remove PAPI feature flag (#2601)

2023-12-08 14:55:45 +01:00 · 2023-12-08 14:55:45 +01:00 · 04f3dc09f9
parent c707b72b03
commit 04f3dc09f9
8 changed files with 58 additions and 71 deletions
--- a/cmd/crowdsec-cli/capi.go
+++ b/cmd/crowdsec-cli/capi.go
@ -16,7 +16,6 @@ import (
 	"github.com/crowdsecurity/crowdsec/pkg/apiclient"
 	"github.com/crowdsecurity/crowdsec/pkg/csconfig"
 	"github.com/crowdsecurity/crowdsec/pkg/cwhub"
-	"github.com/crowdsecurity/crowdsec/pkg/fflag"
 	"github.com/crowdsecurity/crowdsec/pkg/models"
 	"github.com/crowdsecurity/crowdsec/pkg/types"

@ -98,9 +97,6 @@ func NewCapiRegisterCmd() *cobra.Command {
 				Password: password.String(),
 				URL:      types.CAPIBaseURL,
 			}
-			if fflag.PapiClient.IsEnabled() {
-				apiCfg.PapiURL = types.PAPIBaseURL
-			}
 			apiConfigDump, err := yaml.Marshal(apiCfg)
 			if err != nil {
 				return fmt.Errorf("unable to marshal api credentials: %w", err)
--- a/cmd/crowdsec-cli/console.go
+++ b/cmd/crowdsec-cli/console.go
@ -20,7 +20,6 @@ import (
 	"github.com/crowdsecurity/crowdsec/pkg/apiclient"
 	"github.com/crowdsecurity/crowdsec/pkg/csconfig"
 	"github.com/crowdsecurity/crowdsec/pkg/cwhub"
-	"github.com/crowdsecurity/crowdsec/pkg/fflag"
 	"github.com/crowdsecurity/crowdsec/pkg/types"

 	"github.com/crowdsecurity/crowdsec/cmd/crowdsec-cli/require"
@ -189,11 +188,11 @@ Disable given information push to the central API.`,
 			case "json":
 				c := csConfig.API.Server.ConsoleConfig
 				out := map[string](*bool){
-					csconfig.SEND_MANUAL_SCENARIOS: c.ShareManualDecisions,
-					csconfig.SEND_CUSTOM_SCENARIOS: c.ShareCustomScenarios,
+					csconfig.SEND_MANUAL_SCENARIOS:  c.ShareManualDecisions,
+					csconfig.SEND_CUSTOM_SCENARIOS:  c.ShareCustomScenarios,
 					csconfig.SEND_TAINTED_SCENARIOS: c.ShareTaintedScenarios,
-					csconfig.SEND_CONTEXT: c.ShareContext,
-					csconfig.CONSOLE_MANAGEMENT: c.ConsoleManagement,
+					csconfig.SEND_CONTEXT:           c.ShareContext,
+					csconfig.CONSOLE_MANAGEMENT:     c.ConsoleManagement,
 				}
 				data, err := json.MarshalIndent(out, "", "  ")
 				if err != nil {
@ -252,9 +251,6 @@ func SetConsoleOpts(args []string, wanted bool) error {
 	for _, arg := range args {
 		switch arg {
 		case csconfig.CONSOLE_MANAGEMENT:
-			if !fflag.PapiClient.IsEnabled() {
-				continue
-			}
 			/*for each flag check if it's already set before setting it*/
 			if csConfig.API.Server.ConsoleConfig.ConsoleManagement != nil {
 				if *csConfig.API.Server.ConsoleConfig.ConsoleManagement == wanted {
--- a/cmd/crowdsec-cli/main.go
+++ b/cmd/crowdsec-cli/main.go
@ -242,7 +242,7 @@ It is meant to allow you to manage bans, parsers/scenarios/etc, api and generall
 	rootCmd.AddCommand(NewHubTestCmd())
 	rootCmd.AddCommand(NewCLINotifications().NewCommand())
 	rootCmd.AddCommand(NewCLISupport().NewCommand())
-
+	rootCmd.AddCommand(NewCLIPapi().NewCommand())
 	rootCmd.AddCommand(NewCollectionCLI().NewCommand())
 	rootCmd.AddCommand(NewParserCLI().NewCommand())
 	rootCmd.AddCommand(NewScenarioCLI().NewCommand())
--- a/pkg/apiserver/apiserver.go
+++ b/pkg/apiserver/apiserver.go
@ -29,7 +29,6 @@ import (
 	"github.com/crowdsecurity/crowdsec/pkg/csconfig"
 	"github.com/crowdsecurity/crowdsec/pkg/csplugin"
 	"github.com/crowdsecurity/crowdsec/pkg/database"
-	"github.com/crowdsecurity/crowdsec/pkg/fflag"
 	"github.com/crowdsecurity/crowdsec/pkg/types"
 )

@ -220,17 +219,15 @@ func NewServer(config *csconfig.LocalApiServerCfg) (*APIServer, error) {
 		log.Infof("CAPI manager configured successfully")
 		isMachineEnrolled = isEnrolled(apiClient.apiClient)
 		controller.AlertsAddChan = apiClient.AlertsAddChan
-		if fflag.PapiClient.IsEnabled() {
-			if isMachineEnrolled {
-				log.Infof("Machine is enrolled in the console, Loading PAPI Client")
-				papiClient, err = NewPAPI(apiClient, dbClient, config.ConsoleConfig, *config.PapiLogLevel)
-				if err != nil {
-					return nil, err
-				}
-				controller.DecisionDeleteChan = papiClient.Channels.DeleteDecisionChannel
-			} else {
-				log.Errorf("Machine is not enrolled in the console, can't synchronize with the console")
+		if isMachineEnrolled {
+			log.Infof("Machine is enrolled in the console, Loading PAPI Client")
+			papiClient, err = NewPAPI(apiClient, dbClient, config.ConsoleConfig, *config.PapiLogLevel)
+			if err != nil {
+				return nil, err
 			}
+			controller.DecisionDeleteChan = papiClient.Channels.DeleteDecisionChannel
+		} else {
+			log.Errorf("Machine is not enrolled in the console, can't synchronize with the console")
 		}
 	} else {
 		apiClient = nil
@ -357,31 +354,29 @@ func (s *APIServer) Run(apiReady chan bool) error {

 		//csConfig.API.Server.ConsoleConfig.ShareCustomScenarios
 		if s.isEnrolled {
-			if fflag.PapiClient.IsEnabled() {
-				if s.consoleConfig.ConsoleManagement != nil && *s.consoleConfig.ConsoleManagement {
-					if s.papi.URL != "" {
-						log.Infof("Starting PAPI decision receiver")
-						s.papi.pullTomb.Go(func() error {
-							if err := s.papi.Pull(); err != nil {
-								log.Errorf("papi pull: %s", err)
-								return err
-							}
-							return nil
-						})
+			if s.consoleConfig.ConsoleManagement != nil && *s.consoleConfig.ConsoleManagement {
+				if s.papi.URL != "" {
+					log.Infof("Starting PAPI decision receiver")
+					s.papi.pullTomb.Go(func() error {
+						if err := s.papi.Pull(); err != nil {
+							log.Errorf("papi pull: %s", err)
+							return err
+						}
+						return nil
+					})

-						s.papi.syncTomb.Go(func() error {
-							if err := s.papi.SyncDecisions(); err != nil {
-								log.Errorf("capi decisions sync: %s", err)
-								return err
-							}
-							return nil
-						})
-					} else {
-						log.Warnf("papi_url is not set in online_api_credentials.yaml, can't synchronize with the console. Run cscli console enable console_management to add it.")
-					}
+					s.papi.syncTomb.Go(func() error {
+						if err := s.papi.SyncDecisions(); err != nil {
+							log.Errorf("capi decisions sync: %s", err)
+							return err
+						}
+						return nil
+					})
 				} else {
-					log.Warningf("Machine is not allowed to synchronize decisions, you can enable it with `cscli console enable console_management`")
+					log.Warnf("papi_url is not set in online_api_credentials.yaml, can't synchronize with the console. Run cscli console enable console_management to add it.")
 				}
+			} else {
+				log.Warningf("Machine is not allowed to synchronize decisions, you can enable it with `cscli console enable console_management`")
 			}
 		}

--- a/pkg/csconfig/console.go
+++ b/pkg/csconfig/console.go
@ -8,8 +8,6 @@ import (
 	"gopkg.in/yaml.v2"

 	"github.com/crowdsecurity/go-cs-lib/ptr"
-
-	"github.com/crowdsecurity/crowdsec/pkg/fflag"
 )

 const (
@ -66,9 +64,7 @@ func (c *LocalApiServerCfg) LoadConsoleConfig() error {
 		c.ConsoleConfig.ShareManualDecisions = ptr.Of(false)
 	}

-	if !fflag.PapiClient.IsEnabled() {
-		c.ConsoleConfig.ConsoleManagement = ptr.Of(false)
-	} else if c.ConsoleConfig.ConsoleManagement == nil {
+	if c.ConsoleConfig.ConsoleManagement == nil {
 		log.Debugf("no console_management found, setting to false")
 		c.ConsoleConfig.ConsoleManagement = ptr.Of(false)
 	}
--- a/pkg/fflag/crowdsec.go
+++ b/pkg/fflag/crowdsec.go
@ -5,7 +5,7 @@ var Crowdsec = FeatureRegister{EnvPrefix: "CROWDSEC_FEATURE_"}
 var CscliSetup = &Feature{Name: "cscli_setup", Description: "Enable cscli setup command (service detection)"}
 var DisableHttpRetryBackoff = &Feature{Name: "disable_http_retry_backoff", Description: "Disable http retry backoff"}
 var ChunkedDecisionsStream = &Feature{Name: "chunked_decisions_stream", Description: "Enable chunked decisions stream"}
-var PapiClient = &Feature{Name: "papi_client", Description: "Enable Polling API client"}
+var PapiClient = &Feature{Name: "papi_client", Description: "Enable Polling API client", State: RetiredState}
 var Re2GrokSupport = &Feature{Name: "re2_grok_support", Description: "Enable RE2 support for GROK patterns"}
 var Re2RegexpInfileSupport = &Feature{Name: "re2_regexp_in_file_support", Description: "Enable RE2 support for RegexpInFile expr helper"}

--- a/pkg/longpollclient/client.go
+++ b/pkg/longpollclient/client.go
@ -193,26 +193,32 @@ func (c *LongPollClient) PullOnce(since time.Time) ([]Event, error) {
 	}
 	defer resp.Body.Close()
 	decoder := json.NewDecoder(resp.Body)
-	var pollResp pollResponse
-	err = decoder.Decode(&pollResp)
-	if err != nil {
-		if err == io.EOF {
-			c.logger.Debugf("server closed connection")
-			return nil, nil
+	evts := []Event{}
+	for {
+		var pollResp pollResponse
+		err = decoder.Decode(&pollResp)
+		if err != nil {
+			if err == io.EOF {
+				c.logger.Debugf("server closed connection")
+				break
+			}
+			log.Errorf("error decoding poll response: %v", err)
+			break
 		}
-		return nil, fmt.Errorf("error decoding poll response: %v", err)
-	}

-	c.logger.Tracef("got response: %+v", pollResp)
+		c.logger.Tracef("got response: %+v", pollResp)

-	if len(pollResp.ErrorMessage) > 0 {
-		if pollResp.ErrorMessage == timeoutMessage {
-			c.logger.Debugf("got timeout message")
-			return nil, nil
+		if len(pollResp.ErrorMessage) > 0 {
+			if pollResp.ErrorMessage == timeoutMessage {
+				c.logger.Debugf("got timeout message")
+				break
+			}
+			log.Errorf("longpoll API error message: %s", pollResp.ErrorMessage)
+			break
 		}
-		return nil, fmt.Errorf("longpoll API error message: %s", pollResp.ErrorMessage)
+		evts = append(evts, pollResp.Events...)
 	}
-	return pollResp.Events, nil
+	return evts, nil
 }

 func NewLongPollClient(config LongPollClientConfig) (*LongPollClient, error) {
--- a/test/bats/09_console.bats
+++ b/test/bats/09_console.bats
@ -72,9 +72,8 @@ setup() {
    assert_stderr --partial "manual already set to true"
    assert_stderr --partial "tainted already set to true"
    assert_stderr --partial "context already set to true"
-    assert_stderr --partial "All features have been enabled successfully"
-    CROWDSEC_FEATURE_PAPI_CLIENT=true rune -0 cscli console enable --all --debug
    assert_stderr --partial "console_management set to true"
+    assert_stderr --partial "All features have been enabled successfully"
    rune -1 cscli console enable tralala
    assert_stderr --partial "unknown flag tralala"
 }
@ -94,9 +93,8 @@ setup() {
    assert_stderr --partial "manual already set to false"
    assert_stderr --partial "tainted already set to false"
    assert_stderr --partial "context already set to false"
-    assert_stderr --partial "All features have been disabled"
-    CROWDSEC_FEATURE_PAPI_CLIENT=true rune -0 cscli console disable --all --debug
    assert_stderr --partial "console_management already set to false"
+    assert_stderr --partial "All features have been disabled"
    rune -1 cscli console disable tralala
    assert_stderr --partial "unknown flag tralala"
 }