github.com/crowdsecurity/crowdsec@v1.6.1/docker/test/tests/test_local_item.py (about)

     1  #!/usr/bin/env python
     2  
     3  """
     4  Test bind-mounting local items
     5  """
     6  
     7  from http import HTTPStatus
     8  import json
     9  
    10  import pytest
    11  
    12  pytestmark = pytest.mark.docker
    13  
    14  
    15  def test_inject_local_item(crowdsec, tmp_path_factory, flavor):
    16      """Test mounting a custom whitelist at startup"""
    17  
    18      localitems = tmp_path_factory.mktemp('localitems')
    19      custom_whitelists = localitems / 'custom_whitelists.yaml'
    20  
    21      with open(custom_whitelists, 'w') as f:
    22          f.write('{"whitelist":{"reason":"Good IPs","ip":["1.2.3.4"]}}')
    23  
    24      volumes = {
    25          custom_whitelists: {'bind': '/etc/crowdsec/parsers/s02-enrich/custom_whitelists.yaml'}
    26      }
    27  
    28      with crowdsec(flavor=flavor, volumes=volumes) as cs:
    29          cs.wait_for_log([
    30              "*Starting processing data*"
    31          ])
    32          cs.wait_for_http(8080, '/health', want_status=HTTPStatus.OK)
    33  
    34          # the parser should be enabled
    35          res = cs.cont.exec_run('cscli parsers list -o json')
    36          assert res.exit_code == 0
    37          j = json.loads(res.output)
    38          items = {c['name']: c for c in j['parsers']}
    39          assert items['custom_whitelists.yaml']['status'] == 'enabled,local'
    40  
    41          # regression test: the linux collection should not be tainted
    42          # (the parsers were not copied from /staging when using "cp -an" with local parsers)
    43          res = cs.cont.exec_run('cscli collections inspect crowdsecurity/linux -o json')
    44          assert res.exit_code == 0
    45          j = json.loads(res.output)
    46          # crowdsec <= 1.5.5 omits a "tainted" when it's false
    47          assert j.get('tainted', False) is False