From a7ae44f981aff5cf850ab0422a2fa0a55aca57ad Mon Sep 17 00:00:00 2001 From: pemontto Date: Tue, 16 Apr 2019 17:25:44 +1000 Subject: [PATCH] Add docker test script --- .travis.yml | 3 +- tests/test-docker.sh | 90 ++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 92 insertions(+), 1 deletion(-) create mode 100755 tests/test-docker.sh diff --git a/.travis.yml b/.travis.yml index e7475e2..2627b5e 100644 --- a/.travis.yml +++ b/.travis.yml @@ -18,7 +18,7 @@ before_install: - mkdir -p ./data/es_snapshots - sudo chown -R 1000:1000 ./data/es* - docker build -t vulnwhisperer-local . - - docker-compose -f docker-compose-test.yml up + - docker-compose -f docker-compose-test.yml up -d install: - pip install -r requirements.txt - pip install flake8 # pytest # add another testing frameworks later @@ -48,6 +48,7 @@ script: # Test only qualy_vuln - rm -rf /tmp/VulnWhisperer - vuln_whisperer -c configs/test.ini -s qualys_vuln --mock --mock_dir ${TEST_PATH}; [[ $? -eq 1 ]] + - bash tests/test-docker.sh notifications: on_success: change on_failure: change # `always` will be the setting once code changes slow down diff --git a/tests/test-docker.sh b/tests/test-docker.sh new file mode 100755 index 0000000..14a7c47 --- /dev/null +++ b/tests/test-docker.sh @@ -0,0 +1,90 @@ +#!/usr/bin/env bash + +NORMAL=$(tput sgr0) +GREEN=$(tput setaf 2) +YELLOW=$(tput setaf 3) +RED=$(tput setaf 1) + +function red() { + echo -e "$RED$*$NORMAL" +} + +function green() { + echo -e "$GREEN$*$NORMAL" +} + +function yellow() { + echo -e "$YELLOW$*$NORMAL" +} + +elasticsearch_url="localhost:9200" +logstash_url="localhost:9600" + +until curl -s "$elasticsearch_url/_cluster/health?pretty" | grep '"status"' | grep -qE "green|yellow"; do + curl -s "$elasticsearch_url/_cluster/health?pretty" + yellow "\nWaiting for Elasticsearch..." + sleep 5 +done +curl -s "$elasticsearch_url/_cluster/health?pretty" + +until [[ $(curl -s "$logstash_url/_node/stats" | jq '.events.out') == 1236 ]] ; do + curl -s "$logstash_url/_node/stats" | jq '.events' + yellow "\nWaiting for Logstash load to finish..." + sleep 10 +done + +return_code=0 + +if [[ $(curl -s "$elasticsearch_url/logstash-vulnwhisperer-2019.03/_count" | jq '.count') == 1232 ]]; then + green "✅ Passed logstash-vulnwhisperer-2019.03 document count == 1232" +else + red "❌ Failed logstash-vulnwhisperer-2019.03 document count == 1232 was: $(curl -s "$elasticsearch_url/logstash-vulnwhisperer-2019.03/_count") instead" + ((return_code = return_code + 1)) +fi + +# Test Nessus plugin_name:Backported Security Patch Detection (FTP) +nessus_doc=$(curl -s "$elasticsearch_url/logstash-vulnwhisperer-2019.03/_search?q=plugin_name:%22Backported%20Security%20Patch%20Detection%20(FTP)%22%20AND%20asset:176.28.50.164%20AND%20tags:nessus" | jq '.hits.hits[]._source') +if echo $nessus_doc | jq '.risk' | grep -q "None"; then + green "✅ Passed Nessus risk == None" +else + red "❌ Failed Nessus risk == None was: $(echo $nessus_doc | jq '.risk') instead" + ((return_code = return_code + 1)) +fi + +# Test Tenable plugin_name:Backported Security Patch Detection (FTP) +tenable_doc=$(curl -s "$elasticsearch_url/logstash-vulnwhisperer-2019.03/_search?q=plugin_name:%22Backported%20Security%20Patch%20Detection%20(FTP)%22%20AND%20asset:176.28.50.164%20AND%20tags:tenable" | jq '.hits.hits[]._source') +# Test asset +if echo $tenable_doc | jq .asset | grep -q '176.28.50.164'; then + green "✅ Passed Tenable asset == 2019-03-30T10:17:41.000Z" +else + red "❌ Failed Tenable asset == 176.28.50.164 was: $(echo $tenable_doc | jq .asset) instead" + ((return_code = return_code + 1)) +fi + +# Test @timestamp +if echo $tenable_doc | jq '.["@timestamp"]' | grep -q '2019-03-30T15:45:44.000Z'; then + green "✅ Passed Tenable @timestamp == 2019-03-30T10:17:41.000Z" +else + red "❌ Failed Tenable @timestamp == 2019-03-30T15:45:44.000Z was: $(echo $tenable_doc | jq '.["@timestamp"]') instead" + ((return_code = return_code + 1)) +fi + +# Test Qualys plugin_name:OpenSSL Multiple Remote Security Vulnerabilities +qualys_vuln_doc=$(curl -s "$elasticsearch_url/logstash-vulnwhisperer-2019.03/_search?q=tags:qualys_vuln%20AND%20ip:%22176.28.50.164%22%20AND%20plugin_name:%22OpenSSL%20Multiple%20Remote%20Security%20Vulnerabilities%22%20AND%20port:465" | jq '.hits.hits[]._source') +# Test @timestamp +if echo $qualys_vuln_doc | jq '.["@timestamp"]' | grep -q '2019-03-30T10:17:41.000Z'; then + green "✅ Passed Qualys VM @timestamp == 2019-03-30T10:17:41.000Z" +else + red "❌ Failed Qualys VM @timestamp == 2019-03-30T10:17:41.000Z was: $(echo $qualys_vuln_doc | jq '.["@timestamp"]') instead" + ((return_code = return_code + 1)) +fi + +# Test @XXXX +if echo $qualys_vuln_doc | jq '.cvss' | grep -q '6.8'; then + green "✅ Passed Qualys VM cvss == 6.8" +else + red "❌ Failed Qualys VM cvss == 6.8 was: $(echo $qualys_vuln_doc | jq '.cvss') instead" + ((return_code = return_code + 1)) +fi + +exit $return_code