4a6fd338e0
* replace 'timeout' helper with async python script; allow hub preload in func tests; improve item removal * func tests: cscli hub update/upgrade * docker test update * Update docker entrypoint to disable items with --force The --force flag was not transmitted to cscli, but is required after the hub refact to disable items inside installed collections
169 lines
4.6 KiB
Bash
Executable file
169 lines
4.6 KiB
Bash
Executable file
#!/usr/bin/env bash
|
|
|
|
set -eu
|
|
script_name=$0
|
|
|
|
die() {
|
|
echo >&2 "$@"
|
|
exit 1
|
|
}
|
|
|
|
about() {
|
|
die "usage: ${script_name} [make | load | clean]"
|
|
}
|
|
|
|
#shellcheck disable=SC1007
|
|
THIS_DIR=$(CDPATH= cd -- "$(dirname -- "$0")" && pwd)
|
|
cd "${THIS_DIR}"/../../
|
|
#shellcheck disable=SC1091
|
|
. ./.environment.sh
|
|
|
|
# you have not removed set -u above, have you?
|
|
|
|
[[ -z "${TEST_DIR-}" ]] && die "\$TEST_DIR must be defined."
|
|
[[ -z "${LOCAL_DIR-}" ]] && die "\$LOCAL_DIR must be defined."
|
|
[[ -z "${CSCLI-}" ]] && die "\$CSCLI must be defined."
|
|
[[ -z "${LOCAL_INIT_DIR-}" ]] && die "\$LOCAL_INIT_DIR must be defined."
|
|
[[ -z "${PLUGIN_DIR-}" ]] && die "\$PLUGIN_DIR must be defined."
|
|
[[ -z "${DB_BACKEND-}" ]] && die "\$DB_BACKEND must be defined."
|
|
|
|
if [[ ! -f "${CSCLI}" ]]; then
|
|
die "${CSCLI} is missing. Please build (with 'make bats-build') or install it."
|
|
fi
|
|
|
|
REL_CONFIG_DIR="etc/crowdsec"
|
|
REL_DATA_DIR="var/lib/crowdsec/data"
|
|
|
|
DATA_DIR="${LOCAL_DIR}/${REL_DATA_DIR}"
|
|
export DATA_DIR
|
|
CONFIG_DIR="${LOCAL_DIR}/${REL_CONFIG_DIR}"
|
|
export CONFIG_DIR
|
|
HUB_DIR="${CONFIG_DIR}/hub"
|
|
export HUB_DIR
|
|
|
|
if [[ $(uname) == "OpenBSD" ]]; then
|
|
TAR=gtar
|
|
else
|
|
TAR=tar
|
|
fi
|
|
|
|
remove_init_data() {
|
|
./bin/assert-crowdsec-not-running || die "Cannot remove fixture data."
|
|
rm -rf -- "${LOCAL_DIR:?}/${REL_CONFIG_DIR}"/* "${LOCAL_DIR:?}/${REL_DATA_DIR:?}"/*
|
|
}
|
|
|
|
# we need a separate function for initializing config when testing package
|
|
# because we want to test the configuration as well
|
|
preload_hub_items() {
|
|
# pre-download everything but don't install anything
|
|
# each test can install what it needs
|
|
|
|
echo "Purging existing hub..."
|
|
|
|
"$CSCLI" parsers delete --all --error --purge --force
|
|
"$CSCLI" scenarios delete --all --error --purge --force
|
|
"$CSCLI" postoverflows delete --all --error --purge --force
|
|
"$CSCLI" collections delete --all --error --purge --force
|
|
|
|
echo "Pre-downloading hub content..."
|
|
|
|
#shellcheck disable=SC2046
|
|
"$CSCLI" collections install \
|
|
$("$CSCLI" collections list -a -o json | jq -r '.collections[].name') \
|
|
--download-only \
|
|
--error
|
|
|
|
#shellcheck disable=SC2046
|
|
"$CSCLI" parsers install \
|
|
$("$CSCLI" parsers list -a -o json | jq -r '.parsers[].name') \
|
|
--download-only \
|
|
--error
|
|
|
|
#shellcheck disable=SC2046
|
|
"$CSCLI" scenarios install \
|
|
$("$CSCLI" scenarios list -a -o json | jq -r '.scenarios[].name') \
|
|
--download-only \
|
|
--error
|
|
|
|
#shellcheck disable=SC2046
|
|
"$CSCLI" postoverflows install \
|
|
$("$CSCLI" postoverflows list -a -o json | jq -r '.postoverflows[].name') \
|
|
--download-only \
|
|
--error
|
|
|
|
# XXX: download-only works only for collections, not for parsers, scenarios, postoverflows.
|
|
# so we have to delete the links manually, and leave the downloaded files in place
|
|
|
|
"$CSCLI" parsers delete --all --error
|
|
"$CSCLI" scenarios delete --all --error
|
|
"$CSCLI" postoverflows delete --all --error
|
|
}
|
|
|
|
make_init_data() {
|
|
./bin/assert-crowdsec-not-running || die "Cannot create fixture data."
|
|
|
|
./instance-db config-yaml
|
|
./instance-db setup
|
|
|
|
# when installed packages are always using sqlite, so no need to regenerate
|
|
# local credz for sqlite
|
|
|
|
preload_hub_items
|
|
|
|
[[ "${DB_BACKEND}" == "sqlite" ]] || ${CSCLI} machines add --auto
|
|
|
|
mkdir -p "$LOCAL_INIT_DIR"
|
|
|
|
./instance-db dump "${LOCAL_INIT_DIR}/database"
|
|
|
|
echo "${DB_BACKEND}" > "${LOCAL_INIT_DIR}/.backend"
|
|
|
|
# disable CAPI by default
|
|
yq e 'del(.api.server.online_client)' -i "${CONFIG_DIR}/config.yaml"
|
|
|
|
"${TAR}" -C "${LOCAL_DIR}" --create \
|
|
--exclude "${REL_DATA_DIR}"/crowdsec.db \
|
|
--file "${LOCAL_INIT_DIR}/init-config-data.tar" "${REL_CONFIG_DIR}" "${REL_DATA_DIR}"
|
|
}
|
|
|
|
load_init_data() {
|
|
./bin/assert-crowdsec-not-running || die "Cannot load fixture data."
|
|
|
|
if [[ ! -f "${LOCAL_INIT_DIR}/init-config-data.tar" ]]; then
|
|
die "Initial data not found; did you run 'make bats-fixture' ?"
|
|
fi
|
|
|
|
dump_backend="$(cat "${LOCAL_INIT_DIR}/.backend")"
|
|
if [[ "${DB_BACKEND}" != "${dump_backend}" ]]; then
|
|
die "Can't run with backend '${DB_BACKEND}' because the test data was built with '${dump_backend}'"
|
|
fi
|
|
|
|
remove_init_data
|
|
|
|
"${TAR}" -C "${LOCAL_DIR}" --extract --file "${LOCAL_INIT_DIR}/init-config-data.tar"
|
|
|
|
./instance-db restore "${LOCAL_INIT_DIR}/database"
|
|
}
|
|
|
|
|
|
# ---------------------------
|
|
|
|
[[ $# -lt 1 ]] && about
|
|
|
|
case "$1" in
|
|
make)
|
|
"${TEST_DIR}/instance-crowdsec" stop
|
|
make_init_data
|
|
;;
|
|
load)
|
|
load_init_data
|
|
;;
|
|
clean)
|
|
remove_init_data
|
|
;;
|
|
*)
|
|
about
|
|
;;
|
|
esac;
|
|
|