crowdsec/test/bats/04_capi.bats
2024-01-24 19:51:55 +01:00

95 lines
3.3 KiB
Bash

#!/usr/bin/env bats
# vim: ft=bats:list:ts=8:sts=4:sw=4:et:ai:si:
set -u
setup_file() {
load "../lib/setup_file.sh"
./instance-data load
}
teardown_file() {
load "../lib/teardown_file.sh"
}
setup() {
load "../lib/setup.sh"
load "../lib/bats-file/load.bash"
}
#----------
@test "cscli capi status: fails without credentials" {
config_enable_capi
ONLINE_API_CREDENTIALS_YAML="$(config_get '.api.server.online_client.credentials_path')"
# bogus values, won't be used
echo '{"login":"login","password":"password","url":"url"}' > "${ONLINE_API_CREDENTIALS_YAML}"
config_set "$ONLINE_API_CREDENTIALS_YAML" 'del(.url)'
rune -1 cscli capi status
assert_stderr --partial "can't load CAPI credentials from '$ONLINE_API_CREDENTIALS_YAML' (missing url field)"
config_set "$ONLINE_API_CREDENTIALS_YAML" 'del(.password)'
rune -1 cscli capi status
assert_stderr --partial "can't load CAPI credentials from '$ONLINE_API_CREDENTIALS_YAML' (missing password field)"
config_set "$ONLINE_API_CREDENTIALS_YAML" 'del(.login)'
rune -1 cscli capi status
assert_stderr --partial "can't load CAPI credentials from '$ONLINE_API_CREDENTIALS_YAML' (missing login field)"
rm "${ONLINE_API_CREDENTIALS_YAML}"
rune -1 cscli capi status
assert_stderr --partial "failed to load Local API: loading online client credentials: open ${ONLINE_API_CREDENTIALS_YAML}: no such file or directory"
config_set 'del(.api.server.online_client)'
rune -1 cscli capi status
assert_stderr --regexp "no configuration for Central API \(CAPI\) in '$(echo $CONFIG_YAML|sed s#//#/#g)'"
}
@test "cscli capi status" {
./instance-data load
config_enable_capi
rune -0 cscli capi register --schmilblick githubciXXXXXXXXXXXXXXXXXXXXXXXX
rune -1 cscli capi status
assert_stderr --partial "no scenarios installed, abort"
rune -0 cscli scenarios install crowdsecurity/ssh-bf
rune -0 cscli capi status
assert_stderr --partial "Loaded credentials from"
assert_stderr --partial "Trying to authenticate with username"
assert_stderr --partial " on https://api.crowdsec.net/"
assert_stderr --partial "You can successfully interact with Central API (CAPI)"
}
@test "cscli alerts list: receive a community pull when capi is enabled" {
sleep 2
./instance-crowdsec start
for ((i=0; i<15; i++)); do
sleep 2
[[ $(cscli alerts list -a -o json) != "[]" ]] && break
done
rune -0 cscli alerts list -a -o json
rune -0 jq -r '. | length' <(output)
refute_output 0
}
@test "we have exactly one machine, localhost" {
rune -0 cscli machines list -o json
rune -0 jq -c '[. | length, .[0].machineId[0:32], .[0].isValidated, .[0].ipAddress]' <(output)
assert_json '[1,"githubciXXXXXXXXXXXXXXXXXXXXXXXX",true,"127.0.0.1"]'
}
@test "no agent: capi status should be ok" {
./instance-crowdsec stop
config_disable_agent
./instance-crowdsec start
rune -0 cscli capi status
assert_stderr --partial "You can successfully interact with Central API (CAPI)"
}
@test "capi register must be run from lapi" {
config_disable_lapi
rune -1 cscli capi register --schmilblick githubciXXXXXXXXXXXXXXXXXXXXXXXX
assert_stderr --partial "local API is disabled -- this command must be run on the local API machine"
}