cwhub: install --force repair tainted, non-installed items

crowdsecurity · Dec 22, 2023 · 2a29bd5 · 2a29bd5
1 parent b6f272d
commit 2a29bd5
Show file tree

Hide file tree

Showing 2 changed files with 13 additions and 1 deletion.
diff --git a/pkg/cwhub/itemupgrade.go b/pkg/cwhub/itemupgrade.go
@@ -101,7 +101,7 @@ func (i *Item) downloadLatest(overwrite bool, updateOnly bool) (string, error) {
 		}
 	}
 
-	if !i.State.Installed && updateOnly && i.State.Downloaded {
+	if !i.State.Installed && updateOnly && i.State.Downloaded && !overwrite {
 		i.hub.logger.Debugf("skipping upgrade of %s: not installed", i.Name)
 		return "", nil
 	}

diff --git a/test/bats/20_hub_items.bats b/test/bats/20_hub_items.bats
@@ -181,3 +181,15 @@ teardown() {
     rune -0 jq '.collections' <(output)
     assert_json '[]'
 }
+
+@test "tainted hub file, not enabled, install --force should repair" {
+    rune -0 cscli scenarios install crowdsecurity/ssh-bf
+    rune -0 cscli scenarios inspect crowdsecurity/ssh-bf -o json
+    local_path="$(jq -r '.local_path' <(output))"
+    echo >> "$local_path"
+    rm "$local_path"
+    rune -0 cscli scenarios install crowdsecurity/ssh-bf --force
+    rune -0 cscli scenarios inspect crowdsecurity/ssh-bf -o json
+    rune -0 jq -c '.tainted' <(output)
+    assert_output 'false'
+}