config_get, config_set test helpers (#1632)

tests/bats/01_base.bats

@@ -95,7 +95,7 @@ declare stderr
     assert_output --partial " on https://api.crowdsec.net/"
     assert_output --partial "You can successfully interact with Central API (CAPI)"
 
-    ONLINE_API_CREDENTIALS_YAML="$(config_yq '.api.server.online_client.credentials_path')"
+    ONLINE_API_CREDENTIALS_YAML="$(config_get '.api.server.online_client.credentials_path')"
     rm "${ONLINE_API_CREDENTIALS_YAML}"
     run -1 --separate-stderr cscli capi status
     run -0 echo "${stderr}"
@@ -164,7 +164,7 @@ declare stderr
     assert_output --partial "Failed to backup configurations"
     assert_output --partial "file exists"
 
-    SIMULATION_YAML="$(config_yq '.config_paths.simulation_path')"
+    SIMULATION_YAML="$(config_get '.config_paths.simulation_path')"
 
     # restore
     rm "${SIMULATION_YAML}"
@@ -193,7 +193,7 @@ declare stderr
 }
 
 @test "cscli - missing LAPI credentials file" {
-    LOCAL_API_CREDENTIALS=$(config_yq '.api.client.credentials_path')
+    LOCAL_API_CREDENTIALS=$(config_get '.api.client.credentials_path')
     rm -f "${LOCAL_API_CREDENTIALS}"
     run -1 --separate-stderr cscli lapi status
     run -0 echo "${stderr}"
@@ -209,7 +209,7 @@ declare stderr
 }
 
 @test "cscli - empty LAPI credentials file" {
-    LOCAL_API_CREDENTIALS=$(config_yq '.api.client.credentials_path')
+    LOCAL_API_CREDENTIALS=$(config_get '.api.client.credentials_path')
     truncate -s 0 "${LOCAL_API_CREDENTIALS}"
     run -1 --separate-stderr cscli lapi status
     run -0 echo "${stderr}"
@@ -225,7 +225,7 @@ declare stderr
 }
 
 @test "cscli - missing LAPI client settings" {
-    yq e 'del(.api.client)' -i "${CONFIG_YAML}"
+    config_set 'del(.api.client)'
     run -1 --separate-stderr cscli lapi status
     run -0 echo "${stderr}"
     assert_output --partial "loading api client: no API client section in configuration"
@@ -240,8 +240,8 @@ declare stderr
 }
 
 @test "cscli - malformed LAPI url" {
-    LOCAL_API_CREDENTIALS=$(config_yq '.api.client.credentials_path')
+    LOCAL_API_CREDENTIALS=$(config_get '.api.client.credentials_path')
-    yq e '.url="https://127.0.0.1:-80"' -i "${LOCAL_API_CREDENTIALS}"
+    config_set "${LOCAL_API_CREDENTIALS}" '.url="https://127.0.0.1:-80"'
 
     run -1 --separate-stderr cscli lapi status
     run -0 echo "${stderr}"

tests/bats/01_crowdsec.bats

@@ -57,7 +57,7 @@ declare stderr
 
 @test "crowdsec - print error on exit" {
     # errors that cause program termination are printed to stderr, not only logs
-    yq e '.db_config.type="meh"' -i "${CONFIG_YAML}"
+    config_set '.db_config.type="meh"'
     run -1 --separate-stderr "${BIN_DIR}/crowdsec"
     refute_output
     run -0 echo "${stderr}"

tests/bats/02_nolapi.bats

@@ -35,7 +35,7 @@ declare stderr
 }
 
 @test "crowdsec should not run without LAPI (no api.server in configuration file)" {
-    yq e 'del(.api.server)' -i "${CONFIG_YAML}"
+    config_set 'del(.api.server)'
     run -1 --separate-stderr timeout 2s "${CROWDSEC}"
 
     run -0 echo "${stderr}"
@@ -43,7 +43,7 @@ declare stderr
 }
 
 @test "capi status shouldn't be ok without api.server" {
-    yq e 'del(.api.server)' -i "${CONFIG_YAML}"
+    config_set 'del(.api.server)'
     run -1 --separate-stderr cscli capi status
 
     run -0 echo "${stderr}"
@@ -52,7 +52,7 @@ declare stderr
 }
 
 @test "cscli config show -o human" {
-    yq e 'del(.api.server)' -i "${CONFIG_YAML}"
+    config_set 'del(.api.server)'
     run -0 cscli config show -o human
     assert_output --partial "Global:"
     assert_output --partial "Crowdsec:"
@@ -61,7 +61,7 @@ declare stderr
 }
 
 @test "cscli config backup" {
-    yq e 'del(.api.server)' -i "${CONFIG_YAML}"
+    config_set 'del(.api.server)'
     backupdir=$(TMPDIR="${BATS_TEST_TMPDIR}" mktemp -u)
     run -0 cscli config backup "${backupdir}"
     assert_output --partial "Starting configuration backup"
@@ -74,7 +74,7 @@ declare stderr
 }
 
 @test "lapi status shouldn't be ok without api.server" {
-    yq e 'del(.api.server)' -i "${CONFIG_YAML}"
+    config_set 'del(.api.server)'
     ./instance-crowdsec start || true
     run -1 --separate-stderr cscli machines list
     run -0 echo "${stderr}"
@@ -83,7 +83,7 @@ declare stderr
 
 @test "cscli metrics" {
     skip 'need to trigger metrics with a live parse'
-    yq e 'del(.api.server)' -i "${CONFIG_YAML}"
+    config_set 'del(.api.server)'
     ./instance-crowdsec start
     run -0 --separate-stderr cscli metrics
     assert_output --partial "ROUTE"

tests/bats/03_noagent.bats

@@ -25,7 +25,7 @@ declare stderr
 #----------
 
 config_disable_agent() {
-    yq e 'del(.crowdsec_service)' -i "${CONFIG_YAML}"
+    config_set 'del(.crowdsec_service)'
 }
 
 @test "with agent: test without -no-cs flag" {

tests/bats/04_nocapi.bats

@@ -25,7 +25,7 @@ declare stderr
 #----------
 
 config_disable_capi() {
-    yq e 'del(.api.server.online_client)' -i "${CONFIG_YAML}"
+    config_set 'del(.api.server.online_client)'
 }
 
 @test "without capi: crowdsec LAPI should run without capi (-no-capi flag)" {

tests/bats/05_config_yaml_local.bats

@@ -20,7 +20,7 @@ teardown_file() {
 setup() {
     load "../lib/setup.sh"
     ./instance-data load
-    run -0 yq e '.api.client.credentials_path' "${CONFIG_YAML}"
+    run -0 config_get '.api.client.credentials_path'
     LOCAL_API_CREDENTIALS="${output}"
     export LOCAL_API_CREDENTIALS
 }
@@ -32,7 +32,7 @@ teardown() {
 #----------
 
 @test "config.yaml.local - cscli (log_level)" {
-    yq e '.common.log_level="warning"' -i "${CONFIG_YAML}"
+    config_set '.common.log_level="warning"'
     run -0 cscli config show --key Config.Common.LogLevel
     assert_output "warning"
 
@@ -42,7 +42,7 @@ teardown() {
 }
 
 @test "config.yaml.local - cscli (log_level - with envvar)" {
-    yq e '.common.log_level="warning"' -i "${CONFIG_YAML}"
+    config_set '.common.log_level="warning"'
     run -0 cscli config show --key Config.Common.LogLevel
     assert_output "warning"
 
@@ -54,7 +54,7 @@ teardown() {
 
 @test "config.yaml.local - crowdsec (listen_url)" {
     # disable the agent or we'll need to patch api client credentials too
-    run -0 yq e 'del(.crowdsec_service)' -i "${CONFIG_YAML}"
+    run -0 config_set 'del(.crowdsec_service)'
     ./instance-crowdsec start
     run -0 ./lib/util/wait-for-port -q 8080
     ./instance-crowdsec stop
@@ -74,7 +74,7 @@ teardown() {
 }
 
 @test "local_api_credentials.yaml.local" {
-    run -0 yq e 'del(.crowdsec_service)' -i "${CONFIG_YAML}"
+    run -0 config_set 'del(.crowdsec_service)'
     echo "{'api':{'server':{'listen_uri':127.0.0.1:8083}}}" >"${CONFIG_YAML}.local"
     ./instance-crowdsec start
     run -0 ./lib/util/wait-for-port -q 8083
@@ -86,7 +86,7 @@ teardown() {
 }
 
 @test "simulation.yaml.local" {
-    run -0 yq e '.config_paths.simulation_path' "${CONFIG_YAML}"
+    run -0 config_get '.config_paths.simulation_path'
     refute_output null
     SIMULATION="${output}"
 
@@ -108,7 +108,7 @@ teardown() {
 }
 
 @test "profiles.yaml.local" {
-    run -0 yq e '.api.server.profiles_path' "${CONFIG_YAML}"
+    run -0 config_get '.api.server.profiles_path'
     refute_output null
     PROFILES="${output}"
 
@@ -124,7 +124,7 @@ teardown() {
 
     tmpfile=$(TMPDIR="${BATS_TEST_TMPDIR}" mktemp)
     touch "${tmpfile}"
-    ACQUIS_YAML=$(config_yq '.crowdsec_service.acquisition_path')
+    ACQUIS_YAML=$(config_get '.crowdsec_service.acquisition_path')
     echo -e "---\nfilename: ${tmpfile}\nlabels:\n  type: syslog\n" >>"${ACQUIS_YAML}"
 
     ./instance-crowdsec start

tests/bats/11_bouncers_tls.bats

@@ -4,7 +4,7 @@
 set -u
 
 config_disable_agent() {
-    yq e 'del(.crowdsec_service)' -i "${CONFIG_YAML}"
+    config_set 'del(.crowdsec_service)'
 }
 
 setup_file() {
@@ -37,13 +37,13 @@ setup_file() {
     echo "ibase=16; ${serial}" | bc >"${tmpdir}/serials.txt"
     cfssl gencrl "${tmpdir}/serials.txt" "${tmpdir}/ca.pem" "${tmpdir}/ca-key.pem" | base64 -d | openssl crl -inform DER -out "${tmpdir}/crl.pem"
 
-    yq e '
+    config_set '
         .api.server.tls.cert_file=strenv(tmpdir) + "/server.pem" |
         .api.server.tls.key_file=strenv(tmpdir) + "/server-key.pem" |
         .api.server.tls.ca_cert_path=strenv(tmpdir) + "/inter.pem" |
         .api.server.tls.crl_path=strenv(tmpdir) + "/crl.pem" | 
         .api.server.tls.bouncers_allowed_ou=["bouncer-ou"]
-    ' -i "${CONFIG_YAML}"
+    '
 
     config_disable_agent
 }

tests/bats/30_machines_tls.bats

@@ -4,7 +4,7 @@
 set -u
 
 config_disable_agent() {
-    yq e 'del(.crowdsec_service)' -i "${CONFIG_YAML}"
+    config_set 'del(.crowdsec_service)'
 }
 
 setup_file() {
@@ -40,13 +40,13 @@ setup_file() {
     echo "ibase=16; ${serial}" | bc >"${tmpdir}/serials.txt"
     cfssl gencrl "${tmpdir}/serials.txt" "${tmpdir}/ca.pem" "${tmpdir}/ca-key.pem" | base64 -d | openssl crl -inform DER -out "${tmpdir}/crl.pem"
 
-    yq e '
+    config_set '
         .api.server.tls.cert_file=strenv(tmpdir) + "/server.pem" |
         .api.server.tls.key_file=strenv(tmpdir) + "/server-key.pem" |
         .api.server.tls.ca_cert_path=strenv(tmpdir) + "/inter.pem" |
         .api.server.tls.crl_path=strenv(tmpdir) + "/crl.pem" | 
         .api.server.tls.agents_allowed_ou=["agent-ou"]
-    ' -i "${CONFIG_YAML}"
+    '
 
     run -0 cscli machines delete githubciXXXXXXXXXXXXXXXXXXXXXXXX
     config_disable_agent
@@ -68,28 +68,28 @@ teardown() {
 #----------
 
 @test "invalid OU for agent" {
-    yq e '
+    config_set "${CONFIG_DIR}/local_api_credentials.yaml" '
         .ca_cert_path=strenv(tmpdir) + "/inter.pem" |
         .key_path=strenv(tmpdir) + "/agent_bad_ou-key.pem" |
         .cert_path=strenv(tmpdir) + "/agent_bad_ou.pem" |
         .url="https://127.0.0.1:8080"
-    ' -i "${CONFIG_DIR}/local_api_credentials.yaml"
+    '
 
-    yq e 'del(.login,.password)' -i "${CONFIG_DIR}/local_api_credentials.yaml"
+    config_set "${CONFIG_DIR}/local_api_credentials.yaml" 'del(.login,.password)'
     ./instance-crowdsec start
     run -0 cscli machines list -o json
     assert_output '[]'
 }
 
 @test "we have exactly one machine registered with TLS" {
-    yq e '
+    config_set "${CONFIG_DIR}/local_api_credentials.yaml" '
         .ca_cert_path=strenv(tmpdir) + "/inter.pem" |
         .key_path=strenv(tmpdir) + "/agent-key.pem" |
         .cert_path=strenv(tmpdir) + "/agent.pem" |
         .url="https://127.0.0.1:8080"
-    ' -i "${CONFIG_DIR}/local_api_credentials.yaml"
+    '
 
-    yq e 'del(.login,.password)' -i "${CONFIG_DIR}/local_api_credentials.yaml"
+    config_set "${CONFIG_DIR}/local_api_credentials.yaml" 'del(.login,.password)'
     ./instance-crowdsec start
     run -0 cscli lapi status
     run -0 cscli machines list -o json
@@ -100,28 +100,27 @@ teardown() {
 }
 
 @test "invalid cert for agent" {
-    yq e '
+    config_set "${CONFIG_DIR}/local_api_credentials.yaml" '
         .ca_cert_path=strenv(tmpdir) + "/inter.pem" |
         .key_path=strenv(tmpdir) + "/agent_invalid-key.pem" |
         .cert_path=strenv(tmpdir) + "/agent_invalid.pem" |
         .url="https://127.0.0.1:8080"
-    ' -i "${CONFIG_DIR}/local_api_credentials.yaml"
+    '
-
+    config_set "${CONFIG_DIR}/local_api_credentials.yaml" 'del(.login,.password)'
-    yq e 'del(.login,.password)' -i "${CONFIG_DIR}/local_api_credentials.yaml"
     ./instance-crowdsec start
     run -0 cscli machines list -o json
     assert_output '[]'
 }
 
 @test "revoked cert for agent" {
-    yq e '
+    config_set "${CONFIG_DIR}/local_api_credentials.yaml" '
-        .ca_cert_path=strenv(tmpdir) + "/inter.pem" |
+         .ca_cert_path=strenv(tmpdir) + "/inter.pem" |
         .key_path=strenv(tmpdir) + "/agent_revoked-key.pem" |
         .cert_path=strenv(tmpdir) + "/agent_revoked.pem" |
         .url="https://127.0.0.1:8080"
-    ' -i "${CONFIG_DIR}/local_api_credentials.yaml"
+    '
 
-    yq e 'del(.login,.password)' -i "${CONFIG_DIR}/local_api_credentials.yaml"
+    config_set "${CONFIG_DIR}/local_api_credentials.yaml" 'del(.login,.password)'
     ./instance-crowdsec start
     run -0 cscli machines list -o json
     assert_output '[]'

tests/bats/40_live-ban.bats

@@ -32,7 +32,7 @@ teardown() {
 @test "1.1.1.172 has been banned" {
     tmpfile=$(TMPDIR="${BATS_TEST_TMPDIR}" mktemp)
     touch "${tmpfile}"
-    ACQUIS_YAML=$(config_yq '.crowdsec_service.acquisition_path')
+    ACQUIS_YAML=$(config_get '.crowdsec_service.acquisition_path')
     echo -e "---\nfilename: ${tmpfile}\nlabels:\n  type: syslog\n" >>"${ACQUIS_YAML}"
 
     ./instance-crowdsec start

tests/bats/70_http_plugin.bats

@@ -13,27 +13,27 @@ setup_file() {
     MOCK_PORT="9999"
     MOCK_URL="http://localhost:${MOCK_PORT}"
     export MOCK_URL
-    PLUGIN_DIR=$(config_yq '.config_paths.plugin_dir')
+    PLUGIN_DIR=$(config_get '.config_paths.plugin_dir')
     # could have a trailing slash
     PLUGIN_DIR=$(realpath -s "${PLUGIN_DIR}")
     export PLUGIN_DIR
 
     # https://mikefarah.gitbook.io/yq/operators/env-variable-operators
-    yq e '
+    config_set "$(config_get '.config_paths.notification_dir')/http.yaml" '
         .url=strenv(MOCK_URL) |
         .group_wait="5s" |
         .group_threshold=2
-    ' -i "$(config_yq '.config_paths.notification_dir')/http.yaml"
+    '
 
-    yq e '
+    config_set "$(config_get '.api.server.profiles_path')" '
         .notifications=["http_default"] |
         .filters=["Alert.GetScope() == \"Ip\""]
-    ' -i "$(config_yq '.api.server.profiles_path')"
+    '
 
-    yq e '
+    config_set '
         .plugin_config.user="" |
         .plugin_config.group=""
-    ' -i "${CONFIG_YAML}"
+    '
 
     rm -f -- "${MOCK_OUT}"
 

tests/bats/71_dummy_plugin.bats

@@ -15,14 +15,14 @@ setup_file() {
     tempfile2=$(TMPDIR="${BATS_FILE_TMPDIR}" mktemp)
     export tempfile2
 
-    DUMMY_YAML="$(config_yq '.config_paths.notification_dir')/dummy.yaml"
+    DUMMY_YAML="$(config_get '.config_paths.notification_dir')/dummy.yaml"
 
-    yq e '
+    config_set "${DUMMY_YAML}" '
        .group_wait="5s" |
        .group_threshold=2 |
        .output_file=strenv(tempfile) |
        .format="{{.|toJson}}"
-       ' -i "${DUMMY_YAML}"
+    '
 
     cat <<-EOT >>"${DUMMY_YAML}"
 	---
@@ -33,15 +33,15 @@ setup_file() {
 	output_file: ${tempfile2}
 	EOT
 
-    yq e '
+    config_set "$(config_get '.api.server.profiles_path')" '
        .notifications=["dummy_default","dummy_2"] |
        .filters=["Alert.GetScope() == \"Ip\""]
-       ' -i "$(config_yq '.api.server.profiles_path')"
+    '
 
-    yq e '
+    config_set '
        .plugin_config.user="" |
        .plugin_config.group=""
-       ' -i "${CONFIG_YAML}"
+    '
 
     ./instance-crowdsec start
 }

tests/bats/72_plugin_badconfig.bats

@@ -6,12 +6,12 @@ set -u
 setup_file() {
     load "../lib/setup_file.sh"
 
-    PLUGIN_DIR=$(config_yq '.config_paths.plugin_dir')
+    PLUGIN_DIR=$(config_get '.config_paths.plugin_dir')
     # could have a trailing slash
     PLUGIN_DIR=$(realpath -s "${PLUGIN_DIR}")
     export PLUGIN_DIR
 
-    PROFILES_PATH=$(config_yq '.api.server.profiles_path')
+    PROFILES_PATH=$(config_get '.api.server.profiles_path')
     export PROFILES_PATH
 }
 
@@ -35,39 +35,39 @@ declare stderr
 #----------
 
 @test "misconfigured plugin, only user is empty" {
-    yq e '.plugin_config.user="" | .plugin_config.group="nogroup"' -i "${CONFIG_YAML}"
+    config_set '.plugin_config.user="" | .plugin_config.group="nogroup"'
-    yq e '.notifications=["http_default"]' -i "${PROFILES_PATH}"
+    config_set "${PROFILES_PATH}" '.notifications=["http_default"]'
     run -1 --separate-stderr timeout 2s "${CROWDSEC}"
     run -0 echo "${stderr}"
     assert_output --partial "api server init: unable to run local API: while loading plugin: while getting process attributes: both plugin user and group must be set"
 }
 
 @test "misconfigured plugin, only group is empty" {
-    yq e '(.plugin_config.user="nobody") | (.plugin_config.group="")' -i "${CONFIG_YAML}"
+    config_set '(.plugin_config.user="nobody") | (.plugin_config.group="")'
-    yq e '.notifications=["http_default"]' -i "${PROFILES_PATH}"
+    config_set "${PROFILES_PATH}" '.notifications=["http_default"]'
     run -1 --separate-stderr timeout 2s "${CROWDSEC}"
     run -0 echo "${stderr}"
     assert_output --partial "api server init: unable to run local API: while loading plugin: while getting process attributes: both plugin user and group must be set"
 }
 
 @test "misconfigured plugin, user does not exist" {
-    yq e '(.plugin_config.user="userdoesnotexist") | (.plugin_config.group="groupdoesnotexist")' -i "${CONFIG_YAML}"
+    config_set '(.plugin_config.user="userdoesnotexist") | (.plugin_config.group="groupdoesnotexist")'
-    yq e '.notifications=["http_default"]' -i "${PROFILES_PATH}"
+    config_set "${PROFILES_PATH}" '.notifications=["http_default"]'
     run -1 --separate-stderr timeout 2s "${CROWDSEC}"
     run -0 echo "${stderr}"
     assert_output --partial "api server init: unable to run local API: while loading plugin: while getting process attributes: user: unknown user userdoesnotexist"
 }
 
 @test "misconfigured plugin, group does not exist" {
-    yq e '(.plugin_config.user=strenv(USER)) | (.plugin_config.group="groupdoesnotexist")' -i "${CONFIG_YAML}"
+    config_set '(.plugin_config.user=strenv(USER)) | (.plugin_config.group="groupdoesnotexist")'
-    yq e '.notifications=["http_default"]' -i "${PROFILES_PATH}"
+    config_set "${PROFILES_PATH}" '.notifications=["http_default"]'
     run -1 --separate-stderr timeout 2s "${CROWDSEC}"
     run -0 echo "${stderr}"
     assert_output --partial "api server init: unable to run local API: while loading plugin: while getting process attributes: group: unknown group groupdoesnotexist"
 }
 
 @test "bad plugin name" {
-    yq e '.notifications=["http_default"]' -i "${PROFILES_PATH}"
+    config_set "${PROFILES_PATH}" '.notifications=["http_default"]'
     cp "${PLUGIN_DIR}"/notification-http "${PLUGIN_DIR}"/badname
     run -1 --separate-stderr timeout 2s "${CROWDSEC}"
     run -0 echo "${stderr}"
@@ -75,7 +75,7 @@ declare stderr
 }
 
 @test "bad plugin permission (group writable)" {
-    yq e '.notifications=["http_default"]' -i "${PROFILES_PATH}"
+    config_set "${PROFILES_PATH}" '.notifications=["http_default"]'
     chmod g+w "${PLUGIN_DIR}"/notification-http
     run -1 --separate-stderr timeout 2s "${CROWDSEC}"
     run -0 echo "${stderr}"
@@ -83,7 +83,7 @@ declare stderr
 }
 
 @test "bad plugin permission (world writable)" {
-    yq e '.notifications=["http_default"]' -i "${PROFILES_PATH}"
+    config_set "${PROFILES_PATH}" '.notifications=["http_default"]'
     chmod o+w "${PLUGIN_DIR}"/notification-http
     run -1 --separate-stderr timeout 2s "${CROWDSEC}"
     run -0 echo "${stderr}"
@@ -91,32 +91,32 @@ declare stderr
 }
 
 @test "config.yaml: missing .plugin_config section" {
-    yq e 'del(.plugin_config)' -i "${CONFIG_YAML}"
+    config_set 'del(.plugin_config)'
-    yq e '.notifications=["http_default"]' -i "${PROFILES_PATH}"
+    config_set "${PROFILES_PATH}" '.notifications=["http_default"]'
     run -1 --separate-stderr timeout 2s "${CROWDSEC}"
     run -0 echo "${stderr}"
     assert_output --partial "api server init: plugins are enabled, but the plugin_config section is missing in the configuration"
 }
 
 @test "config.yaml: missing config_paths.notification_dir" {
-    yq e 'del(.config_paths.notification_dir)' -i "${CONFIG_YAML}"
+    config_set 'del(.config_paths.notification_dir)'
-    yq e '.notifications=["http_default"]' -i "${PROFILES_PATH}"
+    config_set "${PROFILES_PATH}" '.notifications=["http_default"]'
     run -1 --separate-stderr timeout 2s "${CROWDSEC}"
     run -0 echo "${stderr}"
     assert_output --partial "api server init: plugins are enabled, but config_paths.notification_dir is not defined"
 }
 
 @test "config.yaml: missing config_paths.plugin_dir" {
-    yq e 'del(.config_paths.plugin_dir)' -i "${CONFIG_YAML}"
+    config_set 'del(.config_paths.plugin_dir)'
-    yq e '.notifications=["http_default"]' -i "${PROFILES_PATH}"
+    config_set "${PROFILES_PATH}" '.notifications=["http_default"]'
     run -1 --separate-stderr timeout 2s "${CROWDSEC}"
     run -0 echo "${stderr}"
     assert_output --partial "api server init: plugins are enabled, but config_paths.plugin_dir is not defined"
 }
 
 @test "unable to run local API: while reading plugin config" {
-    yq e '.config_paths.notification_dir="/this/path/does/not/exist"' -i "${CONFIG_YAML}"
+    config_set '.config_paths.notification_dir="/this/path/does/not/exist"'
-    yq e '.notifications=["http_default"]' -i "${PROFILES_PATH}"
+    config_set "${PROFILES_PATH}" '.notifications=["http_default"]'
     run -1 --separate-stderr timeout 2s "${CROWDSEC}"
     run -0 echo "${stderr}"
     assert_output --partial "api server init: unable to run local API: while loading plugin config: open /this/path/does/not/exist: no such file or directory"

tests/lib/setup_file.sh

@@ -48,10 +48,27 @@ cscli() {
 }
 export -f cscli
 
-config_yq() {
+config_get() {
-    yq e "$@" "${CONFIG_YAML}"
+    cfg="${CONFIG_YAML}"
+    if [[ $# -ge 2 ]]; then
+        cfg="$1"
+        shift
+    fi
+
+    yq e "$1" "${cfg}"
 }
-export -f config_yq
+export -f config_get
+
+config_set() {
+    cfg="${CONFIG_YAML}"
+    if [[ $# -ge 2 ]]; then
+        cfg="$1"
+        shift
+    fi
+
+    yq e "$1" -i "${cfg}"
+}
+export -f config_set
 
 # We use these functions like this:
 #    somecommand <(stderr)