github.com/crowdsecurity/crowdsec@v1.6.1/test/bats/01_crowdsec.bats (about) 1 #!/usr/bin/env bats 2 # vim: ft=bats:list:ts=8:sts=4:sw=4:et:ai:si: 3 4 set -u 5 6 setup_file() { 7 load "../lib/setup_file.sh" 8 } 9 10 teardown_file() { 11 load "../lib/teardown_file.sh" 12 } 13 14 setup() { 15 load "../lib/setup.sh" 16 load "../lib/bats-file/load.bash" 17 ./instance-data load 18 } 19 20 teardown() { 21 ./instance-crowdsec stop 22 } 23 24 #---------- 25 26 @test "crowdsec (usage)" { 27 rune -0 wait-for --out "Usage of " "${CROWDSEC}" -h 28 rune -0 wait-for --out "Usage of " "${CROWDSEC}" --help 29 } 30 31 @test "crowdsec (unknown flag)" { 32 rune -0 wait-for --err "flag provided but not defined: -foobar" "$CROWDSEC" --foobar 33 } 34 35 @test "crowdsec (unknown argument)" { 36 rune -0 wait-for --err "argument provided but not defined: trololo" "${CROWDSEC}" trololo 37 } 38 39 @test "crowdsec (no api and no agent)" { 40 rune -0 wait-for \ 41 --err "you must run at least the API Server or crowdsec" \ 42 "${CROWDSEC}" -no-api -no-cs 43 } 44 45 @test "crowdsec - print error on exit" { 46 # errors that cause program termination are printed to stderr, not only logs 47 config_set '.db_config.type="meh"' 48 rune -1 "${CROWDSEC}" 49 assert_stderr --partial "unable to create database client: unknown database type 'meh'" 50 } 51 52 @test "crowdsec - default logging configuration (empty/missing common section)" { 53 config_set '.common={}' 54 rune -0 wait-for \ 55 --err "Starting processing data" \ 56 "${CROWDSEC}" 57 refute_output 58 59 config_set 'del(.common)' 60 rune -0 wait-for \ 61 --err "Starting processing data" \ 62 "${CROWDSEC}" 63 refute_output 64 } 65 66 @test "CS_LAPI_SECRET not strong enough" { 67 CS_LAPI_SECRET=foo rune -1 wait-for "${CROWDSEC}" 68 assert_stderr --partial "api server init: unable to run local API: controller init: CS_LAPI_SECRET not strong enough" 69 } 70 71 @test "crowdsec - reload (change of logfile, disabled agent)" { 72 logdir1=$(TMPDIR="${BATS_TEST_TMPDIR}" mktemp -u) 73 log_old="${logdir1}/crowdsec.log" 74 config_set ".common.log_dir=\"${logdir1}\"" 75 76 rune -0 ./instance-crowdsec start-pid 77 PID="$output" 78 79 sleep .5 80 81 assert_file_exists "$log_old" 82 assert_file_contains "$log_old" "Starting processing data" 83 84 logdir2=$(TMPDIR="${BATS_TEST_TMPDIR}" mktemp -u) 85 log_new="${logdir2}/crowdsec.log" 86 config_set ".common.log_dir=\"${logdir2}\"" 87 88 config_disable_agent 89 90 sleep 2 91 92 rune -0 kill -HUP "$PID" 93 94 for ((i=0; i<10; i++)); do 95 sleep 1 96 grep -q "serve: shutting down api server" <"$log_old" && break 97 done 98 99 echo "waited $i seconds" 100 101 echo 102 echo "OLD LOG" 103 echo 104 ls -la "$log_old" || true 105 cat "$log_old" || true 106 107 assert_file_contains "$log_old" "SIGHUP received, reloading" 108 assert_file_contains "$log_old" "Crowdsec engine shutting down" 109 assert_file_contains "$log_old" "Killing parser routines" 110 assert_file_contains "$log_old" "Bucket routine exiting" 111 assert_file_contains "$log_old" "serve: shutting down api server" 112 113 sleep 2 114 115 assert_file_exists "$log_new" 116 117 for ((i=0; i<10; i++)); do 118 sleep 1 119 grep -q "Reload is finished" <"$log_new" && break 120 done 121 122 echo "waited $i seconds" 123 124 echo 125 echo "NEW LOG" 126 echo 127 ls -la "$log_new" || true 128 cat "$log_new" || true 129 130 assert_file_contains "$log_new" "CrowdSec Local API listening on 127.0.0.1:8080" 131 assert_file_contains "$log_new" "Reload is finished" 132 133 rune -0 ./instance-crowdsec stop 134 } 135 136 @test "crowdsec (error if the acquisition_path file is defined but missing)" { 137 ACQUIS_YAML=$(config_get '.crowdsec_service.acquisition_path') 138 rm -f "$ACQUIS_YAML" 139 140 rune -1 wait-for "${CROWDSEC}" 141 assert_stderr --partial "acquis.yaml: no such file or directory" 142 } 143 144 @test "crowdsec (error if acquisition_path is not defined and acquisition_dir is empty)" { 145 ACQUIS_YAML=$(config_get '.crowdsec_service.acquisition_path') 146 rm -f "$ACQUIS_YAML" 147 config_set '.crowdsec_service.acquisition_path=""' 148 149 ACQUIS_DIR=$(config_get '.crowdsec_service.acquisition_dir') 150 rm -f "$ACQUIS_DIR" 151 152 config_set '.common.log_media="stdout"' 153 rune -1 wait-for "${CROWDSEC}" 154 # check warning 155 assert_stderr --partial "no acquisition file found" 156 assert_stderr --partial "crowdsec init: while loading acquisition config: no datasource enabled" 157 } 158 159 @test "crowdsec (error if acquisition_path and acquisition_dir are not defined)" { 160 ACQUIS_YAML=$(config_get '.crowdsec_service.acquisition_path') 161 rm -f "$ACQUIS_YAML" 162 config_set '.crowdsec_service.acquisition_path=""' 163 164 ACQUIS_DIR=$(config_get '.crowdsec_service.acquisition_dir') 165 rm -f "$ACQUIS_DIR" 166 config_set '.crowdsec_service.acquisition_dir=""' 167 168 config_set '.common.log_media="stdout"' 169 rune -1 wait-for "${CROWDSEC}" 170 # check warning 171 assert_stderr --partial "no acquisition_path or acquisition_dir specified" 172 assert_stderr --partial "crowdsec init: while loading acquisition config: no datasource enabled" 173 } 174 175 @test "crowdsec (no error if acquisition_path is empty string but acquisition_dir is not empty)" { 176 config_set '.common.log_media="stdout"' 177 178 ACQUIS_YAML=$(config_get '.crowdsec_service.acquisition_path') 179 config_set '.crowdsec_service.acquisition_path=""' 180 181 ACQUIS_DIR=$(config_get '.crowdsec_service.acquisition_dir') 182 mkdir -p "$ACQUIS_DIR" 183 mv "$ACQUIS_YAML" "$ACQUIS_DIR"/foo.yaml 184 185 rune -0 wait-for \ 186 --err "Starting processing data" \ 187 "${CROWDSEC}" 188 189 # now, if foo.yaml is empty instead, there won't be valid datasources. 190 191 cat /dev/null >"$ACQUIS_DIR"/foo.yaml 192 193 rune -1 wait-for "${CROWDSEC}" 194 assert_stderr --partial "crowdsec init: while loading acquisition config: no datasource enabled" 195 } 196 197 @test "crowdsec (disabled datasources)" { 198 if is_package_testing; then 199 # we can't hide journalctl in package testing 200 # because crowdsec is run from systemd 201 skip "n/a for package testing" 202 fi 203 204 config_set '.common.log_media="stdout"' 205 206 # a datasource cannot run - missing journalctl command 207 208 ACQUIS_DIR=$(config_get '.crowdsec_service.acquisition_dir') 209 mkdir -p "$ACQUIS_DIR" 210 cat >"$ACQUIS_DIR"/foo.yaml <<-EOT 211 source: journalctl 212 journalctl_filter: 213 - "_SYSTEMD_UNIT=ssh.service" 214 labels: 215 type: syslog 216 EOT 217 218 #shellcheck disable=SC2016 219 rune -0 wait-for \ 220 --err 'datasource '\''journalctl'\'' is not available: exec: "journalctl": executable file not found in ' \ 221 env PATH='' "${CROWDSEC}" 222 223 # if all datasources are disabled, crowdsec should exit 224 225 ACQUIS_YAML=$(config_get '.crowdsec_service.acquisition_path') 226 rm -f "$ACQUIS_YAML" 227 config_set '.crowdsec_service.acquisition_path=""' 228 229 rune -1 wait-for env PATH='' "${CROWDSEC}" 230 assert_stderr --partial "crowdsec init: while loading acquisition config: no datasource enabled" 231 } 232 233 @test "crowdsec -t (error in acquisition file)" { 234 # we can verify the acquisition configuration without running crowdsec 235 ACQUIS_YAML=$(config_get '.crowdsec_service.acquisition_path') 236 config_set "$ACQUIS_YAML" 'del(.filenames)' 237 238 # if filenames are missing, it won't be able to detect source type 239 config_set "$ACQUIS_YAML" '.source="file"' 240 rune -1 wait-for "${CROWDSEC}" 241 assert_stderr --partial "failed to configure datasource file: no filename or filenames configuration provided" 242 243 config_set "$ACQUIS_YAML" '.filenames=["file.log"]' 244 config_set "$ACQUIS_YAML" '.meh=3' 245 rune -1 wait-for "${CROWDSEC}" 246 assert_stderr --partial "field meh not found in type fileacquisition.FileConfiguration" 247 }