github.com/crowdsecurity/crowdsec@v1.6.1/test/bats/13_capi_whitelists.bats

github.com/crowdsecurity/crowdsec@v1.6.1/test/bats/13_capi_whitelists.bats (about)

     1  #!/usr/bin/env bats
     2  # vim: ft=bats:list:ts=8:sts=4:sw=4:et:ai:si:
     3  
     4  set -u
     5  
     6  setup_file() {
     7      load "../lib/setup_file.sh"
     8      CONFIG_DIR=$(dirname "$CONFIG_YAML")
     9      CAPI_WHITELISTS_YAML="$CONFIG_DIR/capi-whitelists.yaml"
    10      export CAPI_WHITELISTS_YAML
    11  }
    12  
    13  teardown_file() {
    14      load "../lib/teardown_file.sh"
    15  }
    16  
    17  setup() {
    18      load "../lib/setup.sh"
    19      load "../lib/bats-file/load.bash"
    20      ./instance-data load
    21      config_set '.common.log_media="stdout"'
    22      config_set '.api.server.capi_whitelists_path=strenv(CAPI_WHITELISTS_YAML)'
    23  }
    24  
    25  teardown() {
    26      ./instance-crowdsec stop
    27  }
    28  
    29  #----------
    30  
    31  @test "capi_whitelists: file missing" {
    32      rune -0 wait-for \
    33          --err "while opening capi whitelist file: open $CAPI_WHITELISTS_YAML: no such file or directory" \
    34          "${CROWDSEC}"
    35  }
    36  
    37  @test "capi_whitelists: error on open" {
    38      echo > "$CAPI_WHITELISTS_YAML"
    39      chmod 000 "$CAPI_WHITELISTS_YAML"
    40      if is_package_testing; then
    41          rune -0 wait-for \
    42              --err "while parsing capi whitelist file .*: empty file" \
    43              "${CROWDSEC}"
    44      else
    45          rune -0 wait-for \
    46              --err "while opening capi whitelist file: open $CAPI_WHITELISTS_YAML: permission denied" \
    47              "${CROWDSEC}"
    48      fi
    49  }
    50  
    51  @test "capi_whitelists: empty file" {
    52      echo > "$CAPI_WHITELISTS_YAML"
    53      rune -0 wait-for \
    54          --err "while parsing capi whitelist file '$CAPI_WHITELISTS_YAML': empty file" \
    55          "${CROWDSEC}"
    56  }
    57  
    58  @test "capi_whitelists: empty lists" {
    59      echo '{"ips": [], "cidrs": []}' > "$CAPI_WHITELISTS_YAML"
    60      rune -0 wait-for \
    61          --err "Starting processing data" \
    62          "${CROWDSEC}"
    63  }
    64  
    65  @test "capi_whitelists: bad ip" {
    66      echo '{"ips": ["blahblah"], "cidrs": []}' > "$CAPI_WHITELISTS_YAML"
    67      rune -0 wait-for \
    68          --err "while parsing capi whitelist file '$CAPI_WHITELISTS_YAML': invalid IP address: blahblah" \
    69          "${CROWDSEC}"
    70  }
    71  
    72  @test "capi_whitelists: bad cidr" {
    73      echo '{"ips": [], "cidrs": ["blahblah"]}' > "$CAPI_WHITELISTS_YAML"
    74      rune -0 wait-for \
    75          --err "while parsing capi whitelist file '$CAPI_WHITELISTS_YAML': invalid CIDR address: blahblah" \
    76          "${CROWDSEC}"
    77  }
    78  
    79  @test "capi_whitelists: file with ip and cidr values" {
    80      cat <<-EOT > "$CAPI_WHITELISTS_YAML"
    81  	ips:
    82  	- 1.2.3.4
    83  	- 2.3.4.5
    84  	cidrs:
    85  	- 1.2.3.0/24
    86  	EOT
    87  
    88      config_set '.common.log_level="trace"'
    89      rune -0 ./instance-crowdsec start
    90  }