func tests: enable capi only when needed (#1710)
This commit is contained in:
parent
eea07b7a1a
commit
6b18674960
|
@ -14,7 +14,8 @@
|
|||
- name: "build crowdsec from sources, prepare test environment and fixture"
|
||||
become: false
|
||||
block:
|
||||
- ansible.builtin.command:
|
||||
- name: "make bats-build bats-fixture"
|
||||
ansible.builtin.command:
|
||||
cmd: "{{ make_cmd }} bats-build bats-fixture"
|
||||
chdir: "{{ ansible_env.HOME }}/crowdsec"
|
||||
creates: "{{ ansible_env.HOME }}/crowdsec/tests/local-init/init-config-data.tar"
|
||||
|
@ -37,7 +38,8 @@
|
|||
- name: "prepare test environment and fixture for binary package"
|
||||
become: true
|
||||
block:
|
||||
- ansible.builtin.command:
|
||||
- name: "make bats-environment bats-check-requirements bats-fixture"
|
||||
ansible.builtin.command:
|
||||
cmd: "{{ make_cmd }} bats-environment bats-check-requirements bats-fixture"
|
||||
chdir: "{{ ansible_env.HOME }}/crowdsec"
|
||||
creates: "{{ ansible_env.HOME }}/crowdsec/tests/local-init/init-config-data.tar"
|
||||
|
|
|
@ -69,40 +69,6 @@ declare stderr
|
|||
assert_line "Available Commands:"
|
||||
}
|
||||
|
||||
@test "cscli alerts list: at startup returns at least one entry: community pull" {
|
||||
run cscli alerts list -a -o json
|
||||
if [[ "${status}" -ne 0 ]]; then
|
||||
run cscli alerts list -o json
|
||||
fi
|
||||
run -0 jq -r '. | length' <(output)
|
||||
refute_output 0
|
||||
|
||||
# if we want to trigger it here, we'll have to remove decisions, restart crowdsec and wait like this:
|
||||
# loop_max=15
|
||||
# for ((i = 0; i <= loop_max; i++)); do
|
||||
# sleep 2
|
||||
# run -0 cscli alerts list -o json
|
||||
# [ "$output" != "null" ] && break
|
||||
# done
|
||||
# run -0 jq -r '. | length' <(output)
|
||||
# refute_output 0
|
||||
}
|
||||
|
||||
@test "cscli capi status" {
|
||||
config_enable_capi
|
||||
|
||||
run -0 cscli capi status
|
||||
assert_output --partial "Loaded credentials from"
|
||||
assert_output --partial "Trying to authenticate with username"
|
||||
assert_output --partial " on https://api.crowdsec.net/"
|
||||
assert_output --partial "You can successfully interact with Central API (CAPI)"
|
||||
|
||||
ONLINE_API_CREDENTIALS_YAML="$(config_get '.api.server.online_client.credentials_path')"
|
||||
rm "${ONLINE_API_CREDENTIALS_YAML}"
|
||||
run -1 --separate-stderr cscli capi status
|
||||
assert_stderr --partial "Local API is disabled, please run this command on the local API machine: loading online client credentials: failed to read api server credentials configuration file '${ONLINE_API_CREDENTIALS_YAML}': open ${ONLINE_API_CREDENTIALS_YAML}: no such file or directory"
|
||||
}
|
||||
|
||||
@test "cscli config show -o human" {
|
||||
run -0 cscli config show -o human
|
||||
assert_output --partial "Global:"
|
||||
|
|
|
@ -38,14 +38,6 @@ teardown() {
|
|||
assert_stderr --partial "crowdsec agent is disabled"
|
||||
}
|
||||
|
||||
@test "no agent: capi status should be ok" {
|
||||
config_disable_agent
|
||||
config_enable_capi
|
||||
./instance-crowdsec start
|
||||
run -0 --separate-stderr cscli capi status
|
||||
assert_stderr --partial "You can successfully interact with Central API (CAPI)"
|
||||
}
|
||||
|
||||
@test "no agent: cscli config show" {
|
||||
config_disable_agent
|
||||
run -0 --separate-stderr cscli config show -o human
|
||||
|
|
67
tests/bats/04_capi.bats
Normal file
67
tests/bats/04_capi.bats
Normal file
|
@ -0,0 +1,67 @@
|
|||
#!/usr/bin/env bats
|
||||
# vim: ft=bats:list:ts=8:sts=4:sw=4:et:ai:si:
|
||||
|
||||
set -u
|
||||
|
||||
setup_file() {
|
||||
load "../lib/setup_file.sh"
|
||||
./instance-data load
|
||||
}
|
||||
|
||||
teardown_file() {
|
||||
load "../lib/teardown_file.sh"
|
||||
}
|
||||
|
||||
setup() {
|
||||
load "../lib/setup.sh"
|
||||
load "../lib/bats-file/load.bash"
|
||||
}
|
||||
|
||||
#----------
|
||||
|
||||
@test "cscli capi status" {
|
||||
config_enable_capi
|
||||
run -0 cscli capi register --schmilblick githubciXXXXXXXXXXXXXXXXXXXXXXXX
|
||||
run -0 cscli capi status
|
||||
assert_output --partial "Loaded credentials from"
|
||||
assert_output --partial "Trying to authenticate with username"
|
||||
assert_output --partial " on https://api.crowdsec.net/"
|
||||
assert_output --partial "You can successfully interact with Central API (CAPI)"
|
||||
}
|
||||
|
||||
@test "cscli alerts list: receive a community pull when capi is enabled" {
|
||||
sleep 2
|
||||
./instance-crowdsec start
|
||||
for ((i=0; i<15; i++)); do
|
||||
sleep 2
|
||||
[[ $(cscli alerts list -a -o json 2>/dev/null || cscli alerts list -o json) != "null" ]] && break
|
||||
done
|
||||
|
||||
run cscli alerts list -a -o json
|
||||
if [[ "${status}" -ne 0 ]]; then
|
||||
run cscli alerts list -o json
|
||||
fi
|
||||
run -0 jq -r '. | length' <(output)
|
||||
refute_output 0
|
||||
}
|
||||
|
||||
@test "we have exactly one machine, localhost" {
|
||||
run -0 cscli machines list -o json
|
||||
run -0 jq -c '[. | length, .[0].machineId[0:32], .[0].isValidated, .[0].ipAddress]' <(output)
|
||||
assert_output '[1,"githubciXXXXXXXXXXXXXXXXXXXXXXXX",true,"127.0.0.1"]'
|
||||
}
|
||||
|
||||
@test "no agent: capi status should be ok" {
|
||||
./instance-crowdsec stop
|
||||
config_disable_agent
|
||||
./instance-crowdsec start
|
||||
run -0 --separate-stderr cscli capi status
|
||||
assert_stderr --partial "You can successfully interact with Central API (CAPI)"
|
||||
}
|
||||
|
||||
@test "cscli capi status: fails without credentials" {
|
||||
ONLINE_API_CREDENTIALS_YAML="$(config_get '.api.server.online_client.credentials_path')"
|
||||
rm "${ONLINE_API_CREDENTIALS_YAML}"
|
||||
run -1 --separate-stderr cscli capi status
|
||||
assert_stderr --partial "Local API is disabled, please run this command on the local API machine: loading online client credentials: failed to read api server credentials configuration file '${ONLINE_API_CREDENTIALS_YAML}': open ${ONLINE_API_CREDENTIALS_YAML}: no such file or directory"
|
||||
}
|
|
@ -27,16 +27,10 @@ teardown() {
|
|||
run -0 cscli machines list
|
||||
}
|
||||
|
||||
@test "we have exactly one machine, localhost" {
|
||||
@test "we have exactly one machine" {
|
||||
run -0 cscli machines list -o json
|
||||
run -0 jq -c '[. | length, .[0].machineId[0:32], .[0].isValidated, .[0].ipAddress]' <(output)
|
||||
assert_output '[1,"githubciXXXXXXXXXXXXXXXXXXXXXXXX",true,"127.0.0.1"]'
|
||||
# the machine gets an IP address when it talks to the LAPI
|
||||
# XXX already done in instance-data make
|
||||
#run -0 cscli lapi status
|
||||
#run -0 cscli machines list -o json
|
||||
#run -0 jq -r '.[0].ipAddress' <(output)
|
||||
#assert_output '127.0.0.1'
|
||||
run -0 jq -c '[. | length, .[0].machineId[0:32], .[0].isValidated]' <(output)
|
||||
assert_output '[1,"githubciXXXXXXXXXXXXXXXXXXXXXXXX",true]'
|
||||
}
|
||||
|
||||
@test "add a new machine and delete it" {
|
||||
|
|
|
@ -63,24 +63,6 @@ make_init_data() {
|
|||
|
||||
[[ "${DB_BACKEND}" == "sqlite" ]] || ${CSCLI} machines add --auto
|
||||
|
||||
"${TEST_DIR}/instance-crowdsec" start
|
||||
[[ "${DB_BACKEND}" =~ ^postgres|pgx$ ]] && sleep 4
|
||||
"${CSCLI}" lapi status
|
||||
|
||||
# a restart is required to receive community pull
|
||||
"${TEST_DIR}/instance-crowdsec" stop
|
||||
sleep 2
|
||||
"${TEST_DIR}/instance-crowdsec" start
|
||||
|
||||
for ((i=0; i<15; i++)); do
|
||||
sleep 2
|
||||
[[ $("${CSCLI}" alerts list -a -o json 2>/dev/null || "${CSCLI}" alerts list -o json) != "null" ]] && break
|
||||
done
|
||||
# shellcheck disable=SC2181
|
||||
[[ "$?" -ne "0" ]] && die "could not get community data"
|
||||
|
||||
"${TEST_DIR}/instance-crowdsec" stop
|
||||
|
||||
mkdir -p "${LOCAL_INIT_DIR}"
|
||||
|
||||
./instance-db dump "${LOCAL_INIT_DIR}/database"
|
||||
|
|
|
@ -104,28 +104,9 @@ make_init_data() {
|
|||
./instance-db setup
|
||||
|
||||
"${CSCLI}" machines add githubciXXXXXXXXXXXXXXXXXXXXXXXX --auto
|
||||
"${CSCLI}" capi register --schmilblick githubciXXXXXXXXXXXXXXXXXXXXXXXX
|
||||
"${CSCLI}" hub update
|
||||
"${CSCLI}" collections install crowdsecurity/linux
|
||||
|
||||
"${TEST_DIR}/instance-crowdsec" start
|
||||
[[ "${DB_BACKEND}" =~ ^postgres|pgx$ ]] && sleep 4
|
||||
"${CSCLI}" lapi status
|
||||
|
||||
# a restart is required to receive community pull
|
||||
"${TEST_DIR}/instance-crowdsec" stop
|
||||
sleep 2
|
||||
"${TEST_DIR}/instance-crowdsec" start
|
||||
|
||||
for ((i=0; i<15; i++)); do
|
||||
sleep 2
|
||||
[[ $("${CSCLI}" alerts list -a -o json 2>/dev/null || "${CSCLI}" alerts list -o json) != "null" ]] && break
|
||||
done
|
||||
# shellcheck disable=SC2181
|
||||
[[ "$?" -ne "0" ]] && die "could not get community data"
|
||||
|
||||
"${TEST_DIR}/instance-crowdsec" stop
|
||||
|
||||
mkdir -p "${LOCAL_INIT_DIR}"
|
||||
|
||||
./instance-db dump "${LOCAL_INIT_DIR}/database"
|
||||
|
|
Loading…
Reference in a new issue