beenull/crowdsec
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

refact "cscli simulation" (#2801)

Browse source
This commit is contained in:
mmetc 2024-02-01 17:26:46 +01:00 committed by GitHub
parent af14f1085f
commit 825c08aa9d
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
2 changed files with 86 additions and 86 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
cmd/crowdsec-cli/main.go
View file

@ -199,7 +199,7 @@ It is meant to allow you to manage bans, parsers/scenarios/etc, api and generall
cmd.AddCommand(NewCLIDashboard().NewCommand()) cmd.AddCommand(NewCLIDashboard().NewCommand())
cmd.AddCommand(NewCLIDecisions().NewCommand()) cmd.AddCommand(NewCLIDecisions().NewCommand())
cmd.AddCommand(NewCLIAlerts().NewCommand()) cmd.AddCommand(NewCLIAlerts().NewCommand())
cmd.AddCommand(NewCLISimulation().NewCommand()) cmd.AddCommand(NewCLISimulation(getconfig).NewCommand())
cmd.AddCommand(NewCLIBouncers(getconfig).NewCommand()) cmd.AddCommand(NewCLIBouncers(getconfig).NewCommand())
cmd.AddCommand(NewCLIMachines(getconfig).NewCommand()) cmd.AddCommand(NewCLIMachines(getconfig).NewCommand())
cmd.AddCommand(NewCLICapi().NewCommand()) cmd.AddCommand(NewCLICapi().NewCommand())

170
cmd/crowdsec-cli/simulation.go
View file

@ -13,13 +13,17 @@ import (
"github.com/crowdsecurity/crowdsec/pkg/cwhub" "github.com/crowdsecurity/crowdsec/pkg/cwhub"
) )
type cliSimulation struct{} type cliSimulation struct{
cfg configGetter
func NewCLISimulation() *cliSimulation {
return &cliSimulation{}
} }
func (cli cliSimulation) NewCommand() *cobra.Command { func NewCLISimulation(getconfig configGetter) *cliSimulation {
return &cliSimulation{
cfg: getconfig,
}
}
func (cli *cliSimulation) NewCommand() *cobra.Command {
cmd := &cobra.Command{ cmd := &cobra.Command{
Use: "simulation [command]", Use: "simulation [command]",
Short: "Manage simulation status of scenarios", Short: "Manage simulation status of scenarios",
@ -27,16 +31,16 @@ func (cli cliSimulation) NewCommand() *cobra.Command {
cscli simulation enable crowdsecurity/ssh-bf cscli simulation enable crowdsecurity/ssh-bf
cscli simulation disable crowdsecurity/ssh-bf`, cscli simulation disable crowdsecurity/ssh-bf`,
DisableAutoGenTag: true, DisableAutoGenTag: true,
PersistentPreRunE: func(cmd *cobra.Command, args []string) error { PersistentPreRunE: func(_ *cobra.Command, _ []string) error {
if err := csConfig.LoadSimulation(); err != nil { if err := cli.cfg().LoadSimulation(); err != nil {
log.Fatal(err) return err
} }
if csConfig.Cscli.SimulationConfig == nil { if cli.cfg().Cscli.SimulationConfig == nil {
return fmt.Errorf("no simulation configured") return fmt.Errorf("no simulation configured")
} }
return nil return nil
}, },
PersistentPostRun: func(cmd *cobra.Command, args []string) { PersistentPostRun: func(cmd *cobra.Command, _ []string) {
if cmd.Name() != "status" { if cmd.Name() != "status" {
log.Infof(ReloadMessage()) log.Infof(ReloadMessage())
} }
@ -52,7 +56,7 @@ cscli simulation disable crowdsecurity/ssh-bf`,
return cmd return cmd
} }
func (cli cliSimulation) NewEnableCmd() *cobra.Command { func (cli *cliSimulation) NewEnableCmd() *cobra.Command {
var forceGlobalSimulation bool var forceGlobalSimulation bool
cmd := &cobra.Command{ cmd := &cobra.Command{
@ -60,10 +64,10 @@ func (cli cliSimulation) NewEnableCmd() *cobra.Command {
Short: "Enable the simulation, globally or on specified scenarios", Short: "Enable the simulation, globally or on specified scenarios",
Example: `cscli simulation enable`, Example: `cscli simulation enable`,
DisableAutoGenTag: true, DisableAutoGenTag: true,
Run: func(cmd *cobra.Command, args []string) { RunE: func(cmd *cobra.Command, args []string) error {
hub, err := require.Hub(csConfig, nil, nil) hub, err := require.Hub(cli.cfg(), nil, nil)
if err != nil { if err != nil {
log.Fatal(err) return err
} }
if len(args) > 0 { if len(args) > 0 {
@ -76,37 +80,35 @@ func (cli cliSimulation) NewEnableCmd() *cobra.Command {
if !item.State.Installed { if !item.State.Installed {
log.Warningf("'%s' isn't enabled", scenario) log.Warningf("'%s' isn't enabled", scenario)
} }
isExcluded := slices.Contains(csConfig.Cscli.SimulationConfig.Exclusions, scenario) isExcluded := slices.Contains(cli.cfg().Cscli.SimulationConfig.Exclusions, scenario)
if *csConfig.Cscli.SimulationConfig.Simulation && !isExcluded { if *cli.cfg().Cscli.SimulationConfig.Simulation && !isExcluded {
log.Warning("global simulation is already enabled") log.Warning("global simulation is already enabled")
continue continue
} }
if !*csConfig.Cscli.SimulationConfig.Simulation && isExcluded { if !*cli.cfg().Cscli.SimulationConfig.Simulation && isExcluded {
log.Warningf("simulation for '%s' already enabled", scenario) log.Warningf("simulation for '%s' already enabled", scenario)
continue continue
} }
if *csConfig.Cscli.SimulationConfig.Simulation && isExcluded { if *cli.cfg().Cscli.SimulationConfig.Simulation && isExcluded {
if err := removeFromExclusion(scenario); err != nil { cli.removeFromExclusion(scenario)
log.Fatal(err)
}
log.Printf("simulation enabled for '%s'", scenario) log.Printf("simulation enabled for '%s'", scenario)
continue continue
} }
if err := addToExclusion(scenario); err != nil { cli.addToExclusion(scenario)
log.Fatal(err)
}
log.Printf("simulation mode for '%s' enabled", scenario) log.Printf("simulation mode for '%s' enabled", scenario)
} }
if err := dumpSimulationFile(); err != nil { if err := cli.dumpSimulationFile(); err != nil {
log.Fatalf("simulation enable: %s", err) return fmt.Errorf("simulation enable: %s", err)
} }
} else if forceGlobalSimulation { } else if forceGlobalSimulation {
if err := enableGlobalSimulation(); err != nil { if err := cli.enableGlobalSimulation(); err != nil {
log.Fatalf("unable to enable global simulation mode : %s", err) return fmt.Errorf("unable to enable global simulation mode: %s", err)
} }
} else { } else {
printHelp(cmd) printHelp(cmd)
} }
return nil
}, },
} }
cmd.Flags().BoolVarP(&forceGlobalSimulation, "global", "g", false, "Enable global simulation (reverse mode)") cmd.Flags().BoolVarP(&forceGlobalSimulation, "global", "g", false, "Enable global simulation (reverse mode)")
@ -114,7 +116,7 @@ func (cli cliSimulation) NewEnableCmd() *cobra.Command {
return cmd return cmd
} }
func (cli cliSimulation) NewDisableCmd() *cobra.Command { func (cli *cliSimulation) NewDisableCmd() *cobra.Command {
var forceGlobalSimulation bool var forceGlobalSimulation bool
cmd := &cobra.Command{ cmd := &cobra.Command{
@ -122,18 +124,16 @@ func (cli cliSimulation) NewDisableCmd() *cobra.Command {
Short: "Disable the simulation mode. Disable only specified scenarios", Short: "Disable the simulation mode. Disable only specified scenarios",
Example: `cscli simulation disable`, Example: `cscli simulation disable`,
DisableAutoGenTag: true, DisableAutoGenTag: true,
Run: func(cmd *cobra.Command, args []string) { RunE: func(cmd *cobra.Command, args []string) error {
if len(args) > 0 { if len(args) > 0 {
for _, scenario := range args { for _, scenario := range args {
isExcluded := slices.Contains(csConfig.Cscli.SimulationConfig.Exclusions, scenario) isExcluded := slices.Contains(cli.cfg().Cscli.SimulationConfig.Exclusions, scenario)
if !*csConfig.Cscli.SimulationConfig.Simulation && !isExcluded { if !*cli.cfg().Cscli.SimulationConfig.Simulation && !isExcluded {
log.Warningf("%s isn't in simulation mode", scenario) log.Warningf("%s isn't in simulation mode", scenario)
continue continue
} }
if !*csConfig.Cscli.SimulationConfig.Simulation && isExcluded { if !*cli.cfg().Cscli.SimulationConfig.Simulation && isExcluded {
if err := removeFromExclusion(scenario); err != nil { cli.removeFromExclusion(scenario)
log.Fatal(err)
}
log.Printf("simulation mode for '%s' disabled", scenario) log.Printf("simulation mode for '%s' disabled", scenario)
continue continue
} }
@ -141,21 +141,21 @@ func (cli cliSimulation) NewDisableCmd() *cobra.Command {
log.Warningf("simulation mode is enabled but is already disable for '%s'", scenario) log.Warningf("simulation mode is enabled but is already disable for '%s'", scenario)
continue continue
} }
if err := addToExclusion(scenario); err != nil { cli.addToExclusion(scenario)
log.Fatal(err)
}
log.Printf("simulation mode for '%s' disabled", scenario) log.Printf("simulation mode for '%s' disabled", scenario)
} }
if err := dumpSimulationFile(); err != nil { if err := cli.dumpSimulationFile(); err != nil {
log.Fatalf("simulation disable: %s", err) return fmt.Errorf("simulation disable: %s", err)
} }
} else if forceGlobalSimulation { } else if forceGlobalSimulation {
if err := disableGlobalSimulation(); err != nil { if err := cli.disableGlobalSimulation(); err != nil {
log.Fatalf("unable to disable global simulation mode : %s", err) return fmt.Errorf("unable to disable global simulation mode: %s", err)
} }
} else { } else {
printHelp(cmd) printHelp(cmd)
} }
return nil
}, },
} }
cmd.Flags().BoolVarP(&forceGlobalSimulation, "global", "g", false, "Disable global simulation (reverse mode)") cmd.Flags().BoolVarP(&forceGlobalSimulation, "global", "g", false, "Disable global simulation (reverse mode)")
@ -163,16 +163,14 @@ func (cli cliSimulation) NewDisableCmd() *cobra.Command {
return cmd return cmd
} }
func (cli cliSimulation) NewStatusCmd() *cobra.Command { func (cli *cliSimulation) NewStatusCmd() *cobra.Command {
cmd := &cobra.Command{ cmd := &cobra.Command{
Use: "status", Use: "status",
Short: "Show simulation mode status", Short: "Show simulation mode status",
Example: `cscli simulation status`, Example: `cscli simulation status`,
DisableAutoGenTag: true, DisableAutoGenTag: true,
Run: func(cmd *cobra.Command, args []string) { Run: func(_ *cobra.Command, _ []string) {
if err := simulationStatus(); err != nil { cli.status()
log.Fatal(err)
}
}, },
PersistentPostRun: func(cmd *cobra.Command, args []string) { PersistentPostRun: func(cmd *cobra.Command, args []string) {
}, },
@ -181,29 +179,29 @@ func (cli cliSimulation) NewStatusCmd() *cobra.Command {
return cmd return cmd
} }
func addToExclusion(name string) error { func (cli *cliSimulation) addToExclusion(name string) {
csConfig.Cscli.SimulationConfig.Exclusions = append(csConfig.Cscli.SimulationConfig.Exclusions, name) cfg := cli.cfg()
return nil cfg.Cscli.SimulationConfig.Exclusions = append(cfg.Cscli.SimulationConfig.Exclusions, name)
} }
func removeFromExclusion(name string) error { func (cli *cliSimulation) removeFromExclusion(name string) {
index := slices.Index(csConfig.Cscli.SimulationConfig.Exclusions, name) cfg := cli.cfg()
index := slices.Index(cfg.Cscli.SimulationConfig.Exclusions, name)
// Remove element from the slice // Remove element from the slice
csConfig.Cscli.SimulationConfig.Exclusions[index] = csConfig.Cscli.SimulationConfig.Exclusions[len(csConfig.Cscli.SimulationConfig.Exclusions)-1] cfg.Cscli.SimulationConfig.Exclusions[index] = cfg.Cscli.SimulationConfig.Exclusions[len(cfg.Cscli.SimulationConfig.Exclusions)-1]
csConfig.Cscli.SimulationConfig.Exclusions[len(csConfig.Cscli.SimulationConfig.Exclusions)-1] = "" cfg.Cscli.SimulationConfig.Exclusions[len(cfg.Cscli.SimulationConfig.Exclusions)-1] = ""
csConfig.Cscli.SimulationConfig.Exclusions = csConfig.Cscli.SimulationConfig.Exclusions[:len(csConfig.Cscli.SimulationConfig.Exclusions)-1] cfg.Cscli.SimulationConfig.Exclusions = cfg.Cscli.SimulationConfig.Exclusions[:len(cfg.Cscli.SimulationConfig.Exclusions)-1]
return nil
} }
func enableGlobalSimulation() error { func (cli *cliSimulation) enableGlobalSimulation() error {
csConfig.Cscli.SimulationConfig.Simulation = new(bool) cfg := cli.cfg()
*csConfig.Cscli.SimulationConfig.Simulation = true cfg.Cscli.SimulationConfig.Simulation = new(bool)
csConfig.Cscli.SimulationConfig.Exclusions = []string{} *cfg.Cscli.SimulationConfig.Simulation = true
cfg.Cscli.SimulationConfig.Exclusions = []string{}
if err := dumpSimulationFile(); err != nil { if err := cli.dumpSimulationFile(); err != nil {
log.Fatalf("unable to dump simulation file: %s", err) return fmt.Errorf("unable to dump simulation file: %s", err)
} }
log.Printf("global simulation: enabled") log.Printf("global simulation: enabled")
@ -211,59 +209,61 @@ func enableGlobalSimulation() error {
return nil return nil
} }
func dumpSimulationFile() error { func (cli *cliSimulation) dumpSimulationFile() error {
newConfigSim, err := yaml.Marshal(csConfig.Cscli.SimulationConfig) cfg := cli.cfg()
newConfigSim, err := yaml.Marshal(cfg.Cscli.SimulationConfig)
if err != nil { if err != nil {
return fmt.Errorf("unable to marshal simulation configuration: %s", err) return fmt.Errorf("unable to marshal simulation configuration: %s", err)
} }
err = os.WriteFile(csConfig.ConfigPaths.SimulationFilePath, newConfigSim, 0o644) err = os.WriteFile(cfg.ConfigPaths.SimulationFilePath, newConfigSim, 0o644)
if err != nil { if err != nil {
return fmt.Errorf("write simulation config in '%s' failed: %s", csConfig.ConfigPaths.SimulationFilePath, err) return fmt.Errorf("write simulation config in '%s' failed: %s", cfg.ConfigPaths.SimulationFilePath, err)
} }
log.Debugf("updated simulation file %s", csConfig.ConfigPaths.SimulationFilePath) log.Debugf("updated simulation file %s", cfg.ConfigPaths.SimulationFilePath)
return nil return nil
} }
func disableGlobalSimulation() error { func (cli *cliSimulation) disableGlobalSimulation() error {
csConfig.Cscli.SimulationConfig.Simulation = new(bool) cfg := cli.cfg()
*csConfig.Cscli.SimulationConfig.Simulation = false cfg.Cscli.SimulationConfig.Simulation = new(bool)
*cfg.Cscli.SimulationConfig.Simulation = false
csConfig.Cscli.SimulationConfig.Exclusions = []string{} cfg.Cscli.SimulationConfig.Exclusions = []string{}
newConfigSim, err := yaml.Marshal(csConfig.Cscli.SimulationConfig) newConfigSim, err := yaml.Marshal(cfg.Cscli.SimulationConfig)
if err != nil { if err != nil {
return fmt.Errorf("unable to marshal new simulation configuration: %s", err) return fmt.Errorf("unable to marshal new simulation configuration: %s", err)
} }
err = os.WriteFile(csConfig.ConfigPaths.SimulationFilePath, newConfigSim, 0o644) err = os.WriteFile(cfg.ConfigPaths.SimulationFilePath, newConfigSim, 0o644)
if err != nil { if err != nil {
return fmt.Errorf("unable to write new simulation config in '%s' : %s", csConfig.ConfigPaths.SimulationFilePath, err) return fmt.Errorf("unable to write new simulation config in '%s' : %s", cfg.ConfigPaths.SimulationFilePath, err)
} }
log.Printf("global simulation: disabled") log.Printf("global simulation: disabled")
return nil return nil
} }
func simulationStatus() error { func (cli *cliSimulation) status() {
if csConfig.Cscli.SimulationConfig == nil { cfg := cli.cfg()
if cfg.Cscli.SimulationConfig == nil {
log.Printf("global simulation: disabled (configuration file is missing)") log.Printf("global simulation: disabled (configuration file is missing)")
return nil return
} }
if *csConfig.Cscli.SimulationConfig.Simulation { if *cfg.Cscli.SimulationConfig.Simulation {
log.Println("global simulation: enabled") log.Println("global simulation: enabled")
if len(csConfig.Cscli.SimulationConfig.Exclusions) > 0 { if len(cfg.Cscli.SimulationConfig.Exclusions) > 0 {
log.Println("Scenarios not in simulation mode :") log.Println("Scenarios not in simulation mode :")
for _, scenario := range csConfig.Cscli.SimulationConfig.Exclusions { for _, scenario := range cfg.Cscli.SimulationConfig.Exclusions {
log.Printf(" - %s", scenario) log.Printf(" - %s", scenario)
} }
} }
} else { } else {
log.Println("global simulation: disabled") log.Println("global simulation: disabled")
if len(csConfig.Cscli.SimulationConfig.Exclusions) > 0 { if len(cfg.Cscli.SimulationConfig.Exclusions) > 0 {
log.Println("Scenarios in simulation mode :") log.Println("Scenarios in simulation mode :")
for _, scenario := range csConfig.Cscli.SimulationConfig.Exclusions { for _, scenario := range cfg.Cscli.SimulationConfig.Exclusions {
log.Printf(" - %s", scenario) log.Printf(" - %s", scenario)
} }
} }
} }
return nil
} }