akanealw
eec8c28fb3
Some checks are pending
Go Benchmark / Performance Regression Check (push) Waiting to run
Cerberus Integration / Cerberus Security Stack Integration (push) Waiting to run
Upload Coverage to Codecov / Backend Codecov Upload (push) Waiting to run
Upload Coverage to Codecov / Frontend Codecov Upload (push) Waiting to run
CodeQL - Analyze / CodeQL analysis (go) (push) Waiting to run
CodeQL - Analyze / CodeQL analysis (javascript-typescript) (push) Waiting to run
CrowdSec Integration / CrowdSec Bouncer Integration (push) Waiting to run
Docker Build, Publish & Test / build-and-push (push) Waiting to run
Docker Build, Publish & Test / Security Scan PR Image (push) Blocked by required conditions
Quality Checks / Auth Route Protection Contract (push) Waiting to run
Quality Checks / Codecov Trigger/Comment Parity Guard (push) Waiting to run
Quality Checks / Backend (Go) (push) Waiting to run
Quality Checks / Frontend (React) (push) Waiting to run
Rate Limit integration / Rate Limiting Integration (push) Waiting to run
Security Scan (PR) / Trivy Binary Scan (push) Waiting to run
Supply Chain Verification (PR) / Verify Supply Chain (push) Waiting to run
WAF integration / Coraza WAF Integration (push) Waiting to run
86 lines
2.7 KiB
Go
Executable File
86 lines
2.7 KiB
Go
Executable File
package handlers
|
|
|
|
import (
|
|
"bytes"
|
|
"net/http"
|
|
"net/http/httptest"
|
|
"os"
|
|
"path/filepath"
|
|
"testing"
|
|
|
|
"github.com/gin-gonic/gin"
|
|
"github.com/stretchr/testify/assert"
|
|
"github.com/stretchr/testify/require"
|
|
)
|
|
|
|
func TestResolveAcquisitionConfigPath_Validation(t *testing.T) {
|
|
t.Setenv("CHARON_CROWDSEC_ACQUIS_PATH", "")
|
|
resolved, err := resolveAcquisitionConfigPath()
|
|
require.NoError(t, err)
|
|
require.Equal(t, "/etc/crowdsec/acquis.yaml", resolved)
|
|
|
|
t.Setenv("CHARON_CROWDSEC_ACQUIS_PATH", "relative/acquis.yaml")
|
|
_, err = resolveAcquisitionConfigPath()
|
|
require.Error(t, err)
|
|
|
|
t.Setenv("CHARON_CROWDSEC_ACQUIS_PATH", "/tmp/../etc/acquis.yaml")
|
|
_, err = resolveAcquisitionConfigPath()
|
|
require.Error(t, err)
|
|
|
|
t.Setenv("CHARON_CROWDSEC_ACQUIS_PATH", "/tmp/acquis.yaml")
|
|
resolved, err = resolveAcquisitionConfigPath()
|
|
require.NoError(t, err)
|
|
require.Equal(t, "/tmp/acquis.yaml", resolved)
|
|
}
|
|
|
|
func TestReadAcquisitionConfig_ErrorsAndSuccess(t *testing.T) {
|
|
tmp := t.TempDir()
|
|
path := filepath.Join(tmp, "acquis.yaml")
|
|
require.NoError(t, os.WriteFile(path, []byte("source: file\n"), 0o600))
|
|
|
|
content, err := readAcquisitionConfig(path)
|
|
require.NoError(t, err)
|
|
assert.Contains(t, string(content), "source: file")
|
|
|
|
_, err = readAcquisitionConfig(filepath.Join(tmp, "missing.yaml"))
|
|
require.Error(t, err)
|
|
}
|
|
|
|
func TestCrowdsec_AcquisitionEndpoints_InvalidConfiguredPath(t *testing.T) {
|
|
t.Setenv("CHARON_CROWDSEC_ACQUIS_PATH", "relative/path.yaml")
|
|
|
|
h := newTestCrowdsecHandler(t, OpenTestDB(t), &fakeExec{}, "/bin/false", t.TempDir())
|
|
r := gin.New()
|
|
g := r.Group("/api/v1")
|
|
h.RegisterRoutes(g)
|
|
|
|
wGet := httptest.NewRecorder()
|
|
reqGet := httptest.NewRequest(http.MethodGet, "/api/v1/admin/crowdsec/acquisition", http.NoBody)
|
|
r.ServeHTTP(wGet, reqGet)
|
|
require.Equal(t, http.StatusInternalServerError, wGet.Code)
|
|
|
|
wPut := httptest.NewRecorder()
|
|
reqPut := httptest.NewRequest(http.MethodPut, "/api/v1/admin/crowdsec/acquisition", bytes.NewBufferString(`{"content":"source: file"}`))
|
|
reqPut.Header.Set("Content-Type", "application/json")
|
|
r.ServeHTTP(wPut, reqPut)
|
|
require.Equal(t, http.StatusInternalServerError, wPut.Code)
|
|
}
|
|
|
|
func TestCrowdsec_GetBouncerKey_NotConfigured(t *testing.T) {
|
|
t.Setenv("CROWDSEC_API_KEY", "")
|
|
t.Setenv("CROWDSEC_BOUNCER_API_KEY", "")
|
|
t.Setenv("CERBERUS_SECURITY_CROWDSEC_API_KEY", "")
|
|
t.Setenv("CHARON_SECURITY_CROWDSEC_API_KEY", "")
|
|
t.Setenv("CPM_SECURITY_CROWDSEC_API_KEY", "")
|
|
|
|
h := newTestCrowdsecHandler(t, OpenTestDB(t), &fakeExec{}, "/bin/false", t.TempDir())
|
|
r := gin.New()
|
|
g := r.Group("/api/v1")
|
|
h.RegisterRoutes(g)
|
|
|
|
w := httptest.NewRecorder()
|
|
req := httptest.NewRequest(http.MethodGet, "/api/v1/admin/crowdsec/bouncer/key", http.NoBody)
|
|
r.ServeHTTP(w, req)
|
|
require.Equal(t, http.StatusNotFound, w.Code)
|
|
}
|