From bb37e2e70d102d4579f59e6fc4da1645fbbc3a8f Mon Sep 17 00:00:00 2001
From: Manuel Sabban <github@sabban.eu>
Date: Thu, 1 Jul 2021 10:36:27 +0200
Subject: [PATCH] fix functional tests (#838)

* fix functional tests
* add journal detection feature in wizard.sh

Co-authored-by: sabban <15465465+sabban@users.noreply.github.com>
---
 scripts/func_tests/tests_base.sh              | 18 +++++++++++++++
 .../func_tests/tests_post-install_0base.sh    | 22 ++++++++++++++-----
 .../tests_post-install_4cold-logs.sh          |  2 +-
 .../tests_post-install_5simulation.sh         |  4 ++--
 wizard.sh                                     | 21 ++++++++++++++++--
 5 files changed, 56 insertions(+), 11 deletions(-)

diff --git a/scripts/func_tests/tests_base.sh b/scripts/func_tests/tests_base.sh
index 454fce687..d2846754b 100755
--- a/scripts/func_tests/tests_base.sh
+++ b/scripts/func_tests/tests_base.sh
@@ -10,13 +10,31 @@ CSCLI_BIN="cscli"
 CSCLI="sudo ${CSCLI_BIN}"
 JQ="jq -e"
 
+LC_ALL=C
 SYSTEMCTL="sudo systemctl --no-pager"
 
 CROWDSEC="sudo crowdsec"
 CROWDSEC_PROCESS="crowdsec"
+
 # helpers
 function fail {
     echo "ACTION FAILED, STOP : $@"
     caller
     exit 1
 }
+
+function pathadd {
+    if [ -d "$1" ] && [[ ":$PATH:" != *":$1:"* ]]; then
+        PATH="${PATH:+"$PATH:"}$1"
+    fi
+}
+
+pathadd /usr/sbin
+
+if [ -f /etc/systemd/system/crowdsec.service ]; then
+    SYSTEMD_SERVICE_FILE=/etc/systemd/system/crowdsec.service
+elif  [ -f /usr/lib/systemd/system/crowdsec.service ]; then
+    SYSTEMD_SERVICE_FILE=/usr/lib/systemd/system/crowdsec.service
+elif  [ -f /lib/systemd/system/crowdsec.service ]; then
+    SYSTEMD_SERVICE_FILE=/lib/systemd/system/crowdsec.service
+fi
diff --git a/scripts/func_tests/tests_post-install_0base.sh b/scripts/func_tests/tests_post-install_0base.sh
index bd96ce7ee..523827f00 100755
--- a/scripts/func_tests/tests_post-install_0base.sh
+++ b/scripts/func_tests/tests_post-install_0base.sh
@@ -3,7 +3,7 @@
 
 source tests_base.sh
 
-
+echo $PATH
 
 ##########################
 ## TEST AGENT/LAPI/CAPI ##
@@ -55,14 +55,18 @@ ${SYSTEMCTL} stop crowdsec || fail "crowdsec should be down"
 echo "CROWDSEC (AGENT)"
 
 # test with -no-api flag
-sudo cp ./systemd/crowdsec_no_lapi.service /etc/systemd/system/crowdsec.service
+cp ${SYSTEMD_SERVICE_FILE} /tmp/crowdsec.service-orig
+sed '/^ExecStart/ s/$/ -no-api/' ${SYSTEMD_SERVICE_FILE} > /tmp/crowdsec.service 
+sudo mv /tmp/crowdsec.service /etc/systemd/system/crowdsec.service
+
 ${SYSTEMCTL} daemon-reload
 ${SYSTEMCTL} start crowdsec
 sleep 1
 pidof crowdsec && fail "crowdsec shouldn't run without LAPI (in flag)"
 ${SYSTEMCTL} stop crowdsec
 
-sudo cp ./systemd/crowdsec.service /etc/systemd/system/crowdsec.service
+sudo cp /tmp/crowdsec.service-orig /etc/systemd/system/crowdsec.service
+
 ${SYSTEMCTL} daemon-reload
 
 # test with no api server in configuration file
@@ -92,13 +96,18 @@ sudo cp ./config/config.yaml /etc/crowdsec/config.yaml
 echo "CROWDSEC (LAPI+CAPI)"
 
 # test with -no-cs flag
-sudo cp ./systemd/crowdsec_no_agent.service /etc/systemd/system/crowdsec.service
+sed '/^ExecStart/ s/$/ -no-cs/' /etc/systemd/system/crowdsec.service > /tmp/crowdsec.service 
+sudo mv /tmp/crowdsec.service /etc/systemd/system/crowdsec.service 
+
+
 ${SYSTEMCTL} daemon-reload
 ${SYSTEMCTL} start crowdsec 
 pidof crowdsec || fail "crowdsec LAPI should run without agent (in flag)"
 ${SYSTEMCTL} stop crowdsec
 
-sudo cp ./systemd/crowdsec.service /etc/systemd/system/crowdsec.service
+sed '/^ExecStart/s/-no-cs//g' ${SYSTEMD_SERVICE_FILE} > /tmp/crowdsec.service
+sudo mv /tmp/crowdsec.service /etc/systemd/system/crowdsec.service
+
 ${SYSTEMCTL} daemon-reload
 
 # test with no crowdsec agent in configuration file
@@ -142,5 +151,6 @@ ${CSCLI} -c ./config/config_no_capi.yaml lapi status || fail "lapi status failed
 ## metrics
 ${CSCLI_BIN} -c ./config/config_no_capi.yaml metrics || fail "failed to get metrics"
 
-sudo cp ./config/config.yaml /etc/crowdsec/config.yaml
+sudo mv /tmp/crowdsec.service-orig /etc/systemd/system/crowdsec.service 
+
 ${SYSTEMCTL} restart crowdsec
diff --git a/scripts/func_tests/tests_post-install_4cold-logs.sh b/scripts/func_tests/tests_post-install_4cold-logs.sh
index fd10d9528..851fcc6e3 100755
--- a/scripts/func_tests/tests_post-install_4cold-logs.sh
+++ b/scripts/func_tests/tests_post-install_4cold-logs.sh
@@ -15,7 +15,7 @@ ${SYSTEMCTL} reload crowdsec
 rm  -f ssh-bf.log
 
 for i in `seq 1 10` ; do 
-    echo `date '+%b %d %H:%M:%S '`'sd-126005 sshd[12422]: Invalid user netflix from 1.1.1.172 port 35424' >> ssh-bf.log
+    echo `LC_ALL=C date '+%b %d %H:%M:%S '`'sd-126005 sshd[12422]: Invalid user netflix from 1.1.1.172 port 35424' >> ssh-bf.log
 done;
 
 ${CROWDSEC} -dsn "file://./ssh-bf.log" -type syslog -no-api
diff --git a/scripts/func_tests/tests_post-install_5simulation.sh b/scripts/func_tests/tests_post-install_5simulation.sh
index 0d7e008d7..c43abea89 100755
--- a/scripts/func_tests/tests_post-install_5simulation.sh
+++ b/scripts/func_tests/tests_post-install_5simulation.sh
@@ -17,7 +17,7 @@ ${SYSTEMCTL} reload crowdsec
 rm  -f ssh-bf.log
 
 for i in `seq 1 10` ; do 
-    echo `date '+%b %d %H:%M:%S '`'sd-126005 sshd[12422]: Invalid user netflix from 1.1.1.174 port 35424' >> ssh-bf.log
+    echo `LC_ALL=C date '+%b %d %H:%M:%S '`'sd-126005 sshd[12422]: Invalid user netflix from 1.1.1.174 port 35424' >> ssh-bf.log
 done;
 
 ${CROWDSEC} -dsn file://./ssh-bf.log -type syslog -no-api
@@ -44,4 +44,4 @@ ${CSCLI} simulation enable --global
 
 ${CROWDSEC} -dsn file://./ssh-bf.log -type syslog -no-api
 
-${CSCLI} decisions list --no-simu -o=json | ${JQ} '. == null' || fail "expected no decision (listing only non-simulated decisions)"
\ No newline at end of file
+${CSCLI} decisions list --no-simu -o=json | ${JQ} '. == null' || fail "expected no decision (listing only non-simulated decisions)"
diff --git a/wizard.sh b/wizard.sh
index 074d7adac..8e4ba7ab1 100755
--- a/wizard.sh
+++ b/wizard.sh
@@ -260,7 +260,7 @@ install_collection() {
 }
 
 #$1 is the service name, $... is the list of candidate logs (from find_logs_for)
-genyaml() {
+genyamllog() {
     local service="${1}"
     shift
     local files=("${@}")
@@ -277,13 +277,30 @@ genyaml() {
     log_dbg "tmp acquisition file generated to: ${TMP_ACQUIS_FILE}"
 }
 
+genyamljournal() {
+    local service="${1}"
+    shift
+    
+    echo "#Generated acquisition file - wizard.sh (service: ${service}) / files : ${files[@]}" >> ${TMP_ACQUIS_FILE}
+    
+    echo "journalctl_filter:"  >> ${TMP_ACQUIS_FILE}
+    echo " - _SYSTEMD_UNIT="${service}".service"  >> ${TMP_ACQUIS_FILE}
+    echo "labels:"  >> ${TMP_ACQUIS_FILE}
+    echo "  "${log_input_tags[${service}]}  >> ${TMP_ACQUIS_FILE}
+    echo "---"  >> ${TMP_ACQUIS_FILE}
+    log_dbg "tmp acquisition file generated to: ${TMP_ACQUIS_FILE}"
+}
+
 genacquisition() {
     log_dbg "Found following services : "${DETECTED_SERVICES[@]}
     for PSVG in ${DETECTED_SERVICES[@]} ; do
         find_logs_for ${PSVG}
         if [[ ${#DETECTED_LOGFILES[@]} -gt 0 ]] ; then
             log_info "service '${PSVG}': ${DETECTED_LOGFILES[*]}"
-            genyaml ${PSVG} ${DETECTED_LOGFILES[@]}
+            genyamllog ${PSVG} ${DETECTED_LOGFILES[@]}
+	elif [[ ${PSVG} != "linux" ]] ; then
+	    log_info "using journald for '${PSVG}'"
+	    genyamljournal ${PSVG}
         fi;
     done 
 }