Claude Code Plugins

Community-maintained marketplace

Feedback

integration-test-crowdsec

@Wikid82/Charon
0
0

Test CrowdSec bouncer integration and IP blocking functionality

Install Skill

1Download skill
2Enable skills in Claude

Open claude.ai/settings/capabilities and find the "Skills" section

3Upload to Claude

Click "Upload skill" and select the downloaded ZIP file

Note: Please verify skill by going through its instructions before using it.

SKILL.md

name integration-test-crowdsec
version 1.0.0
description Test CrowdSec bouncer integration and IP blocking functionality
author Charon Project
license MIT
tags integration, security, crowdsec, ip-blocking, bouncer
compatibility [object Object]
requirements [object Object], [object Object]
environment_variables [object Object]
parameters [object Object]
outputs [object Object]
metadata [object Object]

Integration Test CrowdSec

Overview

Tests the CrowdSec bouncer integration for IP-based threat detection and blocking. This skill validates that the CrowdSec bouncer correctly synchronizes with the CrowdSec Local API (LAPI), retrieves and applies IP block decisions, and enforces security policies.

CrowdSec provides collaborative security with real-time threat intelligence sharing across the community.

Prerequisites

  • Docker 24.0 or higher installed and running
  • curl 7.0 or higher for API testing
  • Running CrowdSec LAPI container
  • Running Charon application with CrowdSec bouncer enabled
  • Network access between bouncer and LAPI

Usage

Basic Usage

Run CrowdSec bouncer integration tests:

cd /path/to/charon
.github/skills/scripts/skill-runner.sh integration-test-crowdsec

Verbose Mode

Run with detailed API interactions:

VERBOSE=1 .github/skills/scripts/skill-runner.sh integration-test-crowdsec

CI/CD Integration

For use in GitHub Actions workflows:

- name: Test CrowdSec Integration
  run: .github/skills/scripts/skill-runner.sh integration-test-crowdsec
  timeout-minutes: 7

Parameters

Parameter Type Required Default Description
verbose boolean No false Enable verbose output

Environment Variables

Variable Required Default Description
CROWDSEC_API_KEY No auto Bouncer API key (auto-generated if not set)
CROWDSEC_LAPI_URL No http://crowdsec:8080 CrowdSec LAPI endpoint
BOUNCER_SYNC_INTERVAL No 60 Decision sync interval in seconds

Outputs

Success Exit Code

  • 0: All CrowdSec integration tests passed

Error Exit Codes

  • 1: One or more tests failed
  • 2: CrowdSec LAPI not accessible
  • 3: Bouncer authentication failed
  • 4: Decision synchronization failed

Console Output

Example output:

=== Testing CrowdSec Bouncer Integration ===
✓ LAPI Connection: Successful
✓ Bouncer Authentication: Valid API Key
✓ Decision Retrieval: 5 active decisions
✓ IP Blocking: Blocked malicious IP (403 Forbidden)
✓ Legitimate IP: Allowed (200 OK)
✓ Decision Synchronization: Every 60s

All CrowdSec integration tests passed!

Test Coverage

This skill validates:

  1. LAPI Connectivity: Bouncer can reach CrowdSec Local API
  2. Authentication: Valid API key and successful bouncer registration
  3. Decision Retrieval: Fetching active IP block decisions
  4. IP Blocking: Correctly blocking malicious IPs
  5. Legitimate Traffic: Allowing non-blocked IPs
  6. Decision Synchronization: Regular updates from LAPI
  7. Graceful Degradation: Handling LAPI downtime

Examples

Example 1: Basic Execution

.github/skills/scripts/skill-runner.sh integration-test-crowdsec

Example 2: Custom API Key

CROWDSEC_API_KEY=my-bouncer-key \
  .github/skills/scripts/skill-runner.sh integration-test-crowdsec

Example 3: Custom LAPI URL

CROWDSEC_LAPI_URL=http://crowdsec-lapi:8080 \
  .github/skills/scripts/skill-runner.sh integration-test-crowdsec

Example 4: Fast Sync Interval

BOUNCER_SYNC_INTERVAL=30 VERBOSE=1 \
  .github/skills/scripts/skill-runner.sh integration-test-crowdsec

Error Handling

Common Errors

Error: Cannot connect to LAPI

Solution: Verify LAPI container is running: docker ps | grep crowdsec

Error: Authentication failed

Solution: Check API key is valid: docker exec crowdsec cscli bouncers list

Error: No decisions retrieved

Solution: Create test decisions: docker exec crowdsec cscli decisions add --ip 1.2.3.4

Error: Blocking not working

Solution: Check bouncer logs: docker logs charon-app | grep crowdsec

Debugging

  • LAPI Logs: docker logs $(docker ps -q -f name=crowdsec)
  • Bouncer Status: Check application logs for sync errors
  • Decision List: docker exec crowdsec cscli decisions list
  • Test Block: curl -H "X-Forwarded-For: 1.2.3.4" http://localhost:8080/

Related Skills

Notes

  • Execution Time: Medium execution (4-6 minutes)
  • Community Intelligence: Benefits from CrowdSec's global threat network
  • Performance: Minimal latency with in-memory decision caching
  • Scalability: Tested with thousands of concurrent decisions
  • Resilience: Continues working if LAPI is temporarily unavailable
  • Observability: Full metrics exposed for Prometheus/Grafana
  • Compliance: Supports GDPR-compliant threat intelligence

Last Updated: 2025-12-20 Maintained by: Charon Project Team Source: scripts/crowdsec_integration.sh