containing=ssh_bf" + rune -0 curl-with-key "/v1/decisions/stream?startup=true&scenarios_containing=test&scenarios_not_containing=ssh_bf" rune -0 output_new_decisions assert_output - <<-EOT {"duration":"2h59m","origin":"test","scenario":"crowdsecurity/test","scope":"Ip","type":"ban","value":"127.0.0.2"} @@ -96,7 +95,7 @@ output_new_decisions() { } @test "test startup with scenarios containing and not containing 2" { - rune -0 lapi-get "/v1/decisions/stream?startup=true&scenarios_containing=longest&scenarios_not_containing=ssh_bf,test" + rune -0 curl-with-key "/v1/decisions/stream?startup=true&scenarios_containing=longest&scenarios_not_containing=ssh_bf,test" rune -0 output_new_decisions assert_output - <<-EOT {"duration":"4h59m","origin":"test","scenario":"crowdsecurity/longest","scope":"Ip","type":"ban","value":"127.0.0.1"} @@ -104,7 +103,7 @@ output_new_decisions() { } @test "test startup with scenarios not containing" { - rune -0 lapi-get "/v1/decisions/stream?startup=true&scenarios_not_containing=ssh_bf" + rune -0 curl-with-key "/v1/decisions/stream?startup=true&scenarios_not_containing=ssh_bf" rune -0 output_new_decisions assert_output - <<-EOT {"duration":"2h59m","origin":"test","scenario":"crowdsecurity/test","scope":"Ip","type":"ban","value":"127.0.0.2"} @@ -113,7 +112,7 @@ output_new_decisions() { } @test "test startup with multiple scenarios not containing" { - rune -0 lapi-get "/v1/decisions/stream?startup=true&scenarios_not_containing=ssh_bf,test" + rune -0 curl-with-key "/v1/decisions/stream?startup=true&scenarios_not_containing=ssh_bf,test" rune -0 output_new_decisions assert_output - <<-EOT {"duration":"4h59m","origin":"test","scenario":"crowdsecurity/longest","scope":"Ip","type":"ban","value":"127.0.0.1"} @@ -121,7 +120,7 @@ output_new_decisions() { } @test "test startup with origins parameter" { - rune -0 lapi-get "/v1/decisions/stream?startup=true&origins=another_origin" + rune -0 curl-with-key "/v1/decisions/stream?startup=true&origins=another_origin" rune -0 output_new_decisions assert_output - <<-EOT {"duration":"1h59m","origin":"another_origin","scenario":"crowdsecurity/test","scope":"Ip","type":"ban","value":"127.0.0.2"} @@ -130,7 +129,7 @@ output_new_decisions() { } @test "test startup with multiple origins parameter" { - rune -0 lapi-get "/v1/decisions/stream?startup=true&origins=another_origin,test" + rune -0 curl-with-key "/v1/decisions/stream?startup=true&origins=another_origin,test" rune -0 output_new_decisions assert_output - <<-EOT {"duration":"2h59m","origin":"test","scenario":"crowdsecurity/test","scope":"Ip","type":"ban","value":"127.0.0.2"} @@ -139,7 +138,7 @@ output_new_decisions() { } @test "test startup with unknown origins" { - rune -0 lapi-get "/v1/decisions/stream?startup=true&origins=unknown" + rune -0 curl-with-key "/v1/decisions/stream?startup=true&origins=unknown" assert_output '{"deleted":null,"new":null}' } @@ -223,4 +222,3 @@ output_new_decisions() { # NewChecks: []DecisionCheck{}, # }, #} - diff --git a/test/bats/99_lapi-stream-mode-scopes.bats b/test/bats/99_lapi-stream-mode-scopes.bats index a9ed494e6..67badebea 100644 --- a/test/bats/99_lapi-stream-mode-scopes.bats +++ b/test/bats/99_lapi-stream-mode-scopes.bats @@ -29,28 +29,28 @@ setup() { } @test "stream start (implicit ip scope)" { - rune -0 lapi-get "/v1/decisions/stream?startup=true" + rune -0 curl-with-key "/v1/decisions/stream?startup=true" rune -0 jq -r '.new' <(output) assert_output --partial '1.2.3.6' refute_output --partial 'toto' } @test "stream start (explicit ip scope)" { - rune -0 lapi-get "/v1/decisions/stream?startup=true&scopes=ip" + rune -0 curl-with-key "/v1/decisions/stream?startup=true&scopes=ip" rune -0 jq -r '.new' <(output) assert_output --partial '1.2.3.6' refute_output --partial 'toto' } @test "stream start (user scope)" { - rune -0 lapi-get "/v1/decisions/stream?startup=true&scopes=user" + rune -0 curl-with-key "/v1/decisions/stream?startup=true&scopes=user" rune -0 jq -r '.new' <(output) refute_output --partial '1.2.3.6' assert_output --partial 'toto' } @test "stream start (user+ip scope)" { - rune -0 lapi-get "/v1/decisions/stream?startup=true&scopes=user,ip" + rune -0 curl-with-key "/v1/decisions/stream?startup=true&scopes=user,ip" rune -0 jq -r '.new' <(output) assert_output --partial '1.2.3.6' assert_output --partial 'toto' diff --git a/test/bats/99_lapi-stream-mode.bats b/test/bats/99_lapi-stream-mode.bats index c683a6150..b3ee8a434 100644 --- a/test/bats/99_lapi-stream-mode.bats +++ b/test/bats/99_lapi-stream-mode.bats @@ -31,7 +31,7 @@ setup() { } @test "stream start" { - rune -0 lapi-get "/v1/decisions/stream?startup=true" + rune -0 curl-with-key "/v1/decisions/stream?startup=true" if is_db_mysql; then sleep 3; fi rune -0 jq -r '.new' <(output) assert_output --partial '1111:2222:3333:4444:5555:6666:7777:8888' @@ -42,7 +42,7 @@ setup() { @test "stream cont (add)" { rune -0 cscli decisions add -i '1.2.3.5' if is_db_mysql; then sleep 3; fi - rune -0 lapi-get "/v1/decisions/stream" + rune -0 curl-with-key "/v1/decisions/stream" rune -0 jq -r '.new' <(output) assert_output --partial '1.2.3.5' } @@ -50,13 +50,13 @@ setup() { @test "stream cont (del)" { rune -0 cscli decisions delete -i '1.2.3.4' if is_db_mysql; then sleep 3; fi - rune -0 lapi-get "/v1/decisions/stream" + rune -0 curl-with-key "/v1/decisions/stream" rune -0 jq -r '.deleted' <(output) assert_output --partial '1.2.3.4' } @test "stream restart" { - rune -0 lapi-get "/v1/decisions/stream?startup=true" + rune -0 curl-with-key "/v1/decisions/stream?startup=true" api_out=${output} rune -0 jq -r '.deleted' <(output) assert_output --partial '1.2.3.4' diff --git a/test/lib/setup_file.sh b/test/lib/setup_file.sh index ac651c68c..65c600d17 100755 --- a/test/lib/setup_file.sh +++ b/test/lib/setup_file.sh @@ -283,15 +283,17 @@ rune() { export -f rune # call the lapi through unix socket with an API_KEY (authenticates as a bouncer) -lapi-get() { - [[ -z "$1" ]] && { fail "lapi-get: missing path"; } - [[ -z "$API_KEY" ]] && { fail "lapi-get: missing API_KEY"; } +# after $1, pass throught extra arguments to curl +curl-with-key() { + [[ -z "$1" ]] && { fail "${FUNCNAME[0]}: missing path"; } + local path=$1 + shift + [[ -z "$API_KEY" ]] && { fail "${FUNCNAME[0]}: missing API_KEY"; } local socket socket=$(config_get '.api.server.listen_socket') - [[ -z "$socket" ]] && { fail "lapi-get: missing .api.server.listen_socket"; } + [[ -z "$socket" ]] && { fail "${FUNCNAME[0]}: missing .api.server.listen_socket"; } # curl needs a fake hostname when using a unix socket - curl -s -f -H "X-Api-Key: $API_KEY" --unix-socket "$socket" "http://lapi$1" + curl -sS --fail-with-body -H "X-Api-Key: $API_KEY" --unix-socket "$socket" "http://lapi$path" "$@" } -export -f lapi-get - +export -f curl-with-key