2023-10-16 11:12:53 +00:00
|
|
|
#!/usr/bin/env bats
|
|
|
|
# vim: ft=bats:list:ts=8:sts=4:sw=4:et:ai:si:
|
|
|
|
|
|
|
|
set -u
|
|
|
|
|
|
|
|
setup_file() {
|
|
|
|
load "../lib/setup_file.sh"
|
2023-10-30 16:23:50 +00:00
|
|
|
./instance-data load
|
2023-10-16 11:12:53 +00:00
|
|
|
HUB_DIR=$(config_get '.config_paths.hub_dir')
|
|
|
|
export HUB_DIR
|
|
|
|
CONFIG_DIR=$(config_get '.config_paths.config_dir')
|
|
|
|
export CONFIG_DIR
|
|
|
|
}
|
|
|
|
|
|
|
|
teardown_file() {
|
|
|
|
load "../lib/teardown_file.sh"
|
|
|
|
}
|
|
|
|
|
|
|
|
setup() {
|
|
|
|
load "../lib/setup.sh"
|
|
|
|
load "../lib/bats-file/load.bash"
|
|
|
|
./instance-data load
|
2023-10-30 16:23:50 +00:00
|
|
|
hub_purge_all
|
|
|
|
hub_strip_index
|
2023-10-16 11:12:53 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
teardown() {
|
|
|
|
./instance-crowdsec stop
|
|
|
|
}
|
|
|
|
|
|
|
|
#----------
|
|
|
|
|
|
|
|
@test "cscli collections list" {
|
|
|
|
# no items
|
|
|
|
rune -0 cscli collections list
|
|
|
|
assert_output --partial "COLLECTIONS"
|
|
|
|
rune -0 cscli collections list -o json
|
|
|
|
assert_json '{collections:[]}'
|
|
|
|
rune -0 cscli collections list -o raw
|
|
|
|
assert_output 'name,status,version,description'
|
|
|
|
|
|
|
|
# some items
|
|
|
|
rune -0 cscli collections install crowdsecurity/sshd crowdsecurity/smb
|
|
|
|
|
|
|
|
rune -0 cscli collections list
|
|
|
|
assert_output --partial crowdsecurity/sshd
|
|
|
|
assert_output --partial crowdsecurity/smb
|
|
|
|
rune -0 grep -c enabled <(output)
|
|
|
|
assert_output "2"
|
|
|
|
|
|
|
|
rune -0 cscli collections list -o json
|
|
|
|
assert_output --partial crowdsecurity/sshd
|
|
|
|
assert_output --partial crowdsecurity/smb
|
|
|
|
rune -0 jq '.collections | length' <(output)
|
|
|
|
assert_output "2"
|
|
|
|
|
|
|
|
rune -0 cscli collections list -o raw
|
|
|
|
assert_output --partial crowdsecurity/sshd
|
|
|
|
assert_output --partial crowdsecurity/smb
|
|
|
|
rune -0 grep -vc 'name,status,version,description' <(output)
|
|
|
|
assert_output "2"
|
|
|
|
}
|
|
|
|
|
|
|
|
@test "cscli collections list -a" {
|
|
|
|
expected=$(jq <"$HUB_DIR/.index.json" -r '.collections | length')
|
|
|
|
|
|
|
|
rune -0 cscli collections list -a
|
|
|
|
rune -0 grep -c disabled <(output)
|
|
|
|
assert_output "$expected"
|
|
|
|
|
|
|
|
rune -0 cscli collections list -o json -a
|
|
|
|
rune -0 jq '.collections | length' <(output)
|
|
|
|
assert_output "$expected"
|
|
|
|
|
|
|
|
rune -0 cscli collections list -o raw -a
|
|
|
|
rune -0 grep -vc 'name,status,version,description' <(output)
|
|
|
|
assert_output "$expected"
|
2023-10-30 16:23:50 +00:00
|
|
|
|
|
|
|
# XXX: check alphabetical order in human, json, raw
|
2023-10-16 11:12:53 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
@test "cscli collections list [collection]..." {
|
2023-11-08 12:21:59 +00:00
|
|
|
# non-existent
|
|
|
|
rune -1 cscli collections install foo/bar
|
|
|
|
assert_stderr --partial "can't find 'foo/bar' in collections"
|
|
|
|
|
|
|
|
# not installed
|
|
|
|
rune -0 cscli collections list crowdsecurity/smb
|
|
|
|
assert_output --regexp 'crowdsecurity/smb.*disabled'
|
|
|
|
|
|
|
|
# install two items
|
2023-10-16 11:12:53 +00:00
|
|
|
rune -0 cscli collections install crowdsecurity/sshd crowdsecurity/smb
|
|
|
|
|
2023-11-08 12:21:59 +00:00
|
|
|
# list an installed item
|
2023-10-16 11:12:53 +00:00
|
|
|
rune -0 cscli collections list crowdsecurity/sshd
|
2023-11-08 12:21:59 +00:00
|
|
|
assert_output --regexp "crowdsecurity/sshd"
|
2023-10-16 11:12:53 +00:00
|
|
|
refute_output --partial "crowdsecurity/smb"
|
|
|
|
|
2023-11-08 12:21:59 +00:00
|
|
|
# list multiple installed and non installed items
|
|
|
|
rune -0 cscli collections list crowdsecurity/sshd crowdsecurity/smb crowdsecurity/nginx
|
2023-10-16 11:12:53 +00:00
|
|
|
assert_output --partial "crowdsecurity/sshd"
|
|
|
|
assert_output --partial "crowdsecurity/smb"
|
2023-11-08 12:21:59 +00:00
|
|
|
assert_output --partial "crowdsecurity/nginx"
|
2023-10-16 11:12:53 +00:00
|
|
|
|
|
|
|
rune -0 cscli collections list crowdsecurity/sshd -o json
|
|
|
|
rune -0 jq '.collections | length' <(output)
|
|
|
|
assert_output "1"
|
2023-11-08 12:21:59 +00:00
|
|
|
rune -0 cscli collections list crowdsecurity/sshd crowdsecurity/smb crowdsecurity/nginx -o json
|
2023-10-16 11:12:53 +00:00
|
|
|
rune -0 jq '.collections | length' <(output)
|
2023-11-08 12:21:59 +00:00
|
|
|
assert_output "3"
|
2023-10-16 11:12:53 +00:00
|
|
|
|
|
|
|
rune -0 cscli collections list crowdsecurity/sshd -o raw
|
|
|
|
rune -0 grep -vc 'name,status,version,description' <(output)
|
|
|
|
assert_output "1"
|
|
|
|
rune -0 cscli collections list crowdsecurity/sshd crowdsecurity/smb -o raw
|
|
|
|
rune -0 grep -vc 'name,status,version,description' <(output)
|
|
|
|
assert_output "2"
|
|
|
|
}
|
|
|
|
|
|
|
|
@test "cscli collections install [collection]..." {
|
|
|
|
rune -1 cscli collections install
|
|
|
|
assert_stderr --partial 'requires at least 1 arg(s), only received 0'
|
|
|
|
|
|
|
|
# not in hub
|
|
|
|
rune -1 cscli collections install crowdsecurity/blahblah
|
|
|
|
assert_stderr --partial "can't find 'crowdsecurity/blahblah' in collections"
|
|
|
|
|
|
|
|
# simple install
|
|
|
|
rune -0 cscli collections install crowdsecurity/sshd
|
|
|
|
rune -0 cscli collections inspect crowdsecurity/sshd --no-metrics
|
|
|
|
assert_output --partial 'crowdsecurity/sshd'
|
|
|
|
assert_output --partial 'installed: true'
|
|
|
|
|
|
|
|
# autocorrect
|
|
|
|
rune -1 cscli collections install crowdsecurity/ssshd
|
2023-11-06 16:35:33 +00:00
|
|
|
assert_stderr --partial "can't find 'crowdsecurity/ssshd' in collections, did you mean 'crowdsecurity/sshd'?"
|
2023-10-16 11:12:53 +00:00
|
|
|
|
|
|
|
# install multiple
|
|
|
|
rune -0 cscli collections install crowdsecurity/sshd crowdsecurity/smb
|
|
|
|
rune -0 cscli collections inspect crowdsecurity/sshd --no-metrics
|
|
|
|
assert_output --partial 'crowdsecurity/sshd'
|
|
|
|
assert_output --partial 'installed: true'
|
|
|
|
rune -0 cscli collections inspect crowdsecurity/smb --no-metrics
|
|
|
|
assert_output --partial 'crowdsecurity/smb'
|
|
|
|
assert_output --partial 'installed: true'
|
|
|
|
}
|
|
|
|
|
|
|
|
@test "cscli collections install [collection]... (file location and download-only)" {
|
|
|
|
# simple install
|
|
|
|
rune -0 cscli collections install crowdsecurity/linux --download-only
|
|
|
|
rune -0 cscli collections inspect crowdsecurity/linux --no-metrics
|
|
|
|
assert_output --partial 'crowdsecurity/linux'
|
|
|
|
assert_output --partial 'installed: false'
|
|
|
|
assert_file_exists "$HUB_DIR/collections/crowdsecurity/linux.yaml"
|
|
|
|
assert_file_not_exists "$CONFIG_DIR/collections/linux.yaml"
|
|
|
|
|
|
|
|
rune -0 cscli collections install crowdsecurity/linux
|
|
|
|
assert_file_exists "$CONFIG_DIR/collections/linux.yaml"
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
@test "cscli collections inspect [collection]..." {
|
|
|
|
rune -1 cscli collections inspect
|
|
|
|
assert_stderr --partial 'requires at least 1 arg(s), only received 0'
|
2023-10-30 16:23:50 +00:00
|
|
|
# required for metrics
|
2023-10-16 11:12:53 +00:00
|
|
|
./instance-crowdsec start
|
|
|
|
|
|
|
|
rune -1 cscli collections inspect blahblah/blahblah
|
|
|
|
assert_stderr --partial "can't find 'blahblah/blahblah' in collections"
|
|
|
|
|
|
|
|
# one item
|
|
|
|
rune -0 cscli collections inspect crowdsecurity/sshd --no-metrics
|
|
|
|
assert_line 'type: collections'
|
|
|
|
assert_line 'name: crowdsecurity/sshd'
|
|
|
|
assert_line 'author: crowdsecurity'
|
|
|
|
assert_line 'remote_path: collections/crowdsecurity/sshd.yaml'
|
|
|
|
assert_line 'installed: false'
|
|
|
|
refute_line --partial 'Current metrics:'
|
|
|
|
|
|
|
|
# one item, with metrics
|
|
|
|
rune -0 cscli collections inspect crowdsecurity/sshd
|
|
|
|
assert_line --partial 'Current metrics:'
|
|
|
|
|
|
|
|
# one item, json
|
|
|
|
rune -0 cscli collections inspect crowdsecurity/sshd -o json
|
|
|
|
rune -0 jq -c '[.type, .name, .author, .path, .installed]' <(output)
|
|
|
|
# XXX: .installed is missing -- not false
|
|
|
|
assert_json '["collections","crowdsecurity/sshd","crowdsecurity","collections/crowdsecurity/sshd.yaml",null]'
|
|
|
|
|
|
|
|
# one item, raw
|
|
|
|
rune -0 cscli collections inspect crowdsecurity/sshd -o raw
|
|
|
|
assert_line 'type: collections'
|
|
|
|
assert_line 'name: crowdsecurity/sshd'
|
|
|
|
assert_line 'author: crowdsecurity'
|
|
|
|
assert_line 'remote_path: collections/crowdsecurity/sshd.yaml'
|
|
|
|
assert_line 'installed: false'
|
|
|
|
refute_line --partial 'Current metrics:'
|
|
|
|
|
|
|
|
# multiple items
|
|
|
|
rune -0 cscli collections inspect crowdsecurity/sshd crowdsecurity/smb --no-metrics
|
|
|
|
assert_output --partial 'crowdsecurity/sshd'
|
|
|
|
assert_output --partial 'crowdsecurity/smb'
|
|
|
|
rune -1 grep -c 'Current metrics:' <(output)
|
|
|
|
assert_output "0"
|
|
|
|
|
|
|
|
# multiple items, with metrics
|
|
|
|
rune -0 cscli collections inspect crowdsecurity/sshd crowdsecurity/smb
|
|
|
|
rune -0 grep -c 'Current metrics:' <(output)
|
|
|
|
assert_output "2"
|
|
|
|
|
|
|
|
# multiple items, json
|
|
|
|
rune -0 cscli collections inspect crowdsecurity/sshd crowdsecurity/smb -o json
|
|
|
|
rune -0 jq -sc '[.[] | [.type, .name, .author, .path, .installed]]' <(output)
|
|
|
|
assert_json '[["collections","crowdsecurity/sshd","crowdsecurity","collections/crowdsecurity/sshd.yaml",null],["collections","crowdsecurity/smb","crowdsecurity","collections/crowdsecurity/smb.yaml",null]]'
|
|
|
|
|
|
|
|
# multiple items, raw
|
|
|
|
rune -0 cscli collections inspect crowdsecurity/sshd crowdsecurity/smb -o raw
|
|
|
|
assert_output --partial 'crowdsecurity/sshd'
|
|
|
|
assert_output --partial 'crowdsecurity/smb'
|
|
|
|
run -1 grep -c 'Current metrics:' <(output)
|
|
|
|
assert_output "0"
|
|
|
|
}
|
|
|
|
|
|
|
|
@test "cscli collections remove [collection]..." {
|
|
|
|
rune -1 cscli collections remove
|
|
|
|
assert_stderr --partial "specify at least one collection to remove or '--all'"
|
|
|
|
rune -1 cscli collections remove blahblah/blahblah
|
|
|
|
assert_stderr --partial "can't find 'blahblah/blahblah' in collections"
|
|
|
|
|
|
|
|
rune -0 cscli collections remove crowdsecurity/sshd
|
2023-10-30 16:23:50 +00:00
|
|
|
assert_stderr --partial 'removing crowdsecurity/sshd: not downloaded -- no removal required'
|
|
|
|
|
|
|
|
rune -0 cscli collections install crowdsecurity/sshd --download-only
|
|
|
|
rune -0 cscli collections remove crowdsecurity/sshd
|
|
|
|
assert_stderr --partial 'removing crowdsecurity/sshd: already uninstalled'
|
|
|
|
rune -0 cscli collections remove crowdsecurity/sshd --purge
|
|
|
|
assert_stderr --partial 'Removed source file [crowdsecurity/sshd]'
|
2023-10-16 11:12:53 +00:00
|
|
|
|
|
|
|
# install, then remove, check files
|
|
|
|
rune -0 cscli collections install crowdsecurity/sshd
|
|
|
|
assert_file_exists "$CONFIG_DIR/collections/sshd.yaml"
|
|
|
|
rune -0 cscli collections remove crowdsecurity/sshd
|
|
|
|
assert_file_not_exists "$CONFIG_DIR/collections/sshd.yaml"
|
|
|
|
|
|
|
|
# delete is an alias for remove
|
|
|
|
rune -0 cscli collections install crowdsecurity/sshd
|
|
|
|
assert_file_exists "$CONFIG_DIR/collections/sshd.yaml"
|
|
|
|
rune -0 cscli collections delete crowdsecurity/sshd
|
|
|
|
assert_file_not_exists "$CONFIG_DIR/collections/sshd.yaml"
|
|
|
|
|
|
|
|
# purge
|
|
|
|
assert_file_exists "$HUB_DIR/collections/crowdsecurity/sshd.yaml"
|
|
|
|
rune -0 cscli collections remove crowdsecurity/sshd --purge
|
|
|
|
assert_file_not_exists "$HUB_DIR/collections/crowdsecurity/sshd.yaml"
|
|
|
|
|
|
|
|
rune -0 cscli collections install crowdsecurity/sshd crowdsecurity/smb
|
|
|
|
|
|
|
|
# --all
|
|
|
|
rune -0 cscli collections list -o raw
|
|
|
|
rune -0 grep -vc 'name,status,version,description' <(output)
|
|
|
|
assert_output "2"
|
|
|
|
|
|
|
|
rune -0 cscli collections remove --all
|
|
|
|
|
|
|
|
rune -0 cscli collections list -o raw
|
|
|
|
rune -1 grep -vc 'name,status,version,description' <(output)
|
|
|
|
assert_output "0"
|
|
|
|
}
|
|
|
|
|
2023-10-30 16:23:50 +00:00
|
|
|
@test "cscli collections remove [collections]... --force" {
|
|
|
|
# remove a collections that belongs to a collection
|
2023-10-20 12:32:35 +00:00
|
|
|
rune -0 cscli collections install crowdsecurity/linux
|
|
|
|
rune -0 cscli collections remove crowdsecurity/sshd
|
|
|
|
assert_stderr --partial "crowdsecurity/sshd belongs to collections: [crowdsecurity/linux]"
|
|
|
|
assert_stderr --partial "Run 'sudo cscli collections remove crowdsecurity/sshd --force' if you want to force remove this collection"
|
|
|
|
}
|
|
|
|
|
2023-10-16 11:12:53 +00:00
|
|
|
@test "cscli collections upgrade [collection]..." {
|
|
|
|
rune -1 cscli collections upgrade
|
|
|
|
assert_stderr --partial "specify at least one collection to upgrade or '--all'"
|
2023-10-30 16:23:50 +00:00
|
|
|
rune -1 cscli collections upgrade blahblah/blahblah
|
2023-10-16 11:12:53 +00:00
|
|
|
assert_stderr --partial "can't find 'blahblah/blahblah' in collections"
|
2023-10-30 16:23:50 +00:00
|
|
|
rune -1 cscli collections upgrade crowdsecurity/exim
|
|
|
|
assert_stderr --partial "can't upgrade crowdsecurity/exim: not installed"
|
|
|
|
rune -0 cscli collections install crowdsecurity/exim --download-only
|
|
|
|
rune -1 cscli collections upgrade crowdsecurity/exim
|
|
|
|
assert_stderr --partial "can't upgrade crowdsecurity/exim: downloaded but not installed"
|
2023-10-16 11:12:53 +00:00
|
|
|
|
2023-10-30 16:23:50 +00:00
|
|
|
# hash of the string "v0.0"
|
|
|
|
sha256_0_0="dfebecf42784a31aa3d009dbcec0c657154a034b45f49cf22a895373f6dbf63d"
|
2023-10-16 11:12:53 +00:00
|
|
|
|
2023-10-30 16:23:50 +00:00
|
|
|
# add version 0.0 to all collections
|
|
|
|
new_hub=$(jq --arg DIGEST "$sha256_0_0" <"$HUB_DIR/.index.json" '.collections |= with_entries(.value.versions["0.0"] = {"digest": $DIGEST, "deprecated": false})')
|
2023-10-16 11:12:53 +00:00
|
|
|
echo "$new_hub" >"$HUB_DIR/.index.json"
|
|
|
|
|
|
|
|
rune -0 cscli collections install crowdsecurity/sshd
|
|
|
|
|
2023-10-30 16:23:50 +00:00
|
|
|
echo "v0.0" > "$CONFIG_DIR/collections/sshd.yaml"
|
2023-10-16 11:12:53 +00:00
|
|
|
rune -0 cscli collections inspect crowdsecurity/sshd -o json
|
|
|
|
rune -0 jq -e '.local_version=="0.0"' <(output)
|
|
|
|
|
|
|
|
# upgrade
|
|
|
|
rune -0 cscli collections upgrade crowdsecurity/sshd
|
|
|
|
rune -0 cscli collections inspect crowdsecurity/sshd -o json
|
|
|
|
rune -0 jq -e '.local_version==.version' <(output)
|
|
|
|
|
|
|
|
# taint
|
|
|
|
echo "dirty" >"$CONFIG_DIR/collections/sshd.yaml"
|
|
|
|
# XXX: should return error
|
|
|
|
rune -0 cscli collections upgrade crowdsecurity/sshd
|
|
|
|
assert_stderr --partial "crowdsecurity/sshd is tainted, --force to overwrite"
|
|
|
|
rune -0 cscli collections inspect crowdsecurity/sshd -o json
|
|
|
|
rune -0 jq -e '.local_version=="?"' <(output)
|
|
|
|
|
|
|
|
# force upgrade with taint
|
|
|
|
rune -0 cscli collections upgrade crowdsecurity/sshd --force
|
|
|
|
rune -0 cscli collections inspect crowdsecurity/sshd -o json
|
|
|
|
rune -0 jq -e '.local_version==.version' <(output)
|
|
|
|
|
|
|
|
# multiple items
|
|
|
|
rune -0 cscli collections install crowdsecurity/smb
|
2023-10-30 16:23:50 +00:00
|
|
|
echo "v0.0" >"$CONFIG_DIR/collections/sshd.yaml"
|
|
|
|
echo "v0.0" >"$CONFIG_DIR/collections/smb.yaml"
|
2023-10-16 11:12:53 +00:00
|
|
|
rune -0 cscli collections list -o json
|
2023-10-30 16:23:50 +00:00
|
|
|
rune -0 jq -e '[.collections[].local_version]==["0.0","0.0"]' <(output)
|
2023-10-16 11:12:53 +00:00
|
|
|
rune -0 cscli collections upgrade crowdsecurity/sshd crowdsecurity/smb
|
2023-10-30 16:23:50 +00:00
|
|
|
rune -0 cscli collections list -o json
|
|
|
|
rune -0 jq -e 'any(.collections[].local_version; .=="0.0") | not' <(output)
|
2023-10-16 11:12:53 +00:00
|
|
|
|
|
|
|
# upgrade all
|
2023-10-30 16:23:50 +00:00
|
|
|
echo "v0.0" >"$CONFIG_DIR/collections/sshd.yaml"
|
|
|
|
echo "v0.0" >"$CONFIG_DIR/collections/smb.yaml"
|
|
|
|
rune -0 cscli collections list -o json
|
|
|
|
rune -0 jq -e '[.collections[].local_version]==["0.0","0.0"]' <(output)
|
2023-10-16 11:12:53 +00:00
|
|
|
rune -0 cscli collections upgrade --all
|
2023-10-30 16:23:50 +00:00
|
|
|
rune -0 cscli collections list -o json
|
|
|
|
rune -0 jq -e 'any(.collections[].local_version; .=="0.0") | not' <(output)
|
2023-10-16 11:12:53 +00:00
|
|
|
}
|