beenull/crowdsec
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

func tests: enable capi only when needed (#1710)

Browse source
This commit is contained in:
mmetc 2022-08-16 10:17:21 +02:00 committed by GitHub
parent eea07b7a1a
commit 6b18674960
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
7 changed files with 74 additions and 90 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
tests/ansible/roles/make_fixture/tasks/main.yml
View file

@ -14,7 +14,8 @@
- name: "build crowdsec from sources, prepare test environment and fixture"
become: false
block:
- ansible.builtin.command:
- name: "make bats-build bats-fixture"
ansible.builtin.command:
cmd: "{{ make_cmd }} bats-build bats-fixture"
chdir: "{{ ansible_env.HOME }}/crowdsec"
creates: "{{ ansible_env.HOME }}/crowdsec/tests/local-init/init-config-data.tar"
@ -37,7 +38,8 @@
- name: "prepare test environment and fixture for binary package"
become: true
block:
- ansible.builtin.command:
- name: "make bats-environment bats-check-requirements bats-fixture"
ansible.builtin.command:
cmd: "{{ make_cmd }} bats-environment bats-check-requirements bats-fixture"
chdir: "{{ ansible_env.HOME }}/crowdsec"
creates: "{{ ansible_env.HOME }}/crowdsec/tests/local-init/init-config-data.tar"

34
tests/bats/01_base.bats
View file

@ -69,40 +69,6 @@ declare stderr
assert_line "Available Commands:"
}
@test "cscli alerts list: at startup returns at least one entry: community pull" {
run cscli alerts list -a -o json
if [[ "${status}" -ne 0 ]]; then
run cscli alerts list -o json
fi
run -0 jq -r '. | length' <(output)
refute_output 0
# if we want to trigger it here, we'll have to remove decisions, restart crowdsec and wait like this:
# loop_max=15
# for ((i = 0; i <= loop_max; i++)); do
# sleep 2
# run -0 cscli alerts list -o json
# [ "$output" != "null" ] && break
# done
# run -0 jq -r '. | length' <(output)
# refute_output 0
}
@test "cscli capi status" {
config_enable_capi
run -0 cscli capi status
assert_output --partial "Loaded credentials from"
assert_output --partial "Trying to authenticate with username"
assert_output --partial " on https://api.crowdsec.net/"
assert_output --partial "You can successfully interact with Central API (CAPI)"
ONLINE_API_CREDENTIALS_YAML="$(config_get '.api.server.online_client.credentials_path')"
rm "${ONLINE_API_CREDENTIALS_YAML}"
run -1 --separate-stderr cscli capi status
assert_stderr --partial "Local API is disabled, please run this command on the local API machine: loading online client credentials: failed to read api server credentials configuration file '${ONLINE_API_CREDENTIALS_YAML}': open ${ONLINE_API_CREDENTIALS_YAML}: no such file or directory"
}
@test "cscli config show -o human" {
run -0 cscli config show -o human
assert_output --partial "Global:"

8
tests/bats/03_noagent.bats
View file

@ -38,14 +38,6 @@ teardown() {
assert_stderr --partial "crowdsec agent is disabled"
}
@test "no agent: capi status should be ok" {
config_disable_agent
config_enable_capi
./instance-crowdsec start
run -0 --separate-stderr cscli capi status
assert_stderr --partial "You can successfully interact with Central API (CAPI)"
}
@test "no agent: cscli config show" {
config_disable_agent
run -0 --separate-stderr cscli config show -o human

67
tests/bats/04_capi.bats Normal file
View file

@ -0,0 +1,67 @@
#!/usr/bin/env bats
# vim: ft=bats:list:ts=8:sts=4:sw=4:et:ai:si:
set -u
setup_file() {
load "../lib/setup_file.sh"
./instance-data load
}
teardown_file() {
load "../lib/teardown_file.sh"
}
setup() {
load "../lib/setup.sh"
load "../lib/bats-file/load.bash"
}
#----------
@test "cscli capi status" {
config_enable_capi
run -0 cscli capi register --schmilblick githubciXXXXXXXXXXXXXXXXXXXXXXXX
run -0 cscli capi status
assert_output --partial "Loaded credentials from"
assert_output --partial "Trying to authenticate with username"
assert_output --partial " on https://api.crowdsec.net/"
assert_output --partial "You can successfully interact with Central API (CAPI)"
}
@test "cscli alerts list: receive a community pull when capi is enabled" {
sleep 2
./instance-crowdsec start
for ((i=0; i<15; i++)); do
sleep 2
[[ $(cscli alerts list -a -o json 2>/dev/null || cscli alerts list -o json) != "null" ]] && break
done
run cscli alerts list -a -o json
if [[ "${status}" -ne 0 ]]; then
run cscli alerts list -o json
fi
run -0 jq -r '. | length' <(output)
refute_output 0
}
@test "we have exactly one machine, localhost" {
run -0 cscli machines list -o json
run -0 jq -c '[. | length, .[0].machineId[0:32], .[0].isValidated, .[0].ipAddress]' <(output)
assert_output '[1,"githubciXXXXXXXXXXXXXXXXXXXXXXXX",true,"127.0.0.1"]'
}
@test "no agent: capi status should be ok" {
./instance-crowdsec stop
config_disable_agent
./instance-crowdsec start
run -0 --separate-stderr cscli capi status
assert_stderr --partial "You can successfully interact with Central API (CAPI)"
}
@test "cscli capi status: fails without credentials" {
ONLINE_API_CREDENTIALS_YAML="$(config_get '.api.server.online_client.credentials_path')"
rm "${ONLINE_API_CREDENTIALS_YAML}"
run -1 --separate-stderr cscli capi status
assert_stderr --partial "Local API is disabled, please run this command on the local API machine: loading online client credentials: failed to read api server credentials configuration file '${ONLINE_API_CREDENTIALS_YAML}': open ${ONLINE_API_CREDENTIALS_YAML}: no such file or directory"
}

12
tests/bats/30_machines.bats
View file

@ -27,16 +27,10 @@ teardown() {
run -0 cscli machines list
}
@test "we have exactly one machine, localhost" {
@test "we have exactly one machine" {
run -0 cscli machines list -o json
run -0 jq -c '[. | length, .[0].machineId[0:32], .[0].isValidated, .[0].ipAddress]' <(output)
assert_output '[1,"githubciXXXXXXXXXXXXXXXXXXXXXXXX",true,"127.0.0.1"]'
# the machine gets an IP address when it talks to the LAPI
# XXX already done in instance-data make
#run -0 cscli lapi status
#run -0 cscli machines list -o json
#run -0 jq -r '.[0].ipAddress' <(output)
#assert_output '127.0.0.1'
run -0 jq -c '[. | length, .[0].machineId[0:32], .[0].isValidated]' <(output)
assert_output '[1,"githubciXXXXXXXXXXXXXXXXXXXXXXXX",true]'
}
@test "add a new machine and delete it" {

18
tests/lib/config/config-global
View file

@ -63,24 +63,6 @@ make_init_data() {
[[ "${DB_BACKEND}" == "sqlite" ]] || ${CSCLI} machines add --auto
"${TEST_DIR}/instance-crowdsec" start
[[ "${DB_BACKEND}" =~ ^postgres|pgx$ ]] && sleep 4
"${CSCLI}" lapi status
# a restart is required to receive community pull
"${TEST_DIR}/instance-crowdsec" stop
sleep 2
"${TEST_DIR}/instance-crowdsec" start
for ((i=0; i<15; i++)); do
sleep 2
[[ $("${CSCLI}" alerts list -a -o json 2>/dev/null || "${CSCLI}" alerts list -o json) != "null" ]] && break
done
# shellcheck disable=SC2181
[[ "$?" -ne "0" ]] && die "could not get community data"
"${TEST_DIR}/instance-crowdsec" stop
mkdir -p "${LOCAL_INIT_DIR}"
./instance-db dump "${LOCAL_INIT_DIR}/database"

19
tests/lib/config/config-local
View file

@ -104,28 +104,9 @@ make_init_data() {
./instance-db setup
"${CSCLI}" machines add githubciXXXXXXXXXXXXXXXXXXXXXXXX --auto
"${CSCLI}" capi register --schmilblick githubciXXXXXXXXXXXXXXXXXXXXXXXX
"${CSCLI}" hub update
"${CSCLI}" collections install crowdsecurity/linux
"${TEST_DIR}/instance-crowdsec" start
[[ "${DB_BACKEND}" =~ ^postgres|pgx$ ]] && sleep 4
"${CSCLI}" lapi status
# a restart is required to receive community pull
"${TEST_DIR}/instance-crowdsec" stop
sleep 2
"${TEST_DIR}/instance-crowdsec" start
for ((i=0; i<15; i++)); do
sleep 2
[[ $("${CSCLI}" alerts list -a -o json 2>/dev/null || "${CSCLI}" alerts list -o json) != "null" ]] && break
done
# shellcheck disable=SC2181
[[ "$?" -ne "0" ]] && die "could not get community data"
"${TEST_DIR}/instance-crowdsec" stop
mkdir -p "${LOCAL_INIT_DIR}"
./instance-db dump "${LOCAL_INIT_DIR}/database"