github.com/crowdsecurity/crowdsec@v1.6.1/test/bats/20_hub_postoverflows.bats (about) 1 #!/usr/bin/env bats 2 # vim: ft=bats:list:ts=8:sts=4:sw=4:et:ai:si: 3 4 set -u 5 6 setup_file() { 7 load "../lib/setup_file.sh" 8 ./instance-data load 9 HUB_DIR=$(config_get '.config_paths.hub_dir') 10 export HUB_DIR 11 INDEX_PATH=$(config_get '.config_paths.index_path') 12 export INDEX_PATH 13 CONFIG_DIR=$(config_get '.config_paths.config_dir') 14 export CONFIG_DIR 15 } 16 17 teardown_file() { 18 load "../lib/teardown_file.sh" 19 } 20 21 setup() { 22 load "../lib/setup.sh" 23 load "../lib/bats-file/load.bash" 24 ./instance-data load 25 hub_strip_index 26 } 27 28 teardown() { 29 ./instance-crowdsec stop 30 } 31 32 #---------- 33 34 @test "cscli postoverflows list" { 35 hub_purge_all 36 37 # no items 38 rune -0 cscli postoverflows list 39 assert_output --partial "POSTOVERFLOWS" 40 rune -0 cscli postoverflows list -o json 41 assert_json '{postoverflows:[]}' 42 rune -0 cscli postoverflows list -o raw 43 assert_output 'name,status,version,description' 44 45 # some items 46 rune -0 cscli postoverflows install crowdsecurity/rdns crowdsecurity/cdn-whitelist 47 48 rune -0 cscli postoverflows list 49 assert_output --partial crowdsecurity/rdns 50 assert_output --partial crowdsecurity/cdn-whitelist 51 rune -0 grep -c enabled <(output) 52 assert_output "2" 53 54 rune -0 cscli postoverflows list -o json 55 assert_output --partial crowdsecurity/rdns 56 assert_output --partial crowdsecurity/cdn-whitelist 57 rune -0 jq '.postoverflows | length' <(output) 58 assert_output "2" 59 60 rune -0 cscli postoverflows list -o raw 61 assert_output --partial crowdsecurity/rdns 62 assert_output --partial crowdsecurity/cdn-whitelist 63 rune -0 grep -vc 'name,status,version,description' <(output) 64 assert_output "2" 65 } 66 67 @test "cscli postoverflows list -a" { 68 expected=$(jq <"$INDEX_PATH" -r '.postoverflows | length') 69 70 rune -0 cscli postoverflows list -a 71 rune -0 grep -c disabled <(output) 72 assert_output "$expected" 73 74 rune -0 cscli postoverflows list -o json -a 75 rune -0 jq '.postoverflows | length' <(output) 76 assert_output "$expected" 77 78 rune -0 cscli postoverflows list -o raw -a 79 rune -0 grep -vc 'name,status,version,description' <(output) 80 assert_output "$expected" 81 82 # the list should be the same in all formats, and sorted (not case sensitive) 83 84 list_raw=$(cscli postoverflows list -o raw -a | tail -n +2 | cut -d, -f1) 85 list_human=$(cscli postoverflows list -o human -a | tail -n +6 | head -n -1 | cut -d' ' -f2) 86 list_json=$(cscli postoverflows list -o json -a | jq -r '.postoverflows[].name') 87 88 rune -0 sort -f <<<"$list_raw" 89 assert_output "$list_raw" 90 91 assert_equal "$list_raw" "$list_json" 92 assert_equal "$list_raw" "$list_human" 93 } 94 95 @test "cscli postoverflows list [postoverflow]..." { 96 # non-existent 97 rune -1 cscli postoverflows install foo/bar 98 assert_stderr --partial "can't find 'foo/bar' in postoverflows" 99 100 # not installed 101 rune -0 cscli postoverflows list crowdsecurity/rdns 102 assert_output --regexp 'crowdsecurity/rdns.*disabled' 103 104 # install two items 105 rune -0 cscli postoverflows install crowdsecurity/rdns crowdsecurity/cdn-whitelist 106 107 # list an installed item 108 rune -0 cscli postoverflows list crowdsecurity/rdns 109 assert_output --regexp "crowdsecurity/rdns.*enabled" 110 refute_output --partial "crowdsecurity/cdn-whitelist" 111 112 # list multiple installed and non installed items 113 rune -0 cscli postoverflows list crowdsecurity/rdns crowdsecurity/cdn-whitelist crowdsecurity/ipv6_to_range 114 assert_output --partial "crowdsecurity/rdns" 115 assert_output --partial "crowdsecurity/cdn-whitelist" 116 assert_output --partial "crowdsecurity/ipv6_to_range" 117 118 rune -0 cscli postoverflows list crowdsecurity/rdns -o json 119 rune -0 jq '.postoverflows | length' <(output) 120 assert_output "1" 121 rune -0 cscli postoverflows list crowdsecurity/rdns crowdsecurity/cdn-whitelist crowdsecurity/ipv6_to_range -o json 122 rune -0 jq '.postoverflows | length' <(output) 123 assert_output "3" 124 125 rune -0 cscli postoverflows list crowdsecurity/rdns -o raw 126 rune -0 grep -vc 'name,status,version,description' <(output) 127 assert_output "1" 128 rune -0 cscli postoverflows list crowdsecurity/rdns crowdsecurity/cdn-whitelist crowdsecurity/ipv6_to_range -o raw 129 rune -0 grep -vc 'name,status,version,description' <(output) 130 assert_output "3" 131 } 132 133 @test "cscli postoverflows install" { 134 rune -1 cscli postoverflows install 135 assert_stderr --partial 'requires at least 1 arg(s), only received 0' 136 137 # not in hub 138 rune -1 cscli postoverflows install crowdsecurity/blahblah 139 assert_stderr --partial "can't find 'crowdsecurity/blahblah' in postoverflows" 140 141 # simple install 142 rune -0 cscli postoverflows install crowdsecurity/rdns 143 rune -0 cscli postoverflows inspect crowdsecurity/rdns --no-metrics 144 assert_output --partial 'crowdsecurity/rdns' 145 assert_output --partial 'installed: true' 146 147 # autocorrect 148 rune -1 cscli postoverflows install crowdsecurity/rdnf 149 assert_stderr --partial "can't find 'crowdsecurity/rdnf' in postoverflows, did you mean 'crowdsecurity/rdns'?" 150 151 # install multiple 152 rune -0 cscli postoverflows install crowdsecurity/rdns crowdsecurity/cdn-whitelist 153 rune -0 cscli postoverflows inspect crowdsecurity/rdns --no-metrics 154 assert_output --partial 'crowdsecurity/rdns' 155 assert_output --partial 'installed: true' 156 rune -0 cscli postoverflows inspect crowdsecurity/cdn-whitelist --no-metrics 157 assert_output --partial 'crowdsecurity/cdn-whitelist' 158 assert_output --partial 'installed: true' 159 } 160 161 @test "cscli postoverflows install (file location and download-only)" { 162 rune -0 cscli postoverflows install crowdsecurity/rdns --download-only 163 rune -0 cscli postoverflows inspect crowdsecurity/rdns --no-metrics 164 assert_output --partial 'crowdsecurity/rdns' 165 assert_output --partial 'installed: false' 166 assert_file_exists "$HUB_DIR/postoverflows/s00-enrich/crowdsecurity/rdns.yaml" 167 assert_file_not_exists "$CONFIG_DIR/postoverflows/s00-enrich/rdns.yaml" 168 169 rune -0 cscli postoverflows install crowdsecurity/rdns 170 rune -0 cscli postoverflows inspect crowdsecurity/rdns --no-metrics 171 assert_output --partial 'installed: true' 172 assert_file_exists "$CONFIG_DIR/postoverflows/s00-enrich/rdns.yaml" 173 } 174 175 @test "cscli postoverflows install --force (tainted)" { 176 rune -0 cscli postoverflows install crowdsecurity/rdns 177 echo "dirty" >"$CONFIG_DIR/postoverflows/s00-enrich/rdns.yaml" 178 179 rune -1 cscli postoverflows install crowdsecurity/rdns 180 assert_stderr --partial "error while installing 'crowdsecurity/rdns': while enabling crowdsecurity/rdns: crowdsecurity/rdns is tainted, won't enable unless --force" 181 182 rune -0 cscli postoverflows install crowdsecurity/rdns --force 183 assert_stderr --partial "crowdsecurity/rdns: overwrite" 184 assert_stderr --partial "Enabled crowdsecurity/rdns" 185 } 186 187 @test "cscli postoverflow install --ignore (skip on errors)" { 188 rune -1 cscli postoverflows install foo/bar crowdsecurity/rdns 189 assert_stderr --partial "can't find 'foo/bar' in postoverflows" 190 refute_stderr --partial "Enabled postoverflows: crowdsecurity/rdns" 191 192 rune -0 cscli postoverflows install foo/bar crowdsecurity/rdns --ignore 193 assert_stderr --partial "can't find 'foo/bar' in postoverflows" 194 assert_stderr --partial "Enabled postoverflows: crowdsecurity/rdns" 195 } 196 197 @test "cscli postoverflows inspect" { 198 rune -1 cscli postoverflows inspect 199 assert_stderr --partial 'requires at least 1 arg(s), only received 0' 200 # required for metrics 201 ./instance-crowdsec start 202 203 rune -1 cscli postoverflows inspect blahblah/blahblah 204 assert_stderr --partial "can't find 'blahblah/blahblah' in postoverflows" 205 206 # one item 207 rune -0 cscli postoverflows inspect crowdsecurity/rdns --no-metrics 208 assert_line 'type: postoverflows' 209 assert_line 'stage: s00-enrich' 210 assert_line 'name: crowdsecurity/rdns' 211 assert_line 'author: crowdsecurity' 212 assert_line 'path: postoverflows/s00-enrich/crowdsecurity/rdns.yaml' 213 assert_line 'installed: false' 214 refute_line --partial 'Current metrics:' 215 216 # one item, with metrics 217 rune -0 cscli postoverflows inspect crowdsecurity/rdns 218 assert_line --partial 'Current metrics:' 219 220 # one item, json 221 rune -0 cscli postoverflows inspect crowdsecurity/rdns -o json 222 rune -0 jq -c '[.type, .stage, .name, .author, .path, .installed]' <(output) 223 assert_json '["postoverflows","s00-enrich","crowdsecurity/rdns","crowdsecurity","postoverflows/s00-enrich/crowdsecurity/rdns.yaml",false]' 224 225 # one item, raw 226 rune -0 cscli postoverflows inspect crowdsecurity/rdns -o raw 227 assert_line 'type: postoverflows' 228 assert_line 'name: crowdsecurity/rdns' 229 assert_line 'stage: s00-enrich' 230 assert_line 'author: crowdsecurity' 231 assert_line 'path: postoverflows/s00-enrich/crowdsecurity/rdns.yaml' 232 assert_line 'installed: false' 233 refute_line --partial 'Current metrics:' 234 235 # multiple items 236 rune -0 cscli postoverflows inspect crowdsecurity/rdns crowdsecurity/cdn-whitelist --no-metrics 237 assert_output --partial 'crowdsecurity/rdns' 238 assert_output --partial 'crowdsecurity/cdn-whitelist' 239 rune -1 grep -c 'Current metrics:' <(output) 240 assert_output "0" 241 242 # multiple items, with metrics 243 rune -0 cscli postoverflows inspect crowdsecurity/rdns crowdsecurity/cdn-whitelist 244 rune -0 grep -c 'Current metrics:' <(output) 245 assert_output "2" 246 247 # multiple items, json 248 rune -0 cscli postoverflows inspect crowdsecurity/rdns crowdsecurity/cdn-whitelist -o json 249 rune -0 jq -sc '[.[] | [.type, .stage, .name, .author, .path, .installed]]' <(output) 250 assert_json '[["postoverflows","s00-enrich","crowdsecurity/rdns","crowdsecurity","postoverflows/s00-enrich/crowdsecurity/rdns.yaml",false],["postoverflows","s01-whitelist","crowdsecurity/cdn-whitelist","crowdsecurity","postoverflows/s01-whitelist/crowdsecurity/cdn-whitelist.yaml",false]]' 251 252 # multiple items, raw 253 rune -0 cscli postoverflows inspect crowdsecurity/rdns crowdsecurity/cdn-whitelist -o raw 254 assert_output --partial 'crowdsecurity/rdns' 255 assert_output --partial 'crowdsecurity/cdn-whitelist' 256 run -1 grep -c 'Current metrics:' <(output) 257 assert_output "0" 258 } 259 260 @test "cscli postoverflows remove" { 261 rune -1 cscli postoverflows remove 262 assert_stderr --partial "specify at least one postoverflow to remove or '--all'" 263 rune -1 cscli postoverflows remove blahblah/blahblah 264 assert_stderr --partial "can't find 'blahblah/blahblah' in postoverflows" 265 266 rune -0 cscli postoverflows install crowdsecurity/rdns --download-only 267 rune -0 cscli postoverflows remove crowdsecurity/rdns 268 assert_stderr --partial "removing crowdsecurity/rdns: not installed -- no need to remove" 269 270 rune -0 cscli postoverflows install crowdsecurity/rdns 271 rune -0 cscli postoverflows remove crowdsecurity/rdns 272 assert_stderr --partial 'Removed crowdsecurity/rdns' 273 274 rune -0 cscli postoverflows remove crowdsecurity/rdns --purge 275 assert_stderr --partial 'Removed source file [crowdsecurity/rdns]' 276 277 rune -0 cscli postoverflows remove crowdsecurity/rdns 278 assert_stderr --partial 'removing crowdsecurity/rdns: not installed -- no need to remove' 279 280 rune -0 cscli postoverflows remove crowdsecurity/rdns --purge --debug 281 assert_stderr --partial 'removing crowdsecurity/rdns: not downloaded -- no need to remove' 282 refute_stderr --partial 'Removed source file [crowdsecurity/rdns]' 283 284 # install, then remove, check files 285 rune -0 cscli postoverflows install crowdsecurity/rdns 286 assert_file_exists "$CONFIG_DIR/postoverflows/s00-enrich/rdns.yaml" 287 rune -0 cscli postoverflows remove crowdsecurity/rdns 288 assert_file_not_exists "$CONFIG_DIR/postoverflows/s00-enrich/rdns.yaml" 289 290 # delete is an alias for remove 291 rune -0 cscli postoverflows install crowdsecurity/rdns 292 assert_file_exists "$CONFIG_DIR/postoverflows/s00-enrich/rdns.yaml" 293 rune -0 cscli postoverflows delete crowdsecurity/rdns 294 assert_file_not_exists "$CONFIG_DIR/postoverflows/s00-enrich/rdns.yaml" 295 296 # purge 297 assert_file_exists "$HUB_DIR/postoverflows/s00-enrich/crowdsecurity/rdns.yaml" 298 rune -0 cscli postoverflows remove crowdsecurity/rdns --purge 299 assert_file_not_exists "$HUB_DIR/postoverflows/s00-enrich/crowdsecurity/rdns.yaml" 300 301 rune -0 cscli postoverflows install crowdsecurity/rdns crowdsecurity/cdn-whitelist 302 303 # --all 304 rune -0 cscli postoverflows list -o raw 305 rune -0 grep -vc 'name,status,version,description' <(output) 306 assert_output "2" 307 308 rune -0 cscli postoverflows remove --all 309 310 rune -0 cscli postoverflows list -o raw 311 rune -1 grep -vc 'name,status,version,description' <(output) 312 assert_output "0" 313 } 314 315 @test "cscli postoverflows remove --force" { 316 # remove a postoverflow that belongs to a collection 317 rune -0 cscli collections install crowdsecurity/auditd 318 rune -0 cscli postoverflows remove crowdsecurity/auditd-whitelisted-process 319 assert_stderr --partial "crowdsecurity/auditd-whitelisted-process belongs to collections: [crowdsecurity/auditd]" 320 assert_stderr --partial "Run 'sudo cscli postoverflows remove crowdsecurity/auditd-whitelisted-process --force' if you want to force remove this postoverflow" 321 } 322 323 @test "cscli postoverflows upgrade" { 324 rune -1 cscli postoverflows upgrade 325 assert_stderr --partial "specify at least one postoverflow to upgrade or '--all'" 326 rune -1 cscli postoverflows upgrade blahblah/blahblah 327 assert_stderr --partial "can't find 'blahblah/blahblah' in postoverflows" 328 rune -0 cscli postoverflows remove crowdsecurity/discord-crawler-whitelist --purge 329 rune -1 cscli postoverflows upgrade crowdsecurity/discord-crawler-whitelist 330 assert_stderr --partial "can't upgrade crowdsecurity/discord-crawler-whitelist: not installed" 331 rune -0 cscli postoverflows install crowdsecurity/discord-crawler-whitelist --download-only 332 rune -1 cscli postoverflows upgrade crowdsecurity/discord-crawler-whitelist 333 assert_stderr --partial "can't upgrade crowdsecurity/discord-crawler-whitelist: downloaded but not installed" 334 335 # hash of the string "v0.0" 336 sha256_0_0="dfebecf42784a31aa3d009dbcec0c657154a034b45f49cf22a895373f6dbf63d" 337 338 # add version 0.0 to all postoverflows 339 new_hub=$(jq --arg DIGEST "$sha256_0_0" <"$INDEX_PATH" '.postoverflows |= with_entries(.value.versions["0.0"] = {"digest": $DIGEST, "deprecated": false})') 340 echo "$new_hub" >"$INDEX_PATH" 341 342 rune -0 cscli postoverflows install crowdsecurity/rdns 343 344 echo "v0.0" > "$CONFIG_DIR/postoverflows/s00-enrich/rdns.yaml" 345 rune -0 cscli postoverflows inspect crowdsecurity/rdns -o json 346 rune -0 jq -e '.local_version=="0.0"' <(output) 347 348 # upgrade 349 rune -0 cscli postoverflows upgrade crowdsecurity/rdns 350 rune -0 cscli postoverflows inspect crowdsecurity/rdns -o json 351 rune -0 jq -e '.local_version==.version' <(output) 352 353 # taint 354 echo "dirty" >"$CONFIG_DIR/postoverflows/s00-enrich/rdns.yaml" 355 # XXX: should return error 356 rune -0 cscli postoverflows upgrade crowdsecurity/rdns 357 assert_stderr --partial "crowdsecurity/rdns is tainted, --force to overwrite" 358 rune -0 cscli postoverflows inspect crowdsecurity/rdns -o json 359 rune -0 jq -e '.local_version=="?"' <(output) 360 361 # force upgrade with taint 362 rune -0 cscli postoverflows upgrade crowdsecurity/rdns --force 363 rune -0 cscli postoverflows inspect crowdsecurity/rdns -o json 364 rune -0 jq -e '.local_version==.version' <(output) 365 366 # multiple items 367 rune -0 cscli postoverflows install crowdsecurity/cdn-whitelist 368 echo "v0.0" >"$CONFIG_DIR/postoverflows/s00-enrich/rdns.yaml" 369 echo "v0.0" >"$CONFIG_DIR/postoverflows/s01-whitelist/cdn-whitelist.yaml" 370 rune -0 cscli postoverflows list -o json 371 rune -0 jq -e '[.postoverflows[].local_version]==["0.0","0.0"]' <(output) 372 rune -0 cscli postoverflows upgrade crowdsecurity/rdns crowdsecurity/cdn-whitelist 373 rune -0 cscli postoverflows list -o json 374 rune -0 jq -e 'any(.postoverflows[].local_version; .=="0.0") | not' <(output) 375 376 # upgrade all 377 echo "v0.0" >"$CONFIG_DIR/postoverflows/s00-enrich/rdns.yaml" 378 echo "v0.0" >"$CONFIG_DIR/postoverflows/s01-whitelist/cdn-whitelist.yaml" 379 rune -0 cscli postoverflows list -o json 380 rune -0 jq -e '[.postoverflows[].local_version]==["0.0","0.0"]' <(output) 381 rune -0 cscli postoverflows upgrade --all 382 rune -0 cscli postoverflows list -o json 383 rune -0 jq -e 'any(.postoverflows[].local_version; .=="0.0") | not' <(output) 384 }