Add no-capi flag and review some logs (#1628)

* Add no-capi flag and review some logs
2022-07-01 16:56:13 +02:00 · 2022-07-01 16:56:13 +02:00 · 5f62d738fc
parent 492e0dfeb1
commit 5f62d738fc
7 changed files with 36 additions and 8 deletions
--- a/cmd/crowdsec/main.go
+++ b/cmd/crowdsec/main.go
@ -66,6 +66,7 @@ type Flags struct {
 	DisableAgent   bool
 	DisableAPI     bool
 	WinSvc         string
+	DisableCAPI    bool
 }

 type labelsMap map[string]string
@ -192,6 +193,7 @@ func (f *Flags) Parse() {
 	flag.BoolVar(&f.TestMode, "t", false, "only test configs")
 	flag.BoolVar(&f.DisableAgent, "no-cs", false, "disable crowdsec agent")
 	flag.BoolVar(&f.DisableAPI, "no-api", false, "disable local API")
+	flag.BoolVar(&f.DisableCAPI, "no-capi", false, "disable communication with Central API")
 	flag.StringVar(&f.WinSvc, "winsvc", "", "Windows service Action : Install, Remove etc..")
 	flag.StringVar(&dumpFolder, "dump-data", "", "dump parsers/buckets raw outputs")
 	flag.Parse()
--- a/cmd/crowdsec/serve.go
+++ b/cmd/crowdsec/serve.go
@ -67,6 +67,10 @@ func reloadHandler(sig os.Signal, cConfig *csconfig.Config) error {
 	}

 	if !cConfig.DisableAPI {
+		if flags.DisableCAPI {
+			log.Warningf("Communication with CrowdSec Central API disabled from args")
+			cConfig.API.Server.OnlineClient = nil
+		}
 		apiServer, err := initAPIServer(cConfig)
 		if err != nil {
 			return errors.Wrap(err, "unable to init api server")
@ -250,6 +254,13 @@ func Serve(cConfig *csconfig.Config, apiReady chan bool, agentReady chan bool) e
 	}

 	if !cConfig.DisableAPI {
+		if cConfig.API.Server.OnlineClient == nil || cConfig.API.Server.OnlineClient.Credentials == nil {
+			log.Warningf("Communication with CrowdSec Central API disabled from configuration file")
+		}
+		if flags.DisableCAPI {
+			log.Warningf("Communication with CrowdSec Central API disabled from args")
+			cConfig.API.Server.OnlineClient = nil
+		}
 		apiServer, err := initAPIServer(cConfig)
 		if err != nil {
 			return errors.Wrap(err, "api server init")
--- a/pkg/apiserver/apic.go
+++ b/pkg/apiserver/apic.go
@ -131,7 +131,7 @@ func (a *apic) Push() error {

 	var cache models.AddSignalsRequest
 	ticker := time.NewTicker(a.pushInterval)
-	log.Infof("start crowdsec api push (interval: %s)", PushInterval)
+	log.Infof("Start push to CrowdSec Central API (interval: %s)", PushInterval)

 	for {
 		select {
@ -463,7 +463,7 @@ func setAlertScenario(add_counters map[string]map[string]int, delete_counters ma

 func (a *apic) Pull() error {
 	defer types.CatchPanic("lapi/pullFromAPIC")
-	log.Infof("start crowdsec api pull (interval: %s)", PullInterval)
+	log.Infof("Start pull from CrowdSec Central API (interval: %s)", PullInterval)

 	toldOnce := false
 	for {
@ -553,7 +553,7 @@ func (a *apic) SendMetrics() error {
 		log.Errorf("unable to send metrics (%s), will retry", err)
 	}
 	log.Infof("capi metrics: metrics sent successfully")
-	log.Infof("start crowdsec api send metrics (interval: %s)", MetricsInterval)
+	log.Infof("Start send metrics to CrowdSec Central API (interval: %s)", MetricsInterval)
 	ticker := time.NewTicker(a.metricsInterval)
 	for {
 		select {
--- a/pkg/apiserver/apiserver.go
+++ b/pkg/apiserver/apiserver.go
@ -323,6 +323,7 @@ func (s *APIServer) Run(apiReady chan bool) error {
 	s.httpServerTomb.Go(func() error {
 		go func() {
 			apiReady <- true
+			log.Infof("CrowdSec Local API listening on %s", s.URL)
 			if s.TLS != nil && s.TLS.CertFilePath != "" && s.TLS.KeyFilePath != "" {
 				if err := s.httpServer.ListenAndServeTLS(s.TLS.CertFilePath, s.TLS.KeyFilePath); err != nil {
 					log.Fatal(err)
--- a/pkg/parser/stage.go
+++ b/pkg/parser/stage.go
@ -122,14 +122,14 @@ func LoadStages(stageFiles []Stagefile, pctx *UnixParserCtx, ectx EnricherCtx) (
 			nodes = append(nodes, node)
 			nodesCount++
 		}
-		log.WithFields(log.Fields{"file": stageFile.Filename}).Infof("Loaded %d parser nodes", nodesCount)
+		log.WithFields(log.Fields{"file": stageFile.Filename, "stage": stageFile.Stage}).Infof("Loaded %d parser nodes", nodesCount)
 	}

 	for k := range tmpstages {
 		pctx.Stages = append(pctx.Stages, k)
 	}
 	sort.Strings(pctx.Stages)
-	log.Infof("Loaded %d nodes, %d stages", len(nodes), len(pctx.Stages))
+	log.Infof("Loaded %d nodes from %d stages", len(nodes), len(pctx.Stages))

 	return nodes, nil
 }
--- a/pkg/parser/unix_parser.go
+++ b/pkg/parser/unix_parser.go
@ -77,15 +77,20 @@ func LoadParsers(cConfig *csconfig.Config, parsers *Parsers) (*Parsers, error) {
 	 Load the actual parsers
 	*/

-	log.Infof("Loading parsers %d stages", len(parsers.StageFiles))
+	log.Infof("Loading parsers from %d files", len(parsers.StageFiles))

 	parsers.Nodes, err = LoadStages(parsers.StageFiles, parsers.Ctx, parsers.EnricherCtx)
 	if err != nil {
 		return parsers, fmt.Errorf("failed to load parser config : %v", err)
 	}

-	log.Infof("Loading postoverflow Parsers")
-	parsers.Povfwnodes, err = LoadStages(parsers.PovfwStageFiles, parsers.Povfwctx, parsers.EnricherCtx)
+	if len(parsers.PovfwStageFiles) > 0 {
+		log.Infof("Loading postoverflow parsers")
+		parsers.Povfwnodes, err = LoadStages(parsers.PovfwStageFiles, parsers.Povfwctx, parsers.EnricherCtx)
+	} else {
+		parsers.Povfwnodes = []Node{}
+		log.Infof("No postoverflow parsers to load")
+	}

 	if err != nil {
 		return parsers, fmt.Errorf("failed to load postoverflow config : %v", err)
--- a/tests/bats/04_nocapi.bats
+++ b/tests/bats/04_nocapi.bats
@ -28,6 +28,15 @@ config_disable_capi() {
    yq e 'del(.api.server.online_client)' -i "${CONFIG_YAML}"
 }

+@test "without capi: crowdsec LAPI should run without capi (-no-capi flag)" {
+    yq e '.common.log_media="stdout"' -i "${CONFIG_YAML}"
+
+    run -124 --separate-stderr timeout 1s "${CROWDSEC}" -no-capi
+
+    run -0 echo "${stderr}"
+    assert_output --partial "Communication with CrowdSec Central API disabled from args"
+}
+
@test "without capi: crowdsec LAPI should still work" {
    config_disable_capi
    run -124 --separate-stderr timeout 1s "${CROWDSEC}"