mirrors/crowdsec
1
0
Fork 0
mirror of https://github.com/crowdsecurity/crowdsec.git synced 2025-05-11 20:36:12 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

cscli: improved hub management (#3352)

Browse source
This commit is contained in:
mmetc 2024-12-26 15:21:52 +01:00 committed by GitHub
parent 466f39b880
commit a1d26bdc5b
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
61 changed files with 3138 additions and 2672 deletions
Download patch file Download diff file Expand all files Collapse all files

29
test/bats/07_setup.bats
View file

@ -511,8 +511,9 @@ update-notifier-motd.timer enabled enabled
rune -0 jq -e '.installed == false' <(output)
# we install it
rune -0 cscli setup install-hub /dev/stdin --dry-run <<< '{"setup":[{"install":{"collections":["crowdsecurity/apache2"]}}]}'
assert_output 'dry-run: would install collection crowdsecurity/apache2'
rune -0 cscli setup install-hub /dev/stdin --dry-run --output raw <<< '{"setup":[{"install":{"collections":["crowdsecurity/apache2"]}}]}'
assert_line --regexp 'download collections:crowdsecurity/apache2'
assert_line --regexp 'enable collections:crowdsecurity/apache2'
# still not installed
rune -0 cscli collections inspect crowdsecurity/apache2 -o json
@ -520,8 +521,8 @@ update-notifier-motd.timer enabled enabled
# same with dependencies
rune -0 cscli collections remove --all
rune -0 cscli setup install-hub /dev/stdin --dry-run <<< '{"setup":[{"install":{"collections":["crowdsecurity/linux"]}}]}'
assert_output 'dry-run: would install collection crowdsecurity/linux'
rune -0 cscli setup install-hub /dev/stdin --dry-run --output raw <<< '{"setup":[{"install":{"collections":["crowdsecurity/linux"]}}]}'
assert_line --regexp 'enable collections:crowdsecurity/linux'
}
@test "cscli setup install-hub (dry run: install multiple collections)" {
@ -530,8 +531,8 @@ update-notifier-motd.timer enabled enabled
rune -0 jq -e '.installed == false' <(output)
# we install it
rune -0 cscli setup install-hub /dev/stdin --dry-run <<< '{"setup":[{"install":{"collections":["crowdsecurity/apache2"]}}]}'
assert_output 'dry-run: would install collection crowdsecurity/apache2'
rune -0 cscli setup install-hub /dev/stdin --dry-run --output raw <<< '{"setup":[{"install":{"collections":["crowdsecurity/apache2"]}}]}'
assert_line --regexp 'enable collections:crowdsecurity/apache2'
# still not installed
rune -0 cscli collections inspect crowdsecurity/apache2 -o json
@ -539,15 +540,15 @@ update-notifier-motd.timer enabled enabled
}
@test "cscli setup install-hub (dry run: install multiple collections, parsers, scenarios, postoverflows)" {
rune -0 cscli setup install-hub /dev/stdin --dry-run <<< '{"setup":[{"install":{"collections":["crowdsecurity/aws-console","crowdsecurity/caddy"],"parsers":["crowdsecurity/asterisk-logs"],"scenarios":["crowdsecurity/smb-fs"],"postoverflows":["crowdsecurity/cdn-whitelist","crowdsecurity/rdns"]}}]}'
assert_line 'dry-run: would install collection crowdsecurity/aws-console'
assert_line 'dry-run: would install collection crowdsecurity/caddy'
assert_line 'dry-run: would install parser crowdsecurity/asterisk-logs'
assert_line 'dry-run: would install scenario crowdsecurity/smb-fs'
assert_line 'dry-run: would install postoverflow crowdsecurity/cdn-whitelist'
assert_line 'dry-run: would install postoverflow crowdsecurity/rdns'
rune -0 cscli setup install-hub /dev/stdin --dry-run --output raw <<< '{"setup":[{"install":{"collections":["crowdsecurity/aws-console","crowdsecurity/caddy"],"parsers":["crowdsecurity/asterisk-logs"],"scenarios":["crowdsecurity/smb-bf"],"postoverflows":["crowdsecurity/cdn-whitelist","crowdsecurity/rdns"]}}]}'
assert_line --regexp 'enable collections:crowdsecurity/aws-console'
assert_line --regexp 'enable collections:crowdsecurity/caddy'
assert_line --regexp 'enable parsers:crowdsecurity/asterisk-logs'
assert_line --regexp 'enable scenarios:crowdsecurity/smb-bf'
assert_line --regexp 'enable postoverflows:crowdsecurity/cdn-whitelist'
assert_line --regexp 'enable postoverflows:crowdsecurity/rdns'
rune -1 cscli setup install-hub /dev/stdin --dry-run <<< '{"setup":[{"install":{"collections":["crowdsecurity/foo"]}}]}'
rune -1 cscli setup install-hub /dev/stdin --dry-run --output raw <<< '{"setup":[{"install":{"collections":["crowdsecurity/foo"]}}]}'
assert_stderr --partial 'collection crowdsecurity/foo not found'
}

40
test/bats/20_hub.bats
View file

@ -20,7 +20,6 @@ setup() {
load "../lib/setup.sh"
load "../lib/bats-file/load.bash"
./instance-data load
hub_strip_index
}
teardown() {
@ -76,7 +75,7 @@ teardown() {
assert_stderr --partial "invalid hub item appsec-rules:crowdsecurity/vpatch-laravel-debug-mode: latest version missing from index"
rune -1 cscli appsec-rules install crowdsecurity/vpatch-laravel-debug-mode --force
assert_stderr --partial "error while installing 'crowdsecurity/vpatch-laravel-debug-mode': latest hash missing from index. The index file is invalid, please run 'cscli hub update' and try again"
assert_stderr --partial "appsec-rules:crowdsecurity/vpatch-laravel-debug-mode: latest hash missing from index. The index file is invalid, please run 'cscli hub update' and try again"
}
@test "missing reference in hub index" {
@ -108,47 +107,28 @@ teardown() {
@test "cscli hub update" {
rm -f "$INDEX_PATH"
rune -0 cscli hub update
assert_stderr --partial "Wrote index to $INDEX_PATH"
assert_output "Downloading $INDEX_PATH"
rune -0 cscli hub update
assert_stderr --partial "hub index is up to date"
assert_output "Nothing to do, the hub index is up to date."
}
@test "cscli hub upgrade" {
@test "cscli hub upgrade (up to date)" {
rune -0 cscli hub upgrade
assert_stderr --partial "Upgrading parsers"
assert_stderr --partial "Upgraded 0 parsers"
assert_stderr --partial "Upgrading postoverflows"
assert_stderr --partial "Upgraded 0 postoverflows"
assert_stderr --partial "Upgrading scenarios"
assert_stderr --partial "Upgraded 0 scenarios"
assert_stderr --partial "Upgrading contexts"
assert_stderr --partial "Upgraded 0 contexts"
assert_stderr --partial "Upgrading collections"
assert_stderr --partial "Upgraded 0 collections"
assert_stderr --partial "Upgrading appsec-configs"
assert_stderr --partial "Upgraded 0 appsec-configs"
assert_stderr --partial "Upgrading appsec-rules"
assert_stderr --partial "Upgraded 0 appsec-rules"
assert_stderr --partial "Upgrading collections"
assert_stderr --partial "Upgraded 0 collections"
refute_output
rune -0 cscli parsers install crowdsecurity/syslog-logs
rune -0 cscli hub upgrade
assert_stderr --partial "crowdsecurity/syslog-logs: up-to-date"
rune -0 cscli hub upgrade --force
assert_stderr --partial "crowdsecurity/syslog-logs: up-to-date"
assert_stderr --partial "crowdsecurity/syslog-logs: updated"
assert_stderr --partial "Upgraded 1 parsers"
# this is used by the cron script to know if the hub was updated
assert_output --partial "updated crowdsecurity/syslog-logs"
refute_output
skip "todo: data files are re-downloaded with --force"
}
@test "cscli hub upgrade (with local items)" {
mkdir -p "$CONFIG_DIR/collections"
touch "$CONFIG_DIR/collections/foo.yaml"
rune -0 cscli hub upgrade
assert_stderr --partial "not upgrading foo.yaml: local item"
assert_output - <<-EOT
collections:foo.yaml - not downloading local item
EOT
}
@test "cscli hub types" {

381
test/bats/20_hub_collections.bats
View file

@ -1,381 +0,0 @@
#!/usr/bin/env bats
# vim: ft=bats:list:ts=8:sts=4:sw=4:et:ai:si:
set -u
setup_file() {
load "../lib/setup_file.sh"
./instance-data load
HUB_DIR=$(config_get '.config_paths.hub_dir')
export HUB_DIR
INDEX_PATH=$(config_get '.config_paths.index_path')
export INDEX_PATH
CONFIG_DIR=$(config_get '.config_paths.config_dir')
export CONFIG_DIR
}
teardown_file() {
load "../lib/teardown_file.sh"
}
setup() {
load "../lib/setup.sh"
load "../lib/bats-file/load.bash"
./instance-data load
hub_strip_index
}
teardown() {
./instance-crowdsec stop
}
#----------
@test "cscli collections list" {
hub_purge_all
# no items
rune -0 cscli collections list
assert_output --partial "COLLECTIONS"
rune -0 cscli collections list -o json
assert_json '{collections:[]}'
rune -0 cscli collections list -o raw
assert_output 'name,status,version,description'
# some items
rune -0 cscli collections install crowdsecurity/sshd crowdsecurity/smb
rune -0 cscli collections list
assert_output --partial crowdsecurity/sshd
assert_output --partial crowdsecurity/smb
rune -0 grep -c enabled <(output)
assert_output "2"
rune -0 cscli collections list -o json
assert_output --partial crowdsecurity/sshd
assert_output --partial crowdsecurity/smb
rune -0 jq '.collections | length' <(output)
assert_output "2"
rune -0 cscli collections list -o raw
assert_output --partial crowdsecurity/sshd
assert_output --partial crowdsecurity/smb
rune -0 grep -vc 'name,status,version,description' <(output)
assert_output "2"
}
@test "cscli collections list -a" {
expected=$(jq <"$INDEX_PATH" -r '.collections | length')
rune -0 cscli collections list -a
rune -0 grep -c disabled <(output)
assert_output "$expected"
rune -0 cscli collections list -o json -a
rune -0 jq '.collections | length' <(output)
assert_output "$expected"
rune -0 cscli collections list -o raw -a
rune -0 grep -vc 'name,status,version,description' <(output)
assert_output "$expected"
# the list should be the same in all formats, and sorted (not case sensitive)
list_raw=$(cscli collections list -o raw -a | tail -n +2 | cut -d, -f1)
list_human=$(cscli collections list -o human -a | tail -n +6 | head -n -1 | cut -d' ' -f2)
list_json=$(cscli collections list -o json -a | jq -r '.collections[].name')
rune -0 sort -f <<<"$list_raw"
assert_output "$list_raw"
assert_equal "$list_raw" "$list_json"
assert_equal "$list_raw" "$list_human"
}
@test "cscli collections list [collection]..." {
# non-existent
rune -1 cscli collections install foo/bar
assert_stderr --partial "can't find 'foo/bar' in collections"
# not installed
rune -0 cscli collections list crowdsecurity/smb
assert_output --regexp 'crowdsecurity/smb.*disabled'
# install two items
rune -0 cscli collections install crowdsecurity/sshd crowdsecurity/smb
# list an installed item
rune -0 cscli collections list crowdsecurity/sshd
assert_output --regexp "crowdsecurity/sshd"
refute_output --partial "crowdsecurity/smb"
# list multiple installed and non installed items
rune -0 cscli collections list crowdsecurity/sshd crowdsecurity/smb crowdsecurity/nginx
assert_output --partial "crowdsecurity/sshd"
assert_output --partial "crowdsecurity/smb"
assert_output --partial "crowdsecurity/nginx"
rune -0 cscli collections list crowdsecurity/sshd -o json
rune -0 jq '.collections | length' <(output)
assert_output "1"
rune -0 cscli collections list crowdsecurity/sshd crowdsecurity/smb crowdsecurity/nginx -o json
rune -0 jq '.collections | length' <(output)
assert_output "3"
rune -0 cscli collections list crowdsecurity/sshd -o raw
rune -0 grep -vc 'name,status,version,description' <(output)
assert_output "1"
rune -0 cscli collections list crowdsecurity/sshd crowdsecurity/smb -o raw
rune -0 grep -vc 'name,status,version,description' <(output)
assert_output "2"
}
@test "cscli collections install" {
rune -1 cscli collections install
assert_stderr --partial 'requires at least 1 arg(s), only received 0'
# not in hub
rune -1 cscli collections install crowdsecurity/blahblah
assert_stderr --partial "can't find 'crowdsecurity/blahblah' in collections"
# simple install
rune -0 cscli collections install crowdsecurity/sshd
rune -0 cscli collections inspect crowdsecurity/sshd --no-metrics
assert_output --partial 'crowdsecurity/sshd'
assert_output --partial 'installed: true'
# autocorrect
rune -1 cscli collections install crowdsecurity/ssshd
assert_stderr --partial "can't find 'crowdsecurity/ssshd' in collections, did you mean 'crowdsecurity/sshd'?"
# install multiple
rune -0 cscli collections install crowdsecurity/sshd crowdsecurity/smb
rune -0 cscli collections inspect crowdsecurity/sshd --no-metrics
assert_output --partial 'crowdsecurity/sshd'
assert_output --partial 'installed: true'
rune -0 cscli collections inspect crowdsecurity/smb --no-metrics
assert_output --partial 'crowdsecurity/smb'
assert_output --partial 'installed: true'
}
@test "cscli collections install (file location and download-only)" {
rune -0 cscli collections install crowdsecurity/linux --download-only
rune -0 cscli collections inspect crowdsecurity/linux --no-metrics
assert_output --partial 'crowdsecurity/linux'
assert_output --partial 'installed: false'
assert_file_exists "$HUB_DIR/collections/crowdsecurity/linux.yaml"
assert_file_not_exists "$CONFIG_DIR/collections/linux.yaml"
rune -0 cscli collections install crowdsecurity/linux
rune -0 cscli collections inspect crowdsecurity/linux --no-metrics
assert_output --partial 'installed: true'
assert_file_exists "$CONFIG_DIR/collections/linux.yaml"
}
@test "cscli collections install --force (tainted)" {
rune -0 cscli collections install crowdsecurity/sshd
echo "dirty" >"$CONFIG_DIR/collections/sshd.yaml"
rune -1 cscli collections install crowdsecurity/sshd
assert_stderr --partial "error while installing 'crowdsecurity/sshd': while enabling crowdsecurity/sshd: crowdsecurity/sshd is tainted, won't overwrite unless --force"
rune -0 cscli collections install crowdsecurity/sshd --force
assert_stderr --partial "Enabled crowdsecurity/sshd"
}
@test "cscli collections install --ignore (skip on errors)" {
rune -1 cscli collections install foo/bar crowdsecurity/sshd
assert_stderr --partial "can't find 'foo/bar' in collections"
refute_stderr --partial "Enabled collections: crowdsecurity/sshd"
rune -0 cscli collections install foo/bar crowdsecurity/sshd --ignore
assert_stderr --partial "can't find 'foo/bar' in collections"
assert_stderr --partial "Enabled collections: crowdsecurity/sshd"
}
@test "cscli collections inspect" {
rune -1 cscli collections inspect
assert_stderr --partial 'requires at least 1 arg(s), only received 0'
# required for metrics
./instance-crowdsec start
rune -1 cscli collections inspect blahblah/blahblah
assert_stderr --partial "can't find 'blahblah/blahblah' in collections"
# one item
rune -0 cscli collections inspect crowdsecurity/sshd --no-metrics
assert_line 'type: collections'
assert_line 'name: crowdsecurity/sshd'
assert_line 'author: crowdsecurity'
assert_line 'path: collections/crowdsecurity/sshd.yaml'
assert_line 'installed: false'
refute_line --partial 'Current metrics:'
# one item, with metrics
rune -0 cscli collections inspect crowdsecurity/sshd
assert_line --partial 'Current metrics:'
# one item, json
rune -0 cscli collections inspect crowdsecurity/sshd -o json
rune -0 jq -c '[.type, .name, .author, .path, .installed]' <(output)
assert_json '["collections","crowdsecurity/sshd","crowdsecurity","collections/crowdsecurity/sshd.yaml",false]'
# one item, raw
rune -0 cscli collections inspect crowdsecurity/sshd -o raw
assert_line 'type: collections'
assert_line 'name: crowdsecurity/sshd'
assert_line 'author: crowdsecurity'
assert_line 'path: collections/crowdsecurity/sshd.yaml'
assert_line 'installed: false'
refute_line --partial 'Current metrics:'
# multiple items
rune -0 cscli collections inspect crowdsecurity/sshd crowdsecurity/smb --no-metrics
assert_output --partial 'crowdsecurity/sshd'
assert_output --partial 'crowdsecurity/smb'
rune -1 grep -c 'Current metrics:' <(output)
assert_output "0"
# multiple items, with metrics
rune -0 cscli collections inspect crowdsecurity/sshd crowdsecurity/smb
rune -0 grep -c 'Current metrics:' <(output)
assert_output "2"
# multiple items, json
rune -0 cscli collections inspect crowdsecurity/sshd crowdsecurity/smb -o json
rune -0 jq -sc '[.[] | [.type, .name, .author, .path, .installed]]' <(output)
assert_json '[["collections","crowdsecurity/sshd","crowdsecurity","collections/crowdsecurity/sshd.yaml",false],["collections","crowdsecurity/smb","crowdsecurity","collections/crowdsecurity/smb.yaml",false]]'
# multiple items, raw
rune -0 cscli collections inspect crowdsecurity/sshd crowdsecurity/smb -o raw
assert_output --partial 'crowdsecurity/sshd'
assert_output --partial 'crowdsecurity/smb'
rune -1 grep -c 'Current metrics:' <(output)
assert_output "0"
}
@test "cscli collections remove" {
rune -1 cscli collections remove
assert_stderr --partial "specify at least one collection to remove or '--all'"
rune -1 cscli collections remove blahblah/blahblah
assert_stderr --partial "can't find 'blahblah/blahblah' in collections"
rune -0 cscli collections install crowdsecurity/sshd --download-only
rune -0 cscli collections remove crowdsecurity/sshd
assert_stderr --partial 'removing crowdsecurity/sshd: not installed -- no need to remove'
rune -0 cscli collections install crowdsecurity/sshd
rune -0 cscli collections remove crowdsecurity/sshd
assert_stderr --partial 'Removed crowdsecurity/sshd'
rune -0 cscli collections remove crowdsecurity/sshd --purge
assert_stderr --partial 'Removed source file [crowdsecurity/sshd]'
rune -0 cscli collections remove crowdsecurity/sshd
assert_stderr --partial 'removing crowdsecurity/sshd: not installed -- no need to remove'
rune -0 cscli collections remove crowdsecurity/sshd --purge --debug
assert_stderr --partial 'removing crowdsecurity/sshd: not downloaded -- no need to remove'
refute_stderr --partial 'Removed source file [crowdsecurity/sshd]'
# install, then remove, check files
rune -0 cscli collections install crowdsecurity/sshd
assert_file_exists "$CONFIG_DIR/collections/sshd.yaml"
rune -0 cscli collections remove crowdsecurity/sshd
assert_file_not_exists "$CONFIG_DIR/collections/sshd.yaml"
# delete is an alias for remove
rune -0 cscli collections install crowdsecurity/sshd
assert_file_exists "$CONFIG_DIR/collections/sshd.yaml"
rune -0 cscli collections delete crowdsecurity/sshd
assert_file_not_exists "$CONFIG_DIR/collections/sshd.yaml"
# purge
assert_file_exists "$HUB_DIR/collections/crowdsecurity/sshd.yaml"
rune -0 cscli collections remove crowdsecurity/sshd --purge
assert_file_not_exists "$HUB_DIR/collections/crowdsecurity/sshd.yaml"
rune -0 cscli collections install crowdsecurity/sshd crowdsecurity/smb
# --all
rune -0 cscli collections list -o raw
rune -0 grep -vc 'name,status,version,description' <(output)
assert_output "2"
rune -0 cscli collections remove --all
rune -0 cscli collections list -o raw
rune -1 grep -vc 'name,status,version,description' <(output)
assert_output "0"
}
@test "cscli collections remove --force" {
# remove a collections that belongs to a collection
rune -0 cscli collections install crowdsecurity/linux
rune -0 cscli collections remove crowdsecurity/sshd
assert_stderr --partial "crowdsecurity/sshd belongs to collections: [crowdsecurity/linux]"
assert_stderr --partial "Run 'sudo cscli collections remove crowdsecurity/sshd --force' if you want to force remove this collection"
}
@test "cscli collections upgrade" {
rune -1 cscli collections upgrade
assert_stderr --partial "specify at least one collection to upgrade or '--all'"
rune -1 cscli collections upgrade blahblah/blahblah
assert_stderr --partial "can't find 'blahblah/blahblah' in collections"
rune -0 cscli collections remove crowdsecurity/exim --purge
rune -1 cscli collections upgrade crowdsecurity/exim
assert_stderr --partial "can't upgrade crowdsecurity/exim: not installed"
rune -0 cscli collections install crowdsecurity/exim --download-only
rune -1 cscli collections upgrade crowdsecurity/exim
assert_stderr --partial "can't upgrade crowdsecurity/exim: downloaded but not installed"
# hash of the string "v0.0"
sha256_0_0="dfebecf42784a31aa3d009dbcec0c657154a034b45f49cf22a895373f6dbf63d"
# add version 0.0 to all collections
new_hub=$(jq --arg DIGEST "$sha256_0_0" <"$INDEX_PATH" '.collections |= with_entries(.value.versions["0.0"] = {"digest": $DIGEST, "deprecated": false})')
echo "$new_hub" >"$INDEX_PATH"
rune -0 cscli collections install crowdsecurity/sshd
echo "v0.0" > "$CONFIG_DIR/collections/sshd.yaml"
rune -0 cscli collections inspect crowdsecurity/sshd -o json
rune -0 jq -e '.local_version=="0.0"' <(output)
# upgrade
rune -0 cscli collections upgrade crowdsecurity/sshd
rune -0 cscli collections inspect crowdsecurity/sshd -o json
rune -0 jq -e '.local_version==.version' <(output)
# taint
echo "dirty" >"$CONFIG_DIR/collections/sshd.yaml"
# XXX: should return error
rune -0 cscli collections upgrade crowdsecurity/sshd
assert_stderr --partial "crowdsecurity/sshd is tainted, --force to overwrite"
rune -0 cscli collections inspect crowdsecurity/sshd -o json
rune -0 jq -e '.local_version=="?"' <(output)
# force upgrade with taint
rune -0 cscli collections upgrade crowdsecurity/sshd --force
rune -0 cscli collections inspect crowdsecurity/sshd -o json
rune -0 jq -e '.local_version==.version' <(output)
# multiple items
rune -0 cscli collections install crowdsecurity/smb
echo "v0.0" >"$CONFIG_DIR/collections/sshd.yaml"
echo "v0.0" >"$CONFIG_DIR/collections/smb.yaml"
rune -0 cscli collections list -o json
rune -0 jq -e '[.collections[].local_version]==["0.0","0.0"]' <(output)
rune -0 cscli collections upgrade crowdsecurity/sshd crowdsecurity/smb
rune -0 cscli collections list -o json
rune -0 jq -e 'any(.collections[].local_version; .=="0.0") | not' <(output)
# upgrade all
echo "v0.0" >"$CONFIG_DIR/collections/sshd.yaml"
echo "v0.0" >"$CONFIG_DIR/collections/smb.yaml"
rune -0 cscli collections list -o json
rune -0 jq -e '[.collections[].local_version]==["0.0","0.0"]' <(output)
rune -0 cscli collections upgrade --all
rune -0 cscli collections list -o json
rune -0 jq -e 'any(.collections[].local_version; .=="0.0") | not' <(output)
}

26
test/bats/20_hub_collections_dep.bats
View file

@ -20,7 +20,6 @@ setup() {
load "../lib/setup.sh"
load "../lib/bats-file/load.bash"
./instance-data load
hub_strip_index
}
teardown() {
@ -84,18 +83,32 @@ teardown() {
assert_stderr --partial "crowdsecurity/smb is tainted, use '--force' to remove"
}
@test "cscli collections inspect (dependencies)" {
rune -0 cscli collections install crowdsecurity/smb
# The inspect command must show the dependencies of the local or older version.
echo "{'collections': ['crowdsecurity/sshd']}" >"$CONFIG_DIR/collections/smb.yaml"
rune -0 cscli collections inspect crowdsecurity/smb --no-metrics -o json
rune -0 jq -e '.collections' <(output)
assert_json '["crowdsecurity/sshd"]'
}
@test "cscli collections (dependencies II: the revenge)" {
rune -0 cscli collections install crowdsecurity/wireguard baudneo/gotify
rune -0 cscli collections remove crowdsecurity/wireguard
assert_stderr --partial "crowdsecurity/syslog-logs was not removed because it also belongs to baudneo/gotify"
assert_output --regexp 'disabling collections:crowdsecurity/wireguard'
refute_output --regexp 'disabling parsers:crowdsecurity/syslog-logs'
rune -0 cscli collections inspect crowdsecurity/wireguard -o json
rune -0 jq -e '.installed==false' <(output)
rune -0 cscli parsers inspect crowdsecurity/syslog-logs -o json
rune -0 jq -e '.installed==true' <(output)
}
@test "cscli collections (dependencies III: origins)" {
# it is perfectly fine to remove an item belonging to a collection that we are removing anyway
# inject a dependency: sshd requires the syslog-logs parsers, but linux does too
# inject a direct dependency: sshd requires the syslog-logs parsers, but linux does too
hub_dep=$(jq <"$INDEX_PATH" '. * {collections:{"crowdsecurity/sshd":{parsers:["crowdsecurity/syslog-logs"]}}}')
echo "$hub_dep" >"$INDEX_PATH"
@ -108,11 +121,8 @@ teardown() {
# removing linux should remove syslog-logs even though sshd depends on it
rune -0 cscli collections remove crowdsecurity/linux
refute_stderr --partial "crowdsecurity/syslog-logs was not removed"
# we must also consider indirect dependencies
refute_stderr --partial "crowdsecurity/ssh-bf was not removed"
rune -0 cscli parsers list -o json
rune -0 jq -e '.parsers | length == 0' <(output)
rune -0 cscli hub list -o json
rune -0 jq -e 'add | length == 0' <(output)
}
@test "cscli collections (dependencies IV: looper)" {

70
test/bats/20_hub_items.bats
View file

@ -22,7 +22,6 @@ setup() {
load "../lib/setup.sh"
load "../lib/bats-file/load.bash"
./instance-data load
hub_strip_index
}
teardown() {
@ -82,7 +81,7 @@ teardown() {
rune -0 cscli collections install crowdsecurity/sshd
rune -1 cscli collections inspect crowdsecurity/sshd --no-metrics
# XXX: we are on the verbose side here...
assert_stderr --regexp "Error: failed to read Hub index: failed to sync hub items: failed to scan .*: while syncing collections sshd.yaml: 1.2.3.4: Invalid Semantic Version. Run 'sudo cscli hub update' to download the index again"
assert_stderr "Error: failed to read hub index: failed to sync hub items: failed to scan $CONFIG_DIR: while syncing collections sshd.yaml: 1.2.3.4: Invalid Semantic Version. Run 'sudo cscli hub update' to download the index again"
}
@test "removing or purging an item already removed by hand" {
@ -91,19 +90,21 @@ teardown() {
rune -0 jq -r '.local_path' <(output)
rune -0 rm "$(output)"
rune -0 cscli parsers remove crowdsecurity/syslog-logs --debug
assert_stderr --partial "removing crowdsecurity/syslog-logs: not installed -- no need to remove"
rune -0 cscli parsers remove crowdsecurity/syslog-logs
assert_output "Nothing to do."
rune -0 cscli parsers inspect crowdsecurity/syslog-logs -o json
rune -0 jq -r '.path' <(output)
rune -0 rm "$HUB_DIR/$(output)"
rune -0 cscli parsers remove crowdsecurity/syslog-logs --purge --debug
assert_stderr --partial "removing crowdsecurity/syslog-logs: not downloaded -- no need to remove"
rune -0 cscli parsers remove crowdsecurity/syslog-logs --purge
assert_output "Nothing to do."
rune -0 cscli parsers remove crowdsecurity/linux --all --error --purge --force
rune -0 cscli collections remove crowdsecurity/linux --all --error --purge --force
refute_output
rune -0 cscli parsers remove --all --error --purge --force
assert_output "Nothing to do."
refute_stderr
rune -0 cscli collections remove --all --error --purge --force
assert_output "Nothing to do."
refute_stderr
}
@ -121,7 +122,7 @@ teardown() {
# and not from hub update
rune -0 cscli hub update
assert_stderr --partial "collection crowdsecurity/sshd is tainted"
assert_stderr --partial "collection crowdsecurity/sshd is tainted by local changes"
refute_stderr --partial "collection foobar.yaml is tainted"
}
@ -150,25 +151,42 @@ teardown() {
@test "a local item cannot be downloaded by cscli" {
rune -0 mkdir -p "$CONFIG_DIR/collections"
rune -0 touch "$CONFIG_DIR/collections/foobar.yaml"
rune -1 cscli collections install foobar.yaml
assert_stderr --partial "foobar.yaml is local, can't download"
rune -1 cscli collections install foobar.yaml --force
assert_stderr --partial "foobar.yaml is local, can't download"
rune -0 cscli collections install foobar.yaml
assert_output --partial "Nothing to do."
rune -0 cscli collections install foobar.yaml --force
assert_output --partial "Nothing to do."
rune -0 cscli collections install --download-only foobar.yaml
assert_output --partial "Nothing to do."
}
@test "a local item cannot be removed by cscli" {
rune -0 mkdir -p "$CONFIG_DIR/collections"
rune -0 touch "$CONFIG_DIR/collections/foobar.yaml"
rune -0 cscli collections remove foobar.yaml
assert_stderr --partial "foobar.yaml is a local item, please delete manually"
rune -0 cscli collections remove foobar.yaml --purge
assert_stderr --partial "foobar.yaml is a local item, please delete manually"
rune -0 cscli collections remove foobar.yaml --force
assert_stderr --partial "foobar.yaml is a local item, please delete manually"
rune -0 cscli collections remove --all
assert_stderr --partial "foobar.yaml is a local item, please delete manually"
rune -0 cscli collections remove --all --purge
assert_stderr --partial "foobar.yaml is a local item, please delete manually"
rune -0 mkdir -p "$CONFIG_DIR/scenarios"
rune -0 touch "$CONFIG_DIR/scenarios/foobar.yaml"
rune -0 cscli scenarios remove foobar.yaml
assert_output - <<-EOT
WARN scenarios:foobar.yaml is a local item, please delete manually
Nothing to do.
EOT
rune -0 cscli scenarios remove foobar.yaml --purge
assert_output - <<-EOT
WARN scenarios:foobar.yaml is a local item, please delete manually
Nothing to do.
EOT
rune -0 cscli scenarios remove foobar.yaml --force
assert_output - <<-EOT
WARN scenarios:foobar.yaml is a local item, please delete manually
Nothing to do.
EOT
rune -0 cscli scenarios install crowdsecurity/ssh-bf
rune -0 cscli scenarios remove --all
assert_line "WARN scenarios:foobar.yaml is a local item, please delete manually"
assert_line "disabling scenarios:crowdsecurity/ssh-bf"
rune -0 cscli scenarios remove --all --purge
assert_line "WARN scenarios:foobar.yaml is a local item, please delete manually"
assert_line "purging scenarios:crowdsecurity/ssh-bf"
}
@test "a dangling link is reported with a warning" {

383
test/bats/20_hub_parsers.bats
View file

@ -1,383 +0,0 @@
#!/usr/bin/env bats
# vim: ft=bats:list:ts=8:sts=4:sw=4:et:ai:si:
set -u
setup_file() {
load "../lib/setup_file.sh"
./instance-data load
HUB_DIR=$(config_get '.config_paths.hub_dir')
export HUB_DIR
INDEX_PATH=$(config_get '.config_paths.index_path')
export INDEX_PATH
CONFIG_DIR=$(config_get '.config_paths.config_dir')
export CONFIG_DIR
}
teardown_file() {
load "../lib/teardown_file.sh"
}
setup() {
load "../lib/setup.sh"
load "../lib/bats-file/load.bash"
./instance-data load
hub_strip_index
}
teardown() {
./instance-crowdsec stop
}
#----------
@test "cscli parsers list" {
hub_purge_all
# no items
rune -0 cscli parsers list
assert_output --partial "PARSERS"
rune -0 cscli parsers list -o json
assert_json '{parsers:[]}'
rune -0 cscli parsers list -o raw
assert_output 'name,status,version,description'
# some items
rune -0 cscli parsers install crowdsecurity/whitelists crowdsecurity/windows-auth
rune -0 cscli parsers list
assert_output --partial crowdsecurity/whitelists
assert_output --partial crowdsecurity/windows-auth
rune -0 grep -c enabled <(output)
assert_output "2"
rune -0 cscli parsers list -o json
assert_output --partial crowdsecurity/whitelists
assert_output --partial crowdsecurity/windows-auth
rune -0 jq '.parsers | length' <(output)
assert_output "2"
rune -0 cscli parsers list -o raw
assert_output --partial crowdsecurity/whitelists
assert_output --partial crowdsecurity/windows-auth
rune -0 grep -vc 'name,status,version,description' <(output)
assert_output "2"
}
@test "cscli parsers list -a" {
expected=$(jq <"$INDEX_PATH" -r '.parsers | length')
rune -0 cscli parsers list -a
rune -0 grep -c disabled <(output)
assert_output "$expected"
rune -0 cscli parsers list -o json -a
rune -0 jq '.parsers | length' <(output)
assert_output "$expected"
rune -0 cscli parsers list -o raw -a
rune -0 grep -vc 'name,status,version,description' <(output)
assert_output "$expected"
# the list should be the same in all formats, and sorted (not case sensitive)
list_raw=$(cscli parsers list -o raw -a | tail -n +2 | cut -d, -f1)
list_human=$(cscli parsers list -o human -a | tail -n +6 | head -n -1 | cut -d' ' -f2)
list_json=$(cscli parsers list -o json -a | jq -r '.parsers[].name')
rune -0 sort -f <<<"$list_raw"
assert_output "$list_raw"
assert_equal "$list_raw" "$list_json"
assert_equal "$list_raw" "$list_human"
}
@test "cscli parsers list [parser]..." {
# non-existent
rune -1 cscli parsers install foo/bar
assert_stderr --partial "can't find 'foo/bar' in parsers"
# not installed
rune -0 cscli parsers list crowdsecurity/whitelists
assert_output --regexp 'crowdsecurity/whitelists.*disabled'
# install two items
rune -0 cscli parsers install crowdsecurity/whitelists crowdsecurity/windows-auth
# list an installed item
rune -0 cscli parsers list crowdsecurity/whitelists
assert_output --regexp "crowdsecurity/whitelists.*enabled"
refute_output --partial "crowdsecurity/windows-auth"
# list multiple installed and non installed items
rune -0 cscli parsers list crowdsecurity/whitelists crowdsecurity/windows-auth crowdsecurity/traefik-logs
assert_output --partial "crowdsecurity/whitelists"
assert_output --partial "crowdsecurity/windows-auth"
assert_output --partial "crowdsecurity/traefik-logs"
rune -0 cscli parsers list crowdsecurity/whitelists -o json
rune -0 jq '.parsers | length' <(output)
assert_output "1"
rune -0 cscli parsers list crowdsecurity/whitelists crowdsecurity/windows-auth crowdsecurity/traefik-logs -o json
rune -0 jq '.parsers | length' <(output)
assert_output "3"
rune -0 cscli parsers list crowdsecurity/whitelists -o raw
rune -0 grep -vc 'name,status,version,description' <(output)
assert_output "1"
rune -0 cscli parsers list crowdsecurity/whitelists crowdsecurity/windows-auth crowdsecurity/traefik-logs -o raw
rune -0 grep -vc 'name,status,version,description' <(output)
assert_output "3"
}
@test "cscli parsers install" {
rune -1 cscli parsers install
assert_stderr --partial 'requires at least 1 arg(s), only received 0'
# not in hub
rune -1 cscli parsers install crowdsecurity/blahblah
assert_stderr --partial "can't find 'crowdsecurity/blahblah' in parsers"
# simple install
rune -0 cscli parsers install crowdsecurity/whitelists
rune -0 cscli parsers inspect crowdsecurity/whitelists --no-metrics
assert_output --partial 'crowdsecurity/whitelists'
assert_output --partial 'installed: true'
# autocorrect
rune -1 cscli parsers install crowdsecurity/sshd-logz
assert_stderr --partial "can't find 'crowdsecurity/sshd-logz' in parsers, did you mean 'crowdsecurity/sshd-logs'?"
# install multiple
rune -0 cscli parsers install crowdsecurity/pgsql-logs crowdsecurity/postfix-logs
rune -0 cscli parsers inspect crowdsecurity/pgsql-logs --no-metrics
assert_output --partial 'crowdsecurity/pgsql-logs'
assert_output --partial 'installed: true'
rune -0 cscli parsers inspect crowdsecurity/postfix-logs --no-metrics
assert_output --partial 'crowdsecurity/postfix-logs'
assert_output --partial 'installed: true'
}
@test "cscli parsers install (file location and download-only)" {
rune -0 cscli parsers install crowdsecurity/whitelists --download-only
rune -0 cscli parsers inspect crowdsecurity/whitelists --no-metrics
assert_output --partial 'crowdsecurity/whitelists'
assert_output --partial 'installed: false'
assert_file_exists "$HUB_DIR/parsers/s02-enrich/crowdsecurity/whitelists.yaml"
assert_file_not_exists "$CONFIG_DIR/parsers/s02-enrich/whitelists.yaml"
rune -0 cscli parsers install crowdsecurity/whitelists
rune -0 cscli parsers inspect crowdsecurity/whitelists --no-metrics
assert_output --partial 'installed: true'
assert_file_exists "$CONFIG_DIR/parsers/s02-enrich/whitelists.yaml"
}
@test "cscli parsers install --force (tainted)" {
rune -0 cscli parsers install crowdsecurity/whitelists
echo "dirty" >"$CONFIG_DIR/parsers/s02-enrich/whitelists.yaml"
rune -1 cscli parsers install crowdsecurity/whitelists
assert_stderr --partial "error while installing 'crowdsecurity/whitelists': while enabling crowdsecurity/whitelists: crowdsecurity/whitelists is tainted, won't overwrite unless --force"
rune -0 cscli parsers install crowdsecurity/whitelists --force
assert_stderr --partial "Enabled crowdsecurity/whitelists"
}
@test "cscli parsers install --ignore (skip on errors)" {
rune -1 cscli parsers install foo/bar crowdsecurity/whitelists
assert_stderr --partial "can't find 'foo/bar' in parsers"
refute_stderr --partial "Enabled parsers: crowdsecurity/whitelists"
rune -0 cscli parsers install foo/bar crowdsecurity/whitelists --ignore
assert_stderr --partial "can't find 'foo/bar' in parsers"
assert_stderr --partial "Enabled parsers: crowdsecurity/whitelists"
}
@test "cscli parsers inspect" {
rune -1 cscli parsers inspect
assert_stderr --partial 'requires at least 1 arg(s), only received 0'
# required for metrics
./instance-crowdsec start
rune -1 cscli parsers inspect blahblah/blahblah
assert_stderr --partial "can't find 'blahblah/blahblah' in parsers"
# one item
rune -0 cscli parsers inspect crowdsecurity/sshd-logs --no-metrics
assert_line 'type: parsers'
assert_line 'stage: s01-parse'
assert_line 'name: crowdsecurity/sshd-logs'
assert_line 'author: crowdsecurity'
assert_line 'path: parsers/s01-parse/crowdsecurity/sshd-logs.yaml'
assert_line 'installed: false'
refute_line --partial 'Current metrics:'
# one item, with metrics
rune -0 cscli parsers inspect crowdsecurity/sshd-logs
assert_line --partial 'Current metrics:'
# one item, json
rune -0 cscli parsers inspect crowdsecurity/sshd-logs -o json
rune -0 jq -c '[.type, .stage, .name, .author, .path, .installed]' <(output)
assert_json '["parsers","s01-parse","crowdsecurity/sshd-logs","crowdsecurity","parsers/s01-parse/crowdsecurity/sshd-logs.yaml",false]'
# one item, raw
rune -0 cscli parsers inspect crowdsecurity/sshd-logs -o raw
assert_line 'type: parsers'
assert_line 'name: crowdsecurity/sshd-logs'
assert_line 'stage: s01-parse'
assert_line 'author: crowdsecurity'
assert_line 'path: parsers/s01-parse/crowdsecurity/sshd-logs.yaml'
assert_line 'installed: false'
refute_line --partial 'Current metrics:'
# multiple items
rune -0 cscli parsers inspect crowdsecurity/sshd-logs crowdsecurity/whitelists --no-metrics
assert_output --partial 'crowdsecurity/sshd-logs'
assert_output --partial 'crowdsecurity/whitelists'
rune -1 grep -c 'Current metrics:' <(output)
assert_output "0"
# multiple items, with metrics
rune -0 cscli parsers inspect crowdsecurity/sshd-logs crowdsecurity/whitelists
rune -0 grep -c 'Current metrics:' <(output)
assert_output "2"
# multiple items, json
rune -0 cscli parsers inspect crowdsecurity/sshd-logs crowdsecurity/whitelists -o json
rune -0 jq -sc '[.[] | [.type, .stage, .name, .author, .path, .installed]]' <(output)
assert_json '[["parsers","s01-parse","crowdsecurity/sshd-logs","crowdsecurity","parsers/s01-parse/crowdsecurity/sshd-logs.yaml",false],["parsers","s02-enrich","crowdsecurity/whitelists","crowdsecurity","parsers/s02-enrich/crowdsecurity/whitelists.yaml",false]]'
# multiple items, raw
rune -0 cscli parsers inspect crowdsecurity/sshd-logs crowdsecurity/whitelists -o raw
assert_output --partial 'crowdsecurity/sshd-logs'
assert_output --partial 'crowdsecurity/whitelists'
rune -1 grep -c 'Current metrics:' <(output)
assert_output "0"
}
@test "cscli parsers remove" {
rune -1 cscli parsers remove
assert_stderr --partial "specify at least one parser to remove or '--all'"
rune -1 cscli parsers remove blahblah/blahblah
assert_stderr --partial "can't find 'blahblah/blahblah' in parsers"
rune -0 cscli parsers install crowdsecurity/whitelists --download-only
rune -0 cscli parsers remove crowdsecurity/whitelists
assert_stderr --partial "removing crowdsecurity/whitelists: not installed -- no need to remove"
rune -0 cscli parsers install crowdsecurity/whitelists
rune -0 cscli parsers remove crowdsecurity/whitelists
assert_stderr --partial "Removed crowdsecurity/whitelists"
rune -0 cscli parsers remove crowdsecurity/whitelists --purge
assert_stderr --partial 'Removed source file [crowdsecurity/whitelists]'
rune -0 cscli parsers remove crowdsecurity/whitelists
assert_stderr --partial "removing crowdsecurity/whitelists: not installed -- no need to remove"
rune -0 cscli parsers remove crowdsecurity/whitelists --purge --debug
assert_stderr --partial 'removing crowdsecurity/whitelists: not downloaded -- no need to remove'
refute_stderr --partial 'Removed source file [crowdsecurity/whitelists]'
# install, then remove, check files
rune -0 cscli parsers install crowdsecurity/whitelists
assert_file_exists "$CONFIG_DIR/parsers/s02-enrich/whitelists.yaml"
rune -0 cscli parsers remove crowdsecurity/whitelists
assert_file_not_exists "$CONFIG_DIR/parsers/s02-enrich/whitelists.yaml"
# delete is an alias for remove
rune -0 cscli parsers install crowdsecurity/whitelists
assert_file_exists "$CONFIG_DIR/parsers/s02-enrich/whitelists.yaml"
rune -0 cscli parsers delete crowdsecurity/whitelists
assert_file_not_exists "$CONFIG_DIR/parsers/s02-enrich/whitelists.yaml"
# purge
assert_file_exists "$HUB_DIR/parsers/s02-enrich/crowdsecurity/whitelists.yaml"
rune -0 cscli parsers remove crowdsecurity/whitelists --purge
assert_file_not_exists "$HUB_DIR/parsers/s02-enrich/crowdsecurity/whitelists.yaml"
rune -0 cscli parsers install crowdsecurity/whitelists crowdsecurity/windows-auth
# --all
rune -0 cscli parsers list -o raw
rune -0 grep -vc 'name,status,version,description' <(output)
assert_output "2"
rune -0 cscli parsers remove --all
rune -0 cscli parsers list -o raw
rune -1 grep -vc 'name,status,version,description' <(output)
assert_output "0"
}
@test "cscli parsers remove --force" {
# remove a parser that belongs to a collection
rune -0 cscli collections install crowdsecurity/sshd
rune -0 cscli parsers remove crowdsecurity/sshd-logs
assert_stderr --partial "crowdsecurity/sshd-logs belongs to collections: [crowdsecurity/sshd]"
assert_stderr --partial "Run 'sudo cscli parsers remove crowdsecurity/sshd-logs --force' if you want to force remove this parser"
}
@test "cscli parsers upgrade" {
rune -1 cscli parsers upgrade
assert_stderr --partial "specify at least one parser to upgrade or '--all'"
rune -1 cscli parsers upgrade blahblah/blahblah
assert_stderr --partial "can't find 'blahblah/blahblah' in parsers"
rune -0 cscli parsers remove crowdsecurity/pam-logs --purge
rune -1 cscli parsers upgrade crowdsecurity/pam-logs
assert_stderr --partial "can't upgrade crowdsecurity/pam-logs: not installed"
rune -0 cscli parsers install crowdsecurity/pam-logs --download-only
rune -1 cscli parsers upgrade crowdsecurity/pam-logs
assert_stderr --partial "can't upgrade crowdsecurity/pam-logs: downloaded but not installed"
# hash of the string "v0.0"
sha256_0_0="dfebecf42784a31aa3d009dbcec0c657154a034b45f49cf22a895373f6dbf63d"
# add version 0.0 to all parsers
new_hub=$(jq --arg DIGEST "$sha256_0_0" <"$INDEX_PATH" '.parsers |= with_entries(.value.versions["0.0"] = {"digest": $DIGEST, "deprecated": false})')
echo "$new_hub" >"$INDEX_PATH"
rune -0 cscli parsers install crowdsecurity/whitelists
echo "v0.0" > "$CONFIG_DIR/parsers/s02-enrich/whitelists.yaml"
rune -0 cscli parsers inspect crowdsecurity/whitelists -o json
rune -0 jq -e '.local_version=="0.0"' <(output)
# upgrade
rune -0 cscli parsers upgrade crowdsecurity/whitelists
rune -0 cscli parsers inspect crowdsecurity/whitelists -o json
rune -0 jq -e '.local_version==.version' <(output)
# taint
echo "dirty" >"$CONFIG_DIR/parsers/s02-enrich/whitelists.yaml"
# XXX: should return error
rune -0 cscli parsers upgrade crowdsecurity/whitelists
assert_stderr --partial "crowdsecurity/whitelists is tainted, --force to overwrite"
rune -0 cscli parsers inspect crowdsecurity/whitelists -o json
rune -0 jq -e '.local_version=="?"' <(output)
# force upgrade with taint
rune -0 cscli parsers upgrade crowdsecurity/whitelists --force
rune -0 cscli parsers inspect crowdsecurity/whitelists -o json
rune -0 jq -e '.local_version==.version' <(output)
# multiple items
rune -0 cscli parsers install crowdsecurity/windows-auth
echo "v0.0" >"$CONFIG_DIR/parsers/s02-enrich/whitelists.yaml"
echo "v0.0" >"$CONFIG_DIR/parsers/s01-parse/windows-auth.yaml"
rune -0 cscli parsers list -o json
rune -0 jq -e '[.parsers[].local_version]==["0.0","0.0"]' <(output)
rune -0 cscli parsers upgrade crowdsecurity/whitelists crowdsecurity/windows-auth
rune -0 cscli parsers list -o json
rune -0 jq -e 'any(.parsers[].local_version; .=="0.0") | not' <(output)
# upgrade all
echo "v0.0" >"$CONFIG_DIR/parsers/s02-enrich/whitelists.yaml"
echo "v0.0" >"$CONFIG_DIR/parsers/s01-parse/windows-auth.yaml"
rune -0 cscli parsers list -o json
rune -0 jq -e '[.parsers[].local_version]==["0.0","0.0"]' <(output)
rune -0 cscli parsers upgrade --all
rune -0 cscli parsers list -o json
rune -0 jq -e 'any(.parsers[].local_version; .=="0.0") | not' <(output)
}

383
test/bats/20_hub_postoverflows.bats
View file

@ -1,383 +0,0 @@
#!/usr/bin/env bats
# vim: ft=bats:list:ts=8:sts=4:sw=4:et:ai:si:
set -u
setup_file() {
load "../lib/setup_file.sh"
./instance-data load
HUB_DIR=$(config_get '.config_paths.hub_dir')
export HUB_DIR
INDEX_PATH=$(config_get '.config_paths.index_path')
export INDEX_PATH
CONFIG_DIR=$(config_get '.config_paths.config_dir')
export CONFIG_DIR
}
teardown_file() {
load "../lib/teardown_file.sh"
}
setup() {
load "../lib/setup.sh"
load "../lib/bats-file/load.bash"
./instance-data load
hub_strip_index
}
teardown() {
./instance-crowdsec stop
}
#----------
@test "cscli postoverflows list" {
hub_purge_all
# no items
rune -0 cscli postoverflows list
assert_output --partial "POSTOVERFLOWS"
rune -0 cscli postoverflows list -o json
assert_json '{postoverflows:[]}'
rune -0 cscli postoverflows list -o raw
assert_output 'name,status,version,description'
# some items
rune -0 cscli postoverflows install crowdsecurity/rdns crowdsecurity/cdn-whitelist
rune -0 cscli postoverflows list
assert_output --partial crowdsecurity/rdns
assert_output --partial crowdsecurity/cdn-whitelist
rune -0 grep -c enabled <(output)
assert_output "2"
rune -0 cscli postoverflows list -o json
assert_output --partial crowdsecurity/rdns
assert_output --partial crowdsecurity/cdn-whitelist
rune -0 jq '.postoverflows | length' <(output)
assert_output "2"
rune -0 cscli postoverflows list -o raw
assert_output --partial crowdsecurity/rdns
assert_output --partial crowdsecurity/cdn-whitelist
rune -0 grep -vc 'name,status,version,description' <(output)
assert_output "2"
}
@test "cscli postoverflows list -a" {
expected=$(jq <"$INDEX_PATH" -r '.postoverflows | length')
rune -0 cscli postoverflows list -a
rune -0 grep -c disabled <(output)
assert_output "$expected"
rune -0 cscli postoverflows list -o json -a
rune -0 jq '.postoverflows | length' <(output)
assert_output "$expected"
rune -0 cscli postoverflows list -o raw -a
rune -0 grep -vc 'name,status,version,description' <(output)
assert_output "$expected"
# the list should be the same in all formats, and sorted (not case sensitive)
list_raw=$(cscli postoverflows list -o raw -a | tail -n +2 | cut -d, -f1)
list_human=$(cscli postoverflows list -o human -a | tail -n +6 | head -n -1 | cut -d' ' -f2)
list_json=$(cscli postoverflows list -o json -a | jq -r '.postoverflows[].name')
rune -0 sort -f <<<"$list_raw"
assert_output "$list_raw"
assert_equal "$list_raw" "$list_json"
assert_equal "$list_raw" "$list_human"
}
@test "cscli postoverflows list [postoverflow]..." {
# non-existent
rune -1 cscli postoverflows install foo/bar
assert_stderr --partial "can't find 'foo/bar' in postoverflows"
# not installed
rune -0 cscli postoverflows list crowdsecurity/rdns
assert_output --regexp 'crowdsecurity/rdns.*disabled'
# install two items
rune -0 cscli postoverflows install crowdsecurity/rdns crowdsecurity/cdn-whitelist
# list an installed item
rune -0 cscli postoverflows list crowdsecurity/rdns
assert_output --regexp "crowdsecurity/rdns.*enabled"
refute_output --partial "crowdsecurity/cdn-whitelist"
# list multiple installed and non installed items
rune -0 cscli postoverflows list crowdsecurity/rdns crowdsecurity/cdn-whitelist crowdsecurity/ipv6_to_range
assert_output --partial "crowdsecurity/rdns"
assert_output --partial "crowdsecurity/cdn-whitelist"
assert_output --partial "crowdsecurity/ipv6_to_range"
rune -0 cscli postoverflows list crowdsecurity/rdns -o json
rune -0 jq '.postoverflows | length' <(output)
assert_output "1"
rune -0 cscli postoverflows list crowdsecurity/rdns crowdsecurity/cdn-whitelist crowdsecurity/ipv6_to_range -o json
rune -0 jq '.postoverflows | length' <(output)
assert_output "3"
rune -0 cscli postoverflows list crowdsecurity/rdns -o raw
rune -0 grep -vc 'name,status,version,description' <(output)
assert_output "1"
rune -0 cscli postoverflows list crowdsecurity/rdns crowdsecurity/cdn-whitelist crowdsecurity/ipv6_to_range -o raw
rune -0 grep -vc 'name,status,version,description' <(output)
assert_output "3"
}
@test "cscli postoverflows install" {
rune -1 cscli postoverflows install
assert_stderr --partial 'requires at least 1 arg(s), only received 0'
# not in hub
rune -1 cscli postoverflows install crowdsecurity/blahblah
assert_stderr --partial "can't find 'crowdsecurity/blahblah' in postoverflows"
# simple install
rune -0 cscli postoverflows install crowdsecurity/rdns
rune -0 cscli postoverflows inspect crowdsecurity/rdns --no-metrics
assert_output --partial 'crowdsecurity/rdns'
assert_output --partial 'installed: true'
# autocorrect
rune -1 cscli postoverflows install crowdsecurity/rdnf
assert_stderr --partial "can't find 'crowdsecurity/rdnf' in postoverflows, did you mean 'crowdsecurity/rdns'?"
# install multiple
rune -0 cscli postoverflows install crowdsecurity/rdns crowdsecurity/cdn-whitelist
rune -0 cscli postoverflows inspect crowdsecurity/rdns --no-metrics
assert_output --partial 'crowdsecurity/rdns'
assert_output --partial 'installed: true'
rune -0 cscli postoverflows inspect crowdsecurity/cdn-whitelist --no-metrics
assert_output --partial 'crowdsecurity/cdn-whitelist'
assert_output --partial 'installed: true'
}
@test "cscli postoverflows install (file location and download-only)" {
rune -0 cscli postoverflows install crowdsecurity/rdns --download-only
rune -0 cscli postoverflows inspect crowdsecurity/rdns --no-metrics
assert_output --partial 'crowdsecurity/rdns'
assert_output --partial 'installed: false'
assert_file_exists "$HUB_DIR/postoverflows/s00-enrich/crowdsecurity/rdns.yaml"
assert_file_not_exists "$CONFIG_DIR/postoverflows/s00-enrich/rdns.yaml"
rune -0 cscli postoverflows install crowdsecurity/rdns
rune -0 cscli postoverflows inspect crowdsecurity/rdns --no-metrics
assert_output --partial 'installed: true'
assert_file_exists "$CONFIG_DIR/postoverflows/s00-enrich/rdns.yaml"
}
@test "cscli postoverflows install --force (tainted)" {
rune -0 cscli postoverflows install crowdsecurity/rdns
echo "dirty" >"$CONFIG_DIR/postoverflows/s00-enrich/rdns.yaml"
rune -1 cscli postoverflows install crowdsecurity/rdns
assert_stderr --partial "error while installing 'crowdsecurity/rdns': while enabling crowdsecurity/rdns: crowdsecurity/rdns is tainted, won't overwrite unless --force"
rune -0 cscli postoverflows install crowdsecurity/rdns --force
assert_stderr --partial "Enabled crowdsecurity/rdns"
}
@test "cscli postoverflow install --ignore (skip on errors)" {
rune -1 cscli postoverflows install foo/bar crowdsecurity/rdns
assert_stderr --partial "can't find 'foo/bar' in postoverflows"
refute_stderr --partial "Enabled postoverflows: crowdsecurity/rdns"
rune -0 cscli postoverflows install foo/bar crowdsecurity/rdns --ignore
assert_stderr --partial "can't find 'foo/bar' in postoverflows"
assert_stderr --partial "Enabled postoverflows: crowdsecurity/rdns"
}
@test "cscli postoverflows inspect" {
rune -1 cscli postoverflows inspect
assert_stderr --partial 'requires at least 1 arg(s), only received 0'
# required for metrics
./instance-crowdsec start
rune -1 cscli postoverflows inspect blahblah/blahblah
assert_stderr --partial "can't find 'blahblah/blahblah' in postoverflows"
# one item
rune -0 cscli postoverflows inspect crowdsecurity/rdns --no-metrics
assert_line 'type: postoverflows'
assert_line 'stage: s00-enrich'
assert_line 'name: crowdsecurity/rdns'
assert_line 'author: crowdsecurity'
assert_line 'path: postoverflows/s00-enrich/crowdsecurity/rdns.yaml'
assert_line 'installed: false'
refute_line --partial 'Current metrics:'
# one item, with metrics
rune -0 cscli postoverflows inspect crowdsecurity/rdns
assert_line --partial 'Current metrics:'
# one item, json
rune -0 cscli postoverflows inspect crowdsecurity/rdns -o json
rune -0 jq -c '[.type, .stage, .name, .author, .path, .installed]' <(output)
assert_json '["postoverflows","s00-enrich","crowdsecurity/rdns","crowdsecurity","postoverflows/s00-enrich/crowdsecurity/rdns.yaml",false]'
# one item, raw
rune -0 cscli postoverflows inspect crowdsecurity/rdns -o raw
assert_line 'type: postoverflows'
assert_line 'name: crowdsecurity/rdns'
assert_line 'stage: s00-enrich'
assert_line 'author: crowdsecurity'
assert_line 'path: postoverflows/s00-enrich/crowdsecurity/rdns.yaml'
assert_line 'installed: false'
refute_line --partial 'Current metrics:'
# multiple items
rune -0 cscli postoverflows inspect crowdsecurity/rdns crowdsecurity/cdn-whitelist --no-metrics
assert_output --partial 'crowdsecurity/rdns'
assert_output --partial 'crowdsecurity/cdn-whitelist'
rune -1 grep -c 'Current metrics:' <(output)
assert_output "0"
# multiple items, with metrics
rune -0 cscli postoverflows inspect crowdsecurity/rdns crowdsecurity/cdn-whitelist
rune -0 grep -c 'Current metrics:' <(output)
assert_output "2"
# multiple items, json
rune -0 cscli postoverflows inspect crowdsecurity/rdns crowdsecurity/cdn-whitelist -o json
rune -0 jq -sc '[.[] | [.type, .stage, .name, .author, .path, .installed]]' <(output)
assert_json '[["postoverflows","s00-enrich","crowdsecurity/rdns","crowdsecurity","postoverflows/s00-enrich/crowdsecurity/rdns.yaml",false],["postoverflows","s01-whitelist","crowdsecurity/cdn-whitelist","crowdsecurity","postoverflows/s01-whitelist/crowdsecurity/cdn-whitelist.yaml",false]]'
# multiple items, raw
rune -0 cscli postoverflows inspect crowdsecurity/rdns crowdsecurity/cdn-whitelist -o raw
assert_output --partial 'crowdsecurity/rdns'
assert_output --partial 'crowdsecurity/cdn-whitelist'
run -1 grep -c 'Current metrics:' <(output)
assert_output "0"
}
@test "cscli postoverflows remove" {
rune -1 cscli postoverflows remove
assert_stderr --partial "specify at least one postoverflow to remove or '--all'"
rune -1 cscli postoverflows remove blahblah/blahblah
assert_stderr --partial "can't find 'blahblah/blahblah' in postoverflows"
rune -0 cscli postoverflows install crowdsecurity/rdns --download-only
rune -0 cscli postoverflows remove crowdsecurity/rdns
assert_stderr --partial "removing crowdsecurity/rdns: not installed -- no need to remove"
rune -0 cscli postoverflows install crowdsecurity/rdns
rune -0 cscli postoverflows remove crowdsecurity/rdns
assert_stderr --partial 'Removed crowdsecurity/rdns'
rune -0 cscli postoverflows remove crowdsecurity/rdns --purge
assert_stderr --partial 'Removed source file [crowdsecurity/rdns]'
rune -0 cscli postoverflows remove crowdsecurity/rdns
assert_stderr --partial 'removing crowdsecurity/rdns: not installed -- no need to remove'
rune -0 cscli postoverflows remove crowdsecurity/rdns --purge --debug
assert_stderr --partial 'removing crowdsecurity/rdns: not downloaded -- no need to remove'
refute_stderr --partial 'Removed source file [crowdsecurity/rdns]'
# install, then remove, check files
rune -0 cscli postoverflows install crowdsecurity/rdns
assert_file_exists "$CONFIG_DIR/postoverflows/s00-enrich/rdns.yaml"
rune -0 cscli postoverflows remove crowdsecurity/rdns
assert_file_not_exists "$CONFIG_DIR/postoverflows/s00-enrich/rdns.yaml"
# delete is an alias for remove
rune -0 cscli postoverflows install crowdsecurity/rdns
assert_file_exists "$CONFIG_DIR/postoverflows/s00-enrich/rdns.yaml"
rune -0 cscli postoverflows delete crowdsecurity/rdns
assert_file_not_exists "$CONFIG_DIR/postoverflows/s00-enrich/rdns.yaml"
# purge
assert_file_exists "$HUB_DIR/postoverflows/s00-enrich/crowdsecurity/rdns.yaml"
rune -0 cscli postoverflows remove crowdsecurity/rdns --purge
assert_file_not_exists "$HUB_DIR/postoverflows/s00-enrich/crowdsecurity/rdns.yaml"
rune -0 cscli postoverflows install crowdsecurity/rdns crowdsecurity/cdn-whitelist
# --all
rune -0 cscli postoverflows list -o raw
rune -0 grep -vc 'name,status,version,description' <(output)
assert_output "2"
rune -0 cscli postoverflows remove --all
rune -0 cscli postoverflows list -o raw
rune -1 grep -vc 'name,status,version,description' <(output)
assert_output "0"
}
@test "cscli postoverflows remove --force" {
# remove a postoverflow that belongs to a collection
rune -0 cscli collections install crowdsecurity/auditd
rune -0 cscli postoverflows remove crowdsecurity/auditd-whitelisted-process
assert_stderr --partial "crowdsecurity/auditd-whitelisted-process belongs to collections: [crowdsecurity/auditd]"
assert_stderr --partial "Run 'sudo cscli postoverflows remove crowdsecurity/auditd-whitelisted-process --force' if you want to force remove this postoverflow"
}
@test "cscli postoverflows upgrade" {
rune -1 cscli postoverflows upgrade
assert_stderr --partial "specify at least one postoverflow to upgrade or '--all'"
rune -1 cscli postoverflows upgrade blahblah/blahblah
assert_stderr --partial "can't find 'blahblah/blahblah' in postoverflows"
rune -0 cscli postoverflows remove crowdsecurity/discord-crawler-whitelist --purge
rune -1 cscli postoverflows upgrade crowdsecurity/discord-crawler-whitelist
assert_stderr --partial "can't upgrade crowdsecurity/discord-crawler-whitelist: not installed"
rune -0 cscli postoverflows install crowdsecurity/discord-crawler-whitelist --download-only
rune -1 cscli postoverflows upgrade crowdsecurity/discord-crawler-whitelist
assert_stderr --partial "can't upgrade crowdsecurity/discord-crawler-whitelist: downloaded but not installed"
# hash of the string "v0.0"
sha256_0_0="dfebecf42784a31aa3d009dbcec0c657154a034b45f49cf22a895373f6dbf63d"
# add version 0.0 to all postoverflows
new_hub=$(jq --arg DIGEST "$sha256_0_0" <"$INDEX_PATH" '.postoverflows |= with_entries(.value.versions["0.0"] = {"digest": $DIGEST, "deprecated": false})')
echo "$new_hub" >"$INDEX_PATH"
rune -0 cscli postoverflows install crowdsecurity/rdns
echo "v0.0" > "$CONFIG_DIR/postoverflows/s00-enrich/rdns.yaml"
rune -0 cscli postoverflows inspect crowdsecurity/rdns -o json
rune -0 jq -e '.local_version=="0.0"' <(output)
# upgrade
rune -0 cscli postoverflows upgrade crowdsecurity/rdns
rune -0 cscli postoverflows inspect crowdsecurity/rdns -o json
rune -0 jq -e '.local_version==.version' <(output)
# taint
echo "dirty" >"$CONFIG_DIR/postoverflows/s00-enrich/rdns.yaml"
# XXX: should return error
rune -0 cscli postoverflows upgrade crowdsecurity/rdns
assert_stderr --partial "crowdsecurity/rdns is tainted, --force to overwrite"
rune -0 cscli postoverflows inspect crowdsecurity/rdns -o json
rune -0 jq -e '.local_version=="?"' <(output)
# force upgrade with taint
rune -0 cscli postoverflows upgrade crowdsecurity/rdns --force
rune -0 cscli postoverflows inspect crowdsecurity/rdns -o json
rune -0 jq -e '.local_version==.version' <(output)
# multiple items
rune -0 cscli postoverflows install crowdsecurity/cdn-whitelist
echo "v0.0" >"$CONFIG_DIR/postoverflows/s00-enrich/rdns.yaml"
echo "v0.0" >"$CONFIG_DIR/postoverflows/s01-whitelist/cdn-whitelist.yaml"
rune -0 cscli postoverflows list -o json
rune -0 jq -e '[.postoverflows[].local_version]==["0.0","0.0"]' <(output)
rune -0 cscli postoverflows upgrade crowdsecurity/rdns crowdsecurity/cdn-whitelist
rune -0 cscli postoverflows list -o json
rune -0 jq -e 'any(.postoverflows[].local_version; .=="0.0") | not' <(output)
# upgrade all
echo "v0.0" >"$CONFIG_DIR/postoverflows/s00-enrich/rdns.yaml"
echo "v0.0" >"$CONFIG_DIR/postoverflows/s01-whitelist/cdn-whitelist.yaml"
rune -0 cscli postoverflows list -o json
rune -0 jq -e '[.postoverflows[].local_version]==["0.0","0.0"]' <(output)
rune -0 cscli postoverflows upgrade --all
rune -0 cscli postoverflows list -o json
rune -0 jq -e 'any(.postoverflows[].local_version; .=="0.0") | not' <(output)
}

383
test/bats/20_hub_scenarios.bats
View file

@ -1,383 +0,0 @@
#!/usr/bin/env bats
# vim: ft=bats:list:ts=8:sts=4:sw=4:et:ai:si:
set -u
setup_file() {
load "../lib/setup_file.sh"
./instance-data load
HUB_DIR=$(config_get '.config_paths.hub_dir')
export HUB_DIR
INDEX_PATH=$(config_get '.config_paths.index_path')
export INDEX_PATH
CONFIG_DIR=$(config_get '.config_paths.config_dir')
export CONFIG_DIR
}
teardown_file() {
load "../lib/teardown_file.sh"
}
setup() {
load "../lib/setup.sh"
load "../lib/bats-file/load.bash"
./instance-data load
hub_strip_index
}
teardown() {
./instance-crowdsec stop
}
#----------
@test "cscli scenarios list" {
hub_purge_all
# no items
rune -0 cscli scenarios list
assert_output --partial "SCENARIOS"
rune -0 cscli scenarios list -o json
assert_json '{scenarios:[]}'
rune -0 cscli scenarios list -o raw
assert_output 'name,status,version,description'
# some items
rune -0 cscli scenarios install crowdsecurity/ssh-bf crowdsecurity/telnet-bf
rune -0 cscli scenarios list
assert_output --partial crowdsecurity/ssh-bf
assert_output --partial crowdsecurity/telnet-bf
rune -0 grep -c enabled <(output)
assert_output "2"
rune -0 cscli scenarios list -o json
assert_output --partial crowdsecurity/ssh-bf
assert_output --partial crowdsecurity/telnet-bf
rune -0 jq '.scenarios | length' <(output)
assert_output "2"
rune -0 cscli scenarios list -o raw
assert_output --partial crowdsecurity/ssh-bf
assert_output --partial crowdsecurity/telnet-bf
rune -0 grep -vc 'name,status,version,description' <(output)
assert_output "2"
}
@test "cscli scenarios list -a" {
expected=$(jq <"$INDEX_PATH" -r '.scenarios | length')
rune -0 cscli scenarios list -a
rune -0 grep -c disabled <(output)
assert_output "$expected"
rune -0 cscli scenarios list -o json -a
rune -0 jq '.scenarios | length' <(output)
assert_output "$expected"
rune -0 cscli scenarios list -o raw -a
rune -0 grep -vc 'name,status,version,description' <(output)
assert_output "$expected"
# the list should be the same in all formats, and sorted (not case sensitive)
list_raw=$(cscli scenarios list -o raw -a | tail -n +2 | cut -d, -f1)
list_human=$(cscli scenarios list -o human -a | tail -n +6 | head -n -1 | cut -d' ' -f2)
list_json=$(cscli scenarios list -o json -a | jq -r '.scenarios[].name')
# use python to sort because it handles "_" like go
rune -0 python3 -c 'import sys; print("".join(sorted(sys.stdin.readlines(), key=str.casefold)), end="")' <<<"$list_raw"
assert_output "$list_raw"
assert_equal "$list_raw" "$list_json"
assert_equal "$list_raw" "$list_human"
}
@test "cscli scenarios list [scenario]..." {
# non-existent
rune -1 cscli scenario install foo/bar
assert_stderr --partial "can't find 'foo/bar' in scenarios"
# not installed
rune -0 cscli scenarios list crowdsecurity/ssh-bf
assert_output --regexp 'crowdsecurity/ssh-bf.*disabled'
# install two items
rune -0 cscli scenarios install crowdsecurity/ssh-bf crowdsecurity/telnet-bf
# list an installed item
rune -0 cscli scenarios list crowdsecurity/ssh-bf
assert_output --regexp "crowdsecurity/ssh-bf.*enabled"
refute_output --partial "crowdsecurity/telnet-bf"
# list multiple installed and non installed items
rune -0 cscli scenarios list crowdsecurity/ssh-bf crowdsecurity/telnet-bf crowdsecurity/aws-bf crowdsecurity/aws-bf
assert_output --partial "crowdsecurity/ssh-bf"
assert_output --partial "crowdsecurity/telnet-bf"
assert_output --partial "crowdsecurity/aws-bf"
rune -0 cscli scenarios list crowdsecurity/ssh-bf -o json
rune -0 jq '.scenarios | length' <(output)
assert_output "1"
rune -0 cscli scenarios list crowdsecurity/ssh-bf crowdsecurity/telnet-bf crowdsecurity/aws-bf -o json
rune -0 jq '.scenarios | length' <(output)
assert_output "3"
rune -0 cscli scenarios list crowdsecurity/ssh-bf -o raw
rune -0 grep -vc 'name,status,version,description' <(output)
assert_output "1"
rune -0 cscli scenarios list crowdsecurity/ssh-bf crowdsecurity/telnet-bf crowdsecurity/aws-bf -o raw
rune -0 grep -vc 'name,status,version,description' <(output)
assert_output "3"
}
@test "cscli scenarios install" {
rune -1 cscli scenarios install
assert_stderr --partial 'requires at least 1 arg(s), only received 0'
# not in hub
rune -1 cscli scenarios install crowdsecurity/blahblah
assert_stderr --partial "can't find 'crowdsecurity/blahblah' in scenarios"
# simple install
rune -0 cscli scenarios install crowdsecurity/ssh-bf
rune -0 cscli scenarios inspect crowdsecurity/ssh-bf --no-metrics
assert_output --partial 'crowdsecurity/ssh-bf'
assert_output --partial 'installed: true'
# autocorrect
rune -1 cscli scenarios install crowdsecurity/ssh-tf
assert_stderr --partial "can't find 'crowdsecurity/ssh-tf' in scenarios, did you mean 'crowdsecurity/ssh-bf'?"
# install multiple
rune -0 cscli scenarios install crowdsecurity/ssh-bf crowdsecurity/telnet-bf
rune -0 cscli scenarios inspect crowdsecurity/ssh-bf --no-metrics
assert_output --partial 'crowdsecurity/ssh-bf'
assert_output --partial 'installed: true'
rune -0 cscli scenarios inspect crowdsecurity/telnet-bf --no-metrics
assert_output --partial 'crowdsecurity/telnet-bf'
assert_output --partial 'installed: true'
}
@test "cscli scenarios install (file location and download-only)" {
# simple install
rune -0 cscli scenarios install crowdsecurity/ssh-bf --download-only
rune -0 cscli scenarios inspect crowdsecurity/ssh-bf --no-metrics
assert_output --partial 'crowdsecurity/ssh-bf'
assert_output --partial 'installed: false'
assert_file_exists "$HUB_DIR/scenarios/crowdsecurity/ssh-bf.yaml"
assert_file_not_exists "$CONFIG_DIR/scenarios/ssh-bf.yaml"
rune -0 cscli scenarios install crowdsecurity/ssh-bf
rune -0 cscli scenarios inspect crowdsecurity/ssh-bf --no-metrics
assert_output --partial 'installed: true'
assert_file_exists "$CONFIG_DIR/scenarios/ssh-bf.yaml"
}
@test "cscli scenarios install --force (tainted)" {
rune -0 cscli scenarios install crowdsecurity/ssh-bf
echo "dirty" >"$CONFIG_DIR/scenarios/ssh-bf.yaml"
rune -1 cscli scenarios install crowdsecurity/ssh-bf
assert_stderr --partial "error while installing 'crowdsecurity/ssh-bf': while enabling crowdsecurity/ssh-bf: crowdsecurity/ssh-bf is tainted, won't overwrite unless --force"
rune -0 cscli scenarios install crowdsecurity/ssh-bf --force
assert_stderr --partial "Enabled crowdsecurity/ssh-bf"
}
@test "cscli scenarios install --ignore (skip on errors)" {
rune -1 cscli scenarios install foo/bar crowdsecurity/ssh-bf
assert_stderr --partial "can't find 'foo/bar' in scenarios"
refute_stderr --partial "Enabled scenarios: crowdsecurity/ssh-bf"
rune -0 cscli scenarios install foo/bar crowdsecurity/ssh-bf --ignore
assert_stderr --partial "can't find 'foo/bar' in scenarios"
assert_stderr --partial "Enabled scenarios: crowdsecurity/ssh-bf"
}
@test "cscli scenarios inspect" {
rune -1 cscli scenarios inspect
assert_stderr --partial 'requires at least 1 arg(s), only received 0'
# required for metrics
./instance-crowdsec start
rune -1 cscli scenarios inspect blahblah/blahblah
assert_stderr --partial "can't find 'blahblah/blahblah' in scenarios"
# one item
rune -0 cscli scenarios inspect crowdsecurity/ssh-bf --no-metrics
assert_line 'type: scenarios'
assert_line 'name: crowdsecurity/ssh-bf'
assert_line 'author: crowdsecurity'
assert_line 'path: scenarios/crowdsecurity/ssh-bf.yaml'
assert_line 'installed: false'
refute_line --partial 'Current metrics:'
# one item, with metrics
rune -0 cscli scenarios inspect crowdsecurity/ssh-bf
assert_line --partial 'Current metrics:'
# one item, json
rune -0 cscli scenarios inspect crowdsecurity/ssh-bf -o json
rune -0 jq -c '[.type, .name, .author, .path, .installed]' <(output)
assert_json '["scenarios","crowdsecurity/ssh-bf","crowdsecurity","scenarios/crowdsecurity/ssh-bf.yaml",false]'
# one item, raw
rune -0 cscli scenarios inspect crowdsecurity/ssh-bf -o raw
assert_line 'type: scenarios'
assert_line 'name: crowdsecurity/ssh-bf'
assert_line 'author: crowdsecurity'
assert_line 'path: scenarios/crowdsecurity/ssh-bf.yaml'
assert_line 'installed: false'
refute_line --partial 'Current metrics:'
# multiple items
rune -0 cscli scenarios inspect crowdsecurity/ssh-bf crowdsecurity/telnet-bf --no-metrics
assert_output --partial 'crowdsecurity/ssh-bf'
assert_output --partial 'crowdsecurity/telnet-bf'
rune -1 grep -c 'Current metrics:' <(output)
assert_output "0"
# multiple items, with metrics
rune -0 cscli scenarios inspect crowdsecurity/ssh-bf crowdsecurity/telnet-bf
rune -0 grep -c 'Current metrics:' <(output)
assert_output "2"
# multiple items, json
rune -0 cscli scenarios inspect crowdsecurity/ssh-bf crowdsecurity/telnet-bf -o json
rune -0 jq -sc '[.[] | [.type, .name, .author, .path, .installed]]' <(output)
assert_json '[["scenarios","crowdsecurity/ssh-bf","crowdsecurity","scenarios/crowdsecurity/ssh-bf.yaml",false],["scenarios","crowdsecurity/telnet-bf","crowdsecurity","scenarios/crowdsecurity/telnet-bf.yaml",false]]'
# multiple items, raw
rune -0 cscli scenarios inspect crowdsecurity/ssh-bf crowdsecurity/telnet-bf -o raw
assert_output --partial 'crowdsecurity/ssh-bf'
assert_output --partial 'crowdsecurity/telnet-bf'
run -1 grep -c 'Current metrics:' <(output)
assert_output "0"
}
@test "cscli scenarios remove" {
rune -1 cscli scenarios remove
assert_stderr --partial "specify at least one scenario to remove or '--all'"
rune -1 cscli scenarios remove blahblah/blahblah
assert_stderr --partial "can't find 'blahblah/blahblah' in scenarios"
rune -0 cscli scenarios install crowdsecurity/ssh-bf --download-only
rune -0 cscli scenarios remove crowdsecurity/ssh-bf
assert_stderr --partial "removing crowdsecurity/ssh-bf: not installed -- no need to remove"
rune -0 cscli scenarios install crowdsecurity/ssh-bf
rune -0 cscli scenarios remove crowdsecurity/ssh-bf
assert_stderr --partial "Removed crowdsecurity/ssh-bf"
rune -0 cscli scenarios remove crowdsecurity/ssh-bf --purge
assert_stderr --partial 'Removed source file [crowdsecurity/ssh-bf]'
rune -0 cscli scenarios remove crowdsecurity/ssh-bf
assert_stderr --partial "removing crowdsecurity/ssh-bf: not installed -- no need to remove"
rune -0 cscli scenarios remove crowdsecurity/ssh-bf --purge --debug
assert_stderr --partial 'removing crowdsecurity/ssh-bf: not downloaded -- no need to remove'
refute_stderr --partial 'Removed source file [crowdsecurity/ssh-bf]'
# install, then remove, check files
rune -0 cscli scenarios install crowdsecurity/ssh-bf
assert_file_exists "$CONFIG_DIR/scenarios/ssh-bf.yaml"
rune -0 cscli scenarios remove crowdsecurity/ssh-bf
assert_file_not_exists "$CONFIG_DIR/scenarios/ssh-bf.yaml"
# delete is an alias for remove
rune -0 cscli scenarios install crowdsecurity/ssh-bf
assert_file_exists "$CONFIG_DIR/scenarios/ssh-bf.yaml"
rune -0 cscli scenarios delete crowdsecurity/ssh-bf
assert_file_not_exists "$CONFIG_DIR/scenarios/ssh-bf.yaml"
# purge
assert_file_exists "$HUB_DIR/scenarios/crowdsecurity/ssh-bf.yaml"
rune -0 cscli scenarios remove crowdsecurity/ssh-bf --purge
assert_file_not_exists "$HUB_DIR/scenarios/crowdsecurity/ssh-bf.yaml"
rune -0 cscli scenarios install crowdsecurity/ssh-bf crowdsecurity/telnet-bf
# --all
rune -0 cscli scenarios list -o raw
rune -0 grep -vc 'name,status,version,description' <(output)
assert_output "2"
rune -0 cscli scenarios remove --all
rune -0 cscli scenarios list -o raw
rune -1 grep -vc 'name,status,version,description' <(output)
assert_output "0"
}
@test "cscli scenarios remove --force" {
# remove a scenario that belongs to a collection
rune -0 cscli collections install crowdsecurity/sshd
rune -0 cscli scenarios remove crowdsecurity/ssh-bf
assert_stderr --partial "crowdsecurity/ssh-bf belongs to collections: [crowdsecurity/sshd]"
assert_stderr --partial "Run 'sudo cscli scenarios remove crowdsecurity/ssh-bf --force' if you want to force remove this scenario"
}
@test "cscli scenarios upgrade" {
rune -1 cscli scenarios upgrade
assert_stderr --partial "specify at least one scenario to upgrade or '--all'"
rune -1 cscli scenarios upgrade blahblah/blahblah
assert_stderr --partial "can't find 'blahblah/blahblah' in scenarios"
rune -0 cscli scenarios remove crowdsecurity/vsftpd-bf --purge
rune -1 cscli scenarios upgrade crowdsecurity/vsftpd-bf
assert_stderr --partial "can't upgrade crowdsecurity/vsftpd-bf: not installed"
rune -0 cscli scenarios install crowdsecurity/vsftpd-bf --download-only
rune -1 cscli scenarios upgrade crowdsecurity/vsftpd-bf
assert_stderr --partial "can't upgrade crowdsecurity/vsftpd-bf: downloaded but not installed"
# hash of the string "v0.0"
sha256_0_0="dfebecf42784a31aa3d009dbcec0c657154a034b45f49cf22a895373f6dbf63d"
# add version 0.0 to all scenarios
new_hub=$(jq --arg DIGEST "$sha256_0_0" <"$INDEX_PATH" '.scenarios |= with_entries(.value.versions["0.0"] = {"digest": $DIGEST, "deprecated": false})')
echo "$new_hub" >"$INDEX_PATH"
rune -0 cscli scenarios install crowdsecurity/ssh-bf
echo "v0.0" > "$CONFIG_DIR/scenarios/ssh-bf.yaml"
rune -0 cscli scenarios inspect crowdsecurity/ssh-bf -o json
rune -0 jq -e '.local_version=="0.0"' <(output)
# upgrade
rune -0 cscli scenarios upgrade crowdsecurity/ssh-bf
rune -0 cscli scenarios inspect crowdsecurity/ssh-bf -o json
rune -0 jq -e '.local_version==.version' <(output)
# taint
echo "dirty" >"$CONFIG_DIR/scenarios/ssh-bf.yaml"
# XXX: should return error
rune -0 cscli scenarios upgrade crowdsecurity/ssh-bf
assert_stderr --partial "crowdsecurity/ssh-bf is tainted, --force to overwrite"
rune -0 cscli scenarios inspect crowdsecurity/ssh-bf -o json
rune -0 jq -e '.local_version=="?"' <(output)
# force upgrade with taint
rune -0 cscli scenarios upgrade crowdsecurity/ssh-bf --force
rune -0 cscli scenarios inspect crowdsecurity/ssh-bf -o json
rune -0 jq -e '.local_version==.version' <(output)
# multiple items
rune -0 cscli scenarios install crowdsecurity/telnet-bf
echo "v0.0" >"$CONFIG_DIR/scenarios/ssh-bf.yaml"
echo "v0.0" >"$CONFIG_DIR/scenarios/telnet-bf.yaml"
rune -0 cscli scenarios list -o json
rune -0 jq -e '[.scenarios[].local_version]==["0.0","0.0"]' <(output)
rune -0 cscli scenarios upgrade crowdsecurity/ssh-bf crowdsecurity/telnet-bf
rune -0 cscli scenarios list -o json
rune -0 jq -e 'any(.scenarios[].local_version; .=="0.0") | not' <(output)
# upgrade all
echo "v0.0" >"$CONFIG_DIR/scenarios/ssh-bf.yaml"
echo "v0.0" >"$CONFIG_DIR/scenarios/telnet-bf.yaml"
rune -0 cscli scenarios list -o json
rune -0 jq -e '[.scenarios[].local_version]==["0.0","0.0"]' <(output)
rune -0 cscli scenarios upgrade --all
rune -0 cscli scenarios list -o json
rune -0 jq -e 'any(.scenarios[].local_version; .=="0.0") | not' <(output)
}

93
test/bats/cscli-hubtype-inspect.bats Normal file
View file

@ -0,0 +1,93 @@
#!/usr/bin/env bats
# Generic tests for the command "cscli <hubtype> inspect".
#
# Behavior that is specific to a hubtype should be tested in a separate file.
set -u
setup_file() {
load "../lib/setup_file.sh"
./instance-data load
HUB_DIR=$(config_get '.config_paths.hub_dir')
export HUB_DIR
INDEX_PATH=$(config_get '.config_paths.index_path')
export INDEX_PATH
CONFIG_DIR=$(config_get '.config_paths.config_dir')
export CONFIG_DIR
}
teardown_file() {
load "../lib/teardown_file.sh"
}
setup() {
load "../lib/setup.sh"
load "../lib/bats-file/load.bash"
./instance-data load
}
teardown() {
./instance-crowdsec stop
}
#----------
@test "cscli parsers inspect" {
rune -1 cscli parsers inspect
assert_stderr --partial 'requires at least 1 arg(s), only received 0'
# required for metrics
./instance-crowdsec start
rune -1 cscli parsers inspect blahblah/blahblah
assert_stderr --partial "can't find 'blahblah/blahblah' in parsers"
# one item
rune -0 cscli parsers inspect crowdsecurity/sshd-logs --no-metrics
assert_line 'type: parsers'
assert_line 'name: crowdsecurity/sshd-logs'
assert_line 'path: parsers/s01-parse/crowdsecurity/sshd-logs.yaml'
assert_line 'installed: false'
refute_line --partial 'Current metrics:'
# one item, with metrics
rune -0 cscli parsers inspect crowdsecurity/sshd-logs
assert_line --partial 'Current metrics:'
# one item, json
rune -0 cscli parsers inspect crowdsecurity/sshd-logs -o json
rune -0 jq -c '[.type, .name, .path, .installed]' <(output)
assert_json '["parsers","crowdsecurity/sshd-logs","parsers/s01-parse/crowdsecurity/sshd-logs.yaml",false]'
# one item, raw
rune -0 cscli parsers inspect crowdsecurity/sshd-logs -o raw
assert_line 'type: parsers'
assert_line 'name: crowdsecurity/sshd-logs'
assert_line 'path: parsers/s01-parse/crowdsecurity/sshd-logs.yaml'
assert_line 'installed: false'
refute_line --partial 'Current metrics:'
# multiple items
rune -0 cscli parsers inspect crowdsecurity/sshd-logs crowdsecurity/whitelists --no-metrics
assert_output --partial 'crowdsecurity/sshd-logs'
assert_output --partial 'crowdsecurity/whitelists'
rune -1 grep -c 'Current metrics:' <(output)
assert_output "0"
# multiple items, with metrics
rune -0 cscli parsers inspect crowdsecurity/sshd-logs crowdsecurity/whitelists
rune -0 grep -c 'Current metrics:' <(output)
assert_output "2"
# multiple items, json
rune -0 cscli parsers inspect crowdsecurity/sshd-logs crowdsecurity/whitelists -o json
rune -0 jq -sc '[.[] | [.type, .name, .path, .installed]]' <(output)
assert_json '[["parsers","crowdsecurity/sshd-logs","parsers/s01-parse/crowdsecurity/sshd-logs.yaml",false],["parsers","crowdsecurity/whitelists","parsers/s02-enrich/crowdsecurity/whitelists.yaml",false]]'
# multiple items, raw
rune -0 cscli parsers inspect crowdsecurity/sshd-logs crowdsecurity/whitelists -o raw
assert_output --partial 'crowdsecurity/sshd-logs'
assert_output --partial 'crowdsecurity/whitelists'
rune -1 grep -c 'Current metrics:' <(output)
assert_output "0"
}

269
test/bats/cscli-hubtype-install.bats Normal file
View file

@ -0,0 +1,269 @@
#!/usr/bin/env bats
# Generic tests for the command "cscli <hubtype> install".
#
# Behavior that is specific to a hubtype should be tested in a separate file.
set -u
setup_file() {
load "../lib/setup_file.sh"
./instance-data load
HUB_DIR=$(config_get '.config_paths.hub_dir')
export HUB_DIR
# INDEX_PATH=$(config_get '.config_paths.index_path')
# export INDEX_PATH
CONFIG_DIR=$(config_get '.config_paths.config_dir')
export CONFIG_DIR
}
teardown_file() {
load "../lib/teardown_file.sh"
}
setup() {
load "../lib/setup.sh"
load "../lib/bats-file/load.bash"
./instance-data load
# make sure the hub is empty
hub_purge_all
}
teardown() {
# most tests don't need the service, but we ensure it's stopped
./instance-crowdsec stop
}
#----------
@test "cscli <hubtype> install (no argument)" {
rune -1 cscli parsers install
refute_output
assert_stderr --partial 'requires at least 1 arg(s), only received 0'
}
@test "cscli <hubtype> install (aliased)" {
rune -1 cscli parser install
refute_output
assert_stderr --partial 'requires at least 1 arg(s), only received 0'
}
@test "install an item (non-existent)" {
rune -1 cscli parsers install foo/bar
assert_stderr --partial "can't find 'foo/bar' in parsers"
}
@test "install an item (dry run)" {
rune -0 cscli parsers install crowdsecurity/whitelists --dry-run
assert_output - --regexp <<-EOT
Action plan:
📥 download
parsers: crowdsecurity/whitelists \([0-9]+.[0-9]+\)
✅ enable
parsers: crowdsecurity/whitelists
Dry run, no action taken.
EOT
rune -0 cscli parsers inspect crowdsecurity/whitelists --no-metrics -o json
rune -0 jq -e '.installed==false' <(output)
assert_file_not_exists "$CONFIG_DIR/parsers/s02-enrich/whitelists.yaml"
}
@test "install an item (dry-run, de-duplicate commands)" {
rune -0 cscli parsers install crowdsecurity/whitelists crowdsecurity/whitelists --dry-run --output raw
assert_output - --regexp <<-EOT
Action plan:
📥 download parsers:crowdsecurity/whitelists \([0-9]+.[0-9]+\)
✅ enable parsers:crowdsecurity/whitelists
Dry run, no action taken.
EOT
refute_stderr
}
@test "install an item" {
rune -0 cscli parsers install crowdsecurity/whitelists
assert_output - <<-EOT
downloading parsers:crowdsecurity/whitelists
enabling parsers:crowdsecurity/whitelists
$RELOAD_MESSAGE
EOT
refute_stderr
rune -0 cscli parsers inspect crowdsecurity/whitelists --no-metrics -o json
rune -0 jq -e '.installed==true' <(output)
assert_file_exists "$CONFIG_DIR/parsers/s02-enrich/whitelists.yaml"
}
@test "install an item (autocorrect)" {
rune -1 cscli parsers install crowdsecurity/whatelists
assert_stderr --partial "can't find 'crowdsecurity/whatelists' in parsers, did you mean 'crowdsecurity/whitelists'?"
refute_output
}
@test "install an item (download only)" {
assert_file_not_exists "$HUB_DIR/parsers/s02-enrich/crowdsecurity/whitelists.yaml"
rune -0 cscli parsers install crowdsecurity/whitelists --download-only
assert_output - <<-EOT
downloading parsers:crowdsecurity/whitelists
$RELOAD_MESSAGE
EOT
refute_stderr
rune -0 cscli parsers inspect crowdsecurity/whitelists --no-metrics -o json
rune -0 jq -e '.installed==false' <(output)
assert_file_exists "$HUB_DIR/parsers/s02-enrich/crowdsecurity/whitelists.yaml"
}
@test "install an item (already installed)" {
rune -0 cscli parsers install crowdsecurity/whitelists
rune -0 cscli parsers install crowdsecurity/whitelists --dry-run
assert_output "Nothing to do."
refute_stderr
rune -0 cscli parsers install crowdsecurity/whitelists
assert_output "Nothing to do."
refute_stderr
}
@test "install an item (force is no-op if not tainted)" {
rune -0 cscli parsers install crowdsecurity/whitelists
rune -0 cscli parsers install crowdsecurity/whitelists
assert_output "Nothing to do."
refute_stderr
rune -0 cscli parsers install crowdsecurity/whitelists --force
assert_output "Nothing to do."
refute_stderr
}
@test "install an item (tainted, requires --force)" {
rune -0 cscli parsers install crowdsecurity/whitelists
echo "dirty" >"$CONFIG_DIR/parsers/s02-enrich/whitelists.yaml"
rune -0 cscli parsers install crowdsecurity/whitelists --dry-run
assert_output - --stderr <<-EOT
WARN parsers:crowdsecurity/whitelists is tainted, use '--force' to overwrite
Nothing to do.
EOT
refute_stderr
# XXX should this fail with status 1 instead?
rune -0 cscli parsers install crowdsecurity/whitelists
assert_output - <<-EOT
WARN parsers:crowdsecurity/whitelists is tainted, use '--force' to overwrite
Nothing to do.
EOT
refute_stderr
rune -0 cscli parsers install crowdsecurity/whitelists --force
assert_output - <<-EOT
downloading parsers:crowdsecurity/whitelists
$RELOAD_MESSAGE
EOT
refute_stderr
rune -0 cscli parsers inspect crowdsecurity/whitelists --no-metrics -o json
rune -0 jq -e '.installed==true' <(output)
}
@test "install multiple items" {
rune -0 cscli parsers install crowdsecurity/pgsql-logs crowdsecurity/postfix-logs
rune -0 cscli parsers inspect crowdsecurity/pgsql-logs --no-metrics -o json
rune -0 jq -e '.installed==true' <(output)
rune -0 cscli parsers inspect crowdsecurity/postfix-logs --no-metrics -o json
rune -0 jq -e '.installed==true' <(output)
}
@test "install multiple items (some already installed)" {
rune -0 cscli parsers install crowdsecurity/pgsql-logs
rune -0 cscli parsers install crowdsecurity/pgsql-logs crowdsecurity/postfix-logs --dry-run
assert_output - --regexp <<-EOT
Action plan:
📥 download
parsers: crowdsecurity/postfix-logs \([0-9]+.[0-9]+\)
✅ enable
parsers: crowdsecurity/postfix-logs
Dry run, no action taken.
EOT
refute_stderr
}
@test "install one or multiple items (ignore errors)" {
rune -0 cscli parsers install foo/bar --ignore
assert_stderr --partial "can't find 'foo/bar' in parsers"
assert_output "Nothing to do."
rune -0 cscli parsers install crowdsecurity/whitelists
echo "dirty" >"$CONFIG_DIR/parsers/s02-enrich/whitelists.yaml"
# XXX: this is not testing '--ignore' anymore; TODO find a better error to ignore
# and maybe re-evaluate the --ignore flag
rune -0 cscli parsers install crowdsecurity/whitelists --ignore
assert_output - <<-EOT
WARN parsers:crowdsecurity/whitelists is tainted, use '--force' to overwrite
Nothing to do.
EOT
refute_stderr
# error on one item, should still install the others
rune -0 cscli parsers install crowdsecurity/whitelists crowdsecurity/pgsql-logs --ignore
refute_stderr
assert_output - <<-EOT
WARN parsers:crowdsecurity/whitelists is tainted, use '--force' to overwrite
downloading parsers:crowdsecurity/pgsql-logs
enabling parsers:crowdsecurity/pgsql-logs
$RELOAD_MESSAGE
EOT
rune -0 cscli parsers inspect crowdsecurity/pgsql-logs --no-metrics -o json
rune -0 jq -e '.installed==true' <(output)
}
@test "override part of a collection with local items" {
# A collection will use a local item to fulfil a dependency provided it has
# the correct name field.
mkdir -p "$CONFIG_DIR/parsers/s01-parse"
echo "name: crowdsecurity/sshd-logs" > "$CONFIG_DIR/parsers/s01-parse/sshd-logs.yaml"
rune -0 cscli parsers list -o json
rune -0 jq -c '.parsers[] | [.name,.status]' <(output)
assert_json '["crowdsecurity/sshd-logs","enabled,local"]'
# attempt to install from hub
rune -0 cscli parsers install crowdsecurity/sshd-logs
assert_line 'parsers:crowdsecurity/sshd-logs - not downloading local item'
rune -0 cscli parsers list -o json
rune -0 jq -c '.parsers[] | [.name,.status]' <(output)
assert_json '["crowdsecurity/sshd-logs","enabled,local"]'
# attempt to install from a collection
rune -0 cscli collections install crowdsecurity/sshd
assert_line 'parsers:crowdsecurity/sshd-logs - not downloading local item'
# verify it installed the rest of the collection
assert_line 'enabling contexts:crowdsecurity/bf_base'
assert_line 'enabling collections:crowdsecurity/sshd'
# remove them
rune -0 cscli collections delete crowdsecurity/sshd --force --purge
rune -0 rm "$CONFIG_DIR/parsers/s01-parse/sshd-logs.yaml"
# do the same with a different file name
echo "name: crowdsecurity/sshd-logs" > "$CONFIG_DIR/parsers/s01-parse/something.yaml"
rune -0 cscli parsers list -o json
rune -0 jq -c '.parsers[] | [.name,.status]' <(output)
assert_json '["crowdsecurity/sshd-logs","enabled,local"]'
# attempt to install from hub
rune -0 cscli parsers install crowdsecurity/sshd-logs
assert_line 'parsers:crowdsecurity/sshd-logs - not downloading local item'
# attempt to install from a collection
rune -0 cscli collections install crowdsecurity/sshd
assert_line 'parsers:crowdsecurity/sshd-logs - not downloading local item'
# verify it installed the rest of the collection
assert_line 'enabling contexts:crowdsecurity/bf_base'
assert_line 'enabling collections:crowdsecurity/sshd'
}

130
test/bats/cscli-hubtype-list.bats Normal file
View file

@ -0,0 +1,130 @@
#!/usr/bin/env bats
set -u
setup_file() {
load "../lib/setup_file.sh"
./instance-data load
HUB_DIR=$(config_get '.config_paths.hub_dir')
export HUB_DIR
INDEX_PATH=$(config_get '.config_paths.index_path')
export INDEX_PATH
CONFIG_DIR=$(config_get '.config_paths.config_dir')
export CONFIG_DIR
}
teardown_file() {
load "../lib/teardown_file.sh"
}
setup() {
load "../lib/setup.sh"
load "../lib/bats-file/load.bash"
./instance-data load
}
teardown() {
./instance-crowdsec stop
}
#----------
@test "cscli parsers list" {
hub_purge_all
# no items
rune -0 cscli parsers list
assert_output --partial "PARSERS"
rune -0 cscli parsers list -o json
assert_json '{parsers:[]}'
rune -0 cscli parsers list -o raw
assert_output 'name,status,version,description'
# some items
rune -0 cscli parsers install crowdsecurity/whitelists crowdsecurity/windows-auth
rune -0 cscli parsers list
assert_output --partial crowdsecurity/whitelists
assert_output --partial crowdsecurity/windows-auth
rune -0 grep -c enabled <(output)
assert_output "2"
rune -0 cscli parsers list -o json
assert_output --partial crowdsecurity/whitelists
assert_output --partial crowdsecurity/windows-auth
rune -0 jq '.parsers | length' <(output)
assert_output "2"
rune -0 cscli parsers list -o raw
assert_output --partial crowdsecurity/whitelists
assert_output --partial crowdsecurity/windows-auth
rune -0 grep -vc 'name,status,version,description' <(output)
assert_output "2"
}
@test "cscli parsers list -a" {
expected=$(jq <"$INDEX_PATH" -r '.parsers | length')
rune -0 cscli parsers list -a
rune -0 grep -c disabled <(output)
assert_output "$expected"
rune -0 cscli parsers list -o json -a
rune -0 jq '.parsers | length' <(output)
assert_output "$expected"
rune -0 cscli parsers list -o raw -a
rune -0 grep -vc 'name,status,version,description' <(output)
assert_output "$expected"
# the list should be the same in all formats, and sorted (not case sensitive)
list_raw=$(cscli parsers list -o raw -a | tail -n +2 | cut -d, -f1)
list_human=$(cscli parsers list -o human -a | tail -n +6 | head -n -1 | cut -d' ' -f2)
list_json=$(cscli parsers list -o json -a | jq -r '.parsers[].name')
# use python to sort because it handles "_" like go
rune -0 python3 -c 'import sys; print("".join(sorted(sys.stdin.readlines(), key=str.casefold)), end="")' <<<"$list_raw"
assert_output "$list_raw"
assert_equal "$list_raw" "$list_json"
assert_equal "$list_raw" "$list_human"
}
@test "cscli parsers list [parser]..." {
# non-existent
rune -1 cscli parsers install foo/bar
assert_stderr --partial "can't find 'foo/bar' in parsers"
# not installed
rune -0 cscli parsers list crowdsecurity/whitelists
assert_output --regexp 'crowdsecurity/whitelists.*disabled'
# install two items
rune -0 cscli parsers install crowdsecurity/whitelists crowdsecurity/windows-auth
# list an installed item
rune -0 cscli parsers list crowdsecurity/whitelists
assert_output --regexp "crowdsecurity/whitelists.*enabled"
refute_output --partial "crowdsecurity/windows-auth"
# list multiple installed and non installed items
rune -0 cscli parsers list crowdsecurity/whitelists crowdsecurity/windows-auth crowdsecurity/traefik-logs
assert_output --partial "crowdsecurity/whitelists"
assert_output --partial "crowdsecurity/windows-auth"
assert_output --partial "crowdsecurity/traefik-logs"
rune -0 cscli parsers list crowdsecurity/whitelists -o json
rune -0 jq '.parsers | length' <(output)
assert_output "1"
rune -0 cscli parsers list crowdsecurity/whitelists crowdsecurity/windows-auth crowdsecurity/traefik-logs -o json
rune -0 jq '.parsers | length' <(output)
assert_output "3"
rune -0 cscli parsers list crowdsecurity/whitelists -o raw
rune -0 grep -vc 'name,status,version,description' <(output)
assert_output "1"
rune -0 cscli parsers list crowdsecurity/whitelists crowdsecurity/windows-auth crowdsecurity/traefik-logs -o raw
rune -0 grep -vc 'name,status,version,description' <(output)
assert_output "3"
}

245
test/bats/cscli-hubtype-remove.bats Normal file
View file

@ -0,0 +1,245 @@
#!/usr/bin/env bats
# Generic tests for the command "cscli <hubtype> remove".
#
# Behavior that is specific to a hubtype should be tested in a separate file.
set -u
setup_file() {
load "../lib/setup_file.sh"
./instance-data load
HUB_DIR=$(config_get '.config_paths.hub_dir')
export HUB_DIR
# INDEX_PATH=$(config_get '.config_paths.index_path')
# export INDEX_PATH
CONFIG_DIR=$(config_get '.config_paths.config_dir')
export CONFIG_DIR
}
teardown_file() {
load "../lib/teardown_file.sh"
}
setup() {
load "../lib/setup.sh"
load "../lib/bats-file/load.bash"
./instance-data load
# make sure the hub is empty
hub_purge_all
}
teardown() {
# most tests don't need the service, but we ensure it's stopped
./instance-crowdsec stop
}
#----------
@test "cscli <hubtype> remove (no argument)" {
rune -1 cscli parsers remove
refute_output
assert_stderr --partial "specify at least one parser to remove or '--all'"
}
@test "cscli <hubtype> remove (aliased)" {
rune -1 cscli parser remove
refute_output
assert_stderr --partial "specify at least one parser to remove or '--all'"
}
@test "cscli <hubtype> delete (alias of remove)" {
rune -1 cscli parsers delete
refute_output
assert_stderr --partial "specify at least one parser to remove or '--all'"
}
@test "remove an item (non-existent)" {
rune -1 cscli parsers remove foo/bar
refute_output
assert_stderr --partial "can't find 'foo/bar' in parsers"
}
@test "remove an item (not downloaded)" {
rune -0 cscli parsers inspect crowdsecurity/whitelists --no-metrics -o json
rune -0 jq -e '.downloaded==false' <(output)
rune -0 cscli parsers remove crowdsecurity/whitelists --dry-run
assert_output "Nothing to do."
refute_stderr
rune -0 cscli parsers remove crowdsecurity/whitelists
assert_output "Nothing to do."
refute_stderr
rune -0 cscli parsers remove crowdsecurity/whitelists --force
assert_output "Nothing to do."
refute_stderr
rune -0 cscli parsers remove crowdsecurity/whitelists --purge
assert_output "Nothing to do."
refute_stderr
}
@test "remove an item (not installed)" {
rune -0 cscli parsers install crowdsecurity/whitelists --download-only
rune -0 cscli parsers inspect crowdsecurity/whitelists --no-metrics -o json
rune -0 jq -e '.installed==false' <(output)
rune -0 cscli parsers remove crowdsecurity/whitelists --dry-run
assert_output "Nothing to do."
refute_stderr
rune -0 cscli parsers remove crowdsecurity/whitelists
assert_output "Nothing to do."
refute_stderr
rune -0 cscli parsers remove crowdsecurity/whitelists --force
assert_output "Nothing to do."
refute_stderr
rune -0 cscli parsers remove crowdsecurity/whitelists --purge
assert_output --partial "purging parsers:crowdsecurity/whitelists"
}
@test "remove an item (dry run)" {
rune -0 cscli parsers install crowdsecurity/whitelists
assert_file_exists "$CONFIG_DIR/parsers/s02-enrich/whitelists.yaml"
rune -0 cscli parsers remove crowdsecurity/whitelists --dry-run
assert_output - --regexp <<-EOT
Action plan:
❌ disable
parsers: crowdsecurity/whitelists
Dry run, no action taken.
EOT
refute_stderr
rune -0 cscli parsers inspect crowdsecurity/whitelists --no-metrics -o json
rune -0 jq -e '.installed==true' <(output)
assert_file_exists "$CONFIG_DIR/parsers/s02-enrich/whitelists.yaml"
}
@test "remove an item" {
rune -0 cscli parsers install crowdsecurity/whitelists
assert_file_exists "$CONFIG_DIR/parsers/s02-enrich/whitelists.yaml"
rune -0 cscli parsers remove crowdsecurity/whitelists
assert_output - <<-EOT
disabling parsers:crowdsecurity/whitelists
$RELOAD_MESSAGE
EOT
refute_stderr
rune -0 cscli parsers inspect crowdsecurity/whitelists --no-metrics -o json
rune -0 jq -e '.installed==false' <(output)
assert_file_not_exists "$CONFIG_DIR/parsers/s02-enrich/whitelists.yaml"
assert_file_exists "$HUB_DIR/parsers/s02-enrich/crowdsecurity/whitelists.yaml"
}
@test "remove an item (purge)" {
rune -0 cscli parsers install crowdsecurity/whitelists
assert_file_exists "$CONFIG_DIR/parsers/s02-enrich/whitelists.yaml"
rune -0 cscli parsers remove crowdsecurity/whitelists --purge
assert_output - <<-EOT
disabling parsers:crowdsecurity/whitelists
purging parsers:crowdsecurity/whitelists
$RELOAD_MESSAGE
EOT
refute_stderr
rune -0 cscli parsers inspect crowdsecurity/whitelists --no-metrics -o json
rune -0 jq -e '.downloaded==false' <(output)
assert_file_not_exists "$CONFIG_DIR/parsers/s02-enrich/whitelists.yaml"
assert_file_not_exists "$HUB_DIR/parsers/s02-enrich/crowdsecurity/whitelists.yaml"
}
@test "remove multiple items" {
rune -0 cscli parsers install crowdsecurity/whitelists crowdsecurity/windows-auth
rune -0 cscli parsers remove crowdsecurity/whitelists crowdsecurity/windows-auth --dry-run
assert_output - --regexp <<-EOT
Action plan:
❌ disable
parsers: crowdsecurity/whitelists, crowdsecurity/windows-auth
Dry run, no action taken.
EOT
refute_stderr
rune -0 cscli parsers remove crowdsecurity/whitelists crowdsecurity/windows-auth
rune -0 cscli parsers inspect crowdsecurity/whitelists --no-metrics -o json
rune -0 jq -e '.installed==false' <(output)
rune -0 cscli parsers inspect crowdsecurity/windows-auth --no-metrics -o json
rune -0 jq -e '.installed==false' <(output)
}
@test "remove all items of a same type" {
rune -0 cscli parsers install crowdsecurity/whitelists crowdsecurity/windows-auth
rune -1 cscli parsers remove crowdsecurity/whitelists --all
assert_stderr "Error: can't specify items and '--all' at the same time"
rune -0 cscli parsers remove --all --dry-run
assert_output - --regexp <<-EOT
Action plan:
❌ disable
parsers: crowdsecurity/whitelists, crowdsecurity/windows-auth
Dry run, no action taken.
EOT
refute_stderr
rune -0 cscli parsers remove --all
rune -0 cscli parsers inspect crowdsecurity/whitelists --no-metrics -o json
rune -0 jq -e '.installed==false' <(output)
rune -0 cscli parsers inspect crowdsecurity/windows-auth --no-metrics -o json
rune -0 jq -e '.installed==false' <(output)
}
@test "remove an item (tainted, requires --force)" {
rune -0 cscli parsers install crowdsecurity/whitelists
echo "dirty" >"$CONFIG_DIR/parsers/s02-enrich/whitelists.yaml"
rune -1 cscli parsers remove crowdsecurity/whitelists --dry-run
assert_stderr --partial "crowdsecurity/whitelists is tainted, use '--force' to remove"
refute_output
rune -1 cscli parsers remove crowdsecurity/whitelists
assert_stderr --partial "crowdsecurity/whitelists is tainted, use '--force' to remove"
refute_output
rune -0 cscli parsers remove crowdsecurity/whitelists --force
assert_output - <<-EOT
disabling parsers:crowdsecurity/whitelists
$RELOAD_MESSAGE
EOT
refute_stderr
rune -0 cscli parsers inspect crowdsecurity/whitelists --no-metrics -o json
rune -0 jq -e '.installed==false' <(output)
assert_file_not_exists "$CONFIG_DIR/parsers/s02-enrich/crowdsecurity/whitelists.yaml"
}
@test "remove an item that belongs to a collection (requires --force)" {
rune -0 cscli collections install crowdsecurity/sshd
# XXX: should exit with 1?
rune -0 cscli parsers remove crowdsecurity/sshd-logs
assert_output "Nothing to do."
assert_stderr --partial "crowdsecurity/sshd-logs belongs to collections: [crowdsecurity/sshd]"
assert_stderr --partial "Run 'sudo cscli parsers remove crowdsecurity/sshd-logs --force' if you want to force remove this parser"
assert_file_exists "$CONFIG_DIR/parsers/s01-parse/sshd-logs.yaml"
rune -0 cscli parsers remove crowdsecurity/sshd-logs --force
assert_output - <<-EOT
disabling parsers:crowdsecurity/sshd-logs
$RELOAD_MESSAGE
EOT
refute_stderr
assert_file_not_exists "$CONFIG_DIR/parsers/s01-parse/sshd-logs.yaml"
}
@test "remove an item (autocomplete)" {
rune -0 cscli parsers install crowdsecurity/whitelists
rune -0 cscli __complete parsers remove crowd
assert_stderr --partial '[Debug] parsers: [crowdsecurity/whitelists]'
assert_output --partial 'crowdsecurity/whitelists'
}

253
test/bats/cscli-hubtype-upgrade.bats Normal file
View file

@ -0,0 +1,253 @@
#!/usr/bin/env bats
# Generic tests for the upgrade of hub items and data files.
#
# Commands under test:
# cscli <hubype> upgrade
#
# This file should test behavior that can be applied to all types.
set -u
setup_file() {
load "../lib/setup_file.sh"
./instance-data load
HUB_DIR=$(config_get '.config_paths.hub_dir')
export HUB_DIR
INDEX_PATH=$(config_get '.config_paths.index_path')
export INDEX_PATH
CONFIG_DIR=$(config_get '.config_paths.config_dir')
export CONFIG_DIR
}
teardown_file() {
load "../lib/teardown_file.sh"
}
setup() {
load "../lib/setup.sh"
load "../lib/bats-file/load.bash"
./instance-data load
# make sure the hub is empty
hub_purge_all
}
teardown() {
# most tests don't need the service, but we ensure it's stopped
./instance-crowdsec stop
}
hub_inject_v0() {
# add a version 0.0 to all parsers
# hash of the string "v0.0"
sha256_0_0="daa1832414a685d69269e0ae15024b908f4602db45f9900e9c6e7f204af207c0"
new_hub=$(jq --arg DIGEST "$sha256_0_0" <"$INDEX_PATH" '.parsers |= with_entries(.value.versions["0.0"] = {"digest": $DIGEST, "deprecated": false})')
echo "$new_hub" >"$INDEX_PATH"
}
install_v0() {
local hubtype=$1
shift
local item_name=$1
shift
cscli "$hubtype" install "$item_name"
printf "%s" "v0.0" > "$(jq -r '.local_path' <(cscli "$hubtype" inspect "$item_name" --no-metrics -o json))"
}
#----------
@test "cscli <hubtype> upgrade (no argument)" {
rune -1 cscli parsers upgrade
refute_output
assert_stderr --partial "specify at least one parser to upgrade or '--all'"
}
@test "cscli <hubtype> upgrade (aliased)" {
rune -1 cscli parser upgrade
refute_output
assert_stderr --partial "specify at least one parser to upgrade or '--all'"
}
@test "upgrade an item (non-existent)" {
rune -1 cscli parsers upgrade foo/bar
assert_stderr --partial "can't find 'foo/bar' in parsers"
}
@test "upgrade an item (non installed)" {
rune -0 cscli parsers upgrade crowdsecurity/whitelists
assert_output - <<-EOT
downloading parsers:crowdsecurity/whitelists
$RELOAD_MESSAGE
EOT
refute_stderr
rune -0 cscli parsers install crowdsecurity/whitelists --download-only
rune -0 cscli parsers upgrade crowdsecurity/whitelists
assert_output 'Nothing to do.'
refute_stderr
}
@test "upgrade an item (up-to-date)" {
rune -0 cscli parsers install crowdsecurity/whitelists
rune -0 cscli parsers upgrade crowdsecurity/whitelists --dry-run
assert_output 'Nothing to do.'
rune -0 cscli parsers upgrade crowdsecurity/whitelists
assert_output 'Nothing to do.'
}
@test "upgrade an item (dry run)" {
hub_inject_v0
install_v0 parsers crowdsecurity/whitelists
latest=$(get_latest_version parsers crowdsecurity/whitelists)
rune -0 cscli parsers upgrade crowdsecurity/whitelists --dry-run
assert_output - <<-EOT
Action plan:
📥 download
parsers: crowdsecurity/whitelists (0.0 -> $latest)
Dry run, no action taken.
EOT
refute_stderr
}
get_latest_version() {
local hubtype=$1
shift
local item_name=$1
shift
cscli "$hubtype" inspect "$item_name" -o json | jq -r '.version'
}
@test "upgrade an item" {
hub_inject_v0
install_v0 parsers crowdsecurity/whitelists
rune -0 cscli parsers inspect crowdsecurity/whitelists -o json
rune -0 jq -e '.local_version=="0.0"' <(output)
rune -0 cscli parsers upgrade crowdsecurity/whitelists
assert_output - <<-EOT
downloading parsers:crowdsecurity/whitelists
$RELOAD_MESSAGE
EOT
refute_stderr
rune -0 cscli parsers inspect crowdsecurity/whitelists -o json
# the version is now the latest
rune -0 jq -e '.local_version==.version' <(output)
}
@test "upgrade an item (tainted, requires --force)" {
rune -0 cscli parsers install crowdsecurity/whitelists
echo "dirty" >"$CONFIG_DIR/parsers/s02-enrich/whitelists.yaml"
rune -0 cscli parsers inspect crowdsecurity/whitelists -o json
rune -0 jq -e '.local_version=="?"' <(output)
rune -0 cscli parsers upgrade crowdsecurity/whitelists --dry-run
assert_output - <<-EOT
WARN parsers:crowdsecurity/whitelists is tainted, use '--force' to overwrite
Nothing to do.
EOT
refute_stderr
rune -0 cscli parsers upgrade crowdsecurity/whitelists
assert_output - <<-EOT
WARN parsers:crowdsecurity/whitelists is tainted, use '--force' to overwrite
Nothing to do.
EOT
refute_stderr
rune -0 cscli parsers upgrade crowdsecurity/whitelists --force
assert_output - <<-EOT
downloading parsers:crowdsecurity/whitelists
$RELOAD_MESSAGE
EOT
refute_stderr
rune -0 cscli parsers inspect crowdsecurity/whitelists -o json
rune -0 jq -e '.local_version==.version' <(output)
}
@test "upgrade multiple items" {
hub_inject_v0
install_v0 parsers crowdsecurity/whitelists
rune -0 cscli parsers inspect crowdsecurity/whitelists -o json
rune -0 jq -e '.local_version=="0.0"' <(output)
latest_whitelists=$(get_latest_version parsers crowdsecurity/whitelists)
install_v0 parsers crowdsecurity/sshd-logs
rune -0 cscli parsers inspect crowdsecurity/sshd-logs -o json
rune -0 jq -e '.local_version=="0.0"' <(output)
latest_sshd=$(get_latest_version parsers crowdsecurity/sshd-logs)
rune -0 cscli parsers upgrade crowdsecurity/whitelists crowdsecurity/sshd-logs --dry-run
assert_output - <<-EOT
Action plan:
📥 download
parsers: crowdsecurity/sshd-logs (0.0 -> $latest_sshd), crowdsecurity/whitelists (0.0 -> $latest_whitelists)
Dry run, no action taken.
EOT
refute_stderr
rune -0 cscli parsers upgrade crowdsecurity/whitelists crowdsecurity/sshd-logs
assert_output - <<-EOT
downloading parsers:crowdsecurity/whitelists
downloading parsers:crowdsecurity/sshd-logs
$RELOAD_MESSAGE
EOT
refute_stderr
rune -0 cscli parsers inspect crowdsecurity/whitelists -o json
rune -0 jq -e '.local_version==.version' <(output)
rune -0 cscli parsers inspect crowdsecurity/sshd-logs -o json
rune -0 jq -e '.local_version==.version' <(output)
}
@test "upgrade all items of the same type" {
hub_inject_v0
install_v0 parsers crowdsecurity/whitelists
install_v0 parsers crowdsecurity/sshd-logs
install_v0 parsers crowdsecurity/windows-auth
rune -0 cscli parsers upgrade --all
assert_output - <<-EOT
downloading parsers:crowdsecurity/sshd-logs
downloading parsers:crowdsecurity/whitelists
downloading parsers:crowdsecurity/windows-auth
$RELOAD_MESSAGE
EOT
refute_stderr
rune -0 cscli parsers inspect crowdsecurity/whitelists -o json
rune -0 jq -e '.local_version==.version' <(output)
rune -0 cscli parsers inspect crowdsecurity/sshd-logs -o json
rune -0 jq -e '.local_version==.version' <(output)
rune -0 cscli parsers inspect crowdsecurity/windows-auth -o json
rune -0 jq -e '.local_version==.version' <(output)
}
@test "upgrade an item (autocomplete)" {
rune -0 cscli parsers install crowdsecurity/whitelists
rune -0 cscli __complete parsers upgrade crowd
assert_stderr --partial '[Debug] parsers: [crowdsecurity/whitelists]'
assert_output --partial 'crowdsecurity/whitelists'
}

44
test/bats/cscli-parsers.bats Normal file
View file

@ -0,0 +1,44 @@
#!/usr/bin/env bats
# Tests for the "cscli parsers" behavior that is not covered by cscli-hubtype-*.bats
set -u
setup_file() {
load "../lib/setup_file.sh"
./instance-data load
HUB_DIR=$(config_get '.config_paths.hub_dir')
export HUB_DIR
INDEX_PATH=$(config_get '.config_paths.index_path')
export INDEX_PATH
CONFIG_DIR=$(config_get '.config_paths.config_dir')
export CONFIG_DIR
}
teardown_file() {
load "../lib/teardown_file.sh"
}
setup() {
load "../lib/setup.sh"
load "../lib/bats-file/load.bash"
./instance-data load
}
teardown() {
./instance-crowdsec stop
}
#----------
@test "cscli parsers inspect (includes the stage attribute)" {
rune -0 cscli parsers inspect crowdsecurity/sshd-logs --no-metrics -o human
assert_line 'stage: s01-parse'
rune -0 cscli parsers inspect crowdsecurity/sshd-logs --no-metrics -o raw
assert_line 'stage: s01-parse'
rune -0 cscli parsers inspect crowdsecurity/sshd-logs --no-metrics -o json
rune -0 jq -r '.stage' <(output)
assert_output 's01-parse'
}

44
test/bats/cscli-postoverflows.bats Normal file
View file

@ -0,0 +1,44 @@
#!/usr/bin/env bats
# Tests for the "cscli postoverflows" behavior that is not covered by cscli-hubtype-*.bats
set -u
setup_file() {
load "../lib/setup_file.sh"
./instance-data load
HUB_DIR=$(config_get '.config_paths.hub_dir')
export HUB_DIR
INDEX_PATH=$(config_get '.config_paths.index_path')
export INDEX_PATH
CONFIG_DIR=$(config_get '.config_paths.config_dir')
export CONFIG_DIR
}
teardown_file() {
load "../lib/teardown_file.sh"
}
setup() {
load "../lib/setup.sh"
load "../lib/bats-file/load.bash"
./instance-data load
}
teardown() {
./instance-crowdsec stop
}
#----------
@test "cscli postoverflows inspect (includes the stage attribute)" {
rune -0 cscli postoverflows inspect crowdsecurity/rdns --no-metrics -o human
assert_line 'stage: s00-enrich'
rune -0 cscli postoverflows inspect crowdsecurity/rdns --no-metrics -o raw
assert_line 'stage: s00-enrich'
rune -0 cscli postoverflows inspect crowdsecurity/rdns --no-metrics -o json
rune -0 jq -r '.stage' <(output)
assert_output 's00-enrich'
}

357
test/bats/hub-index.bats Normal file
View file

@ -0,0 +1,357 @@
#!/usr/bin/env bats
set -u
setup_file() {
load "../lib/setup_file.sh"
./instance-data load
INDEX_PATH=$(config_get '.config_paths.index_path')
export INDEX_PATH
}
teardown_file() {
load "../lib/teardown_file.sh"
}
setup() {
load "../lib/setup.sh"
load "../lib/bats-file/load.bash"
./instance-data load
}
teardown() {
./instance-crowdsec stop
}
#----------
@test "malformed index - null item" {
yq -o json >"$INDEX_PATH" <<-'EOF'
parsers:
author/pars1:
EOF
rune -1 cscli hub list
assert_stderr --partial "failed to read hub index: parsers:author/pars1 has no index metadata."
}
@test "malformed index - no download path" {
yq -o json >"$INDEX_PATH" <<-'EOF'
parsers:
author/pars1:
version: "0.0"
versions:
0.0:
digest: daa1832414a685d69269e0ae15024b908f4602db45f9900e9c6e7f204af207c0
EOF
rune -1 cscli hub list
assert_stderr --partial "failed to read hub index: parsers:author/pars1 has no download path."
}
@test "malformed parser - no stage" {
# Installing a parser requires a stage directory
yq -o json >"$INDEX_PATH" <<-'EOF'
parsers:
author/pars1:
path: parsers/s01-parse/author/pars1.yaml
version: "0.0"
versions:
0.0:
digest: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
content: "{}"
EOF
rune -1 cscli hub list -o raw
assert_stderr --partial "failed to read hub index: parsers:author/pars1 has no stage."
}
@test "malformed parser - short path" {
# Installing a parser requires a stage directory
yq -o json >"$INDEX_PATH" <<-'EOF'
parsers:
author/pars1:
path: parsers/s01-parse/pars1.yaml
stage: s01-parse
version: "0.0"
versions:
0.0:
digest: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
content: "{}"
EOF
rune -0 cscli hub list -o raw
rune -0 cscli parsers install author/pars1
rune -0 cscli hub list
# XXX here the item is installed but won't work, we only have a warning
assert_stderr --partial 'Ignoring file'
assert_stderr --partial 'path is too short'
}
@test "malformed item - not yaml" {
# Installing an item requires reading the list of data files
yq -o json >"$INDEX_PATH" <<-'EOF'
parsers:
author/pars1:
path: parsers/s01-parse/pars1.yaml
stage: s01-parse
version: "0.0"
versions:
0.0:
digest: daa1832414a685d69269e0ae15024b908f4602db45f9900e9c6e7f204af207c0
content: "v0.0"
EOF
rune -0 cscli hub list -o raw
rune -1 cscli parsers install author/pars1
assert_stderr --partial 'unmarshal errors'
}
@test "malformed item - hash mismatch" {
yq -o json >"$INDEX_PATH" <<-'EOF'
parsers:
author/pars1:
path: parsers/s01-parse/pars1.yaml
stage: s01-parse
version: "0.0"
versions:
0.0:
digest: "0000000000000000000000000000000000000000000000000000000000000000"
content: "v0.0"
EOF
rune -0 cscli hub list -o raw
rune -1 cscli parsers install author/pars1
assert_stderr --partial 'parsers:author/pars1: hash mismatch: expected 0000000000000000000000000000000000000000000000000000000000000000, got daa1832414a685d69269e0ae15024b908f4602db45f9900e9c6e7f204af207c0.'
}
@test "install minimal item" {
yq -o json >"$INDEX_PATH" <<-'EOF'
parsers:
author/pars1:
path: parsers/s01-parse/pars1.yaml
stage: s01-parse
version: "0.0"
versions:
0.0:
digest: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
content: "{}"
EOF
rune -0 cscli hub list -o raw
rune -0 cscli parsers install author/pars1
assert_line "downloading parsers:author/pars1"
assert_line "enabling parsers:author/pars1"
rune -0 cscli hub list
}
@test "replace an item in a collection update" {
# A new version of coll1 will uninstall pars1 and install pars2.
yq -o json >"$INDEX_PATH" <<-'EOF'
collections:
author/coll1:
path: collections/author/coll1.yaml
version: "0.0"
versions:
0.0:
digest: 801e11865f8fdf82a348e70fe3f568af190715c40a176e058da2ad21ff5e20be
content: "{'parsers': ['author/pars1']}"
parsers:
- author/pars1
parsers:
author/pars1:
path: parsers/s01-parse/author/pars1.yaml
stage: s01-parse
version: "0.0"
versions:
0.0:
digest: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
content: "{}"
author/pars2:
path: parsers/s01-parse/author/pars2.yaml
stage: s01-parse
version: "0.0"
versions:
0.0:
digest: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
content: "{}"
EOF
rune -0 cscli hub list
rune -0 cscli collections install author/coll1
yq -o json >"$INDEX_PATH" <<-'EOF'
collections:
author/coll1:
path: collections/author/coll1.yaml
version: "0.1"
versions:
0.0:
digest: 801e11865f8fdf82a348e70fe3f568af190715c40a176e058da2ad21ff5e20be
0.1:
digest: f3c535c2d01abec5aadbb5ce03c357a478d91b116410c9fee288e073cd34c0dd
content: "{'parsers': ['author/pars2']}"
parsers:
- author/pars2
parsers:
author/pars1:
path: parsers/s01-parse/author/pars1.yaml
stage: s01-parse
version: "0.0"
versions:
0.0:
digest: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
content: "{}"
author/pars2:
path: parsers/s01-parse/author/pars2.yaml
stage: s01-parse
version: "0.0"
versions:
0.0:
digest: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
content: "{}"
EOF
rune -0 cscli hub list -o raw
rune -0 cscli collections upgrade author/coll1
assert_output - <<-EOT
downloading parsers:author/pars2
enabling parsers:author/pars2
disabling parsers:author/pars1
downloading collections:author/coll1
$RELOAD_MESSAGE
EOT
rune -0 cscli hub list -o raw
assert_output - <<-EOT
name,status,version,description,type
author/pars2,enabled,0.0,,parsers
author/coll1,enabled,0.1,,collections
EOT
}
@test "replace an outdated item only if it's not used elsewhere" {
# XXX
skip "not implemented"
# A new version of coll1 will uninstall pars1 and install pars2.
# Pars3 will not be uninstalled because it's still required by coll2.
yq -o json >"$INDEX_PATH" <<-'EOF'
collections:
author/coll1:
path: collections/author/coll1.yaml
version: "0.0"
versions:
0.0:
digest: 0c397c7b3e19d730578932fdc260c53f39bd2488fad87207ab6b7e4dc315b067
content: "{'parsers': ['author/pars1', 'author/pars3']}"
parsers:
- author/pars1
- author/pars3
author/coll2:
path: collections/author/coll2.yaml
version: "0.0"
versions:
0.0:
digest: 96df483ff697d4d214792b135a3ba5ddaca0ebfd856e7da89215926394ac4001
content: "{'parsers': ['author/pars3']}"
parsers:
- author/pars3
parsers:
author/pars1:
path: parsers/s01-parse/author/pars1.yaml
stage: s01-parse
version: "0.0"
versions:
0.0:
digest: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
content: "{}"
author/pars2:
path: parsers/s01-parse/author/pars2.yaml
stage: s01-parse
version: "0.0"
versions:
0.0:
digest: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
content: "{}"
author/pars3:
path: parsers/s01-parse/author/pars3.yaml
stage: s01-parse
version: "0.0"
versions:
0.0:
digest: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
content: "{}"
EOF
rune -0 cscli hub list
rune -0 cscli collections install author/coll1 author/coll2
yq -o json >"$INDEX_PATH" <<-'EOF'
collections:
author/coll1:
path: collections/author/coll1.yaml
version: "0.1"
versions:
0.0:
digest: 0c397c7b3e19d730578932fdc260c53f39bd2488fad87207ab6b7e4dc315b067
0.1:
digest: f3c535c2d01abec5aadbb5ce03c357a478d91b116410c9fee288e073cd34c0dd
content: "{'parsers': ['author/pars2']}"
parsers:
- author/pars2
author/coll2:
path: collections/author/coll2.yaml
version: "0.0"
versions:
0.0:
digest: 96df483ff697d4d214792b135a3ba5ddaca0ebfd856e7da89215926394ac4001
content: "{'parsers': ['author/pars3']}"
parsers:
- author/pars3
parsers:
author/pars1:
path: parsers/s01-parse/author/pars1.yaml
stage: s01-parse
version: "0.0"
versions:
0.0:
digest: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
content: "{}"
author/pars2:
path: parsers/s01-parse/author/pars2.yaml
stage: s01-parse
version: "0.0"
versions:
0.0:
digest: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
content: "{}"
author/pars3:
path: parsers/s01-parse/author/pars3.yaml
stage: s01-parse
version: "0.0"
versions:
0.0:
digest: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
content: "{}"
EOF
rune -0 cscli hub list -o raw
rune -0 cscli collections upgrade author/coll1
assert_output - <<-EOT
downloading parsers:author/pars2
enabling parsers:author/pars2
disabling parsers:author/pars1
downloading collections:author/coll1
$RELOAD_MESSAGE
EOT
rune -0 cscli hub list -o raw
assert_output - <<-EOT
name,status,version,description,type
author/pars2,enabled,0.0,,parsers
author/pars3,enabled,0.0,,parsers
author/coll1,enabled,0.1,,collections
EOT
}

2
test/bin/remove-all-hub-items
View file

@ -14,7 +14,7 @@ echo "Pre-downloading Hub content..."
types=$("$CSCLI" hub types -o raw)
for itemtype in $types; do
"$CSCLI" "$itemtype" remove --all --force
"$CSCLI" "$itemtype" remove --all --force --purge --yes
done
echo " done."

2
test/lib/config/config-local
View file

@ -117,7 +117,7 @@ make_init_data() {
"$CSCLI" --warning hub update --with-content
# preload some content and data files
"$CSCLI" collections install crowdsecurity/linux --download-only
"$CSCLI" collections install crowdsecurity/linux --download-only --yes
# sub-items did not respect --download-only
./bin/remove-all-hub-items

24
test/lib/setup_file.sh
View file

@ -260,16 +260,6 @@ hub_purge_all() {
}
export -f hub_purge_all
# remove unused data from the index, to make sure we don't rely on it in any way
hub_strip_index() {
local INDEX
INDEX=$(config_get .config_paths.index_path)
local hub_min
hub_min=$(jq <"$INDEX" 'del(..|.long_description?) | del(..|.deprecated?) | del (..|.labels?)')
echo "$hub_min" >"$INDEX"
}
export -f hub_strip_index
# remove color and style sequences from stdin
plaintext() {
sed -E 's/\x1B\[[0-9;]*[JKmsu]//g'
@ -340,3 +330,17 @@ lp-get-token() {
echo "$resp" | yq -r '.token'
}
export -f lp-get-token
case $(uname) in
"Linux")
# shellcheck disable=SC2089
RELOAD_MESSAGE="Run 'sudo systemctl reload crowdsec' for the new configuration to be effective."
;;
*)
# shellcheck disable=SC2089
RELOAD_MESSAGE="Run 'sudo service crowdsec reload' for the new configuration to be effective."
;;
esac
# shellcheck disable=SC2090
export RELOAD_MESSAGE