2023-11-24 14:57:32 +00:00
#!/usr/bin/env bats
# vim: ft=bats:list:ts=8:sts=4:sw=4:et:ai:si:
set -u
setup_file() {
load "../lib/setup_file.sh"
./instance-data load
INDEX_PATH=$(config_get '.config_paths.index_path')
export INDEX_PATH
CONFIG_DIR=$(config_get '.config_paths.config_dir')
export CONFIG_DIR
}
teardown_file() {
load "../lib/teardown_file.sh"
}
setup() {
load "../lib/setup.sh"
load "../lib/bats-file/load.bash"
./instance-data load
hub_strip_index
}
teardown() {
:
}
#----------
@test "cscli hub list" {
hub_purge_all
# no items
rune -0 cscli hub list
2023-12-05 12:38:52 +00:00
assert_output "No items to display"
2023-11-24 14:57:32 +00:00
rune -0 cscli hub list -o json
2023-12-07 15:20:13 +00:00
assert_json '{"appsec-configs":[],"appsec-rules":[],parsers:[],scenarios:[],collections:[],contexts:[],postoverflows:[]}'
2023-11-24 14:57:32 +00:00
rune -0 cscli hub list -o raw
assert_output 'name,status,version,description,type'
2023-12-05 12:38:52 +00:00
# some items: with output=human, show only non-empty tables
2023-11-24 14:57:32 +00:00
rune -0 cscli parsers install crowdsecurity/whitelists
rune -0 cscli scenarios install crowdsecurity/telnet-bf
rune -0 cscli hub list
2023-12-05 12:38:52 +00:00
assert_output --regexp ".*PARSERS.*crowdsecurity/whitelists.*SCENARIOS.*crowdsecurity/telnet-bf.*"
refute_output --partial 'POSTOVERFLOWS'
refute_output --partial 'COLLECTIONS'
2023-12-07 15:20:13 +00:00
2023-11-24 14:57:32 +00:00
rune -0 cscli hub list -o json
rune -0 jq -e '(.parsers | length == 1) and (.scenarios | length == 1)' <(output)
rune -0 cscli hub list -o raw
assert_output --partial 'crowdsecurity/whitelists'
assert_output --partial 'crowdsecurity/telnet-bf'
refute_output --partial 'crowdsecurity/iptables'
# all items
2023-12-07 15:20:13 +00:00
mkdir -p "$CONFIG_DIR/contexts"
# there are no contexts yet, so we create a local one
touch "$CONFIG_DIR/contexts/mycontext.yaml"
2023-11-24 14:57:32 +00:00
rune -0 cscli hub list -a
2023-12-07 15:20:13 +00:00
assert_output --regexp ".*PARSERS.*crowdsecurity/whitelists.*POSTOVERFLOWS.*SCENARIOS.*crowdsecurity/telnet-bf.*CONTEXTS.*mycontext.yaml.*COLLECTIONS.*crowdsecurity/iptables.*"
2023-11-24 14:57:32 +00:00
rune -0 cscli hub list -a -o json
rune -0 jq -e '(.parsers | length > 1) and (.scenarios | length > 1)' <(output)
rune -0 cscli hub list -a -o raw
assert_output --partial 'crowdsecurity/whitelists'
assert_output --partial 'crowdsecurity/telnet-bf'
assert_output --partial 'crowdsecurity/iptables'
}
2024-01-11 09:28:58 +00:00
@test "cscli hub list (invalid index)" {
new_hub=$(jq <"$INDEX_PATH" '."appsec-rules"."crowdsecurity/vpatch-laravel-debug-mode".version="999"')
echo "$new_hub" >"$INDEX_PATH"
rune -0 cscli hub list --error
assert_stderr --partial "invalid hub item appsec-rules:crowdsecurity/vpatch-laravel-debug-mode: latest version missing from index"
rune -1 cscli appsec-rules install crowdsecurity/vpatch-laravel-debug-mode --force
assert_stderr --partial "error while installing 'crowdsecurity/vpatch-laravel-debug-mode': while downloading crowdsecurity/vpatch-laravel-debug-mode: latest hash missing from index"
}
2023-11-24 14:57:32 +00:00
@test "missing reference in hub index" {
new_hub=$(jq <"$INDEX_PATH" 'del(.parsers."crowdsecurity/smb-logs") | del (.scenarios."crowdsecurity/mysql-bf")')
echo "$new_hub" >"$INDEX_PATH"
rune -0 cscli hub list --error
assert_stderr --partial "can't find crowdsecurity/smb-logs in parsers, required by crowdsecurity/smb"
assert_stderr --partial "can't find crowdsecurity/mysql-bf in scenarios, required by crowdsecurity/mysql"
}
@test "loading hub reports tainted items (subitem is tainted)" {
rune -0 cscli collections install crowdsecurity/sshd
rune -0 cscli hub list
refute_stderr --partial "tainted"
rune -0 truncate -s0 "$CONFIG_DIR/parsers/s01-parse/sshd-logs.yaml"
rune -0 cscli hub list
2023-12-15 14:27:22 +00:00
assert_stderr --partial "crowdsecurity/sshd is tainted by parsers:crowdsecurity/sshd-logs"
2023-11-24 14:57:32 +00:00
}
@test "loading hub reports tainted items (subitem is not installed)" {
rune -0 cscli collections install crowdsecurity/sshd
rune -0 cscli hub list
refute_stderr --partial "tainted"
rune -0 rm "$CONFIG_DIR/parsers/s01-parse/sshd-logs.yaml"
rune -0 cscli hub list
2023-12-15 14:27:22 +00:00
assert_stderr --partial "crowdsecurity/sshd is tainted by missing parsers:crowdsecurity/sshd-logs"
2023-11-24 14:57:32 +00:00
}
@test "cscli hub update" {
rm -f "$INDEX_PATH"
rune -0 cscli hub update
assert_stderr --partial "Wrote index to $INDEX_PATH"
rune -0 cscli hub update
assert_stderr --partial "hub index is up to date"
}
@test "cscli hub upgrade" {
rune -0 cscli hub upgrade
assert_stderr --partial "Upgrading parsers"
assert_stderr --partial "Upgraded 0 parsers"
assert_stderr --partial "Upgrading postoverflows"
assert_stderr --partial "Upgraded 0 postoverflows"
assert_stderr --partial "Upgrading scenarios"
assert_stderr --partial "Upgraded 0 scenarios"
2023-12-07 15:20:13 +00:00
assert_stderr --partial "Upgrading contexts"
assert_stderr --partial "Upgraded 0 contexts"
2023-11-24 14:57:32 +00:00
assert_stderr --partial "Upgrading collections"
assert_stderr --partial "Upgraded 0 collections"
rune -0 cscli parsers install crowdsecurity/syslog-logs
rune -0 cscli hub upgrade
assert_stderr --partial "crowdsecurity/syslog-logs: up-to-date"
rune -0 cscli hub upgrade --force
assert_stderr --partial "crowdsecurity/syslog-logs: overwrite"
assert_stderr --partial "crowdsecurity/syslog-logs: updated"
assert_stderr --partial "Upgraded 1 parsers"
# this is used by the cron script to know if the hub was updated
assert_output --partial "updated crowdsecurity/syslog-logs"
}
2023-11-28 22:51:51 +00:00
@test "cscli hub upgrade (with local items)" {
mkdir -p "$CONFIG_DIR/collections"
touch "$CONFIG_DIR/collections/foo.yaml"
rune -0 cscli hub upgrade
assert_stderr --partial "not upgrading foo.yaml: local item"
}
2023-12-01 08:36:38 +00:00
@test "cscli hub types" {
rune -0 cscli hub types -o raw
assert_line "parsers"
assert_line "postoverflows"
assert_line "scenarios"
2023-12-07 15:20:13 +00:00
assert_line "contexts"
2023-12-01 08:36:38 +00:00
assert_line "collections"
rune -0 cscli hub types -o human
rune -0 yq -o json <(output)
2023-12-07 15:20:13 +00:00
assert_json '["parsers","postoverflows","scenarios","contexts","appsec-configs","appsec-rules","collections"]'
2023-12-01 08:36:38 +00:00
rune -0 cscli hub types -o json
2023-12-07 15:20:13 +00:00
assert_json '["parsers","postoverflows","scenarios","contexts","appsec-configs","appsec-rules","collections"]'
2023-12-01 08:36:38 +00:00
}