github.com/crowdsecurity/crowdsec@v1.6.1/test/bats/20_hub.bats

github.com/crowdsecurity/crowdsec@v1.6.1/test/bats/20_hub.bats (about)

     1  #!/usr/bin/env bats
     2  # vim: ft=bats:list:ts=8:sts=4:sw=4:et:ai:si:
     3  
     4  set -u
     5  
     6  setup_file() {
     7      load "../lib/setup_file.sh"
     8      ./instance-data load
     9      INDEX_PATH=$(config_get '.config_paths.index_path')
    10      export INDEX_PATH
    11      CONFIG_DIR=$(config_get '.config_paths.config_dir')
    12      export CONFIG_DIR
    13  }
    14  
    15  teardown_file() {
    16      load "../lib/teardown_file.sh"
    17  }
    18  
    19  setup() {
    20      load "../lib/setup.sh"
    21      load "../lib/bats-file/load.bash"
    22      ./instance-data load
    23      hub_strip_index
    24  }
    25  
    26  teardown() {
    27      :
    28  }
    29  
    30  #----------
    31  
    32  @test "cscli hub list" {
    33      hub_purge_all
    34  
    35      # no items
    36      rune -0 cscli hub list
    37      assert_output "No items to display"
    38      rune -0 cscli hub list -o json
    39      assert_json '{"appsec-configs":[],"appsec-rules":[],parsers:[],scenarios:[],collections:[],contexts:[],postoverflows:[]}'
    40      rune -0 cscli hub list -o raw
    41      assert_output 'name,status,version,description,type'
    42  
    43      # some items: with output=human, show only non-empty tables
    44      rune -0 cscli parsers install crowdsecurity/whitelists
    45      rune -0 cscli scenarios install crowdsecurity/telnet-bf
    46      rune -0 cscli hub list
    47      assert_output --regexp ".*PARSERS.*crowdsecurity/whitelists.*SCENARIOS.*crowdsecurity/telnet-bf.*"
    48      refute_output --partial 'POSTOVERFLOWS'
    49      refute_output --partial 'COLLECTIONS'
    50  
    51      rune -0 cscli hub list -o json
    52      rune -0 jq -e '(.parsers | length == 1) and (.scenarios | length == 1)' <(output)
    53      rune -0 cscli hub list -o raw
    54      assert_output --partial 'crowdsecurity/whitelists'
    55      assert_output --partial 'crowdsecurity/telnet-bf'
    56      refute_output --partial 'crowdsecurity/iptables'
    57  
    58      # all items
    59      mkdir -p "$CONFIG_DIR/contexts"
    60      # there are no contexts yet, so we create a local one
    61      touch "$CONFIG_DIR/contexts/mycontext.yaml"
    62      rune -0 cscli hub list -a
    63      assert_output --regexp ".*PARSERS.*crowdsecurity/whitelists.*POSTOVERFLOWS.*SCENARIOS.*crowdsecurity/telnet-bf.*CONTEXTS.*mycontext.yaml.*COLLECTIONS.*crowdsecurity/iptables.*"
    64      rune -0 cscli hub list -a -o json
    65      rune -0 jq -e '(.parsers | length > 1) and (.scenarios | length > 1)' <(output)
    66      rune -0 cscli hub list -a -o raw
    67      assert_output --partial 'crowdsecurity/whitelists'
    68      assert_output --partial 'crowdsecurity/telnet-bf'
    69      assert_output --partial 'crowdsecurity/iptables'
    70  }
    71  
    72  @test "cscli hub list (invalid index)" {
    73      new_hub=$(jq <"$INDEX_PATH" '."appsec-rules"."crowdsecurity/vpatch-laravel-debug-mode".version="999"')
    74      echo "$new_hub" >"$INDEX_PATH"
    75      rune -0 cscli hub list --error
    76      assert_stderr --partial "invalid hub item appsec-rules:crowdsecurity/vpatch-laravel-debug-mode: latest version missing from index"
    77  
    78      rune -1 cscli appsec-rules install crowdsecurity/vpatch-laravel-debug-mode --force
    79      assert_stderr --partial "error while installing 'crowdsecurity/vpatch-laravel-debug-mode': while downloading crowdsecurity/vpatch-laravel-debug-mode: latest hash missing from index"
    80  }
    81  
    82  @test "missing reference in hub index" {
    83      new_hub=$(jq <"$INDEX_PATH" 'del(.parsers."crowdsecurity/smb-logs") | del (.scenarios."crowdsecurity/mysql-bf")')
    84      echo "$new_hub" >"$INDEX_PATH"
    85      rune -0 cscli hub list --error
    86      assert_stderr --partial "can't find crowdsecurity/smb-logs in parsers, required by crowdsecurity/smb"
    87      assert_stderr --partial "can't find crowdsecurity/mysql-bf in scenarios, required by crowdsecurity/mysql"
    88  }
    89  
    90  @test "loading hub reports tainted items (subitem is tainted)" {
    91      rune -0 cscli collections install crowdsecurity/sshd
    92      rune -0 cscli hub list
    93      refute_stderr --partial "tainted"
    94      rune -0 truncate -s0 "$CONFIG_DIR/parsers/s01-parse/sshd-logs.yaml"
    95      rune -0 cscli hub list
    96      assert_stderr --partial "crowdsecurity/sshd is tainted by parsers:crowdsecurity/sshd-logs"
    97  }
    98  
    99  @test "loading hub reports tainted items (subitem is not installed)" {
   100      rune -0 cscli collections install crowdsecurity/sshd
   101      rune -0 cscli hub list
   102      refute_stderr --partial "tainted"
   103      rune -0 rm "$CONFIG_DIR/parsers/s01-parse/sshd-logs.yaml"
   104      rune -0 cscli hub list
   105      assert_stderr --partial "crowdsecurity/sshd is tainted by missing parsers:crowdsecurity/sshd-logs"
   106  }
   107  
   108  @test "cscli hub update" {
   109      rm -f "$INDEX_PATH"
   110      rune -0 cscli hub update
   111      assert_stderr --partial "Wrote index to $INDEX_PATH"
   112      rune -0 cscli hub update
   113      assert_stderr --partial "hub index is up to date"
   114  }
   115  
   116  @test "cscli hub upgrade" {
   117      rune -0 cscli hub upgrade
   118      assert_stderr --partial "Upgrading parsers"
   119      assert_stderr --partial "Upgraded 0 parsers"
   120      assert_stderr --partial "Upgrading postoverflows"
   121      assert_stderr --partial "Upgraded 0 postoverflows"
   122      assert_stderr --partial "Upgrading scenarios"
   123      assert_stderr --partial "Upgraded 0 scenarios"
   124      assert_stderr --partial "Upgrading contexts"
   125      assert_stderr --partial "Upgraded 0 contexts"
   126      assert_stderr --partial "Upgrading collections"
   127      assert_stderr --partial "Upgraded 0 collections"
   128  
   129      rune -0 cscli parsers install crowdsecurity/syslog-logs
   130      rune -0 cscli hub upgrade
   131      assert_stderr --partial "crowdsecurity/syslog-logs: up-to-date"
   132  
   133      rune -0 cscli hub upgrade --force
   134      assert_stderr --partial "crowdsecurity/syslog-logs: overwrite"
   135      assert_stderr --partial "crowdsecurity/syslog-logs: updated"
   136      assert_stderr --partial "Upgraded 1 parsers"
   137      # this is used by the cron script to know if the hub was updated
   138      assert_output --partial "updated crowdsecurity/syslog-logs"
   139  }
   140  
   141  @test "cscli hub upgrade (with local items)" {
   142      mkdir -p "$CONFIG_DIR/collections"
   143      touch "$CONFIG_DIR/collections/foo.yaml"
   144      rune -0 cscli hub upgrade
   145      assert_stderr --partial "not upgrading foo.yaml: local item"
   146  }
   147  
   148  @test "cscli hub types" {
   149      rune -0 cscli hub types -o raw
   150      assert_line "parsers"
   151      assert_line "postoverflows"
   152      assert_line "scenarios"
   153      assert_line "contexts"
   154      assert_line "collections"
   155      rune -0 cscli hub types -o human
   156      rune -0 yq -o json <(output)
   157      assert_json '["parsers","postoverflows","scenarios","contexts","appsec-configs","appsec-rules","collections"]'
   158      rune -0 cscli hub types -o json
   159      assert_json '["parsers","postoverflows","scenarios","contexts","appsec-configs","appsec-rules","collections"]'
   160  }