diff --git a/cmd/crowdsec/main.go b/cmd/crowdsec/main.go index 0de6f0378..9e73ba903 100644 --- a/cmd/crowdsec/main.go +++ b/cmd/crowdsec/main.go @@ -322,7 +322,7 @@ func main() { } // some features can require configuration or command-line options, - // so wwe need to parse them asap. we'll load from feature.yaml later. + // so we need to parse them asap. we'll load from feature.yaml later. if err := csconfig.LoadFeatureFlagsEnv(log.StandardLogger()); err != nil { log.Fatalf("failed to set feature flags from environment: %s", err) } diff --git a/cmd/crowdsec/output.go b/cmd/crowdsec/output.go index 67489f459..933706a21 100644 --- a/cmd/crowdsec/output.go +++ b/cmd/crowdsec/output.go @@ -8,7 +8,6 @@ import ( "time" "github.com/go-openapi/strfmt" - "github.com/pkg/errors" log "github.com/sirupsen/logrus" "github.com/crowdsecurity/go-cs-lib/pkg/version" @@ -73,16 +72,16 @@ func runOutput(input chan types.Event, overflow chan types.Event, buckets *leaky scenarios, err := cwhub.GetInstalledScenariosAsString() if err != nil { - return errors.Wrapf(err, "loading list of installed hub scenarios: %s", err) + return fmt.Errorf("loading list of installed hub scenarios: %w", err) } apiURL, err := url.Parse(apiConfig.URL) if err != nil { - return errors.Wrapf(err, "parsing api url ('%s'): %s", apiConfig.URL, err) + return fmt.Errorf("parsing api url ('%s'): %w", apiConfig.URL, err) } papiURL, err := url.Parse(apiConfig.PapiURL) if err != nil { - return errors.Wrapf(err, "parsing polling api url ('%s'): %s", apiConfig.PapiURL, err) + return fmt.Errorf("parsing polling api url ('%s'): %w", apiConfig.PapiURL, err) } password := strfmt.Password(apiConfig.Password) @@ -97,7 +96,7 @@ func runOutput(input chan types.Event, overflow chan types.Event, buckets *leaky UpdateScenario: cwhub.GetInstalledScenariosAsString, }) if err != nil { - return errors.Wrapf(err, "new client api: %s", err) + return fmt.Errorf("new client api: %w", err) } authResp, _, err := Client.Auth.AuthenticateWatcher(context.Background(), models.WatcherAuthRequest{ MachineID: &apiConfig.Login, diff --git a/pkg/apiserver/apic.go b/pkg/apiserver/apic.go index b15cf21d6..718657f3a 100644 --- a/pkg/apiserver/apic.go +++ b/pkg/apiserver/apic.go @@ -84,7 +84,7 @@ func (a *apic) FetchScenariosListFromDB() ([]string, error) { scenarios := make([]string, 0) machines, err := a.dbClient.ListMachines() if err != nil { - return nil, errors.Wrap(err, "while listing machines") + return nil, fmt.Errorf("while listing machines: %w", err) } //merge all scenarios together for _, v := range machines { @@ -189,16 +189,16 @@ func NewAPIC(config *csconfig.OnlineApiClientCfg, dbClient *database.Client, con password := strfmt.Password(config.Credentials.Password) apiURL, err := url.Parse(config.Credentials.URL) if err != nil { - return nil, errors.Wrapf(err, "while parsing '%s'", config.Credentials.URL) + return nil, fmt.Errorf("while parsing '%s': %w", config.Credentials.URL, err) } papiURL, err := url.Parse(config.Credentials.PapiURL) if err != nil { - return nil, errors.Wrapf(err, "while parsing '%s'", config.Credentials.PapiURL) + return nil, fmt.Errorf("while parsing '%s': %w", config.Credentials.PapiURL, err) } ret.scenarioList, err = ret.FetchScenariosListFromDB() if err != nil { - return nil, errors.Wrap(err, "while fetching scenarios from db") + return nil, fmt.Errorf("while fetching scenarios from db: %w", err) } ret.apiClient, err = apiclient.NewClient(&apiclient.Config{ MachineID: config.Credentials.Login, @@ -211,14 +211,14 @@ func NewAPIC(config *csconfig.OnlineApiClientCfg, dbClient *database.Client, con UpdateScenario: ret.FetchScenariosListFromDB, }) if err != nil { - return nil, errors.Wrap(err, "while creating api client") + return nil, fmt.Errorf("while creating api client: %w", err) } // The watcher will be authenticated by the RoundTripper the first time it will call CAPI // Explicit authentication will provoke an useless supplementary call to CAPI scenarios, err := ret.FetchScenariosListFromDB() if err != nil { - return ret, errors.Wrapf(err, "get scenario in db: %s", err) + return ret, fmt.Errorf("get scenario in db: %w", err) } authResp, _, err := ret.apiClient.Auth.AuthenticateWatcher(context.Background(), models.WatcherAuthRequest{ @@ -227,11 +227,11 @@ func NewAPIC(config *csconfig.OnlineApiClientCfg, dbClient *database.Client, con Scenarios: scenarios, }) if err != nil { - return ret, errors.Wrapf(err, "authenticate watcher (%s)", config.Credentials.Login) + return ret, fmt.Errorf("authenticate watcher (%s): %w", config.Credentials.Login, err) } if err := ret.apiClient.GetClient().Transport.(*apiclient.JWTTransport).Expiration.UnmarshalText([]byte(authResp.Expire)); err != nil { - return ret, errors.Wrap(err, "unable to parse jwt expiration") + return ret, fmt.Errorf("unable to parse jwt expiration: %w", err) } ret.apiClient.GetClient().Transport.(*apiclient.JWTTransport).Token = authResp.Token @@ -375,7 +375,7 @@ func (a *apic) CAPIPullIsOld() (bool, error) { alerts = alerts.Where(alert.CreatedAtGTE(time.Now().UTC().Add(-time.Duration(1*time.Hour + 30*time.Minute)))) //nolint:unconvert count, err := alerts.Count(a.dbClient.CTX) if err != nil { - return false, errors.Wrap(err, "while looking for CAPI alert") + return false, fmt.Errorf("while looking for CAPI alert: %w", err) } if count > 0 { log.Printf("last CAPI pull is newer than 1h30, skip.") @@ -401,11 +401,11 @@ func (a *apic) HandleDeletedDecisions(deletedDecisions []*models.Decision, delet dbCliRet, _, err := a.dbClient.SoftDeleteDecisionsWithFilter(filter) if err != nil { - return 0, errors.Wrap(err, "deleting decisions error") + return 0, fmt.Errorf("deleting decisions error: %w", err) } dbCliDel, err := strconv.Atoi(dbCliRet) if err != nil { - return 0, errors.Wrapf(err, "converting db ret %d", dbCliDel) + return 0, fmt.Errorf("converting db ret %d: %w", dbCliDel, err) } updateCounterForDecision(delete_counters, decision.Origin, decision.Scenario, dbCliDel) nbDeleted += dbCliDel @@ -431,11 +431,11 @@ func (a *apic) HandleDeletedDecisionsV3(deletedDecisions []*modelscapi.GetDecisi dbCliRet, _, err := a.dbClient.SoftDeleteDecisionsWithFilter(filter) if err != nil { - return 0, errors.Wrap(err, "deleting decisions error") + return 0, fmt.Errorf("deleting decisions error: %w", err) } dbCliDel, err := strconv.Atoi(dbCliRet) if err != nil { - return 0, errors.Wrapf(err, "converting db ret %d", dbCliDel) + return 0, fmt.Errorf("converting db ret %d: %w", dbCliDel, err) } updateCounterForDecision(delete_counters, ptr.Of(types.CAPIOrigin), nil, dbCliDel) nbDeleted += dbCliDel @@ -575,7 +575,7 @@ func (a *apic) PullTop(forcePull bool) error { data, _, err := a.apiClient.Decisions.GetStreamV3(context.Background(), apiclient.DecisionsStreamOpts{Startup: a.startup}) if err != nil { - return errors.Wrap(err, "get stream") + return fmt.Errorf("get stream: %w", err) } a.startup = false /*to count additions/deletions across lists*/ @@ -610,12 +610,12 @@ func (a *apic) PullTop(forcePull bool) error { err = a.SaveAlerts(alertsFromCapi, add_counters, delete_counters) if err != nil { - return errors.Wrap(err, "while saving alerts") + return fmt.Errorf("while saving alerts: %w", err) } // update blocklists if err := a.UpdateBlocklists(data.Links, add_counters); err != nil { - return errors.Wrap(err, "while updating blocklists") + return fmt.Errorf("while updating blocklists: %w", err) } return nil } @@ -670,7 +670,7 @@ func (a *apic) SaveAlerts(alertsFromCapi []*models.Alert, add_counters map[strin } alertID, inserted, deleted, err := a.dbClient.UpdateCommunityBlocklist(alertsFromCapi[idx]) if err != nil { - return errors.Wrapf(err, "while saving alert from %s", *alertsFromCapi[idx].Source.Scope) + return fmt.Errorf("while saving alert from %s: %w", *alertsFromCapi[idx].Source.Scope, err) } log.Printf("%s : added %d entries, deleted %d entries (alert:%d)", *alertsFromCapi[idx].Source.Scope, inserted, deleted, alertID) } @@ -689,7 +689,7 @@ func (a *apic) ShouldForcePullBlocklist(blocklist *modelscapi.BlocklistLink) (bo log.Debugf("no alert found for %s, force refresh", *blocklist.Name) return true, nil } - return false, errors.Wrap(err, "while getting alert") + return false, fmt.Errorf("while getting alert: %w", err) } decisionQuery := a.dbClient.Ent.Decision.Query() decisionQuery.Where(decision.HasOwnerWith(alert.IDEQ(alertInstance.ID))) @@ -699,7 +699,7 @@ func (a *apic) ShouldForcePullBlocklist(blocklist *modelscapi.BlocklistLink) (bo log.Debugf("no decision found for %s, force refresh", *blocklist.Name) return true, nil } - return false, errors.Wrap(err, "while getting decision") + return false, fmt.Errorf("while getting decision: %w", err) } if firstDecision == nil || firstDecision.Until == nil || firstDecision.Until.Sub(time.Now().UTC()) < (a.pullInterval+15*time.Minute) { log.Debugf("at least one decision found for %s, expire soon, force refresh", *blocklist.Name) @@ -719,7 +719,7 @@ func (a *apic) UpdateBlocklists(links *modelscapi.GetDecisionsStreamResponseLink // we can use the same baseUrl as the urls are absolute and the parse will take care of it defaultClient, err := apiclient.NewDefaultClient(a.apiClient.BaseURL, "", "", nil) if err != nil { - return errors.Wrap(err, "while creating default client") + return fmt.Errorf("while creating default client: %w", err) } for _, blocklist := range links.Blocklists { if blocklist.Scope == nil { @@ -732,19 +732,19 @@ func (a *apic) UpdateBlocklists(links *modelscapi.GetDecisionsStreamResponseLink } forcePull, err := a.ShouldForcePullBlocklist(blocklist) if err != nil { - return errors.Wrapf(err, "while checking if we should force pull blocklist %s", *blocklist.Name) + return fmt.Errorf("while checking if we should force pull blocklist %s: %w", *blocklist.Name, err) } blocklistConfigItemName := fmt.Sprintf("blocklist:%s:last_pull", *blocklist.Name) var lastPullTimestamp *string if !forcePull { lastPullTimestamp, err = a.dbClient.GetConfigItem(blocklistConfigItemName) if err != nil { - return errors.Wrapf(err, "while getting last pull timestamp for blocklist %s", *blocklist.Name) + return fmt.Errorf("while getting last pull timestamp for blocklist %s: %w", *blocklist.Name, err) } } decisions, has_changed, err := defaultClient.Decisions.GetDecisionsFromBlocklist(context.Background(), blocklist, lastPullTimestamp) if err != nil { - return errors.Wrapf(err, "while getting decisions from blocklist %s", *blocklist.Name) + return fmt.Errorf("while getting decisions from blocklist %s: %w", *blocklist.Name, err) } if !has_changed { if lastPullTimestamp == nil { @@ -756,7 +756,7 @@ func (a *apic) UpdateBlocklists(links *modelscapi.GetDecisionsStreamResponseLink } err = a.dbClient.SetConfigItem(blocklistConfigItemName, time.Now().UTC().Format(http.TimeFormat)) if err != nil { - return errors.Wrapf(err, "while setting last pull timestamp for blocklist %s", *blocklist.Name) + return fmt.Errorf("while setting last pull timestamp for blocklist %s: %w", *blocklist.Name, err) } if len(decisions) == 0 { log.Infof("blocklist %s has no decisions", *blocklist.Name) @@ -770,7 +770,7 @@ func (a *apic) UpdateBlocklists(links *modelscapi.GetDecisionsStreamResponseLink err = a.SaveAlerts(alertsFromCapi, add_counters, nil) if err != nil { - return errors.Wrapf(err, "while saving alert from blocklist %s", *blocklist.Name) + return fmt.Errorf("while saving alert from blocklist %s: %w", *blocklist.Name, err) } } return nil diff --git a/pkg/apiserver/apiserver.go b/pkg/apiserver/apiserver.go index 3facd0f6f..d802822f8 100644 --- a/pkg/apiserver/apiserver.go +++ b/pkg/apiserver/apiserver.go @@ -106,7 +106,7 @@ func NewServer(config *csconfig.LocalApiServerCfg) (*APIServer, error) { var flushScheduler *gocron.Scheduler dbClient, err := database.NewClient(config.DbConfig) if err != nil { - return &APIServer{}, errors.Wrap(err, "unable to init database client") + return &APIServer{}, fmt.Errorf("unable to init database client: %w", err) } if config.DbConfig.Flush != nil { @@ -129,7 +129,7 @@ func NewServer(config *csconfig.LocalApiServerCfg) (*APIServer, error) { if config.TrustedProxies != nil && config.UseForwardedForHeaders { if err := router.SetTrustedProxies(*config.TrustedProxies); err != nil { - return &APIServer{}, errors.Wrap(err, "while setting trusted_proxies") + return &APIServer{}, fmt.Errorf("while setting trusted_proxies: %w", err) } router.ForwardedByClientIP = true } else { @@ -140,7 +140,7 @@ func NewServer(config *csconfig.LocalApiServerCfg) (*APIServer, error) { clog := log.New() if err := types.ConfigureLogger(clog); err != nil { - return nil, errors.Wrap(err, "while configuring gin logger") + return nil, fmt.Errorf("while configuring gin logger: %w", err) } if config.LogLevel != nil { clog.SetLevel(*config.LogLevel) @@ -305,7 +305,7 @@ func (s *APIServer) GetTLSConfig() (*tls.Config, error) { log.Infof("(tls) Client Auth Type set to %s", clientAuthType.String()) caCert, err = os.ReadFile(s.TLS.CACertPath) if err != nil { - return nil, errors.Wrap(err, "Error opening cert file") + return nil, fmt.Errorf("while opening cert file: %w", err) } caCertPool, err = x509.SystemCertPool() if err != nil { @@ -330,7 +330,7 @@ func (s *APIServer) Run(apiReady chan bool) error { defer trace.CatchPanic("lapi/runServer") tlsCfg, err := s.GetTLSConfig() if err != nil { - return errors.Wrap(err, "while creating TLS config") + return fmt.Errorf("while creating TLS config: %w", err) } s.httpServer = &http.Server{ Addr: s.URL, @@ -448,7 +448,7 @@ func (s *APIServer) Shutdown() error { } s.httpServerTomb.Kill(nil) if err := s.httpServerTomb.Wait(); err != nil { - return errors.Wrap(err, "while waiting on httpServerTomb") + return fmt.Errorf("while waiting on httpServerTomb: %w", err) } return nil } @@ -461,7 +461,7 @@ func (s *APIServer) InitController() error { err := s.controller.Init() if err != nil { - return errors.Wrap(err, "controller init") + return fmt.Errorf("controller init: %w", err) } if s.TLS != nil { var cacheExpiration time.Duration @@ -477,7 +477,7 @@ func (s *APIServer) InitController() error { "type": "agent", })) if err != nil { - return errors.Wrap(err, "while creating TLS auth for agents") + return fmt.Errorf("while creating TLS auth for agents: %w", err) } s.controller.HandlerV1.Middlewares.APIKey.TlsAuth, err = v1.NewTLSAuth(s.TLS.AllowedBouncersOU, s.TLS.CRLPath, cacheExpiration, @@ -486,7 +486,7 @@ func (s *APIServer) InitController() error { "type": "bouncer", })) if err != nil { - return errors.Wrap(err, "while creating TLS auth for bouncers") + return fmt.Errorf("while creating TLS auth for bouncers: %w", err) } } return err diff --git a/pkg/apiserver/papi.go b/pkg/apiserver/papi.go index e59160aee..96bb9251b 100644 --- a/pkg/apiserver/papi.go +++ b/pkg/apiserver/papi.go @@ -8,6 +8,9 @@ import ( "sync" "time" + log "github.com/sirupsen/logrus" + "gopkg.in/tomb.v2" + "github.com/crowdsecurity/go-cs-lib/pkg/trace" "github.com/crowdsecurity/crowdsec/pkg/apiclient" @@ -16,9 +19,6 @@ import ( "github.com/crowdsecurity/crowdsec/pkg/longpollclient" "github.com/crowdsecurity/crowdsec/pkg/models" "github.com/crowdsecurity/crowdsec/pkg/types" - "github.com/pkg/errors" - log "github.com/sirupsen/logrus" - "gopkg.in/tomb.v2" ) var ( @@ -103,7 +103,7 @@ func NewPAPI(apic *apic, dbClient *database.Client, consoleConfig *csconfig.Cons }) if err != nil { - return &Papi{}, errors.Wrap(err, "failed to create PAPI client") + return &Papi{}, fmt.Errorf("failed to create PAPI client: %w", err) } channels := &OperationChannels{ @@ -231,7 +231,7 @@ func (p *Papi) Pull() error { if lastTimestampStr == nil { binTime, err := lastTimestamp.MarshalText() if err != nil { - return errors.Wrap(err, "failed to marshal last timestamp") + return fmt.Errorf("failed to marshal last timestamp: %w", err) } if err := p.DBClient.SetConfigItem(PapiPullKey, string(binTime)); err != nil { p.Logger.Errorf("error setting papi pull last key: %s", err) @@ -240,7 +240,7 @@ func (p *Papi) Pull() error { } } else { if err := lastTimestamp.UnmarshalText([]byte(*lastTimestampStr)); err != nil { - return errors.Wrap(err, "failed to unmarshal last timestamp") + return fmt.Errorf("failed to unmarshal last timestamp: %w", err) } } @@ -251,7 +251,7 @@ func (p *Papi) Pull() error { newTime := time.Now().UTC() binTime, err := newTime.MarshalText() if err != nil { - return errors.Wrap(err, "failed to marshal last timestamp") + return fmt.Errorf("failed to marshal last timestamp: %w", err) } err = p.handleEvent(event, false) @@ -261,7 +261,7 @@ func (p *Papi) Pull() error { } if err := p.DBClient.SetConfigItem(PapiPullKey, string(binTime)); err != nil { - return errors.Wrap(err, "failed to update last timestamp") + return fmt.Errorf("failed to update last timestamp: %w", err) } else { logger.Debugf("set last timestamp to %s", newTime) } diff --git a/pkg/cwhub/download.go b/pkg/cwhub/download.go index 17b5c0e00..0ba74c772 100644 --- a/pkg/cwhub/download.go +++ b/pkg/cwhub/download.go @@ -3,6 +3,7 @@ package cwhub import ( "bytes" "crypto/sha256" + "errors" "fmt" "io" "net/http" @@ -11,29 +12,28 @@ import ( "path/filepath" "strings" - "github.com/crowdsecurity/crowdsec/pkg/csconfig" - "github.com/pkg/errors" log "github.com/sirupsen/logrus" "gopkg.in/yaml.v2" + + "github.com/crowdsecurity/crowdsec/pkg/csconfig" ) var ErrIndexNotFound = fmt.Errorf("index not found") func UpdateHubIdx(hub *csconfig.Hub) error { - bidx, err := DownloadHubIdx(hub) if err != nil { - return errors.Wrap(err, "failed to download index") + return fmt.Errorf("failed to download index: %w", err) } ret, err := LoadPkgIndex(bidx) if err != nil { if !errors.Is(err, ReferenceMissingError) { - return errors.Wrap(err, "failed to read index") + return fmt.Errorf("failed to read index: %w", err) } } hubIdx = ret if err, _ := LocalSync(hub); err != nil { - return errors.Wrap(err, "failed to sync") + return fmt.Errorf("failed to sync: %w", err) } return nil } @@ -42,11 +42,11 @@ func DownloadHubIdx(hub *csconfig.Hub) ([]byte, error) { log.Debugf("fetching index from branch %s (%s)", HubBranch, fmt.Sprintf(RawFileURLTemplate, HubBranch, HubIndexFile)) req, err := http.NewRequest(http.MethodGet, fmt.Sprintf(RawFileURLTemplate, HubBranch, HubIndexFile), nil) if err != nil { - return nil, errors.Wrap(err, "failed to build request for hub index") + return nil, fmt.Errorf("failed to build request for hub index: %w", err) } resp, err := http.DefaultClient.Do(req) if err != nil { - return nil, errors.Wrap(err, "failed http request for hub index") + return nil, fmt.Errorf("failed http request for hub index: %w", err) } defer resp.Body.Close() if resp.StatusCode != http.StatusOK { @@ -57,7 +57,7 @@ func DownloadHubIdx(hub *csconfig.Hub) ([]byte, error) { } body, err := io.ReadAll(resp.Body) if err != nil { - return nil, errors.Wrap(err, "failed to read request answer for hub index") + return nil, fmt.Errorf("failed to read request answer for hub index: %w", err) } oldContent, err := os.ReadFile(hub.HubIndexFile) @@ -73,13 +73,13 @@ func DownloadHubIdx(hub *csconfig.Hub) ([]byte, error) { file, err := os.OpenFile(hub.HubIndexFile, os.O_CREATE|os.O_WRONLY|os.O_TRUNC, 0644) if err != nil { - return nil, errors.Wrap(err, "while opening hub index file") + return nil, fmt.Errorf("while opening hub index file: %w", err) } defer file.Close() wsize, err := file.WriteString(string(body)) if err != nil { - return nil, errors.Wrap(err, "while writing hub index file") + return nil, fmt.Errorf("while writing hub index file: %w", err) } log.Infof("Wrote new %d bytes index to %s", wsize, hub.HubIndexFile) return body, nil @@ -119,19 +119,19 @@ func DownloadLatest(hub *csconfig.Hub, target Item, overwrite bool, updateOnly b log.Tracef("collection, recurse") hubIdx[ptrtype][p], err = DownloadLatest(hub, val, overwrite, updateOnly) if err != nil { - return target, errors.Wrap(err, fmt.Sprintf("while downloading %s", val.Name)) + return target, fmt.Errorf("while downloading %s: %w", val.Name, err) } } item, err := DownloadItem(hub, val, overwrite) if err != nil { - return target, errors.Wrap(err, fmt.Sprintf("while downloading %s", val.Name)) + return target, fmt.Errorf("while downloading %s: %w", val.Name, err) } // We need to enable an item when it has been added to a collection since latest release of the collection. // We check if val.Downloaded is false because maybe the item has been disabled by the user. if !item.Installed && !val.Downloaded { if item, err = EnableItem(hub, item); err != nil { - return target, errors.Wrapf(err, "enabling '%s'", item.Name) + return target, fmt.Errorf("enabling '%s': %w", item.Name, err) } } hubIdx[ptrtype][p] = item @@ -160,11 +160,11 @@ func DownloadItem(hub *csconfig.Hub, target Item, overwrite bool) (Item, error) } req, err := http.NewRequest(http.MethodGet, fmt.Sprintf(RawFileURLTemplate, HubBranch, target.RemotePath), nil) if err != nil { - return target, errors.Wrap(err, fmt.Sprintf("while downloading %s", req.URL.String())) + return target, fmt.Errorf("while downloading %s: %w", req.URL.String(), err) } resp, err := http.DefaultClient.Do(req) if err != nil { - return target, errors.Wrap(err, fmt.Sprintf("while downloading %s", req.URL.String())) + return target, fmt.Errorf("while downloading %s: %w", req.URL.String(), err) } if resp.StatusCode != http.StatusOK { return target, fmt.Errorf("bad http code %d for %s", resp.StatusCode, req.URL.String()) @@ -172,11 +172,11 @@ func DownloadItem(hub *csconfig.Hub, target Item, overwrite bool) (Item, error) defer resp.Body.Close() body, err := io.ReadAll(resp.Body) if err != nil { - return target, errors.Wrap(err, fmt.Sprintf("while reading %s", req.URL.String())) + return target, fmt.Errorf("while reading %s: %w", req.URL.String(), err) } h := sha256.New() if _, err := h.Write(body); err != nil { - return target, errors.Wrap(err, fmt.Sprintf("while hashing %s", target.Name)) + return target, fmt.Errorf("while hashing %s: %w", target.Name, err) } meow := fmt.Sprintf("%x", h.Sum(nil)) if meow != target.Versions[target.Version].Digest { @@ -192,7 +192,7 @@ func DownloadItem(hub *csconfig.Hub, target Item, overwrite bool) (Item, error) /*ensure that target file is within target dir*/ finalPath, err := filepath.Abs(tdir + "/" + target.RemotePath) if err != nil { - return target, errors.Wrapf(err, "Abs error on %s", tdir+"/"+target.RemotePath) + return target, fmt.Errorf("filepath.Abs error on %s: %w", tdir+"/"+target.RemotePath, err) } if !strings.HasPrefix(finalPath, tdir) { return target, fmt.Errorf("path %s escapes %s, abort", target.RemotePath, tdir) @@ -201,7 +201,7 @@ func DownloadItem(hub *csconfig.Hub, target Item, overwrite bool) (Item, error) if _, err = os.Stat(parent_dir); os.IsNotExist(err) { log.Debugf("%s doesn't exist, create", parent_dir) if err := os.MkdirAll(parent_dir, os.ModePerm); err != nil { - return target, errors.Wrap(err, "while creating parent directories") + return target, fmt.Errorf("while creating parent directories: %w", err) } } /*check actual file*/ @@ -214,19 +214,19 @@ func DownloadItem(hub *csconfig.Hub, target Item, overwrite bool) (Item, error) f, err := os.OpenFile(tdir+"/"+target.RemotePath, os.O_CREATE|os.O_WRONLY|os.O_TRUNC, 0644) if err != nil { - return target, errors.Wrap(err, "while opening file") + return target, fmt.Errorf("while opening file: %w", err) } defer f.Close() _, err = f.WriteString(string(body)) if err != nil { - return target, errors.Wrap(err, "while writing file") + return target, fmt.Errorf("while writing file: %w", err) } target.Downloaded = true target.Tainted = false target.UpToDate = true if err = downloadData(dataFolder, overwrite, bytes.NewReader(body)); err != nil { - return target, errors.Wrapf(err, "while downloading data for %s", target.FileName) + return target, fmt.Errorf("while downloading data for %s: %w", target.FileName, err) } hubIdx[target.Type][target.Name] = target @@ -241,11 +241,11 @@ func DownloadDataIfNeeded(hub *csconfig.Hub, target Item, force bool) error { ) itemFilePath := fmt.Sprintf("%s/%s/%s/%s", hub.ConfigDir, target.Type, target.Stage, target.FileName) if itemFile, err = os.Open(itemFilePath); err != nil { - return errors.Wrapf(err, "while opening %s", itemFilePath) + return fmt.Errorf("while opening %s: %w", itemFilePath, err) } defer itemFile.Close() if err = downloadData(dataFolder, force, itemFile); err != nil { - return errors.Wrapf(err, "while downloading data for %s", itemFilePath) + return fmt.Errorf("while downloading data for %s: %w", itemFilePath, err) } return nil } @@ -261,7 +261,7 @@ func downloadData(dataFolder string, force bool, reader io.Reader) error { if errors.Is(err, io.EOF) { break } - return errors.Wrap(err, "while reading file") + return fmt.Errorf("while reading file: %w", err) } download := false @@ -273,7 +273,7 @@ func downloadData(dataFolder string, force bool, reader io.Reader) error { if download || force { err = GetData(data.Data, dataFolder) if err != nil { - return errors.Wrap(err, "while getting data") + return fmt.Errorf("while getting data: %w", err) } } } diff --git a/pkg/cwhub/helpers_test.go b/pkg/cwhub/helpers_test.go index bf6e84fb3..b8a15519d 100644 --- a/pkg/cwhub/helpers_test.go +++ b/pkg/cwhub/helpers_test.go @@ -25,7 +25,7 @@ func TestUpgradeConfigNewScenarioInCollection(t *testing.T) { require.True(t, hubIdx[COLLECTIONS]["crowdsecurity/test_collection"].UpToDate) require.False(t, hubIdx[COLLECTIONS]["crowdsecurity/test_collection"].Tainted) - // This is the sceanrio that gets added in next version of collection + // This is the scenario that gets added in next version of collection require.False(t, hubIdx[SCENARIOS]["crowdsecurity/barfoo_scenario"].Downloaded) require.False(t, hubIdx[SCENARIOS]["crowdsecurity/barfoo_scenario"].Installed) @@ -54,7 +54,7 @@ func TestUpgradeConfigNewScenarioInCollection(t *testing.T) { // Install a collection, disable a scenario. // Upgrade should install should not enable/download the disabled scenario. -func TestUpgradeConfigInDisabledSceanarioShouldNotBeInstalled(t *testing.T) { +func TestUpgradeConfigInDisabledScenarioShouldNotBeInstalled(t *testing.T) { cfg := envSetup(t) defer envTearDown(cfg) @@ -134,7 +134,7 @@ func TestUpgradeConfigNewScenarioIsInstalledWhenReferencedScenarioIsDisabled(t * // collection receives an update. It now adds new scenario "crowdsecurity/barfoo_scenario" // we now attempt to upgrade the collection, however it shouldn't install the foobar_scenario - // we just removed. Nor should it install the newly added sceanrio + // we just removed. Nor should it install the newly added scenario pushUpdateToCollectionInHub() if err := UpdateHubIdx(cfg.Hub); err != nil { diff --git a/pkg/cwhub/install.go b/pkg/cwhub/install.go index efc92ae84..505c36297 100644 --- a/pkg/cwhub/install.go +++ b/pkg/cwhub/install.go @@ -5,7 +5,6 @@ import ( "os" "path/filepath" - "github.com/pkg/errors" log "github.com/sirupsen/logrus" "github.com/crowdsecurity/crowdsec/pkg/csconfig" @@ -17,7 +16,7 @@ func purgeItem(hub *csconfig.Hub, target Item) (Item, error) { // disable hub file if err := os.Remove(hubpath); err != nil { - return target, errors.Wrap(err, "while removing file") + return target, fmt.Errorf("while removing file: %w", err) } target.Downloaded = false @@ -73,7 +72,7 @@ func DisableItem(hub *csconfig.Hub, target Item, purge bool, force bool) (Item, if toRemove { hubIdx[ptrtype][p], err = DisableItem(hub, val, purge, force) if err != nil { - return target, errors.Wrap(err, fmt.Sprintf("while disabling %s", p)) + return target, fmt.Errorf("while disabling %s: %w", p, err) } } else { log.Infof("%s was not removed because it belongs to another collection", val.Name) @@ -98,11 +97,11 @@ func DisableItem(hub *csconfig.Hub, target Item, purge bool, force bool) (Item, } hubpath, err := os.Readlink(syml) if err != nil { - return target, errors.Wrap(err, "while reading symlink") + return target, fmt.Errorf("while reading symlink: %w", err) } absPath, err := filepath.Abs(hdir + "/" + target.RemotePath) if err != nil { - return target, errors.Wrap(err, "while abs path") + return target, fmt.Errorf("while abs path: %w", err) } if hubpath != absPath { log.Warningf("%s (%s) isn't a symlink to %s", target.Name, syml, absPath) @@ -111,7 +110,7 @@ func DisableItem(hub *csconfig.Hub, target Item, purge bool, force bool) (Item, //remove the symlink if err = os.Remove(syml); err != nil { - return target, errors.Wrap(err, "while removing symlink") + return target, fmt.Errorf("while removing symlink: %w", err) } log.Infof("Removed symlink [%s] : %s", target.Name, syml) } @@ -151,7 +150,7 @@ func EnableItem(hub *csconfig.Hub, target Item) (Item, error) { if _, err := os.Stat(parent_dir); os.IsNotExist(err) { log.Printf("%s doesn't exist, create", parent_dir) if err := os.MkdirAll(parent_dir, os.ModePerm); err != nil { - return target, errors.Wrap(err, "while creating directory") + return target, fmt.Errorf("while creating directory: %w", err) } } @@ -163,12 +162,12 @@ func EnableItem(hub *csconfig.Hub, target Item) (Item, error) { for _, p := range ptr { val, ok := hubIdx[ptrtype][p] if !ok { - return target, fmt.Errorf("required %s %s of %s doesn't exist, abort.", ptrtype, p, target.Name) + return target, fmt.Errorf("required %s %s of %s doesn't exist, abort", ptrtype, p, target.Name) } hubIdx[ptrtype][p], err = EnableItem(hub, val) if err != nil { - return target, errors.Wrap(err, fmt.Sprintf("while installing %s", p)) + return target, fmt.Errorf("while installing %s: %w", p, err) } } } @@ -183,16 +182,16 @@ func EnableItem(hub *csconfig.Hub, target Item) (Item, error) { //tdir+target.RemotePath srcPath, err := filepath.Abs(hdir + "/" + target.RemotePath) if err != nil { - return target, errors.Wrap(err, "while getting source path") + return target, fmt.Errorf("while getting source path: %w", err) } dstPath, err := filepath.Abs(parent_dir + "/" + target.FileName) if err != nil { - return target, errors.Wrap(err, "while getting destination path") + return target, fmt.Errorf("while getting destination path: %w", err) } if err = os.Symlink(srcPath, dstPath); err != nil { - return target, errors.Wrap(err, fmt.Sprintf("while creating symlink from %s to %s", srcPath, dstPath)) + return target, fmt.Errorf("while creating symlink from %s to %s: %w", srcPath, dstPath, err) } log.Printf("Enabled %s : %s", target.Type, target.Name) diff --git a/pkg/database/alerts.go b/pkg/database/alerts.go index 688288cee..afdf51688 100644 --- a/pkg/database/alerts.go +++ b/pkg/database/alerts.go @@ -131,14 +131,14 @@ func (c *Client) CreateOrUpdateAlert(machineID string, alertItem *models.Alert) alerts, err := c.Ent.Alert.Query().Where(alert.UUID(alertItem.UUID)).WithDecisions().All(c.CTX) if err != nil && !ent.IsNotFound(err) { - return "", errors.Wrap(err, "unable to query alerts for uuid %s") + return "", fmt.Errorf("unable to query alerts for uuid %s: %w", alertItem.UUID, err) } //alert wasn't found, insert it (expected hotpath) if ent.IsNotFound(err) || len(alerts) == 0 { ret, err := c.CreateAlert(machineID, []*models.Alert{alertItem}) if err != nil { - return "", errors.Wrap(err, "unable to create alert") + return "", fmt.Errorf("unable to create alert: %w", err) } return ret[0], nil } @@ -256,7 +256,7 @@ func (c *Client) CreateOrUpdateAlert(machineID string, alertItem *models.Alert) //now that we bulk created missing decisions, let's update the alert err = c.Ent.Alert.Update().Where(alert.UUID(alertItem.UUID)).AddDecisions(decisions...).Exec(c.CTX) if err != nil { - return "", errors.Wrapf(err, "updating alert %s : %s", alertItem.UUID, err) + return "", fmt.Errorf("updating alert %s: %w", alertItem.UUID, err) } return "", nil @@ -442,7 +442,7 @@ func (c *Client) UpdateCommunityBlocklist(alertItem *models.Alert) (int, int, in if rollbackErr != nil { log.Errorf("rollback error: %s", rollbackErr) } - return 0, 0, 0, errors.Wrap(err, "while deleting older community blocklist decisions") + return 0, 0, 0, fmt.Errorf("while deleting older community blocklist decisions: %w", err) } deleted += deletedDecisions @@ -475,7 +475,7 @@ func (c *Client) UpdateCommunityBlocklist(alertItem *models.Alert) (int, int, in if rollbackErr != nil { log.Errorf("rollback error: %s", rollbackErr) } - return 0, 0, 0, errors.Wrap(err, "while deleting older community blocklist decisions") + return 0, 0, 0, fmt.Errorf("while deleting older community blocklist decisions: %w", err) } deleted += deletedDecisions } @@ -811,7 +811,7 @@ func AlertPredicatesFromFilter(filter map[string][]string) ([]predicate.Alert, e case "since": duration, err := types.ParseDuration(value[0]) if err != nil { - return nil, errors.Wrap(err, "while parsing duration") + return nil, fmt.Errorf("while parsing duration: %w", err) } since := time.Now().UTC().Add(-duration) if since.IsZero() { @@ -821,21 +821,21 @@ func AlertPredicatesFromFilter(filter map[string][]string) ([]predicate.Alert, e case "created_before": duration, err := types.ParseDuration(value[0]) if err != nil { - return nil, errors.Wrap(err, "while parsing duration") + return nil, fmt.Errorf("while parsing duration: %w", err) } since := time.Now().UTC().Add(-duration) if since.IsZero() { - return nil, fmt.Errorf("Empty time now() - %s", since.String()) + return nil, fmt.Errorf("empty time now() - %s", since.String()) } predicates = append(predicates, alert.CreatedAtLTE(since)) case "until": duration, err := types.ParseDuration(value[0]) if err != nil { - return nil, errors.Wrap(err, "while parsing duration") + return nil, fmt.Errorf("while parsing duration: %w", err) } until := time.Now().UTC().Add(-duration) if until.IsZero() { - return nil, fmt.Errorf("Empty time now() - %s", until.String()) + return nil, fmt.Errorf("empty time now() - %s", until.String()) } predicates = append(predicates, alert.StartedAtLTE(until)) case "decision_type": @@ -966,13 +966,13 @@ func (c *Client) AlertsCountPerScenario(filters map[string][]string) (map[string query, err := BuildAlertRequestFromFilter(query, filters) if err != nil { - return nil, errors.Wrap(err, "failed to build alert request") + return nil, fmt.Errorf("failed to build alert request: %w", err) } err = query.GroupBy(alert.FieldScenario).Aggregate(ent.Count()).Scan(ctx, &res) if err != nil { - return nil, errors.Wrap(err, "failed to count alerts per scenario") + return nil, fmt.Errorf("failed to count alerts per scenario: %w", err) } counts := make(map[string]int) @@ -1270,7 +1270,7 @@ func (c *Client) FlushAlerts(MaxAge string, MaxItems int) error { totalAlerts, err = c.TotalAlerts() if err != nil { c.Log.Warningf("FlushAlerts (max items count) : %s", err) - return errors.Wrap(err, "unable to get alerts count") + return fmt.Errorf("unable to get alerts count: %w", err) } c.Log.Debugf("FlushAlerts (Total alerts): %d", totalAlerts) if MaxAge != "" { @@ -1280,7 +1280,7 @@ func (c *Client) FlushAlerts(MaxAge string, MaxItems int) error { nbDeleted, err := c.DeleteAlertWithFilter(filter) if err != nil { c.Log.Warningf("FlushAlerts (max age) : %s", err) - return errors.Wrapf(err, "unable to flush alerts with filter until: %s", MaxAge) + return fmt.Errorf("unable to flush alerts with filter until=%s: %w", MaxAge, err) } c.Log.Debugf("FlushAlerts (deleted max age alerts): %d", nbDeleted) deletedByAge = nbDeleted @@ -1300,7 +1300,7 @@ func (c *Client) FlushAlerts(MaxAge string, MaxItems int) error { c.Log.Debugf("FlushAlerts (last alert): %+v", lastAlert) if err != nil { c.Log.Errorf("FlushAlerts: could not get last alert: %s", err) - return errors.Wrap(err, "could not get last alert") + return fmt.Errorf("could not get last alert: %w", err) } if len(lastAlert) != 0 { @@ -1314,7 +1314,7 @@ func (c *Client) FlushAlerts(MaxAge string, MaxItems int) error { if err != nil { c.Log.Errorf("FlushAlerts: Could not delete alerts : %s", err) - return errors.Wrap(err, "could not delete alerts") + return fmt.Errorf("could not delete alerts: %w", err) } } } diff --git a/pkg/database/decisions.go b/pkg/database/decisions.go index 5dacc23d4..cf4b9c966 100644 --- a/pkg/database/decisions.go +++ b/pkg/database/decisions.go @@ -108,7 +108,7 @@ func BuildDecisionRequestWithFilter(query *ent.DecisionQuery, filter map[string] } query, err = applyStartIpEndIpFilter(query, contains, ip_sz, start_ip, start_sfx, end_ip, end_sfx) if err != nil { - return nil, errors.Wrapf(err, "fail to apply StartIpEndIpFilter") + return nil, fmt.Errorf("fail to apply StartIpEndIpFilter: %w", err) } return query, nil } diff --git a/pkg/leakybucket/manager_run.go b/pkg/leakybucket/manager_run.go index 56998d745..679c603df 100644 --- a/pkg/leakybucket/manager_run.go +++ b/pkg/leakybucket/manager_run.go @@ -2,19 +2,18 @@ package leakybucket import ( "encoding/json" + "errors" "fmt" "math" "os" "time" - "github.com/pkg/errors" - + "github.com/antonmedv/expr" "github.com/mohae/deepcopy" + "github.com/prometheus/client_golang/prometheus" log "github.com/sirupsen/logrus" - "github.com/antonmedv/expr" "github.com/crowdsecurity/crowdsec/pkg/types" - "github.com/prometheus/client_golang/prometheus" ) var serialized map[string]Leaky @@ -342,12 +341,12 @@ func PourItemToHolders(parsed types.Event, holders []BucketFactory, buckets *Buc //we need to either find the existing bucket, or create a new one (if it's the first event to hit it for this partition key) bucket, err := LoadOrStoreBucketFromHolder(buckey, buckets, holders[idx], parsed.ExpectMode) if err != nil { - return false, errors.Wrap(err, "failed to load or store bucket") + return false, fmt.Errorf("failed to load or store bucket: %w", err) } //finally, pour the even into the bucket ok, err := PourItemToBucket(bucket, holders[idx], buckets, &parsed) if err != nil { - return false, errors.Wrap(err, "failed to pour bucket") + return false, fmt.Errorf("failed to pour bucket: %w", err) } if ok { poured = true