From 6b186749604663b87b3e58754a274a316989c9e9 Mon Sep 17 00:00:00 2001 From: mmetc <92726601+mmetc@users.noreply.github.com> Date: Tue, 16 Aug 2022 10:17:21 +0200 Subject: [PATCH] func tests: enable capi only when needed (#1710) --- .../ansible/roles/make_fixture/tasks/main.yml | 6 +- tests/bats/01_base.bats | 34 ---------- tests/bats/03_noagent.bats | 8 --- tests/bats/04_capi.bats | 67 +++++++++++++++++++ tests/bats/30_machines.bats | 12 +--- tests/lib/config/config-global | 18 ----- tests/lib/config/config-local | 19 ------ 7 files changed, 74 insertions(+), 90 deletions(-) create mode 100644 tests/bats/04_capi.bats diff --git a/tests/ansible/roles/make_fixture/tasks/main.yml b/tests/ansible/roles/make_fixture/tasks/main.yml index ae3ab4307..56e953b7d 100644 --- a/tests/ansible/roles/make_fixture/tasks/main.yml +++ b/tests/ansible/roles/make_fixture/tasks/main.yml @@ -14,7 +14,8 @@ - name: "build crowdsec from sources, prepare test environment and fixture" become: false block: - - ansible.builtin.command: + - name: "make bats-build bats-fixture" + ansible.builtin.command: cmd: "{{ make_cmd }} bats-build bats-fixture" chdir: "{{ ansible_env.HOME }}/crowdsec" creates: "{{ ansible_env.HOME }}/crowdsec/tests/local-init/init-config-data.tar" @@ -37,7 +38,8 @@ - name: "prepare test environment and fixture for binary package" become: true block: - - ansible.builtin.command: + - name: "make bats-environment bats-check-requirements bats-fixture" + ansible.builtin.command: cmd: "{{ make_cmd }} bats-environment bats-check-requirements bats-fixture" chdir: "{{ ansible_env.HOME }}/crowdsec" creates: "{{ ansible_env.HOME }}/crowdsec/tests/local-init/init-config-data.tar" diff --git a/tests/bats/01_base.bats b/tests/bats/01_base.bats index 0e318ab7b..77b51847e 100644 --- a/tests/bats/01_base.bats +++ b/tests/bats/01_base.bats @@ -69,40 +69,6 @@ declare stderr assert_line "Available Commands:" } -@test "cscli alerts list: at startup returns at least one entry: community pull" { - run cscli alerts list -a -o json - if [[ "${status}" -ne 0 ]]; then - run cscli alerts list -o json - fi - run -0 jq -r '. | length' <(output) - refute_output 0 - - # if we want to trigger it here, we'll have to remove decisions, restart crowdsec and wait like this: - # loop_max=15 - # for ((i = 0; i <= loop_max; i++)); do - # sleep 2 - # run -0 cscli alerts list -o json - # [ "$output" != "null" ] && break - # done - # run -0 jq -r '. | length' <(output) - # refute_output 0 -} - -@test "cscli capi status" { - config_enable_capi - - run -0 cscli capi status - assert_output --partial "Loaded credentials from" - assert_output --partial "Trying to authenticate with username" - assert_output --partial " on https://api.crowdsec.net/" - assert_output --partial "You can successfully interact with Central API (CAPI)" - - ONLINE_API_CREDENTIALS_YAML="$(config_get '.api.server.online_client.credentials_path')" - rm "${ONLINE_API_CREDENTIALS_YAML}" - run -1 --separate-stderr cscli capi status - assert_stderr --partial "Local API is disabled, please run this command on the local API machine: loading online client credentials: failed to read api server credentials configuration file '${ONLINE_API_CREDENTIALS_YAML}': open ${ONLINE_API_CREDENTIALS_YAML}: no such file or directory" -} - @test "cscli config show -o human" { run -0 cscli config show -o human assert_output --partial "Global:" diff --git a/tests/bats/03_noagent.bats b/tests/bats/03_noagent.bats index 060692073..d9150afb6 100644 --- a/tests/bats/03_noagent.bats +++ b/tests/bats/03_noagent.bats @@ -38,14 +38,6 @@ teardown() { assert_stderr --partial "crowdsec agent is disabled" } -@test "no agent: capi status should be ok" { - config_disable_agent - config_enable_capi - ./instance-crowdsec start - run -0 --separate-stderr cscli capi status - assert_stderr --partial "You can successfully interact with Central API (CAPI)" -} - @test "no agent: cscli config show" { config_disable_agent run -0 --separate-stderr cscli config show -o human diff --git a/tests/bats/04_capi.bats b/tests/bats/04_capi.bats new file mode 100644 index 000000000..e7e1f9866 --- /dev/null +++ b/tests/bats/04_capi.bats @@ -0,0 +1,67 @@ +#!/usr/bin/env bats +# vim: ft=bats:list:ts=8:sts=4:sw=4:et:ai:si: + +set -u + +setup_file() { + load "../lib/setup_file.sh" + ./instance-data load +} + +teardown_file() { + load "../lib/teardown_file.sh" +} + +setup() { + load "../lib/setup.sh" + load "../lib/bats-file/load.bash" +} + +#---------- + +@test "cscli capi status" { + config_enable_capi + run -0 cscli capi register --schmilblick githubciXXXXXXXXXXXXXXXXXXXXXXXX + run -0 cscli capi status + assert_output --partial "Loaded credentials from" + assert_output --partial "Trying to authenticate with username" + assert_output --partial " on https://api.crowdsec.net/" + assert_output --partial "You can successfully interact with Central API (CAPI)" +} + +@test "cscli alerts list: receive a community pull when capi is enabled" { + sleep 2 + ./instance-crowdsec start + for ((i=0; i<15; i++)); do + sleep 2 + [[ $(cscli alerts list -a -o json 2>/dev/null || cscli alerts list -o json) != "null" ]] && break + done + + run cscli alerts list -a -o json + if [[ "${status}" -ne 0 ]]; then + run cscli alerts list -o json + fi + run -0 jq -r '. | length' <(output) + refute_output 0 +} + +@test "we have exactly one machine, localhost" { + run -0 cscli machines list -o json + run -0 jq -c '[. | length, .[0].machineId[0:32], .[0].isValidated, .[0].ipAddress]' <(output) + assert_output '[1,"githubciXXXXXXXXXXXXXXXXXXXXXXXX",true,"127.0.0.1"]' +} + +@test "no agent: capi status should be ok" { + ./instance-crowdsec stop + config_disable_agent + ./instance-crowdsec start + run -0 --separate-stderr cscli capi status + assert_stderr --partial "You can successfully interact with Central API (CAPI)" +} + +@test "cscli capi status: fails without credentials" { + ONLINE_API_CREDENTIALS_YAML="$(config_get '.api.server.online_client.credentials_path')" + rm "${ONLINE_API_CREDENTIALS_YAML}" + run -1 --separate-stderr cscli capi status + assert_stderr --partial "Local API is disabled, please run this command on the local API machine: loading online client credentials: failed to read api server credentials configuration file '${ONLINE_API_CREDENTIALS_YAML}': open ${ONLINE_API_CREDENTIALS_YAML}: no such file or directory" +} diff --git a/tests/bats/30_machines.bats b/tests/bats/30_machines.bats index bcc568bb2..8af95913b 100644 --- a/tests/bats/30_machines.bats +++ b/tests/bats/30_machines.bats @@ -27,16 +27,10 @@ teardown() { run -0 cscli machines list } -@test "we have exactly one machine, localhost" { +@test "we have exactly one machine" { run -0 cscli machines list -o json - run -0 jq -c '[. | length, .[0].machineId[0:32], .[0].isValidated, .[0].ipAddress]' <(output) - assert_output '[1,"githubciXXXXXXXXXXXXXXXXXXXXXXXX",true,"127.0.0.1"]' - # the machine gets an IP address when it talks to the LAPI - # XXX already done in instance-data make - #run -0 cscli lapi status - #run -0 cscli machines list -o json - #run -0 jq -r '.[0].ipAddress' <(output) - #assert_output '127.0.0.1' + run -0 jq -c '[. | length, .[0].machineId[0:32], .[0].isValidated]' <(output) + assert_output '[1,"githubciXXXXXXXXXXXXXXXXXXXXXXXX",true]' } @test "add a new machine and delete it" { diff --git a/tests/lib/config/config-global b/tests/lib/config/config-global index 120054406..26c777fa6 100755 --- a/tests/lib/config/config-global +++ b/tests/lib/config/config-global @@ -63,24 +63,6 @@ make_init_data() { [[ "${DB_BACKEND}" == "sqlite" ]] || ${CSCLI} machines add --auto - "${TEST_DIR}/instance-crowdsec" start - [[ "${DB_BACKEND}" =~ ^postgres|pgx$ ]] && sleep 4 - "${CSCLI}" lapi status - - # a restart is required to receive community pull - "${TEST_DIR}/instance-crowdsec" stop - sleep 2 - "${TEST_DIR}/instance-crowdsec" start - - for ((i=0; i<15; i++)); do - sleep 2 - [[ $("${CSCLI}" alerts list -a -o json 2>/dev/null || "${CSCLI}" alerts list -o json) != "null" ]] && break - done - # shellcheck disable=SC2181 - [[ "$?" -ne "0" ]] && die "could not get community data" - - "${TEST_DIR}/instance-crowdsec" stop - mkdir -p "${LOCAL_INIT_DIR}" ./instance-db dump "${LOCAL_INIT_DIR}/database" diff --git a/tests/lib/config/config-local b/tests/lib/config/config-local index 99ccc8395..9b63c285d 100755 --- a/tests/lib/config/config-local +++ b/tests/lib/config/config-local @@ -104,28 +104,9 @@ make_init_data() { ./instance-db setup "${CSCLI}" machines add githubciXXXXXXXXXXXXXXXXXXXXXXXX --auto - "${CSCLI}" capi register --schmilblick githubciXXXXXXXXXXXXXXXXXXXXXXXX "${CSCLI}" hub update "${CSCLI}" collections install crowdsecurity/linux - "${TEST_DIR}/instance-crowdsec" start - [[ "${DB_BACKEND}" =~ ^postgres|pgx$ ]] && sleep 4 - "${CSCLI}" lapi status - - # a restart is required to receive community pull - "${TEST_DIR}/instance-crowdsec" stop - sleep 2 - "${TEST_DIR}/instance-crowdsec" start - - for ((i=0; i<15; i++)); do - sleep 2 - [[ $("${CSCLI}" alerts list -a -o json 2>/dev/null || "${CSCLI}" alerts list -o json) != "null" ]] && break - done - # shellcheck disable=SC2181 - [[ "$?" -ne "0" ]] && die "could not get community data" - - "${TEST_DIR}/instance-crowdsec" stop - mkdir -p "${LOCAL_INIT_DIR}" ./instance-db dump "${LOCAL_INIT_DIR}/database"