local api permissions
This commit is contained in:
parent
ef00f1b658
commit
d1b7ac16cf
|
@ -149,7 +149,7 @@ func runLapiRegister(cmd *cobra.Command, args []string) error {
|
||||||
log.Fatalf("unable to marshal api credentials: %s", err)
|
log.Fatalf("unable to marshal api credentials: %s", err)
|
||||||
}
|
}
|
||||||
if dumpFile != "" {
|
if dumpFile != "" {
|
||||||
err = os.WriteFile(dumpFile, apiConfigDump, 0644)
|
err = os.WriteFile(dumpFile, apiConfigDump, 0o600)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Fatalf("write api credentials in '%s' failed: %s", dumpFile, err)
|
log.Fatalf("write api credentials in '%s' failed: %s", dumpFile, err)
|
||||||
}
|
}
|
||||||
|
|
|
@ -290,7 +290,7 @@ func runMachinesAdd(cmd *cobra.Command, args []string) error {
|
||||||
if dumpFile == "" {
|
if dumpFile == "" {
|
||||||
fmt.Printf("%s\n", string(apiConfigDump))
|
fmt.Printf("%s\n", string(apiConfigDump))
|
||||||
} else {
|
} else {
|
||||||
err = os.WriteFile(dumpFile, apiConfigDump, 0644)
|
err = os.WriteFile(dumpFile, apiConfigDump, 0o600)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return fmt.Errorf("writing api credentials to '%s': %s", dumpFile, err)
|
return fmt.Errorf("writing api credentials to '%s': %s", dumpFile, err)
|
||||||
}
|
}
|
||||||
|
|
|
@ -13,6 +13,7 @@ teardown_file() {
|
||||||
|
|
||||||
setup() {
|
setup() {
|
||||||
load "../lib/setup.sh"
|
load "../lib/setup.sh"
|
||||||
|
load "../lib/bats-file/load.bash"
|
||||||
./instance-data load
|
./instance-data load
|
||||||
./instance-crowdsec start
|
./instance-crowdsec start
|
||||||
}
|
}
|
||||||
|
@ -46,11 +47,12 @@ teardown() {
|
||||||
rune -0 yq -o json . <(output)
|
rune -0 yq -o json . <(output)
|
||||||
assert_json '{login: "testmachine2", password: "testpassword", url: "http://127.0.0.1:8080"}'
|
assert_json '{login: "testmachine2", password: "testpassword", url: "http://127.0.0.1:8080"}'
|
||||||
|
|
||||||
tempfile="${BATS_TEST_DIRNAME}/testmachine.yml"
|
tempfile="${BATS_TEST_TMPDIR}/testmachine.yml"
|
||||||
rune -0 cscli machines add testmachine3 --password testpassword -f "${tempfile}"
|
rune -0 cscli machines add testmachine3 --password testpassword -f "${tempfile}"
|
||||||
assert_stderr --partial "API credentials dumped to '${tempfile}'"
|
assert_stderr --partial "API credentials dumped to '${tempfile}'"
|
||||||
rune -0 yq -o json . < "$tempfile"
|
rune -0 yq -o json . < "$tempfile"
|
||||||
assert_json '{login: "testmachine3", password: "testpassword", url: "http://127.0.0.1:8080"}'
|
assert_json '{login: "testmachine3", password: "testpassword", url: "http://127.0.0.1:8080"}'
|
||||||
|
assert_file_permission 600 "$tempfile"
|
||||||
}
|
}
|
||||||
|
|
||||||
@test "add a new machine and delete it" {
|
@test "add a new machine and delete it" {
|
||||||
|
|
Loading…
Reference in a new issue