crowdsec/cmd/crowdsec-cli/capi.go

package main

import (
	"context"
	"fmt"
	"io/ioutil"
	"net/url"

	"github.com/crowdsecurity/crowdsec/pkg/apiclient"
	"github.com/crowdsecurity/crowdsec/pkg/csconfig"
	"github.com/crowdsecurity/crowdsec/pkg/cwhub"
	"github.com/crowdsecurity/crowdsec/pkg/cwversion"
	"github.com/crowdsecurity/crowdsec/pkg/models"
	"github.com/go-openapi/strfmt"
	"github.com/pkg/errors"
	log "github.com/sirupsen/logrus"
	"github.com/spf13/cobra"

	"gopkg.in/yaml.v2"
)

var CAPIURLPrefix string = "v2"
var CAPIBaseURL string = "https://api.crowdsec.net/"
var capiUserPrefix string

func NewCapiCmd() *cobra.Command {
	var cmdCapi = &cobra.Command{
		Use:               "capi [action]",
		Short:             "Manage interaction with Central API (CAPI)",
		Args:              cobra.MinimumNArgs(1),
		DisableAutoGenTag: true,
		PersistentPreRunE: func(cmd *cobra.Command, args []string) error {
			if err := csConfig.LoadAPIServer(); err != nil || csConfig.DisableAPI {
				return errors.Wrap(err, "Local API is disabled, please run this command on the local API machine")
			}
			if csConfig.API.Server.OnlineClient == nil {
				log.Fatalf("no configuration for Central API in '%s'", *csConfig.FilePath)
			}

			return nil
		},
	}

	var cmdCapiRegister = &cobra.Command{
		Use:               "register",
		Short:             "Register to Central API (CAPI)",
		Args:              cobra.MinimumNArgs(0),
		DisableAutoGenTag: true,
		Run: func(cmd *cobra.Command, args []string) {
			var err error
			capiUser, err := generateID(capiUserPrefix)
			if err != nil {
				log.Fatalf("unable to generate machine id: %s", err)
			}
			password := strfmt.Password(generatePassword(passwordLength))
			apiurl, err := url.Parse(CAPIBaseURL)
			if err != nil {
				log.Fatalf("unable to parse api url %s : %s", CAPIBaseURL, err)
			}
			_, err = apiclient.RegisterClient(&apiclient.Config{
				MachineID:     capiUser,
				Password:      password,
				UserAgent:     fmt.Sprintf("crowdsec/%s", cwversion.VersionStr()),
				URL:           apiurl,
				VersionPrefix: CAPIURLPrefix,
			}, nil)

			if err != nil {
				log.Fatalf("api client register ('%s'): %s", CAPIBaseURL, err)
			}
			log.Printf("Successfully registered to Central API (CAPI)")

			var dumpFile string

			if outputFile != "" {
				dumpFile = outputFile
			} else if csConfig.API.Server.OnlineClient.CredentialsFilePath != "" {
				dumpFile = csConfig.API.Server.OnlineClient.CredentialsFilePath
			} else {
				dumpFile = ""
			}
			apiCfg := csconfig.ApiCredentialsCfg{
				Login:    capiUser,
				Password: password.String(),
				URL:      CAPIBaseURL,
			}
			apiConfigDump, err := yaml.Marshal(apiCfg)
			if err != nil {
				log.Fatalf("unable to marshal api credentials: %s", err)
			}
			if dumpFile != "" {
				err = ioutil.WriteFile(dumpFile, apiConfigDump, 0600)
				if err != nil {
					log.Fatalf("write api credentials in '%s' failed: %s", dumpFile, err)
				}
				log.Printf("Central API credentials dumped to '%s'", dumpFile)
			} else {
				fmt.Printf("%s\n", string(apiConfigDump))
			}

			log.Warning(ReloadMessage())
		},
	}
	cmdCapiRegister.Flags().StringVarP(&outputFile, "file", "f", "", "output file destination")
	cmdCapiRegister.Flags().StringVar(&capiUserPrefix, "schmilblick", "", "set a schmilblick (use in tests only)")
	if err := cmdCapiRegister.Flags().MarkHidden("schmilblick"); err != nil {
		log.Fatalf("failed to hide flag: %s", err)
	}
	cmdCapi.AddCommand(cmdCapiRegister)

	var cmdCapiStatus = &cobra.Command{
		Use:               "status",
		Short:             "Check status with the Central API (CAPI)",
		Args:              cobra.MinimumNArgs(0),
		DisableAutoGenTag: true,
		Run: func(cmd *cobra.Command, args []string) {
			var err error
			if csConfig.API.Server == nil {
				log.Fatalln("There is no configuration on 'api.server:'")
			}
			if csConfig.API.Server.OnlineClient == nil {
				log.Fatalf("Please provide credentials for the Central API (CAPI) in '%s'", csConfig.API.Server.OnlineClient.CredentialsFilePath)
			}

			if csConfig.API.Server.OnlineClient.Credentials == nil {
				log.Fatalf("no credentials for Central API (CAPI) in '%s'", csConfig.API.Server.OnlineClient.CredentialsFilePath)
			}

			password := strfmt.Password(csConfig.API.Server.OnlineClient.Credentials.Password)
			apiurl, err := url.Parse(csConfig.API.Server.OnlineClient.Credentials.URL)
			if err != nil {
				log.Fatalf("parsing api url ('%s'): %s", csConfig.API.Server.OnlineClient.Credentials.URL, err)
			}

			if err := csConfig.LoadHub(); err != nil {
				log.Fatal(err)
			}

			if err := cwhub.GetHubIdx(csConfig.Hub); err != nil {
				log.Info("Run 'sudo cscli hub update' to get the hub index")
				log.Fatalf("Failed to load hub index : %s", err)
			}
			scenarios, err := cwhub.GetInstalledScenariosAsString()
			if err != nil {
				log.Fatalf("failed to get scenarios : %s", err)
			}
			if len(scenarios) == 0 {
				log.Fatalf("no scenarios installed, abort")
			}

			Client, err = apiclient.NewDefaultClient(apiurl, CAPIURLPrefix, fmt.Sprintf("crowdsec/%s", cwversion.VersionStr()), nil)
			if err != nil {
				log.Fatalf("init default client: %s", err)
			}
			t := models.WatcherAuthRequest{
				MachineID: &csConfig.API.Server.OnlineClient.Credentials.Login,
				Password:  &password,
				Scenarios: scenarios,
			}
			log.Infof("Loaded credentials from %s", csConfig.API.Server.OnlineClient.CredentialsFilePath)
			log.Infof("Trying to authenticate with username %s on %s", csConfig.API.Server.OnlineClient.Credentials.Login, apiurl)
			_, err = Client.Auth.AuthenticateWatcher(context.Background(), t)
			if err != nil {
				log.Fatalf("Failed to authenticate to Central API (CAPI) : %s", err)
			}
			log.Infof("You can successfully interact with Central API (CAPI)")
		},
	}
	cmdCapi.AddCommand(cmdCapiStatus)

	return cmdCapi
}
local api (#482) Co-authored-by: AlteredCoder Co-authored-by: erenJag 2020-11-30 09:37:17 +00:00			`package main`

			`import (`
			`"context"`
			`"fmt"`
			`"io/ioutil"`
			`"net/url"`

			`"github.com/crowdsecurity/crowdsec/pkg/apiclient"`
			`"github.com/crowdsecurity/crowdsec/pkg/csconfig"`
			`"github.com/crowdsecurity/crowdsec/pkg/cwhub"`
			`"github.com/crowdsecurity/crowdsec/pkg/cwversion"`
			`"github.com/crowdsecurity/crowdsec/pkg/models"`
			`"github.com/go-openapi/strfmt"`
fixed coverage reporting for functional tests; added cscli (#1568) 2022-05-31 08:01:30 +00:00			`"github.com/pkg/errors"`
local api (#482) Co-authored-by: AlteredCoder Co-authored-by: erenJag 2020-11-30 09:37:17 +00:00			`log "github.com/sirupsen/logrus"`
			`"github.com/spf13/cobra"`

			`"gopkg.in/yaml.v2"`
			`)`

			`var CAPIURLPrefix string = "v2"`
			`var CAPIBaseURL string = "https://api.crowdsec.net/"`
allow capi register in functional tests (#1384) 2022-03-24 10:07:54 +00:00			`var capiUserPrefix string`
local api (#482) Co-authored-by: AlteredCoder Co-authored-by: erenJag 2020-11-30 09:37:17 +00:00
			`func NewCapiCmd() *cobra.Command {`
			`var cmdCapi = &cobra.Command{`
Update `cscli doc` for docusaurus (#924) 2021-08-31 13:03:47 +00:00			`Use: "capi [action]",`
			`Short: "Manage interaction with Central API (CAPI)",`
			`Args: cobra.MinimumNArgs(1),`
			`DisableAutoGenTag: true,`
local api (#482) Co-authored-by: AlteredCoder Co-authored-by: erenJag 2020-11-30 09:37:17 +00:00			`PersistentPreRunE: func(cmd *cobra.Command, args []string) error {`
`cscli machines\|bouncers\|dashboard` error message clarification (#754) 2021-04-16 08:50:08 +00:00			`if err := csConfig.LoadAPIServer(); err != nil \|\| csConfig.DisableAPI {`
fixed coverage reporting for functional tests; added cscli (#1568) 2022-05-31 08:01:30 +00:00			`return errors.Wrap(err, "Local API is disabled, please run this command on the local API machine")`
local api (#482) Co-authored-by: AlteredCoder Co-authored-by: erenJag 2020-11-30 09:37:17 +00:00			`}`
			`if csConfig.API.Server.OnlineClient == nil {`
Minor changes to specific logs (#900) - Minor changes to specific logs - Fix LAPI to not push signals to CAPI when disabled #907 2021-08-25 16:30:05 +00:00			`log.Fatalf("no configuration for Central API in '%s'", *csConfig.FilePath)`
local api (#482) Co-authored-by: AlteredCoder Co-authored-by: erenJag 2020-11-30 09:37:17 +00:00			`}`

			`return nil`
			`},`
			`}`

			`var cmdCapiRegister = &cobra.Command{`
Update `cscli doc` for docusaurus (#924) 2021-08-31 13:03:47 +00:00			`Use: "register",`
			`Short: "Register to Central API (CAPI)",`
			`Args: cobra.MinimumNArgs(0),`
			`DisableAutoGenTag: true,`
local api (#482) Co-authored-by: AlteredCoder Co-authored-by: erenJag 2020-11-30 09:37:17 +00:00			`Run: func(cmd *cobra.Command, args []string) {`
			`var err error`
allow capi register in functional tests (#1384) 2022-03-24 10:07:54 +00:00			`capiUser, err := generateID(capiUserPrefix)`
local api (#482) Co-authored-by: AlteredCoder Co-authored-by: erenJag 2020-11-30 09:37:17 +00:00			`if err != nil {`
			`log.Fatalf("unable to generate machine id: %s", err)`
			`}`
			`password := strfmt.Password(generatePassword(passwordLength))`
			`apiurl, err := url.Parse(CAPIBaseURL)`
			`if err != nil {`
			`log.Fatalf("unable to parse api url %s : %s", CAPIBaseURL, err)`
			`}`
			`_, err = apiclient.RegisterClient(&apiclient.Config{`
allow capi register in functional tests (#1384) 2022-03-24 10:07:54 +00:00			`MachineID: capiUser,`
local api (#482) Co-authored-by: AlteredCoder Co-authored-by: erenJag 2020-11-30 09:37:17 +00:00			`Password: password,`
			`UserAgent: fmt.Sprintf("crowdsec/%s", cwversion.VersionStr()),`
			`URL: apiurl,`
			`VersionPrefix: CAPIURLPrefix,`
			`}, nil)`

			`if err != nil {`
			`log.Fatalf("api client register ('%s'): %s", CAPIBaseURL, err)`
			`}`
			`log.Printf("Successfully registered to Central API (CAPI)")`

			`var dumpFile string`

			`if outputFile != "" {`
			`dumpFile = outputFile`
			`} else if csConfig.API.Server.OnlineClient.CredentialsFilePath != "" {`
			`dumpFile = csConfig.API.Server.OnlineClient.CredentialsFilePath`
			`} else {`
			`dumpFile = ""`
			`}`
			`apiCfg := csconfig.ApiCredentialsCfg{`
allow capi register in functional tests (#1384) 2022-03-24 10:07:54 +00:00			`Login: capiUser,`
local api (#482) Co-authored-by: AlteredCoder Co-authored-by: erenJag 2020-11-30 09:37:17 +00:00			`Password: password.String(),`
			`URL: CAPIBaseURL,`
			`}`
			`apiConfigDump, err := yaml.Marshal(apiCfg)`
			`if err != nil {`
			`log.Fatalf("unable to marshal api credentials: %s", err)`
			`}`
			`if dumpFile != "" {`
			`err = ioutil.WriteFile(dumpFile, apiConfigDump, 0600)`
			`if err != nil {`
			`log.Fatalf("write api credentials in '%s' failed: %s", dumpFile, err)`
			`}`
improve logging in cscli and wizard (#643) 2021-02-25 10:20:36 +00:00			`log.Printf("Central API credentials dumped to '%s'", dumpFile)`
local api (#482) Co-authored-by: AlteredCoder Co-authored-by: erenJag 2020-11-30 09:37:17 +00:00			`} else {`
			`fmt.Printf("%s\n", string(apiConfigDump))`
			`}`

added flag crowdsec --warning (#1461) 2022-06-22 07:38:23 +00:00			`log.Warning(ReloadMessage())`
local api (#482) Co-authored-by: AlteredCoder Co-authored-by: erenJag 2020-11-30 09:37:17 +00:00			`},`
			`}`
			`cmdCapiRegister.Flags().StringVarP(&outputFile, "file", "f", "", "output file destination")`
allow capi register in functional tests (#1384) 2022-03-24 10:07:54 +00:00			`cmdCapiRegister.Flags().StringVar(&capiUserPrefix, "schmilblick", "", "set a schmilblick (use in tests only)")`
functional tests, minor refactoring and lint/cleanup (#1570) * cmd/crowdsec: removed log.Fatal()s, added tests and print error for unrecognized argument * updated golangci-lint to v1.46 * lint/deadcode: fix existing issues * tests: cscli config backup/restore * tests: cscli completion powershell/fish * err check: pflags MarkHidden() * empty .dockerignore (and explain the reason) * tests, errors.Wrap * test for CS_LAPI_SECRET and minor refactoring * minor style changes * log cleanup 2022-06-06 13:24:48 +00:00			`if err := cmdCapiRegister.Flags().MarkHidden("schmilblick"); err != nil {`
			`log.Fatalf("failed to hide flag: %s", err)`
			`}`
local api (#482) Co-authored-by: AlteredCoder Co-authored-by: erenJag 2020-11-30 09:37:17 +00:00			`cmdCapi.AddCommand(cmdCapiRegister)`

			`var cmdCapiStatus = &cobra.Command{`
Update `cscli doc` for docusaurus (#924) 2021-08-31 13:03:47 +00:00			`Use: "status",`
			`Short: "Check status with the Central API (CAPI)",`
			`Args: cobra.MinimumNArgs(0),`
			`DisableAutoGenTag: true,`
local api (#482) Co-authored-by: AlteredCoder Co-authored-by: erenJag 2020-11-30 09:37:17 +00:00			`Run: func(cmd *cobra.Command, args []string) {`
			`var err error`
			`if csConfig.API.Server == nil {`
fixed coverage reporting for functional tests; added cscli (#1568) 2022-05-31 08:01:30 +00:00			`log.Fatalln("There is no configuration on 'api.server:'")`
local api (#482) Co-authored-by: AlteredCoder Co-authored-by: erenJag 2020-11-30 09:37:17 +00:00			`}`
			`if csConfig.API.Server.OnlineClient == nil {`
Minor changes to specific logs (#900) - Minor changes to specific logs - Fix LAPI to not push signals to CAPI when disabled #907 2021-08-25 16:30:05 +00:00			`log.Fatalf("Please provide credentials for the Central API (CAPI) in '%s'", csConfig.API.Server.OnlineClient.CredentialsFilePath)`
local api (#482) Co-authored-by: AlteredCoder Co-authored-by: erenJag 2020-11-30 09:37:17 +00:00			`}`

			`if csConfig.API.Server.OnlineClient.Credentials == nil {`
Minor changes to specific logs (#900) - Minor changes to specific logs - Fix LAPI to not push signals to CAPI when disabled #907 2021-08-25 16:30:05 +00:00			`log.Fatalf("no credentials for Central API (CAPI) in '%s'", csConfig.API.Server.OnlineClient.CredentialsFilePath)`
local api (#482) Co-authored-by: AlteredCoder Co-authored-by: erenJag 2020-11-30 09:37:17 +00:00			`}`

			`password := strfmt.Password(csConfig.API.Server.OnlineClient.Credentials.Password)`
			`apiurl, err := url.Parse(csConfig.API.Server.OnlineClient.Credentials.URL)`
			`if err != nil {`
			`log.Fatalf("parsing api url ('%s'): %s", csConfig.API.Server.OnlineClient.Credentials.URL, err)`
			`}`
Refactor configuration management (#698) 2021-03-24 17:16:17 +00:00
			`if err := csConfig.LoadHub(); err != nil {`
functional tests, minor refactoring and lint/cleanup (#1570) * cmd/crowdsec: removed log.Fatal()s, added tests and print error for unrecognized argument * updated golangci-lint to v1.46 * lint/deadcode: fix existing issues * tests: cscli config backup/restore * tests: cscli completion powershell/fish * err check: pflags MarkHidden() * empty .dockerignore (and explain the reason) * tests, errors.Wrap * test for CS_LAPI_SECRET and minor refactoring * minor style changes * log cleanup 2022-06-06 13:24:48 +00:00			`log.Fatal(err)`
Refactor configuration management (#698) 2021-03-24 17:16:17 +00:00			`}`

			`if err := cwhub.GetHubIdx(csConfig.Hub); err != nil {`
functional tests, minor refactoring and lint/cleanup (#1570) * cmd/crowdsec: removed log.Fatal()s, added tests and print error for unrecognized argument * updated golangci-lint to v1.46 * lint/deadcode: fix existing issues * tests: cscli config backup/restore * tests: cscli completion powershell/fish * err check: pflags MarkHidden() * empty .dockerignore (and explain the reason) * tests, errors.Wrap * test for CS_LAPI_SECRET and minor refactoring * minor style changes * log cleanup 2022-06-06 13:24:48 +00:00			`log.Info("Run 'sudo cscli hub update' to get the hub index")`
fixed coverage reporting for functional tests; added cscli (#1568) 2022-05-31 08:01:30 +00:00			`log.Fatalf("Failed to load hub index : %s", err)`
local api (#482) Co-authored-by: AlteredCoder Co-authored-by: erenJag 2020-11-30 09:37:17 +00:00			`}`
Send all installed scenario to LAPI (#1277) 2022-04-13 15:48:29 +00:00			`scenarios, err := cwhub.GetInstalledScenariosAsString()`
local api (#482) Co-authored-by: AlteredCoder Co-authored-by: erenJag 2020-11-30 09:37:17 +00:00			`if err != nil {`
simplify err.Error() to err when used in printf context (#1603) 2022-06-22 13:53:53 +00:00			`log.Fatalf("failed to get scenarios : %s", err)`
local api (#482) Co-authored-by: AlteredCoder Co-authored-by: erenJag 2020-11-30 09:37:17 +00:00			`}`
don't try to login with zero scenarios (#627) 2021-02-18 08:59:28 +00:00			`if len(scenarios) == 0 {`
			`log.Fatalf("no scenarios installed, abort")`
			`}`
local api (#482) Co-authored-by: AlteredCoder Co-authored-by: erenJag 2020-11-30 09:37:17 +00:00
			`Client, err = apiclient.NewDefaultClient(apiurl, CAPIURLPrefix, fmt.Sprintf("crowdsec/%s", cwversion.VersionStr()), nil)`
			`if err != nil {`
			`log.Fatalf("init default client: %s", err)`
			`}`
			`t := models.WatcherAuthRequest{`
			`MachineID: &csConfig.API.Server.OnlineClient.Credentials.Login,`
			`Password: &password,`
			`Scenarios: scenarios,`
			`}`
			`log.Infof("Loaded credentials from %s", csConfig.API.Server.OnlineClient.CredentialsFilePath)`
			`log.Infof("Trying to authenticate with username %s on %s", csConfig.API.Server.OnlineClient.Credentials.Login, apiurl)`
switch to utc time everywhere (#1167) * switch to utc time everywhere Co-authored-by: alteredCoder <kevin@crowdsec.net> 2022-01-19 13:56:05 +00:00			`_, err = Client.Auth.AuthenticateWatcher(context.Background(), t)`
local api (#482) Co-authored-by: AlteredCoder Co-authored-by: erenJag 2020-11-30 09:37:17 +00:00			`if err != nil {`
			`log.Fatalf("Failed to authenticate to Central API (CAPI) : %s", err)`
			`}`
local control flow cleanup (#1215) removed redundant/unreachable returns, else branches, type declarations, unused variables 2022-02-01 21:08:06 +00:00			`log.Infof("You can successfully interact with Central API (CAPI)")`
local api (#482) Co-authored-by: AlteredCoder Co-authored-by: erenJag 2020-11-30 09:37:17 +00:00			`},`
			`}`
			`cmdCapi.AddCommand(cmdCapiStatus)`
add `console enroll` command to cscli (#828) 2021-06-28 15:34:19 +00:00
local api (#482) Co-authored-by: AlteredCoder Co-authored-by: erenJag 2020-11-30 09:37:17 +00:00			`return cmdCapi`
			`}`