mirrors/crowdsec
1
0
Fork 0
mirror of https://github.com/crowdsecurity/crowdsec.git synced 2025-05-11 12:25:53 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

fix functional tests (#838)

Browse source 
* fix functional tests
* add journal detection feature in wizard.sh

Co-authored-by: sabban <15465465+sabban@users.noreply.github.com>
This commit is contained in:
Manuel Sabban 2021-07-01 10:36:27 +02:00 committed by GitHub
parent 42bc31cf23
commit bb37e2e70d
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
5 changed files with 56 additions and 11 deletions
Download patch file Download diff file Expand all files Collapse all files

18
scripts/func_tests/tests_base.sh
View file

@ -10,13 +10,31 @@ CSCLI_BIN="cscli"
CSCLI="sudo ${CSCLI_BIN}" CSCLI="sudo ${CSCLI_BIN}"
JQ="jq -e" JQ="jq -e"
LC_ALL=C
SYSTEMCTL="sudo systemctl --no-pager" SYSTEMCTL="sudo systemctl --no-pager"
CROWDSEC="sudo crowdsec" CROWDSEC="sudo crowdsec"
CROWDSEC_PROCESS="crowdsec" CROWDSEC_PROCESS="crowdsec"
# helpers # helpers
function fail { function fail {
echo "ACTION FAILED, STOP : $@" echo "ACTION FAILED, STOP : $@"
caller caller
exit 1 exit 1
} }
function pathadd {
if [ -d "$1" ] && [[ ":$PATH:" != *":$1:"* ]]; then
PATH="${PATH:+"$PATH:"}$1"
fi
}
pathadd /usr/sbin
if [ -f /etc/systemd/system/crowdsec.service ]; then
SYSTEMD_SERVICE_FILE=/etc/systemd/system/crowdsec.service
elif [ -f /usr/lib/systemd/system/crowdsec.service ]; then
SYSTEMD_SERVICE_FILE=/usr/lib/systemd/system/crowdsec.service
elif [ -f /lib/systemd/system/crowdsec.service ]; then
SYSTEMD_SERVICE_FILE=/lib/systemd/system/crowdsec.service
fi

22
scripts/func_tests/tests_post-install_0base.sh
View file

@ -3,7 +3,7 @@
source tests_base.sh source tests_base.sh
echo $PATH
########################## ##########################
## TEST AGENT/LAPI/CAPI ## ## TEST AGENT/LAPI/CAPI ##
@ -55,14 +55,18 @@ ${SYSTEMCTL} stop crowdsec || fail "crowdsec should be down"
echo "CROWDSEC (AGENT)" echo "CROWDSEC (AGENT)"
# test with -no-api flag # test with -no-api flag
sudo cp ./systemd/crowdsec_no_lapi.service /etc/systemd/system/crowdsec.service cp ${SYSTEMD_SERVICE_FILE} /tmp/crowdsec.service-orig
sed '/^ExecStart/ s/$/ -no-api/' ${SYSTEMD_SERVICE_FILE} > /tmp/crowdsec.service
sudo mv /tmp/crowdsec.service /etc/systemd/system/crowdsec.service
${SYSTEMCTL} daemon-reload ${SYSTEMCTL} daemon-reload
${SYSTEMCTL} start crowdsec ${SYSTEMCTL} start crowdsec
sleep 1 sleep 1
pidof crowdsec && fail "crowdsec shouldn't run without LAPI (in flag)" pidof crowdsec && fail "crowdsec shouldn't run without LAPI (in flag)"
${SYSTEMCTL} stop crowdsec ${SYSTEMCTL} stop crowdsec
sudo cp ./systemd/crowdsec.service /etc/systemd/system/crowdsec.service sudo cp /tmp/crowdsec.service-orig /etc/systemd/system/crowdsec.service
${SYSTEMCTL} daemon-reload ${SYSTEMCTL} daemon-reload
# test with no api server in configuration file # test with no api server in configuration file
@ -92,13 +96,18 @@ sudo cp ./config/config.yaml /etc/crowdsec/config.yaml
echo "CROWDSEC (LAPI+CAPI)" echo "CROWDSEC (LAPI+CAPI)"
# test with -no-cs flag # test with -no-cs flag
sudo cp ./systemd/crowdsec_no_agent.service /etc/systemd/system/crowdsec.service sed '/^ExecStart/ s/$/ -no-cs/' /etc/systemd/system/crowdsec.service > /tmp/crowdsec.service
sudo mv /tmp/crowdsec.service /etc/systemd/system/crowdsec.service
${SYSTEMCTL} daemon-reload ${SYSTEMCTL} daemon-reload
${SYSTEMCTL} start crowdsec ${SYSTEMCTL} start crowdsec
pidof crowdsec || fail "crowdsec LAPI should run without agent (in flag)" pidof crowdsec || fail "crowdsec LAPI should run without agent (in flag)"
${SYSTEMCTL} stop crowdsec ${SYSTEMCTL} stop crowdsec
sudo cp ./systemd/crowdsec.service /etc/systemd/system/crowdsec.service sed '/^ExecStart/s/-no-cs//g' ${SYSTEMD_SERVICE_FILE} > /tmp/crowdsec.service
sudo mv /tmp/crowdsec.service /etc/systemd/system/crowdsec.service
${SYSTEMCTL} daemon-reload ${SYSTEMCTL} daemon-reload
# test with no crowdsec agent in configuration file # test with no crowdsec agent in configuration file
@ -142,5 +151,6 @@ ${CSCLI} -c ./config/config_no_capi.yaml lapi status || fail "lapi status failed
## metrics ## metrics
${CSCLI_BIN} -c ./config/config_no_capi.yaml metrics || fail "failed to get metrics" ${CSCLI_BIN} -c ./config/config_no_capi.yaml metrics || fail "failed to get metrics"
sudo cp ./config/config.yaml /etc/crowdsec/config.yaml sudo mv /tmp/crowdsec.service-orig /etc/systemd/system/crowdsec.service
${SYSTEMCTL} restart crowdsec ${SYSTEMCTL} restart crowdsec

2
scripts/func_tests/tests_post-install_4cold-logs.sh
View file

@ -15,7 +15,7 @@ ${SYSTEMCTL} reload crowdsec
rm -f ssh-bf.log rm -f ssh-bf.log
for i in `seq 1 10` ; do for i in `seq 1 10` ; do
echo `date '+%b %d %H:%M:%S '`'sd-126005 sshd[12422]: Invalid user netflix from 1.1.1.172 port 35424' >> ssh-bf.log echo `LC_ALL=C date '+%b %d %H:%M:%S '`'sd-126005 sshd[12422]: Invalid user netflix from 1.1.1.172 port 35424' >> ssh-bf.log
done; done;
${CROWDSEC} -dsn "file://./ssh-bf.log" -type syslog -no-api ${CROWDSEC} -dsn "file://./ssh-bf.log" -type syslog -no-api

4
scripts/func_tests/tests_post-install_5simulation.sh
View file

@ -17,7 +17,7 @@ ${SYSTEMCTL} reload crowdsec
rm -f ssh-bf.log rm -f ssh-bf.log
for i in `seq 1 10` ; do for i in `seq 1 10` ; do
echo `date '+%b %d %H:%M:%S '`'sd-126005 sshd[12422]: Invalid user netflix from 1.1.1.174 port 35424' >> ssh-bf.log echo `LC_ALL=C date '+%b %d %H:%M:%S '`'sd-126005 sshd[12422]: Invalid user netflix from 1.1.1.174 port 35424' >> ssh-bf.log
done; done;
${CROWDSEC} -dsn file://./ssh-bf.log -type syslog -no-api ${CROWDSEC} -dsn file://./ssh-bf.log -type syslog -no-api
@ -44,4 +44,4 @@ ${CSCLI} simulation enable --global
${CROWDSEC} -dsn file://./ssh-bf.log -type syslog -no-api ${CROWDSEC} -dsn file://./ssh-bf.log -type syslog -no-api
${CSCLI} decisions list --no-simu -o=json | ${JQ} '. == null' || fail "expected no decision (listing only non-simulated decisions)" ${CSCLI} decisions list --no-simu -o=json | ${JQ} '. == null' || fail "expected no decision (listing only non-simulated decisions)"

21
wizard.sh
View file

@ -260,7 +260,7 @@ install_collection() {
} }
#$1 is the service name, $... is the list of candidate logs (from find_logs_for) #$1 is the service name, $... is the list of candidate logs (from find_logs_for)
genyaml() { genyamllog() {
local service="${1}" local service="${1}"
shift shift
local files=("${@}") local files=("${@}")
@ -277,13 +277,30 @@ genyaml() {
log_dbg "tmp acquisition file generated to: ${TMP_ACQUIS_FILE}" log_dbg "tmp acquisition file generated to: ${TMP_ACQUIS_FILE}"
} }
genyamljournal() {
local service="${1}"
shift
echo "#Generated acquisition file - wizard.sh (service: ${service}) / files : ${files[@]}" >> ${TMP_ACQUIS_FILE}
echo "journalctl_filter:" >> ${TMP_ACQUIS_FILE}
echo " - _SYSTEMD_UNIT="${service}".service" >> ${TMP_ACQUIS_FILE}
echo "labels:" >> ${TMP_ACQUIS_FILE}
echo " "${log_input_tags[${service}]} >> ${TMP_ACQUIS_FILE}
echo "---" >> ${TMP_ACQUIS_FILE}
log_dbg "tmp acquisition file generated to: ${TMP_ACQUIS_FILE}"
}
genacquisition() { genacquisition() {
log_dbg "Found following services : "${DETECTED_SERVICES[@]} log_dbg "Found following services : "${DETECTED_SERVICES[@]}
for PSVG in ${DETECTED_SERVICES[@]} ; do for PSVG in ${DETECTED_SERVICES[@]} ; do
find_logs_for ${PSVG} find_logs_for ${PSVG}
if [[ ${#DETECTED_LOGFILES[@]} -gt 0 ]] ; then if [[ ${#DETECTED_LOGFILES[@]} -gt 0 ]] ; then
log_info "service '${PSVG}': ${DETECTED_LOGFILES[*]}" log_info "service '${PSVG}': ${DETECTED_LOGFILES[*]}"
genyaml ${PSVG} ${DETECTED_LOGFILES[@]} genyamllog ${PSVG} ${DETECTED_LOGFILES[@]}
elif [[ ${PSVG} != "linux" ]] ; then
log_info "using journald for '${PSVG}'"
genyamljournal ${PSVG}
fi; fi;
done done
} }