akanealw/Charon
1
0
Fork 0
Code Issues Pull Requests Actions 16 Packages Projects Releases Wiki Activity
Files
eec8c28fb3c2e8c0bc387bb3139184b8d67f1b21
Charon/docs/issues/created/20260203-crowdsec-console-enrollment-manual-test.md
akanealw eec8c28fb3
Some checks are pending
Go Benchmark / Performance Regression Check (push) Waiting to run
Details
Cerberus Integration / Cerberus Security Stack Integration (push) Waiting to run
Details
Upload Coverage to Codecov / Backend Codecov Upload (push) Waiting to run
Details
Upload Coverage to Codecov / Frontend Codecov Upload (push) Waiting to run
Details
CodeQL - Analyze / CodeQL analysis (go) (push) Waiting to run
Details
CodeQL - Analyze / CodeQL analysis (javascript-typescript) (push) Waiting to run
Details
CrowdSec Integration / CrowdSec Bouncer Integration (push) Waiting to run
Details
Docker Build, Publish & Test / build-and-push (push) Waiting to run
Details
Docker Build, Publish & Test / Security Scan PR Image (push) Blocked by required conditions
Details
Quality Checks / Auth Route Protection Contract (push) Waiting to run
Details
Quality Checks / Codecov Trigger/Comment Parity Guard (push) Waiting to run
Details
Quality Checks / Backend (Go) (push) Waiting to run
Details
Quality Checks / Frontend (React) (push) Waiting to run
Details
Rate Limit integration / Rate Limiting Integration (push) Waiting to run
Details
Security Scan (PR) / Trivy Binary Scan (push) Waiting to run
Details
Supply Chain Verification (PR) / Verify Supply Chain (push) Waiting to run
Details
WAF integration / Coraza WAF Integration (push) Waiting to run
Details
changed perms
2026-04-22 18:19:14 +00:00

103 lines
3.4 KiB
Markdown
Executable File
Raw Blame History

# Manual Test Plan: CrowdSec Console Enrollment
**Issue**: #586
**PR**: #609
**Date**: 2025-01-29
## Overview
This test plan covers manual verification of CrowdSec console enrollment functionality to ensure the engine appears online in the CrowdSec console after enrollment.
## Prerequisites
- Docker container running with CrowdSec enabled
- Valid CrowdSec console account
- Fresh enrollment token from console.crowdsec.net
## Test Cases
### TC1: Fresh Enrollment
| Step | Action | Expected Result |
|------|--------|-----------------|
| 1 | Navigate to Security → CrowdSec | CrowdSec settings page loads |
| 2 | Enable CrowdSec if not enabled | Toggle switches to enabled |
| 3 | Enter valid enrollment token | Token field accepts input |
| 4 | Click Enroll | Loading indicator appears |
| 5 | Wait for completion | Success message shown |
| 6 | Check CrowdSec console | Engine appears online within 5 minutes |
### TC2: Heartbeat Verification
| Step | Action | Expected Result |
|------|--------|-----------------|
| 1 | Complete TC1 enrollment | Engine enrolled |
| 2 | Wait 5 minutes | Heartbeat poller runs |
| 3 | Check logs for `[HEARTBEAT_POLLER]` | Heartbeat success logged |
| 4 | Check console.crowdsec.net | Last seen updates to recent time |
### TC3: Diagnostic Endpoints
| Step | Action | Expected Result |
|------|--------|-----------------|
| 1 | Call GET `/api/v1/cerberus/crowdsec/diagnostics/connectivity` | Returns connectivity status |
| 2 | Verify `lapi_reachable` is true | LAPI is running |
| 3 | Verify `capi_reachable` is true | Can reach CrowdSec cloud |
| 4 | Call GET `/api/v1/cerberus/crowdsec/diagnostics/config` | Returns config validation |
### TC4: Diagnostic Script
| Step | Action | Expected Result |
|------|--------|-----------------|
| 1 | Run `./scripts/diagnose-crowdsec.sh` | All 10 checks execute |
| 2 | Verify LAPI status check passes | Shows "running" |
| 3 | Verify console status check | Shows enrollment status |
| 4 | Run with `--json` flag | Valid JSON output |
### TC5: Recovery from Offline State
| Step | Action | Expected Result |
|------|--------|-----------------|
| 1 | Stop the container | Container stops |
| 2 | Wait 1 hour | Console shows engine offline |
| 3 | Restart container | Container starts |
| 4 | Wait 5-10 minutes | Heartbeat poller reconnects |
| 5 | Check console | Engine shows online again |
### TC6: Token Expiration Handling
| Step | Action | Expected Result |
|------|--------|-----------------|
| 1 | Use an expired enrollment token | |
| 2 | Attempt enrollment | Error message indicates token expired |
| 3 | Check logs | Error is logged with `[CROWDSEC_ENROLLMENT]` |
| 4 | Token is NOT visible in logs | Secret redacted |
### TC7: Already Enrolled Error
| Step | Action | Expected Result |
|------|--------|-----------------|
| 1 | Complete successful enrollment | |
| 2 | Attempt enrollment again with same token | |
| 3 | Error message indicates already enrolled | |
| 4 | Existing enrollment preserved | |
## Known Issues
- **Edge case**: If LAPI takes >30s to start after container restart, first heartbeat may fail (retries automatically)
- **Console lag**: CrowdSec console may take 2-5 minutes to reflect online status
## Bug Tracking
Use this section to track bugs found during manual testing:
| Bug ID | Description | Severity | Status |
|--------|-------------|----------|--------|
| | | | |
## Sign-off
- [ ] All test cases executed
- [ ] Bugs documented
- [ ] Ready for release
Reference in New Issue View Git Blame Copy Permalink