github.com/crowdsecurity/crowdsec@v1.6.1/test/bats/20_hub_collections.bats (about) 1 #!/usr/bin/env bats 2 # vim: ft=bats:list:ts=8:sts=4:sw=4:et:ai:si: 3 4 set -u 5 6 setup_file() { 7 load "../lib/setup_file.sh" 8 ./instance-data load 9 HUB_DIR=$(config_get '.config_paths.hub_dir') 10 export HUB_DIR 11 INDEX_PATH=$(config_get '.config_paths.index_path') 12 export INDEX_PATH 13 CONFIG_DIR=$(config_get '.config_paths.config_dir') 14 export CONFIG_DIR 15 } 16 17 teardown_file() { 18 load "../lib/teardown_file.sh" 19 } 20 21 setup() { 22 load "../lib/setup.sh" 23 load "../lib/bats-file/load.bash" 24 ./instance-data load 25 hub_strip_index 26 } 27 28 teardown() { 29 ./instance-crowdsec stop 30 } 31 32 #---------- 33 34 @test "cscli collections list" { 35 hub_purge_all 36 37 # no items 38 rune -0 cscli collections list 39 assert_output --partial "COLLECTIONS" 40 rune -0 cscli collections list -o json 41 assert_json '{collections:[]}' 42 rune -0 cscli collections list -o raw 43 assert_output 'name,status,version,description' 44 45 # some items 46 rune -0 cscli collections install crowdsecurity/sshd crowdsecurity/smb 47 48 rune -0 cscli collections list 49 assert_output --partial crowdsecurity/sshd 50 assert_output --partial crowdsecurity/smb 51 rune -0 grep -c enabled <(output) 52 assert_output "2" 53 54 rune -0 cscli collections list -o json 55 assert_output --partial crowdsecurity/sshd 56 assert_output --partial crowdsecurity/smb 57 rune -0 jq '.collections | length' <(output) 58 assert_output "2" 59 60 rune -0 cscli collections list -o raw 61 assert_output --partial crowdsecurity/sshd 62 assert_output --partial crowdsecurity/smb 63 rune -0 grep -vc 'name,status,version,description' <(output) 64 assert_output "2" 65 } 66 67 @test "cscli collections list -a" { 68 expected=$(jq <"$INDEX_PATH" -r '.collections | length') 69 70 rune -0 cscli collections list -a 71 rune -0 grep -c disabled <(output) 72 assert_output "$expected" 73 74 rune -0 cscli collections list -o json -a 75 rune -0 jq '.collections | length' <(output) 76 assert_output "$expected" 77 78 rune -0 cscli collections list -o raw -a 79 rune -0 grep -vc 'name,status,version,description' <(output) 80 assert_output "$expected" 81 82 # the list should be the same in all formats, and sorted (not case sensitive) 83 84 list_raw=$(cscli collections list -o raw -a | tail -n +2 | cut -d, -f1) 85 list_human=$(cscli collections list -o human -a | tail -n +6 | head -n -1 | cut -d' ' -f2) 86 list_json=$(cscli collections list -o json -a | jq -r '.collections[].name') 87 88 rune -0 sort -f <<<"$list_raw" 89 assert_output "$list_raw" 90 91 assert_equal "$list_raw" "$list_json" 92 assert_equal "$list_raw" "$list_human" 93 } 94 95 @test "cscli collections list [collection]..." { 96 # non-existent 97 rune -1 cscli collections install foo/bar 98 assert_stderr --partial "can't find 'foo/bar' in collections" 99 100 # not installed 101 rune -0 cscli collections list crowdsecurity/smb 102 assert_output --regexp 'crowdsecurity/smb.*disabled' 103 104 # install two items 105 rune -0 cscli collections install crowdsecurity/sshd crowdsecurity/smb 106 107 # list an installed item 108 rune -0 cscli collections list crowdsecurity/sshd 109 assert_output --regexp "crowdsecurity/sshd" 110 refute_output --partial "crowdsecurity/smb" 111 112 # list multiple installed and non installed items 113 rune -0 cscli collections list crowdsecurity/sshd crowdsecurity/smb crowdsecurity/nginx 114 assert_output --partial "crowdsecurity/sshd" 115 assert_output --partial "crowdsecurity/smb" 116 assert_output --partial "crowdsecurity/nginx" 117 118 rune -0 cscli collections list crowdsecurity/sshd -o json 119 rune -0 jq '.collections | length' <(output) 120 assert_output "1" 121 rune -0 cscli collections list crowdsecurity/sshd crowdsecurity/smb crowdsecurity/nginx -o json 122 rune -0 jq '.collections | length' <(output) 123 assert_output "3" 124 125 rune -0 cscli collections list crowdsecurity/sshd -o raw 126 rune -0 grep -vc 'name,status,version,description' <(output) 127 assert_output "1" 128 rune -0 cscli collections list crowdsecurity/sshd crowdsecurity/smb -o raw 129 rune -0 grep -vc 'name,status,version,description' <(output) 130 assert_output "2" 131 } 132 133 @test "cscli collections install" { 134 rune -1 cscli collections install 135 assert_stderr --partial 'requires at least 1 arg(s), only received 0' 136 137 # not in hub 138 rune -1 cscli collections install crowdsecurity/blahblah 139 assert_stderr --partial "can't find 'crowdsecurity/blahblah' in collections" 140 141 # simple install 142 rune -0 cscli collections install crowdsecurity/sshd 143 rune -0 cscli collections inspect crowdsecurity/sshd --no-metrics 144 assert_output --partial 'crowdsecurity/sshd' 145 assert_output --partial 'installed: true' 146 147 # autocorrect 148 rune -1 cscli collections install crowdsecurity/ssshd 149 assert_stderr --partial "can't find 'crowdsecurity/ssshd' in collections, did you mean 'crowdsecurity/sshd'?" 150 151 # install multiple 152 rune -0 cscli collections install crowdsecurity/sshd crowdsecurity/smb 153 rune -0 cscli collections inspect crowdsecurity/sshd --no-metrics 154 assert_output --partial 'crowdsecurity/sshd' 155 assert_output --partial 'installed: true' 156 rune -0 cscli collections inspect crowdsecurity/smb --no-metrics 157 assert_output --partial 'crowdsecurity/smb' 158 assert_output --partial 'installed: true' 159 } 160 161 @test "cscli collections install (file location and download-only)" { 162 rune -0 cscli collections install crowdsecurity/linux --download-only 163 rune -0 cscli collections inspect crowdsecurity/linux --no-metrics 164 assert_output --partial 'crowdsecurity/linux' 165 assert_output --partial 'installed: false' 166 assert_file_exists "$HUB_DIR/collections/crowdsecurity/linux.yaml" 167 assert_file_not_exists "$CONFIG_DIR/collections/linux.yaml" 168 169 rune -0 cscli collections install crowdsecurity/linux 170 rune -0 cscli collections inspect crowdsecurity/linux --no-metrics 171 assert_output --partial 'installed: true' 172 assert_file_exists "$CONFIG_DIR/collections/linux.yaml" 173 } 174 175 @test "cscli collections install --force (tainted)" { 176 rune -0 cscli collections install crowdsecurity/sshd 177 echo "dirty" >"$CONFIG_DIR/collections/sshd.yaml" 178 179 rune -1 cscli collections install crowdsecurity/sshd 180 assert_stderr --partial "error while installing 'crowdsecurity/sshd': while enabling crowdsecurity/sshd: crowdsecurity/sshd is tainted, won't enable unless --force" 181 182 rune -0 cscli collections install crowdsecurity/sshd --force 183 assert_stderr --partial "crowdsecurity/sshd: overwrite" 184 assert_stderr --partial "Enabled crowdsecurity/sshd" 185 } 186 187 @test "cscli collections install --ignore (skip on errors)" { 188 rune -1 cscli collections install foo/bar crowdsecurity/sshd 189 assert_stderr --partial "can't find 'foo/bar' in collections" 190 refute_stderr --partial "Enabled collections: crowdsecurity/sshd" 191 192 rune -0 cscli collections install foo/bar crowdsecurity/sshd --ignore 193 assert_stderr --partial "can't find 'foo/bar' in collections" 194 assert_stderr --partial "Enabled collections: crowdsecurity/sshd" 195 } 196 197 @test "cscli collections inspect" { 198 rune -1 cscli collections inspect 199 assert_stderr --partial 'requires at least 1 arg(s), only received 0' 200 # required for metrics 201 ./instance-crowdsec start 202 203 rune -1 cscli collections inspect blahblah/blahblah 204 assert_stderr --partial "can't find 'blahblah/blahblah' in collections" 205 206 # one item 207 rune -0 cscli collections inspect crowdsecurity/sshd --no-metrics 208 assert_line 'type: collections' 209 assert_line 'name: crowdsecurity/sshd' 210 assert_line 'author: crowdsecurity' 211 assert_line 'path: collections/crowdsecurity/sshd.yaml' 212 assert_line 'installed: false' 213 refute_line --partial 'Current metrics:' 214 215 # one item, with metrics 216 rune -0 cscli collections inspect crowdsecurity/sshd 217 assert_line --partial 'Current metrics:' 218 219 # one item, json 220 rune -0 cscli collections inspect crowdsecurity/sshd -o json 221 rune -0 jq -c '[.type, .name, .author, .path, .installed]' <(output) 222 assert_json '["collections","crowdsecurity/sshd","crowdsecurity","collections/crowdsecurity/sshd.yaml",false]' 223 224 # one item, raw 225 rune -0 cscli collections inspect crowdsecurity/sshd -o raw 226 assert_line 'type: collections' 227 assert_line 'name: crowdsecurity/sshd' 228 assert_line 'author: crowdsecurity' 229 assert_line 'path: collections/crowdsecurity/sshd.yaml' 230 assert_line 'installed: false' 231 refute_line --partial 'Current metrics:' 232 233 # multiple items 234 rune -0 cscli collections inspect crowdsecurity/sshd crowdsecurity/smb --no-metrics 235 assert_output --partial 'crowdsecurity/sshd' 236 assert_output --partial 'crowdsecurity/smb' 237 rune -1 grep -c 'Current metrics:' <(output) 238 assert_output "0" 239 240 # multiple items, with metrics 241 rune -0 cscli collections inspect crowdsecurity/sshd crowdsecurity/smb 242 rune -0 grep -c 'Current metrics:' <(output) 243 assert_output "2" 244 245 # multiple items, json 246 rune -0 cscli collections inspect crowdsecurity/sshd crowdsecurity/smb -o json 247 rune -0 jq -sc '[.[] | [.type, .name, .author, .path, .installed]]' <(output) 248 assert_json '[["collections","crowdsecurity/sshd","crowdsecurity","collections/crowdsecurity/sshd.yaml",false],["collections","crowdsecurity/smb","crowdsecurity","collections/crowdsecurity/smb.yaml",false]]' 249 250 # multiple items, raw 251 rune -0 cscli collections inspect crowdsecurity/sshd crowdsecurity/smb -o raw 252 assert_output --partial 'crowdsecurity/sshd' 253 assert_output --partial 'crowdsecurity/smb' 254 rune -1 grep -c 'Current metrics:' <(output) 255 assert_output "0" 256 } 257 258 @test "cscli collections remove" { 259 rune -1 cscli collections remove 260 assert_stderr --partial "specify at least one collection to remove or '--all'" 261 rune -1 cscli collections remove blahblah/blahblah 262 assert_stderr --partial "can't find 'blahblah/blahblah' in collections" 263 264 rune -0 cscli collections install crowdsecurity/sshd --download-only 265 rune -0 cscli collections remove crowdsecurity/sshd 266 assert_stderr --partial 'removing crowdsecurity/sshd: not installed -- no need to remove' 267 268 rune -0 cscli collections install crowdsecurity/sshd 269 rune -0 cscli collections remove crowdsecurity/sshd 270 assert_stderr --partial 'Removed crowdsecurity/sshd' 271 272 rune -0 cscli collections remove crowdsecurity/sshd --purge 273 assert_stderr --partial 'Removed source file [crowdsecurity/sshd]' 274 275 rune -0 cscli collections remove crowdsecurity/sshd 276 assert_stderr --partial 'removing crowdsecurity/sshd: not installed -- no need to remove' 277 278 rune -0 cscli collections remove crowdsecurity/sshd --purge --debug 279 assert_stderr --partial 'removing crowdsecurity/sshd: not downloaded -- no need to remove' 280 refute_stderr --partial 'Removed source file [crowdsecurity/sshd]' 281 282 # install, then remove, check files 283 rune -0 cscli collections install crowdsecurity/sshd 284 assert_file_exists "$CONFIG_DIR/collections/sshd.yaml" 285 rune -0 cscli collections remove crowdsecurity/sshd 286 assert_file_not_exists "$CONFIG_DIR/collections/sshd.yaml" 287 288 # delete is an alias for remove 289 rune -0 cscli collections install crowdsecurity/sshd 290 assert_file_exists "$CONFIG_DIR/collections/sshd.yaml" 291 rune -0 cscli collections delete crowdsecurity/sshd 292 assert_file_not_exists "$CONFIG_DIR/collections/sshd.yaml" 293 294 # purge 295 assert_file_exists "$HUB_DIR/collections/crowdsecurity/sshd.yaml" 296 rune -0 cscli collections remove crowdsecurity/sshd --purge 297 assert_file_not_exists "$HUB_DIR/collections/crowdsecurity/sshd.yaml" 298 299 rune -0 cscli collections install crowdsecurity/sshd crowdsecurity/smb 300 301 # --all 302 rune -0 cscli collections list -o raw 303 rune -0 grep -vc 'name,status,version,description' <(output) 304 assert_output "2" 305 306 rune -0 cscli collections remove --all 307 308 rune -0 cscli collections list -o raw 309 rune -1 grep -vc 'name,status,version,description' <(output) 310 assert_output "0" 311 } 312 313 @test "cscli collections remove --force" { 314 # remove a collections that belongs to a collection 315 rune -0 cscli collections install crowdsecurity/linux 316 rune -0 cscli collections remove crowdsecurity/sshd 317 assert_stderr --partial "crowdsecurity/sshd belongs to collections: [crowdsecurity/linux]" 318 assert_stderr --partial "Run 'sudo cscli collections remove crowdsecurity/sshd --force' if you want to force remove this collection" 319 } 320 321 @test "cscli collections upgrade" { 322 rune -1 cscli collections upgrade 323 assert_stderr --partial "specify at least one collection to upgrade or '--all'" 324 rune -1 cscli collections upgrade blahblah/blahblah 325 assert_stderr --partial "can't find 'blahblah/blahblah' in collections" 326 rune -0 cscli collections remove crowdsecurity/exim --purge 327 rune -1 cscli collections upgrade crowdsecurity/exim 328 assert_stderr --partial "can't upgrade crowdsecurity/exim: not installed" 329 rune -0 cscli collections install crowdsecurity/exim --download-only 330 rune -1 cscli collections upgrade crowdsecurity/exim 331 assert_stderr --partial "can't upgrade crowdsecurity/exim: downloaded but not installed" 332 333 # hash of the string "v0.0" 334 sha256_0_0="dfebecf42784a31aa3d009dbcec0c657154a034b45f49cf22a895373f6dbf63d" 335 336 # add version 0.0 to all collections 337 new_hub=$(jq --arg DIGEST "$sha256_0_0" <"$INDEX_PATH" '.collections |= with_entries(.value.versions["0.0"] = {"digest": $DIGEST, "deprecated": false})') 338 echo "$new_hub" >"$INDEX_PATH" 339 340 rune -0 cscli collections install crowdsecurity/sshd 341 342 echo "v0.0" > "$CONFIG_DIR/collections/sshd.yaml" 343 rune -0 cscli collections inspect crowdsecurity/sshd -o json 344 rune -0 jq -e '.local_version=="0.0"' <(output) 345 346 # upgrade 347 rune -0 cscli collections upgrade crowdsecurity/sshd 348 rune -0 cscli collections inspect crowdsecurity/sshd -o json 349 rune -0 jq -e '.local_version==.version' <(output) 350 351 # taint 352 echo "dirty" >"$CONFIG_DIR/collections/sshd.yaml" 353 # XXX: should return error 354 rune -0 cscli collections upgrade crowdsecurity/sshd 355 assert_stderr --partial "crowdsecurity/sshd is tainted, --force to overwrite" 356 rune -0 cscli collections inspect crowdsecurity/sshd -o json 357 rune -0 jq -e '.local_version=="?"' <(output) 358 359 # force upgrade with taint 360 rune -0 cscli collections upgrade crowdsecurity/sshd --force 361 rune -0 cscli collections inspect crowdsecurity/sshd -o json 362 rune -0 jq -e '.local_version==.version' <(output) 363 364 # multiple items 365 rune -0 cscli collections install crowdsecurity/smb 366 echo "v0.0" >"$CONFIG_DIR/collections/sshd.yaml" 367 echo "v0.0" >"$CONFIG_DIR/collections/smb.yaml" 368 rune -0 cscli collections list -o json 369 rune -0 jq -e '[.collections[].local_version]==["0.0","0.0"]' <(output) 370 rune -0 cscli collections upgrade crowdsecurity/sshd crowdsecurity/smb 371 rune -0 cscli collections list -o json 372 rune -0 jq -e 'any(.collections[].local_version; .=="0.0") | not' <(output) 373 374 # upgrade all 375 echo "v0.0" >"$CONFIG_DIR/collections/sshd.yaml" 376 echo "v0.0" >"$CONFIG_DIR/collections/smb.yaml" 377 rune -0 cscli collections list -o json 378 rune -0 jq -e '[.collections[].local_version]==["0.0","0.0"]' <(output) 379 rune -0 cscli collections upgrade --all 380 rune -0 cscli collections list -o json 381 rune -0 jq -e 'any(.collections[].local_version; .=="0.0") | not' <(output) 382 }