From 085dcc5eb6dd45b40df62e5989bf8e65b854f214 Mon Sep 17 00:00:00 2001
From: "Thibault \"bui\" Koechlin" <orixxx@gmail.com>
Date: Fri, 31 Jul 2020 16:16:23 +0200
Subject: [PATCH] add a basic functional tests in the CI (#169)

---
 .github/workflows/ci_functests-install.yml    | 86 +++++++++++++++++++
 .../workflows/{tests.yml => ci_go-test.yml}   |  0
 ...golangci-lint.yml => ci_golangci-lint.yml} |  0
 .../{hub-ci.yml => ci_hub-tests.yml}          |  6 ++
 ...ase-drafter.yml => ci_release-drafter.yml} |  0
 ...{dispatch.yaml => dispatch_hub-tests.yaml} |  0
 ...{build.yml => release_publish-package.yml} |  0
 pkg/cwplugin/backend.go                       |  3 +-
 8 files changed, 93 insertions(+), 2 deletions(-)
 create mode 100644 .github/workflows/ci_functests-install.yml
 rename .github/workflows/{tests.yml => ci_go-test.yml} (100%)
 rename .github/workflows/{golangci-lint.yml => ci_golangci-lint.yml} (100%)
 rename .github/workflows/{hub-ci.yml => ci_hub-tests.yml} (88%)
 rename .github/workflows/{release-drafter.yml => ci_release-drafter.yml} (100%)
 rename .github/workflows/{dispatch.yaml => dispatch_hub-tests.yaml} (100%)
 rename .github/workflows/{build.yml => release_publish-package.yml} (100%)

diff --git a/.github/workflows/ci_functests-install.yml b/.github/workflows/ci_functests-install.yml
new file mode 100644
index 000000000..39737d686
--- /dev/null
+++ b/.github/workflows/ci_functests-install.yml
@@ -0,0 +1,86 @@
+name: Hub-CI
+
+on:
+  push:
+    branches: [ functional_basic_tests ]
+  pull_request:
+    branches: [ functional_basic_tests ]
+
+jobs:
+  build:
+    name: Install generated release and perform basic tests
+    runs-on: ubuntu-latest
+    steps:
+    - name: Set up Go 1.13
+      uses: actions/setup-go@v1
+      with:
+        go-version: 1.13
+      id: go
+    - name: Check out code into the Go module directory
+      uses: actions/checkout@v2
+    - name: Build release
+      run: BUILD_VERSION=xxx make release
+    # - name: Cache release directory
+    #   uses: actions/cache@v2
+    #   with:
+    #     path: ./crowdsec-xxx
+    #     key: ${{ runner.os }}-crowdsec-xxx
+    - name: Install release
+      run: |
+        cd crowdsec-xxx
+        sudo ./wizard.sh --bininstall
+        sudo cscli update
+        sudo sed -i 's/api: true/api: false/g' /etc/crowdsec/config/default.yaml
+    - name: Install collection
+      run: |
+        sudo cscli list -a
+        sudo cscli install parser crowdsecurity/syslog-logs crowdsecurity/sshd-logs crowdsecurity/dateparse-enrich
+        sudo cscli install scenario crowdsecurity/ssh-bf
+    - name: Crowdsec Startup check
+      run: |
+        sudo crowdsec -c /etc/crowdsec/config/user.yaml -t 
+    - name: Generate fake ssh bf logs
+      run: |
+        for i in `seq 1 10` ; do 
+          echo `date '+%b %d %H:%M:%S '`'sd-126005 sshd[12422]: Invalid user netflix from 1.1.1.172 port 35424' >> ssh-bf.log
+        done;
+    - name: Process ssh-bf logs in time-machine
+      run: |
+        sudo crowdsec -c /etc/crowdsec/config/user.yaml -file ./ssh-bf.log -type syslog
+    - name: Cscli ban list check
+      run: |
+        sudo cscli ban list
+        sudo cscli ban list -o json | jq -e '.[].iptext == "1.1.1.172"'
+        sudo cscli ban list --range 1.1.1.0/24 -o json | jq -e '.[].iptext == "1.1.1.172"'
+    - name: Cscli ban del check
+      run: |
+        sudo cscli ban del ip 1.1.1.172
+        sudo cscli -c /etc/crowdsec/config/user.yaml ban list -o json | jq -e '. == null'
+    - name: Service start
+      run: |
+        sudo rm -f /etc/crowdsec/config/acquis.yaml 
+        touch /tmp/test.log
+        echo "filename: /tmp/test.log" | sudo tee -a /etc/crowdsec/config/acquis.yaml > /dev/null
+        echo "labels:" | sudo tee -a /etc/crowdsec/config/acquis.yaml > /dev/null
+        echo "  type: syslog" | sudo tee -a /etc/crowdsec/config/acquis.yaml > /dev/null
+        sudo systemctl restart crowdsec
+    - name: Service status check
+      run: |
+        sleep 3
+        sudo cat /var/log/crowdsec.log
+        sudo systemctl status crowdsec
+        sudo cscli metrics
+    - name: Inject logs
+      run: |
+        cat ssh-bf.log >> /tmp/test.log
+        sleep 1
+    - name: Check results
+      run: |
+        sudo cscli ban list
+        sudo cscli ban list -o json | jq -e '.[].iptext == "1.1.1.172"'
+        sudo cat /var/log/crowdsec.log
+    - name: Check metrics
+      run: |
+        sudo cscli metrics
+          
+
diff --git a/.github/workflows/tests.yml b/.github/workflows/ci_go-test.yml
similarity index 100%
rename from .github/workflows/tests.yml
rename to .github/workflows/ci_go-test.yml
diff --git a/.github/workflows/golangci-lint.yml b/.github/workflows/ci_golangci-lint.yml
similarity index 100%
rename from .github/workflows/golangci-lint.yml
rename to .github/workflows/ci_golangci-lint.yml
diff --git a/.github/workflows/hub-ci.yml b/.github/workflows/ci_hub-tests.yml
similarity index 88%
rename from .github/workflows/hub-ci.yml
rename to .github/workflows/ci_hub-tests.yml
index 88824bd4b..27f07f1e0 100644
--- a/.github/workflows/hub-ci.yml
+++ b/.github/workflows/ci_hub-tests.yml
@@ -20,6 +20,12 @@ jobs:
       uses: actions/checkout@v2
     - name: Build release
       run: BUILD_VERSION=xxx make release
+    # - name: Cache release
+    #   uses: actions/cache@v2
+    #   id: cache
+    #   with:
+    #     path: crowdsec-xxx
+    #     key: ${{ runner.os }}-${{ hashFiles('**/lockfiles') }}
     - name: clone and build hub CI tool
       run: |
         git clone https://github.com/crowdsecurity/hub-tests.git
diff --git a/.github/workflows/release-drafter.yml b/.github/workflows/ci_release-drafter.yml
similarity index 100%
rename from .github/workflows/release-drafter.yml
rename to .github/workflows/ci_release-drafter.yml
diff --git a/.github/workflows/dispatch.yaml b/.github/workflows/dispatch_hub-tests.yaml
similarity index 100%
rename from .github/workflows/dispatch.yaml
rename to .github/workflows/dispatch_hub-tests.yaml
diff --git a/.github/workflows/build.yml b/.github/workflows/release_publish-package.yml
similarity index 100%
rename from .github/workflows/build.yml
rename to .github/workflows/release_publish-package.yml
diff --git a/pkg/cwplugin/backend.go b/pkg/cwplugin/backend.go
index 6ea41e1ce..9f0d2e6af 100644
--- a/pkg/cwplugin/backend.go
+++ b/pkg/cwplugin/backend.go
@@ -50,7 +50,6 @@ func NewBackendPlugin(outputConfig map[string]string) (*BackendManager, error) {
 	} else {
 		return nil, fmt.Errorf("missing 'backend' (path to backend plugins)")
 	}
-	//var path = output.BackendFolder
 	err := filepath.Walk(path, func(path string, info os.FileInfo, err error) error {
 		if filepath.Ext(path) == ".yaml" {
 			files = append(files, path)
@@ -113,7 +112,7 @@ func NewBackendPlugin(outputConfig map[string]string) (*BackendManager, error) {
 			newPlugin.Config["max_records_age"] = v
 		}
 
-		if v, ok := outputConfig["flush"]; ok && v == "true" {
+		if v, ok := outputConfig["flush"]; ok && v != "" {
 			newPlugin.Config["flush"] = v
 		}
 		err = newPlugin.funcs.Init(newPlugin.Config)