beenull/crowdsec
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

cscli: cleaner output

Browse source
This commit is contained in:
marco 2024-04-25 23:45:30 +02:00
parent c4473839c4
commit 9acd23d0ac
13 changed files with 45 additions and 54 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
cmd/crowdsec-cli/capi.go
View file

@ -194,15 +194,15 @@ func (cli *cliCapi) status() error {
Scenarios: scenarios, Scenarios: scenarios,
} }
log.Infof("Loaded credentials from %s", cfg.API.Server.OnlineClient.CredentialsFilePath) fmt.Printf("Loaded credentials from %s\n", cfg.API.Server.OnlineClient.CredentialsFilePath)
log.Infof("Trying to authenticate with username %s on %s", cfg.API.Server.OnlineClient.Credentials.Login, apiurl) fmt.Printf("Trying to authenticate with username %s on %s\n", cfg.API.Server.OnlineClient.Credentials.Login, apiurl)
_, _, err = Client.Auth.AuthenticateWatcher(context.Background(), t) _, _, err = Client.Auth.AuthenticateWatcher(context.Background(), t)
if err != nil { if err != nil {
return fmt.Errorf("failed to authenticate to Central API (CAPI): %w", err) return fmt.Errorf("failed to authenticate to Central API (CAPI): %w", err)
} }
log.Info("You can successfully interact with Central API (CAPI)") fmt.Println("You can successfully interact with Central API (CAPI)")
return nil return nil
} }

6
cmd/crowdsec-cli/lapi.go
View file

@ -75,16 +75,16 @@ func (cli *cliLapi) status() error {
Scenarios: scenarios, Scenarios: scenarios,
} }
log.Infof("Loaded credentials from %s", cfg.API.Client.CredentialsFilePath) fmt.Printf("Loaded credentials from %s\n", cfg.API.Client.CredentialsFilePath)
// use the original string because apiURL would print 'http://unix/' // use the original string because apiURL would print 'http://unix/'
log.Infof("Trying to authenticate with username %s on %s", login, origURL) fmt.Printf("Trying to authenticate with username %s on %s\n", login, origURL)
_, _, err = Client.Auth.AuthenticateWatcher(context.Background(), t) _, _, err = Client.Auth.AuthenticateWatcher(context.Background(), t)
if err != nil { if err != nil {
return fmt.Errorf("failed to authenticate to Local API (LAPI): %w", err) return fmt.Errorf("failed to authenticate to Local API (LAPI): %w", err)
} }
log.Infof("You can successfully interact with Local API (LAPI)") fmt.Println("You can successfully interact with Local API (LAPI)")
return nil return nil
} }

4
cmd/crowdsec-cli/main.go
View file

@ -278,6 +278,8 @@ It is meant to allow you to manage bans, parsers/scenarios/etc, api and generall
func main() { func main() {
cmd := newCliRoot().NewCommand() cmd := newCliRoot().NewCommand()
if err := cmd.Execute(); err != nil { if err := cmd.Execute(); err != nil {
log.Fatal(err) color.New(color.FgRed).Fprint(os.Stderr, "Error: ")
fmt.Fprintln(os.Stderr, err)
os.Exit(1)
} }
} }

21
test/bats/01_cscli.bats
View file

@ -34,8 +34,7 @@ teardown() {
# no "usage" output after every error # no "usage" output after every error
rune -1 cscli blahblah rune -1 cscli blahblah
# error is displayed as log entry, not with print # error is displayed as log entry, not with print
assert_stderr --partial 'level=fatal msg="unknown command \"blahblah\" for \"cscli\""' assert_stderr --partial 'Error: unknown command "blahblah" for "cscli"'
refute_stderr --partial 'unknown command "blahblah" for "cscli"'
} }
@test "cscli version" { @test "cscli version" {
@ -214,9 +213,9 @@ teardown() {
rune -0 ./instance-crowdsec start rune -0 ./instance-crowdsec start
rune -0 cscli lapi status rune -0 cscli lapi status
assert_stderr --partial "Loaded credentials from" assert_output --partial "Loaded credentials from"
assert_stderr --partial "Trying to authenticate with username" assert_output --partial "Trying to authenticate with username"
assert_stderr --partial "You can successfully interact with Local API (LAPI)" assert_output --partial "You can successfully interact with Local API (LAPI)"
} }
@test "cscli - missing LAPI credentials file" { @test "cscli - missing LAPI credentials file" {
@ -261,9 +260,8 @@ teardown() {
LOCAL_API_CREDENTIALS=$(config_get '.api.client.credentials_path') LOCAL_API_CREDENTIALS=$(config_get '.api.client.credentials_path')
config_set "${LOCAL_API_CREDENTIALS}" '.url="http://127.0.0.1:-80"' config_set "${LOCAL_API_CREDENTIALS}" '.url="http://127.0.0.1:-80"'
rune -1 cscli lapi status -o json rune -1 cscli lapi status
rune -0 jq -r '.msg' <(stderr) assert_stderr 'Error: parsing api url: parse "http://127.0.0.1:-80/": invalid port ":-80" after host'
assert_output 'parsing api url: parse "http://127.0.0.1:-80/": invalid port ":-80" after host'
} }
@test "cscli - bad LAPI password" { @test "cscli - bad LAPI password" {
@ -271,9 +269,8 @@ teardown() {
LOCAL_API_CREDENTIALS=$(config_get '.api.client.credentials_path') LOCAL_API_CREDENTIALS=$(config_get '.api.client.credentials_path')
config_set "${LOCAL_API_CREDENTIALS}" '.password="meh"' config_set "${LOCAL_API_CREDENTIALS}" '.password="meh"'
rune -1 cscli lapi status -o json rune -1 cscli lapi status
rune -0 jq -r '.msg' <(stderr) assert_stderr 'Error: failed to authenticate to Local API (LAPI): API error: incorrect Username or Password'
assert_output 'failed to authenticate to Local API (LAPI): API error: incorrect Username or Password'
} }
@test "'cscli completion' with or without configuration file" { @test "'cscli completion' with or without configuration file" {
@ -355,7 +352,7 @@ teardown() {
# it is possible to enable subcommands with feature flags defined in feature.yaml # it is possible to enable subcommands with feature flags defined in feature.yaml
rune -1 cscli setup rune -1 cscli setup
assert_stderr --partial 'unknown command \"setup\" for \"cscli\"' assert_stderr 'Error: unknown command "setup" for "cscli"'
CONFIG_DIR=$(dirname "$CONFIG_YAML") CONFIG_DIR=$(dirname "$CONFIG_YAML")
echo ' - cscli_setup' >> "$CONFIG_DIR"/feature.yaml echo ' - cscli_setup' >> "$CONFIG_DIR"/feature.yaml
rune -0 cscli setup rune -0 cscli setup

2
test/bats/03_noagent.bats
View file

@ -76,7 +76,7 @@ teardown() {
config_disable_agent config_disable_agent
./instance-crowdsec start ./instance-crowdsec start
rune -0 cscli lapi status rune -0 cscli lapi status
assert_stderr --partial "You can successfully interact with Local API (LAPI)" assert_line "You can successfully interact with Local API (LAPI)"
} }
@test "cscli metrics" { @test "cscli metrics" {

10
test/bats/04_capi.bats
View file

@ -55,10 +55,10 @@ setup() {
rune -0 cscli scenarios install crowdsecurity/ssh-bf rune -0 cscli scenarios install crowdsecurity/ssh-bf
rune -0 cscli capi status rune -0 cscli capi status
assert_stderr --partial "Loaded credentials from" assert_output --partial "Loaded credentials from"
assert_stderr --partial "Trying to authenticate with username" assert_output --partial "Trying to authenticate with username"
assert_stderr --partial " on https://api.crowdsec.net/" assert_output --partial " on https://api.crowdsec.net/"
assert_stderr --partial "You can successfully interact with Central API (CAPI)" assert_output --partial "You can successfully interact with Central API (CAPI)"
} }
@test "cscli alerts list: receive a community pull when capi is enabled" { @test "cscli alerts list: receive a community pull when capi is enabled" {
@ -85,7 +85,7 @@ setup() {
config_disable_agent config_disable_agent
./instance-crowdsec start ./instance-crowdsec start
rune -0 cscli capi status rune -0 cscli capi status
assert_stderr --partial "You can successfully interact with Central API (CAPI)" assert_line "You can successfully interact with Central API (CAPI)"
} }
@test "capi register must be run from lapi" { @test "capi register must be run from lapi" {

2
test/bats/04_nocapi.bats
View file

@ -66,7 +66,7 @@ teardown() {
config_disable_capi config_disable_capi
./instance-crowdsec start ./instance-crowdsec start
rune -0 cscli lapi status rune -0 cscli lapi status
assert_stderr --partial "You can successfully interact with Local API (LAPI)" assert_line "You can successfully interact with Local API (LAPI)"
} }
@test "cscli metrics" { @test "cscli metrics" {

2
test/bats/08_metrics.bats
View file

@ -25,7 +25,7 @@ teardown() {
@test "cscli metrics (crowdsec not running)" { @test "cscli metrics (crowdsec not running)" {
rune -1 cscli metrics rune -1 cscli metrics
# crowdsec is down # crowdsec is down
assert_stderr --partial 'failed to fetch metrics: executing GET request for URL \"http://127.0.0.1:6060/metrics\" failed: Get \"http://127.0.0.1:6060/metrics\": dial tcp 127.0.0.1:6060: connect: connection refused' assert_stderr --partial 'Error: failed to fetch metrics: executing GET request for URL "http://127.0.0.1:6060/metrics" failed: Get "http://127.0.0.1:6060/metrics": dial tcp 127.0.0.1:6060: connect: connection refused'
} }
@test "cscli metrics (bad configuration)" { @test "cscli metrics (bad configuration)" {

12
test/bats/09_socket.bats
View file

@ -37,22 +37,22 @@ teardown() {
./instance-crowdsec start ./instance-crowdsec start
rune -0 cscli lapi status rune -0 cscli lapi status
assert_stderr --regexp "Trying to authenticate with username .* on $socket" assert_output --regexp "Trying to authenticate with username .* on $socket"
assert_stderr --partial "You can successfully interact with Local API (LAPI)" assert_line "You can successfully interact with Local API (LAPI)"
} }
@test "crowdsec - listen on both socket and TCP" { @test "crowdsec - listen on both socket and TCP" {
./instance-crowdsec start ./instance-crowdsec start
rune -0 cscli lapi status rune -0 cscli lapi status
assert_stderr --regexp "Trying to authenticate with username .* on http://127.0.0.1:8080/" assert_output --regexp "Trying to authenticate with username .* on http://127.0.0.1:8080/"
assert_stderr --partial "You can successfully interact with Local API (LAPI)" assert_line "You can successfully interact with Local API (LAPI)"
config_set "$LOCAL_API_CREDENTIALS" ".url=strenv(socket)" config_set "$LOCAL_API_CREDENTIALS" ".url=strenv(socket)"
rune -0 cscli lapi status rune -0 cscli lapi status
assert_stderr --regexp "Trying to authenticate with username .* on $socket" assert_output --regexp "Trying to authenticate with username .* on $socket"
assert_stderr --partial "You can successfully interact with Local API (LAPI)" assert_line "You can successfully interact with Local API (LAPI)"
} }
@test "cscli - authenticate new machine with socket" { @test "cscli - authenticate new machine with socket" {

7
test/bats/10_bouncers.bats
View file

@ -56,12 +56,9 @@ teardown() {
@test "we can't add the same bouncer twice" { @test "we can't add the same bouncer twice" {
rune -0 cscli bouncers add ciTestBouncer rune -0 cscli bouncers add ciTestBouncer
rune -1 cscli bouncers add ciTestBouncer -o json rune -1 cscli bouncers add ciTestBouncer
# XXX temporary hack to filter out unwanted log lines that may appear before assert_stderr 'Error: unable to create bouncer: bouncer ciTestBouncer already exists'
# log configuration (= not json)
rune -0 jq -c '[.level,.msg]' <(stderr | grep "^{")
assert_output '["fatal","unable to create bouncer: bouncer ciTestBouncer already exists"]'
rune -0 cscli bouncers list -o json rune -0 cscli bouncers list -o json
rune -0 jq '. | length' <(output) rune -0 jq '. | length' <(output)

6
test/bats/20_hub_items.bats
View file

@ -80,10 +80,8 @@ teardown() {
echo "$new_hub" >"$INDEX_PATH" echo "$new_hub" >"$INDEX_PATH"
rune -0 cscli collections install crowdsecurity/sshd rune -0 cscli collections install crowdsecurity/sshd
rune -1 cscli collections inspect crowdsecurity/sshd --no-metrics -o json rune -1 cscli collections inspect crowdsecurity/sshd --no-metrics
# XXX: we are on the verbose side here... assert_stderr --regexp "Error: failed to read Hub index: failed to sync items: failed to scan .*: while syncing collections sshd.yaml: 1.2.3.4: Invalid Semantic Version. Run 'sudo cscli hub update' to download the index again"
rune -0 jq -r ".msg" <(stderr)
assert_output --regexp "failed to read Hub index: failed to sync items: failed to scan .*: while syncing collections sshd.yaml: 1.2.3.4: Invalid Semantic Version. Run 'sudo cscli hub update' to download the index again"
} }
@test "removing or purging an item already removed by hand" { @test "removing or purging an item already removed by hand" {

5
test/bats/30_machines.bats
View file

@ -30,9 +30,8 @@ teardown() {
} }
@test "don't overwrite local credentials by default" { @test "don't overwrite local credentials by default" {
rune -1 cscli machines add local -a -o json rune -1 cscli machines add local -a
rune -0 jq -r '.msg' <(stderr) assert_stderr --regexp 'Error: credentials file '.*' already exists: please remove it, use "--force" or specify a different file with "-f"'
assert_output --partial 'already exists: please remove it, use "--force" or specify a different file with "-f"'
rune -0 cscli machines add local -a --force rune -0 cscli machines add local -a --force
assert_stderr --partial "Machine 'local' successfully added to the local API." assert_stderr --partial "Machine 'local' successfully added to the local API."
} }

16
test/bats/90_decisions.bats
View file

@ -34,9 +34,8 @@ teardown() {
assert_line "Usage:" assert_line "Usage:"
assert_stderr --partial "missing arguments, a value is required (--ip, --range or --scope and --value)" assert_stderr --partial "missing arguments, a value is required (--ip, --range or --scope and --value)"
rune -1 cscli decisions add -o json rune -1 cscli decisions add
rune -0 jq -c '[ .level, .msg]' <(stderr | grep "^{") assert_stderr 'Error: missing arguments, a value is required (--ip, --range or --scope and --value)'
assert_output '["fatal","missing arguments, a value is required (--ip, --range or --scope and --value)"]'
} }
@test "cscli decisions list, with and without --machine" { @test "cscli decisions list, with and without --machine" {
@ -62,20 +61,19 @@ teardown() {
@test "cscli decisions list, incorrect parameters" { @test "cscli decisions list, incorrect parameters" {
rune -1 cscli decisions list --until toto rune -1 cscli decisions list --until toto
assert_stderr --partial 'unable to retrieve decisions: performing request: API error: while parsing duration: time: invalid duration \"toto\"' assert_stderr 'Error: unable to retrieve decisions: performing request: API error: while parsing duration: time: invalid duration "toto"'
rune -1 cscli decisions list --until toto -o json rune -1 cscli decisions list --until toto
rune -0 jq -c '[.level, .msg]' <(stderr | grep "^{") assert_stderr 'Error: unable to retrieve decisions: performing request: API error: while parsing duration: time: invalid duration "toto"'
assert_output '["fatal","unable to retrieve decisions: performing request: API error: while parsing duration: time: invalid duration \"toto\""]'
} }
@test "cscli decisions import" { @test "cscli decisions import" {
# required input # required input
rune -1 cscli decisions import rune -1 cscli decisions import
assert_stderr --partial 'required flag(s) \"input\" not set"' assert_stderr --partial 'Error: required flag(s) "input" not set'
# unsupported format # unsupported format
rune -1 cscli decisions import -i - <<<'value\n5.6.7.8' --format xml rune -1 cscli decisions import -i - <<<'value\n5.6.7.8' --format xml
assert_stderr --partial "invalid format 'xml', expected one of 'json', 'csv', 'values'" assert_stderr "Error: invalid format 'xml', expected one of 'json', 'csv', 'values'"
# invalid defaults # invalid defaults
rune -1 cscli decisions import --duration "" -i - <<<'value\n5.6.7.8' --format csv rune -1 cscli decisions import --duration "" -i - <<<'value\n5.6.7.8' --format csv