github.com/crowdsecurity/crowdsec@v1.6.1/test/bats/05_config_yaml_local.bats

github.com/crowdsecurity/crowdsec@v1.6.1/test/bats/05_config_yaml_local.bats (about)

     1  #!/usr/bin/env bats
     2  # vim: ft=bats:list:ts=8:sts=4:sw=4:et:ai:si:
     3  
     4  set -u
     5  
     6  fake_log() {
     7      for _ in $(seq 1 6); do
     8          echo "$(LC_ALL=C date '+%b %d %H:%M:%S ')"'sd-126005 sshd[12422]: Invalid user netflix from 1.1.1.172 port 35424'
     9      done
    10  }
    11  
    12  setup_file() {
    13      load "../lib/setup_file.sh"
    14  }
    15  
    16  teardown_file() {
    17      load "../lib/teardown_file.sh"
    18  }
    19  
    20  setup() {
    21      load "../lib/setup.sh"
    22      ./instance-data load
    23      rune -0 config_get '.api.client.credentials_path'
    24      LOCAL_API_CREDENTIALS="${output}"
    25      export LOCAL_API_CREDENTIALS
    26  }
    27  
    28  teardown() {
    29      ./instance-crowdsec stop
    30  }
    31  
    32  #----------
    33  
    34  @test "config.yaml.local - cscli (log_level)" {
    35      config_set '.common.log_level="warning"'
    36      rune -0 cscli config show --key Config.Common.LogLevel
    37      assert_output "&3"
    38  
    39      echo "{'common':{'log_level':'debug'}}" >"${CONFIG_YAML}.local"
    40      rune -0 cscli config show --key Config.Common.LogLevel
    41      assert_output "&5"
    42  }
    43  
    44  @test "config.yaml.local - cscli (log_level - with envvar)" {
    45      config_set '.common.log_level="warning"'
    46      rune -0 cscli config show --key Config.Common.LogLevel
    47      assert_output "&3"
    48  
    49      export CROWDSEC_LOG_LEVEL=debug
    50      echo "{'common':{'log_level':'${CROWDSEC_LOG_LEVEL}'}}" >"${CONFIG_YAML}.local"
    51      rune -0 cscli config show --key Config.Common.LogLevel
    52      assert_output "&5"
    53  }
    54  
    55  @test "config.yaml.local - crowdsec (listen_url)" {
    56      # disable the agent or we'll need to patch api client credentials too
    57      rune -0 config_disable_agent
    58      ./instance-crowdsec start
    59      rune -0 wait-for-port -q 8080
    60      ./instance-crowdsec stop
    61      rune -1 wait-for-port -q 8080
    62  
    63      echo "{'api':{'server':{'listen_uri':127.0.0.1:8083}}}" >"${CONFIG_YAML}.local"
    64  
    65      ./instance-crowdsec start
    66      rune -0 wait-for-port -q 8083
    67      rune -1 wait-for-port -q 8080
    68      ./instance-crowdsec stop
    69  
    70      rm -f "${CONFIG_YAML}.local"
    71      ./instance-crowdsec start
    72      rune -1 wait-for-port -q 8083
    73      rune -0 wait-for-port -q 8080
    74  }
    75  
    76  @test "local_api_credentials.yaml.local" {
    77      rune -0 config_disable_agent
    78      echo "{'api':{'server':{'listen_uri':127.0.0.1:8083}}}" >"${CONFIG_YAML}.local"
    79      ./instance-crowdsec start
    80      rune -0 wait-for-port -q 8083
    81  
    82      rune -1 cscli decisions list
    83      echo "{'url':'http://127.0.0.1:8083'}" >"${LOCAL_API_CREDENTIALS}.local"
    84  
    85      rune -0 cscli decisions list
    86  }
    87  
    88  @test "simulation.yaml.local" {
    89      rune -0 config_get '.config_paths.simulation_path'
    90      refute_output null
    91      SIMULATION="${output}"
    92  
    93      echo "simulation: off" >"${SIMULATION}"
    94      rune -0 cscli simulation status -o human
    95      assert_stderr --partial "global simulation: disabled"
    96  
    97      echo "simulation: on" >"${SIMULATION}"
    98      rune -0 cscli simulation status -o human
    99      assert_stderr --partial "global simulation: enabled"
   100  
   101      echo "simulation: off" >"${SIMULATION}.local"
   102      rune -0 cscli simulation status -o human
   103      assert_stderr --partial "global simulation: disabled"
   104  
   105      rm -f "${SIMULATION}.local"
   106      rune -0 cscli simulation status -o human
   107      assert_stderr --partial "global simulation: enabled"
   108  }
   109  
   110  @test "profiles.yaml.local" {
   111      rune -0 config_get '.api.server.profiles_path'
   112      refute_output null
   113      PROFILES="${output}"
   114  
   115      cat <<-EOT >"${PROFILES}.local"
   116  	name: default_ip_remediation
   117  	filters:
   118  	 - Alert.Remediation == true && Alert.GetScope() == "Ip"
   119  	decisions:
   120  	 - type: captcha
   121  	   duration: 2h
   122  	on_success: break
   123  	EOT
   124  
   125      tmpfile=$(TMPDIR="${BATS_TEST_TMPDIR}" mktemp)
   126      touch "${tmpfile}"
   127      ACQUIS_YAML=$(config_get '.crowdsec_service.acquisition_path')
   128      echo -e "---\nfilename: ${tmpfile}\nlabels:\n  type: syslog\n" >>"${ACQUIS_YAML}"
   129  
   130      rune -0 cscli collections install crowdsecurity/sshd
   131      rune -0 cscli parsers install crowdsecurity/syslog-logs
   132  
   133      ./instance-crowdsec start
   134      sleep .5
   135      fake_log >>"${tmpfile}"
   136  
   137      # this could be simplified, but some systems are slow and we don't want to
   138      # wait more than required
   139      for ((i=0;i<30;i++)); do
   140          sleep .5
   141          rune -0 cscli decisions list -o json
   142          rune -0 jq --exit-status '.[].decisions[0] | [.value,.type] == ["1.1.1.172","captcha"]' <(output) && break
   143      done
   144      rm -f -- "${tmpfile}"
   145      [[ "${status}" -eq 0 ]] || fail "captcha not triggered"
   146  }