mmetc 042d316fab
Refact cwhub: remove global hub, func test improvements (#2588)
* csConfig.Cscli is always loaded now, configuration paths too
* Remove global/singleton hub instance
* read {index_path} from config instead of assuming {hub_dir}/.index.json
* fix segfault with cscli explain when no parser is installed
* cscli: help text
* hub download timeout 20 sec
* reduce log verbosity
* allow func tests with empty hub or pre-download
* cscli <itemtype> remove --all --purge
2023-11-14 14:58:36 +01:00

72 lines
2.1 KiB

#!/usr/bin/env bats
# vim: ft=bats:list:ts=8:sts=4:sw=4:et:ai:si:
set -u
fake_log() {
for _ in $(seq 1 10); do
echo "$(LC_ALL=C date '+%b %d %H:%M:%S ')"'sd-126005 sshd[12422]: Invalid user netflix from port 35424'
setup_file() {
load "../lib/"
./instance-data load
cscli collections install crowdsecurity/sshd --error
cscli parsers install crowdsecurity/syslog-logs --error
cscli parsers install crowdsecurity/dateparse-enrich --error
./instance-crowdsec start
teardown_file() {
load "../lib/"
setup() {
load "../lib/"
cscli decisions delete --all
@test "we have one decision" {
rune -0 cscli simulation disable --global
fake_log | "${CROWDSEC}" -dsn file:///dev/fd/0 -type syslog -no-api
rune -0 cscli decisions list -o json
rune -0 jq '. | length' <(output)
assert_output 1
@test " has been banned (exact)" {
rune -0 cscli simulation disable --global
fake_log | "${CROWDSEC}" -dsn file:///dev/fd/0 -type syslog -no-api
rune -0 cscli decisions list -o json
rune -0 jq -r '.[].decisions[0].value' <(output)
assert_output ''
@test "decision has simulated == false (exact)" {
rune -0 cscli simulation disable --global
fake_log | "${CROWDSEC}" -dsn file:///dev/fd/0 -type syslog -no-api
rune -0 cscli decisions list -o json
rune -0 jq '.[].decisions[0].simulated' <(output)
assert_output 'false'
@test "simulated scenario, listing non-simulated: expect no decision" {
rune -0 cscli simulation enable crowdsecurity/ssh-bf
fake_log | "${CROWDSEC}" -dsn file:///dev/fd/0 -type syslog -no-api
rune -0 cscli decisions list --no-simu -o json
assert_json '[]'
@test "global simulation, listing non-simulated: expect no decision" {
rune -0 cscli simulation disable crowdsecurity/ssh-bf
rune -0 cscli simulation enable --global
fake_log | "${CROWDSEC}" -dsn file:///dev/fd/0 -type syslog -no-api
rune -0 cscli decisions list --no-simu -o json
assert_json '[]'