beenull/crowdsec
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
crowdsec/test/bats/20_hub_parsers.bats
mmetc 6b0bdc5eeb
Refact pkg/cwhub: fix some known issues and reorganize files (#2616) 
* bump gopkg.in/yaml.v3
* test: cannot remove local items with cscli
* test dangling links
* test: cannot install local item with cscli
* pkg/cwhub: reorg (move) functions in files
* allow hub upgrade with local items
* data download: honor Last-Modified header
* fatal -> warning when attempting to remove a local item (allows remove --all)
* cscli...inspect -o yaml|human: rename remote_path -> path
* Correct count of removed items
Still no separate counter for the --purge option, but should be clear enough
2023-11-28 23:51:51 +01:00

385 lines
16 KiB
Bash
Raw Permalink Blame History

#!/usr/bin/env bats
# vim: ft=bats:list:ts=8:sts=4:sw=4:et:ai:si:
set -u
setup_file() {
load "../lib/setup_file.sh"
./instance-data load
HUB_DIR=$(config_get '.config_paths.hub_dir')
export HUB_DIR
INDEX_PATH=$(config_get '.config_paths.index_path')
export INDEX_PATH
CONFIG_DIR=$(config_get '.config_paths.config_dir')
export CONFIG_DIR
}
teardown_file() {
load "../lib/teardown_file.sh"
}
setup() {
load "../lib/setup.sh"
load "../lib/bats-file/load.bash"
./instance-data load
hub_strip_index
}
teardown() {
./instance-crowdsec stop
}
#----------
@test "cscli parsers list" {
hub_purge_all
# no items
rune -0 cscli parsers list
assert_output --partial "PARSERS"
rune -0 cscli parsers list -o json
assert_json '{parsers:[]}'
rune -0 cscli parsers list -o raw
assert_output 'name,status,version,description'
# some items
rune -0 cscli parsers install crowdsecurity/whitelists crowdsecurity/windows-auth
rune -0 cscli parsers list
assert_output --partial crowdsecurity/whitelists
assert_output --partial crowdsecurity/windows-auth
rune -0 grep -c enabled <(output)
assert_output "2"
rune -0 cscli parsers list -o json
assert_output --partial crowdsecurity/whitelists
assert_output --partial crowdsecurity/windows-auth
rune -0 jq '.parsers | length' <(output)
assert_output "2"
rune -0 cscli parsers list -o raw
assert_output --partial crowdsecurity/whitelists
assert_output --partial crowdsecurity/windows-auth
rune -0 grep -vc 'name,status,version,description' <(output)
assert_output "2"
}
@test "cscli parsers list -a" {
expected=$(jq <"$INDEX_PATH" -r '.parsers | length')
rune -0 cscli parsers list -a
rune -0 grep -c disabled <(output)
assert_output "$expected"
rune -0 cscli parsers list -o json -a
rune -0 jq '.parsers | length' <(output)
assert_output "$expected"
rune -0 cscli parsers list -o raw -a
rune -0 grep -vc 'name,status,version,description' <(output)
assert_output "$expected"
# the list should be the same in all formats, and sorted (not case sensitive)
list_raw=$(cscli parsers list -o raw -a | tail -n +2 | cut -d, -f1)
list_human=$(cscli parsers list -o human -a | tail -n +6 | head -n -1 | cut -d' ' -f2)
list_json=$(cscli parsers list -o json -a | jq -r '.parsers[].name')
rune -0 sort -f <<<"$list_raw"
assert_output "$list_raw"
assert_equal "$list_raw" "$list_json"
assert_equal "$list_raw" "$list_human"
}
@test "cscli parsers list [parser]..." {
# non-existent
rune -1 cscli parsers install foo/bar
assert_stderr --partial "can't find 'foo/bar' in parsers"
# not installed
rune -0 cscli parsers list crowdsecurity/whitelists
assert_output --regexp 'crowdsecurity/whitelists.*disabled'
# install two items
rune -0 cscli parsers install crowdsecurity/whitelists crowdsecurity/windows-auth
# list an installed item
rune -0 cscli parsers list crowdsecurity/whitelists
assert_output --regexp "crowdsecurity/whitelists.*enabled"
refute_output --partial "crowdsecurity/windows-auth"
# list multiple installed and non installed items
rune -0 cscli parsers list crowdsecurity/whitelists crowdsecurity/windows-auth crowdsecurity/traefik-logs
assert_output --partial "crowdsecurity/whitelists"
assert_output --partial "crowdsecurity/windows-auth"
assert_output --partial "crowdsecurity/traefik-logs"
rune -0 cscli parsers list crowdsecurity/whitelists -o json
rune -0 jq '.parsers | length' <(output)
assert_output "1"
rune -0 cscli parsers list crowdsecurity/whitelists crowdsecurity/windows-auth crowdsecurity/traefik-logs -o json
rune -0 jq '.parsers | length' <(output)
assert_output "3"
rune -0 cscli parsers list crowdsecurity/whitelists -o raw
rune -0 grep -vc 'name,status,version,description' <(output)
assert_output "1"
rune -0 cscli parsers list crowdsecurity/whitelists crowdsecurity/windows-auth crowdsecurity/traefik-logs -o raw
rune -0 grep -vc 'name,status,version,description' <(output)
assert_output "3"
}
@test "cscli parsers install" {
rune -1 cscli parsers install
assert_stderr --partial 'requires at least 1 arg(s), only received 0'
# not in hub
rune -1 cscli parsers install crowdsecurity/blahblah
assert_stderr --partial "can't find 'crowdsecurity/blahblah' in parsers"
# simple install
rune -0 cscli parsers install crowdsecurity/whitelists
rune -0 cscli parsers inspect crowdsecurity/whitelists --no-metrics
assert_output --partial 'crowdsecurity/whitelists'
assert_output --partial 'installed: true'
# autocorrect
rune -1 cscli parsers install crowdsecurity/sshd-logz
assert_stderr --partial "can't find 'crowdsecurity/sshd-logz' in parsers, did you mean 'crowdsecurity/sshd-logs'?"
# install multiple
rune -0 cscli parsers install crowdsecurity/pgsql-logs crowdsecurity/postfix-logs
rune -0 cscli parsers inspect crowdsecurity/pgsql-logs --no-metrics
assert_output --partial 'crowdsecurity/pgsql-logs'
assert_output --partial 'installed: true'
rune -0 cscli parsers inspect crowdsecurity/postfix-logs --no-metrics
assert_output --partial 'crowdsecurity/postfix-logs'
assert_output --partial 'installed: true'
}
@test "cscli parsers install (file location and download-only)" {
rune -0 cscli parsers install crowdsecurity/whitelists --download-only
rune -0 cscli parsers inspect crowdsecurity/whitelists --no-metrics
assert_output --partial 'crowdsecurity/whitelists'
assert_output --partial 'installed: false'
assert_file_exists "$HUB_DIR/parsers/s02-enrich/crowdsecurity/whitelists.yaml"
assert_file_not_exists "$CONFIG_DIR/parsers/s02-enrich/whitelists.yaml"
rune -0 cscli parsers install crowdsecurity/whitelists
rune -0 cscli parsers inspect crowdsecurity/whitelists --no-metrics
assert_output --partial 'installed: true'
assert_file_exists "$CONFIG_DIR/parsers/s02-enrich/whitelists.yaml"
}
@test "cscli parsers install --force (tainted)" {
rune -0 cscli parsers install crowdsecurity/whitelists
echo "dirty" >"$CONFIG_DIR/parsers/s02-enrich/whitelists.yaml"
rune -1 cscli parsers install crowdsecurity/whitelists
assert_stderr --partial "error while installing 'crowdsecurity/whitelists': while enabling crowdsecurity/whitelists: crowdsecurity/whitelists is tainted, won't enable unless --force"
rune -0 cscli parsers install crowdsecurity/whitelists --force
assert_stderr --partial "crowdsecurity/whitelists: overwrite"
assert_stderr --partial "Enabled crowdsecurity/whitelists"
}
@test "cscli parsers install --ignore (skip on errors)" {
rune -1 cscli parsers install foo/bar crowdsecurity/whitelists
assert_stderr --partial "can't find 'foo/bar' in parsers"
refute_stderr --partial "Enabled parsers: crowdsecurity/whitelists"
rune -0 cscli parsers install foo/bar crowdsecurity/whitelists --ignore
assert_stderr --partial "can't find 'foo/bar' in parsers"
assert_stderr --partial "Enabled parsers: crowdsecurity/whitelists"
}
@test "cscli parsers inspect" {
rune -1 cscli parsers inspect
assert_stderr --partial 'requires at least 1 arg(s), only received 0'
# required for metrics
./instance-crowdsec start
rune -1 cscli parsers inspect blahblah/blahblah
assert_stderr --partial "can't find 'blahblah/blahblah' in parsers"
# one item
rune -0 cscli parsers inspect crowdsecurity/sshd-logs --no-metrics
assert_line 'type: parsers'
assert_line 'stage: s01-parse'
assert_line 'name: crowdsecurity/sshd-logs'
assert_line 'author: crowdsecurity'
assert_line 'path: parsers/s01-parse/crowdsecurity/sshd-logs.yaml'
assert_line 'installed: false'
refute_line --partial 'Current metrics:'
# one item, with metrics
rune -0 cscli parsers inspect crowdsecurity/sshd-logs
assert_line --partial 'Current metrics:'
# one item, json
rune -0 cscli parsers inspect crowdsecurity/sshd-logs -o json
rune -0 jq -c '[.type, .stage, .name, .author, .path, .installed]' <(output)
assert_json '["parsers","s01-parse","crowdsecurity/sshd-logs","crowdsecurity","parsers/s01-parse/crowdsecurity/sshd-logs.yaml",false]'
# one item, raw
rune -0 cscli parsers inspect crowdsecurity/sshd-logs -o raw
assert_line 'type: parsers'
assert_line 'name: crowdsecurity/sshd-logs'
assert_line 'stage: s01-parse'
assert_line 'author: crowdsecurity'
assert_line 'path: parsers/s01-parse/crowdsecurity/sshd-logs.yaml'
assert_line 'installed: false'
refute_line --partial 'Current metrics:'
# multiple items
rune -0 cscli parsers inspect crowdsecurity/sshd-logs crowdsecurity/whitelists --no-metrics
assert_output --partial 'crowdsecurity/sshd-logs'
assert_output --partial 'crowdsecurity/whitelists'
rune -1 grep -c 'Current metrics:' <(output)
assert_output "0"
# multiple items, with metrics
rune -0 cscli parsers inspect crowdsecurity/sshd-logs crowdsecurity/whitelists
rune -0 grep -c 'Current metrics:' <(output)
assert_output "2"
# multiple items, json
rune -0 cscli parsers inspect crowdsecurity/sshd-logs crowdsecurity/whitelists -o json
rune -0 jq -sc '[.[] | [.type, .stage, .name, .author, .path, .installed]]' <(output)
assert_json '[["parsers","s01-parse","crowdsecurity/sshd-logs","crowdsecurity","parsers/s01-parse/crowdsecurity/sshd-logs.yaml",false],["parsers","s02-enrich","crowdsecurity/whitelists","crowdsecurity","parsers/s02-enrich/crowdsecurity/whitelists.yaml",false]]'
# multiple items, raw
rune -0 cscli parsers inspect crowdsecurity/sshd-logs crowdsecurity/whitelists -o raw
assert_output --partial 'crowdsecurity/sshd-logs'
assert_output --partial 'crowdsecurity/whitelists'
rune -1 grep -c 'Current metrics:' <(output)
assert_output "0"
}
@test "cscli parsers remove" {
rune -1 cscli parsers remove
assert_stderr --partial "specify at least one parser to remove or '--all'"
rune -1 cscli parsers remove blahblah/blahblah
assert_stderr --partial "can't find 'blahblah/blahblah' in parsers"
rune -0 cscli parsers install crowdsecurity/whitelists --download-only
rune -0 cscli parsers remove crowdsecurity/whitelists
assert_stderr --partial "removing crowdsecurity/whitelists: not installed -- no need to remove"
rune -0 cscli parsers install crowdsecurity/whitelists
rune -0 cscli parsers remove crowdsecurity/whitelists
assert_stderr --partial "Removed crowdsecurity/whitelists"
rune -0 cscli parsers remove crowdsecurity/whitelists --purge
assert_stderr --partial 'Removed source file [crowdsecurity/whitelists]'
rune -0 cscli parsers remove crowdsecurity/whitelists
assert_stderr --partial "removing crowdsecurity/whitelists: not installed -- no need to remove"
rune -0 cscli parsers remove crowdsecurity/whitelists --purge --debug
assert_stderr --partial 'removing crowdsecurity/whitelists: not downloaded -- no need to remove'
refute_stderr --partial 'Removed source file [crowdsecurity/whitelists]'
# install, then remove, check files
rune -0 cscli parsers install crowdsecurity/whitelists
assert_file_exists "$CONFIG_DIR/parsers/s02-enrich/whitelists.yaml"
rune -0 cscli parsers remove crowdsecurity/whitelists
assert_file_not_exists "$CONFIG_DIR/parsers/s02-enrich/whitelists.yaml"
# delete is an alias for remove
rune -0 cscli parsers install crowdsecurity/whitelists
assert_file_exists "$CONFIG_DIR/parsers/s02-enrich/whitelists.yaml"
rune -0 cscli parsers delete crowdsecurity/whitelists
assert_file_not_exists "$CONFIG_DIR/parsers/s02-enrich/whitelists.yaml"
# purge
assert_file_exists "$HUB_DIR/parsers/s02-enrich/crowdsecurity/whitelists.yaml"
rune -0 cscli parsers remove crowdsecurity/whitelists --purge
assert_file_not_exists "$HUB_DIR/parsers/s02-enrich/crowdsecurity/whitelists.yaml"
rune -0 cscli parsers install crowdsecurity/whitelists crowdsecurity/windows-auth
# --all
rune -0 cscli parsers list -o raw
rune -0 grep -vc 'name,status,version,description' <(output)
assert_output "2"
rune -0 cscli parsers remove --all
rune -0 cscli parsers list -o raw
rune -1 grep -vc 'name,status,version,description' <(output)
assert_output "0"
}
@test "cscli parsers remove --force" {
# remove a parser that belongs to a collection
rune -0 cscli collections install crowdsecurity/sshd
rune -0 cscli parsers remove crowdsecurity/sshd-logs
assert_stderr --partial "crowdsecurity/sshd-logs belongs to collections: [crowdsecurity/sshd]"
assert_stderr --partial "Run 'sudo cscli parsers remove crowdsecurity/sshd-logs --force' if you want to force remove this parser"
}
@test "cscli parsers upgrade" {
rune -1 cscli parsers upgrade
assert_stderr --partial "specify at least one parser to upgrade or '--all'"
rune -1 cscli parsers upgrade blahblah/blahblah
assert_stderr --partial "can't find 'blahblah/blahblah' in parsers"
rune -0 cscli parsers remove crowdsecurity/pam-logs --purge
rune -1 cscli parsers upgrade crowdsecurity/pam-logs
assert_stderr --partial "can't upgrade crowdsecurity/pam-logs: not installed"
rune -0 cscli parsers install crowdsecurity/pam-logs --download-only
rune -1 cscli parsers upgrade crowdsecurity/pam-logs
assert_stderr --partial "can't upgrade crowdsecurity/pam-logs: downloaded but not installed"
# hash of the string "v0.0"
sha256_0_0="dfebecf42784a31aa3d009dbcec0c657154a034b45f49cf22a895373f6dbf63d"
# add version 0.0 to all parsers
new_hub=$(jq --arg DIGEST "$sha256_0_0" <"$INDEX_PATH" '.parsers |= with_entries(.value.versions["0.0"] = {"digest": $DIGEST, "deprecated": false})')
echo "$new_hub" >"$INDEX_PATH"
rune -0 cscli parsers install crowdsecurity/whitelists
echo "v0.0" > "$CONFIG_DIR/parsers/s02-enrich/whitelists.yaml"
rune -0 cscli parsers inspect crowdsecurity/whitelists -o json
rune -0 jq -e '.local_version=="0.0"' <(output)
# upgrade
rune -0 cscli parsers upgrade crowdsecurity/whitelists
rune -0 cscli parsers inspect crowdsecurity/whitelists -o json
rune -0 jq -e '.local_version==.version' <(output)
# taint
echo "dirty" >"$CONFIG_DIR/parsers/s02-enrich/whitelists.yaml"
# XXX: should return error
rune -0 cscli parsers upgrade crowdsecurity/whitelists
assert_stderr --partial "crowdsecurity/whitelists is tainted, --force to overwrite"
rune -0 cscli parsers inspect crowdsecurity/whitelists -o json
rune -0 jq -e '.local_version=="?"' <(output)
# force upgrade with taint
rune -0 cscli parsers upgrade crowdsecurity/whitelists --force
rune -0 cscli parsers inspect crowdsecurity/whitelists -o json
rune -0 jq -e '.local_version==.version' <(output)
# multiple items
rune -0 cscli parsers install crowdsecurity/windows-auth
echo "v0.0" >"$CONFIG_DIR/parsers/s02-enrich/whitelists.yaml"
echo "v0.0" >"$CONFIG_DIR/parsers/s01-parse/windows-auth.yaml"
rune -0 cscli parsers list -o json
rune -0 jq -e '[.parsers[].local_version]==["0.0","0.0"]' <(output)
rune -0 cscli parsers upgrade crowdsecurity/whitelists crowdsecurity/windows-auth
rune -0 cscli parsers list -o json
rune -0 jq -e 'any(.parsers[].local_version; .=="0.0") | not' <(output)
# upgrade all
echo "v0.0" >"$CONFIG_DIR/parsers/s02-enrich/whitelists.yaml"
echo "v0.0" >"$CONFIG_DIR/parsers/s01-parse/windows-auth.yaml"
rune -0 cscli parsers list -o json
rune -0 jq -e '[.parsers[].local_version]==["0.0","0.0"]' <(output)
rune -0 cscli parsers upgrade --all
rune -0 cscli parsers list -o json
rune -0 jq -e 'any(.parsers[].local_version; .=="0.0") | not' <(output)
}
Reference in a new issue View git blame Copy permalink