mmetc
bfd94ceda7
make ParserIndex(), DownloadIndex() private methods ( #2579 )
...
* unnecessary pointer type
* ParseIndex() as hub method, don't collect missing items since they are never used
* don't export hub.parseIndex(), hub.downloadIndex()
2023-11-07 10:27:33 +01:00
mmetc
41d19de092
Refact cwhub ( #2578 )
...
* Fix suggest functional tests
* comments
* non-empty SubItems() implies collections type
* use "slices" from stdlib
* No need to repeat author field in the index -- take it from the item key
2023-11-06 17:35:33 +01:00
Sebastien Blot
26c876dc38
merge hub-1.6 branch
2023-11-06 15:02:11 +01:00
mmetc
450c263826
Refact cwhub: minor cleanups and comments ( #2574 )
...
* check response status before body; close file
* err check one-liners, lint, comments
* simplify function logic, reduce code
* comments, xxx, whitespace
2023-10-31 16:32:29 +01:00
Marco Mariani
fcd6c468c4
fix lint
2023-10-31 13:12:28 +01:00
mmetc
590a19b768
Refact pkg/cwhub: constructor, cscli output
...
* Single constructor: NewHub() to replace InitHub(), InitHubUpdate()
* sort cscli hub list output
* log.Fatal -> fmt.Errorf
2023-10-31 12:47:39 +01:00
Sebastien Blot
84ffde1844
add body_type in custom rule
2023-10-31 11:53:13 +01:00
mmetc
17662e59a9
Refact pkg/cwhub, cscli: hub upgrades ( #2568 )
...
* fix bats test for "upgrade all items"
* refact UpgradeConfig() -> UpgradeItem(): one item only
* refact RemoveMany() -> RemoveItem()
* Computed value: Item.Local -> Item.IsLocal()
* refact url/branch configuration with LocalHubCfg/RemoteHubCfg
2023-10-30 17:23:50 +01:00
bui
2e0b9683f3
logging clean up
2023-10-27 16:10:46 +02:00
bui
d136cc4734
logging clean up
2023-10-27 16:10:36 +02:00
bui
81645c96aa
logging clean up
2023-10-27 16:07:49 +02:00
bui
83d5211193
logging clean up
2023-10-27 16:07:37 +02:00
bui
c96c8f19c9
logging clean up
2023-10-27 16:07:25 +02:00
Sebastien Blot
57b5f5c27c
uip
2023-10-27 11:21:19 +02:00
Sebastien Blot
37c5d54e43
up
2023-10-27 11:17:27 +02:00
Sebastien Blot
b0e7da06b9
up
2023-10-27 11:10:40 +02:00
Sebastien Blot
e5906e6eea
up
2023-10-27 11:10:40 +02:00
bui
01ddc45a2c
use loggeR
2023-10-27 11:09:56 +02:00
bui
bb59d9852a
make Event viabl
2023-10-27 11:09:38 +02:00
bui
31a3b8a4ef
move this to pkg/waf
2023-10-27 11:09:19 +02:00
bui
495c6f9e8a
add debug to rule collection
2023-10-27 11:08:54 +02:00
mmetc
6b8ed0c9d0
Refactor hub URL/branch configuration ( #2559 )
...
* Refactor hub URL/branch configuration
* docker: using --force to implement $DISABLE (required for items in collections)
* use pointer receiver for consistency
2023-10-27 10:25:29 +02:00
bui
cd1cefbc8b
fix behavior so we only generate crowdsec events if interrupt was generated in either inband or outofband phases
2023-10-26 15:23:45 +02:00
bui
0cebf833c7
add options via WaapConfig for inband and outofband engines
2023-10-26 14:46:08 +02:00
bui
82bb8a2789
no leak plz
2023-10-26 13:01:11 +02:00
bui
f18b554177
warn at start if body reading is disabled
2023-10-26 12:45:59 +02:00
bui
6cbeefead6
up
2023-10-26 12:04:58 +02:00
bui
e49f33b4a7
Merge branch 'coraza_poc_acquis' of github.com:crowdsecurity/crowdsec into coraza_poc_acquis
2023-10-26 12:04:12 +02:00
bui
46ae0b3822
properly set default log level
2023-10-26 12:03:57 +02:00
Sebastien Blot
676352b5b1
new custom rule format
2023-10-25 18:45:49 +02:00
bui
4bfca8cab5
fix meta encoding
2023-10-25 13:54:57 +02:00
bui
eafffe7c94
up
2023-10-24 18:16:39 +02:00
bui
9edde09608
up
2023-10-24 18:16:30 +02:00
bui
1f3801f390
add the helpers and the type
2023-10-24 17:24:31 +02:00
bui
c02c74b5fe
shortcut for waap events
2023-10-24 17:24:16 +02:00
bui
b2bb15bb49
generate a special event for waap
2023-10-24 17:23:46 +02:00
bui
685006508c
make waap rules generate crowdsec events (again)
2023-10-24 13:43:27 +02:00
bui
03650401c5
default level
2023-10-24 10:57:22 +02:00
bui
00e1ffbf58
simplify a bit
2023-10-24 10:49:28 +02:00
bui
bd9df8f480
logger
2023-10-23 10:59:02 +02:00
bui
1b9d8c8226
logger
2023-10-23 10:54:26 +02:00
bui
c00b1abd72
logger
2023-10-23 10:54:11 +02:00
bui
2ff238d5f8
logger
2023-10-23 10:53:52 +02:00
bui
dca6faab08
logger
2023-10-23 10:53:39 +02:00
mmetc
ac98256602
Refact pkg/cwhub, cmd/crowdsec-cli ( #2557 )
...
- pkg/cwhub: change file layout, rename functions
- method Item.SubItems
- cmd/crowdsec-cli: generic code for hub items
- cscli: removing any type of items in a collection now requires --force
- tests
2023-10-20 14:32:35 +02:00
bui
b110c74487
allow description
2023-10-20 13:49:15 +02:00
bui
5dbc2758fa
warn user when setting unexpected default_remediation
2023-10-20 13:32:20 +02:00
Sebastien Blot
0acda36d33
up
2023-10-20 11:58:57 +02:00
Sebastien Blot
1468bb9681
up
2023-10-19 17:25:48 +02:00
Sebastien Blot
68c78249d5
up
2023-10-19 17:20:33 +02:00
Sebastien Blot
ef118a49ff
add waap-configs hub item
2023-10-19 16:53:00 +02:00
Sebastien Blot
15120a6d8f
merge hub-1.5.6
2023-10-19 14:19:37 +02:00
Sebastien Blot
350e8979b1
merge hub-1.5.6 branch
2023-10-19 12:18:16 +02:00
Marco Mariani
b89c5652ca
Merge branch 'master' into hub-1.5.6
2023-10-19 12:05:19 +02:00
mmetc
88e4f7c157
Refact pkg/csconfig, pkg/cwhub ( #2555 )
...
* csconfig: drop redundant hub information on *Cfg structs
* rename validItemFileName() -> item.validPath()
* Methods on hub object
* updated tests to reduce need of csconfig.Config or global state
2023-10-19 12:04:29 +02:00
Sebastien Blot
ecbdf2f0e1
merge master branch
2023-10-19 10:51:54 +02:00
bui
c89b42939e
naming
2023-10-18 17:17:57 +02:00
bui
98fb84d3e7
be consistent : waap-rules
2023-10-18 17:11:43 +02:00
Sebastien Blot
511468b8fe
up
2023-10-18 13:42:56 +02:00
mmetc
57d3ebba12
typo ( #2556 )
2023-10-18 10:03:02 +02:00
mmetc
be6555e46c
Refact pkg/csconfig, HubCfg ( #2552 )
...
- rename csconfig.Hub -> HubCfg
- move some Load*() functions to NewConfig()
- config.yaml: optional common section
- remove unused working_dir
2023-10-18 09:38:33 +02:00
Laurence Jones
d2d788c5dc
[hubtest] escpae scenario asssert meta keys ( #2551 )
2023-10-17 15:29:21 +01:00
mmetc
4eae40865e
HubIndex struct, comments, name changes ( #2549 )
...
* pkg/cwhub: rename PARSERS_OVFLW -> POSTOVERFLOWS
* mostly comments, some light cleanup
* move type hubtest.HubIndex -> cwhub.HubIndex
* move and rename LoadPkgIndex -> ParseIndex
* move displaySummary(), skippedLocal, skippedTainted to HubIndex struct
2023-10-17 16:17:37 +02:00
mmetc
325003bb69
Refact cscli item listing, tests ( #2547 )
...
* hub diet; taint tests
* cmd/crowdsec-cli: split utils.go, moved cwhub.GetHubStatusForItemType()
* cscli: refactor hub list commands, fix edge cases
2023-10-17 16:12:41 +02:00
mmetc
f496bd1692
bats: more cscli hub tests ( #2541 )
...
- updated logs and user messages
- added func tests for all the items: install, remove, upgrade, list
- rewritten taint tests for collections
- removed redundant csconfig.LoadPrometheus()
2023-10-17 16:12:41 +02:00
mmetc
a00bae6039
cmd/crowdsec-cli: remove global prometheusURL ( #2542 )
...
* cmd/crowdsec-cli: remove global prometheusURL
* PrometheusUrl now includes the path (/metrics)
2023-10-17 16:12:41 +02:00
mmetc
734ba46e6a
Refact cscli hub/item commands ( #2536 )
...
* log.Fatal -> fmt.Errorf
* lint cmd/crowdsec-cli hub items and split collection commands
* cscli collections: add examples
* cscli parsers: avoid globals
* cscli scenarios: avoid globals
* cscli collections, postoverflows: avoid globals
* cscli hub: avoid globals
* remove unused globals
2023-10-17 16:12:41 +02:00
mmetc
7db5bf8979
pkg/csconfig: set prometheus address:port defaults ( #2533 )
...
We set these default in one place (after loading the configuration)
instead of leaving that to both metric server and consumer.
2023-10-17 16:12:41 +02:00
Thibault "bui" Koechlin
a4dc5053d2
fix null deref in cti calls if key is empty ( #2540 )
...
* fix null deref in cti calls if key is empty
* avoid hardcoded error check
2023-10-17 09:34:53 +01:00
Sebastien Blot
d3bb9f8ae1
up
2023-10-17 09:32:40 +02:00
Laurence Jones
19de3a8a77
Runtime whitelist parsing improvement ( #2422 )
...
* Improve whitelist parsing
* Split whitelist check into a function tied to whitelist, also since we check node debug we can make a pointer to node containing whitelist
* No point passing clog as an argument since it is just a pointer to node we already know about
* We should break instead of returning false, false as it may have been whitelisted by ips/cidrs
* reimplement early return if expr errors
* Fix lint and dont need to parse ip back to string just loop over sources
* Log error with node logger as it provides context
* Move getsource to a function cleanup some code
* Change func name
* Split out compile to a function so we can use in tests. Add a bunch of tests
* spell correction
* Use node logger so it has context
* alternative solution
* quick fixes
* Use containswls
* Change whitelist test to use parseipsource and only events
* Make it simpler
* Postoverflow tests, some basic ones to make sure it works
* Use official pkg
* Add @mmetc reco
* Add @mmetc reco
* Change if if to a switch to only evaluate once
* simplify assertions
---------
Co-authored-by: bui <thibault@crowdsec.net>
Co-authored-by: Marco Mariani <marco@crowdsec.net>
2023-10-16 10:08:57 +01:00
Thibault "bui" Koechlin
3cd4847093
sort map keys when generating asserts ( #2494 )
...
* sort map keys when generating asserts
2023-10-16 09:54:19 +02:00
Laurence Jones
b2a6eb92bf
Dont create 3 maps just pass the same one to expr ( #2421 )
2023-10-13 22:35:30 +01:00
Laurence Jones
f0cda0406b
Load file only once if specified twice, and bail earlier if type is unknown ( #2419 )
2023-10-13 22:34:57 +01:00
Laurence Jones
ff7acd3347
Reset grokky once all patterns are compiled as we do not need to hold them in memoory ( #2420 )
2023-10-13 12:53:42 +01:00
mmetc
a6b55f2b5e
cscli config feeature-flags: point user to the right location of feature.yaml ( #2539 )
2023-10-13 09:52:51 +02:00
mmetc
3b1563a538
Refact cscli hub / pkg/cwhub (part 6) ( #2524 )
...
* hub.ConfigDir -> hub.InstallDir; hub.DataDir -> hub.InstallDataDir
* cleanup GetInstalledItemsAsString()
* lint: ReferenceMissingError -> ErrMissingReference
* lint: parent_dir -> parentDir
* link: export Walker type
* lint: return error last
* lint: shadow
* move around and group variable definitions
2023-10-09 21:33:35 +02:00
mmetc
0ecb6eefee
add missing scenarios in first login when authenticating with TLS ( #2454 )
...
* refact jwt:Authenticator
* include scenarios in first login request for machines with tlsAuth
* log.Printf -> log.Infof
* errors.Wrap -> fmt.Errorf
* don't override validation error
* fix test
2023-10-09 15:26:38 +02:00
Manuel Sabban
6e228f3f3f
pkg/cwhub: cleanup in argument call ( #2527 )
...
* cleanup in argument call
* update test as well
* cwhub_tests: reduce verbosity and use helpers
---------
Co-authored-by: Marco Mariani <marco@crowdsec.net>
2023-10-09 13:26:34 +02:00
Laurence Jones
28238cb01f
reverse nil statement instead of else ( #2530 )
2023-10-09 11:36:05 +01:00
Laurence Jones
0dd22e8b93
convert ifelseif to switch ( #2529 )
2023-10-09 11:23:19 +01:00
mmetc
9ae8bd79c5
Refact pkg/csconfig tests ( #2526 )
...
* remove unused method
* whitespace, redundant comments
* use test helpers
* move DumpConsoleConfig() from pkg/csconfig to cscli
* package doc header
* var -> const
* rename ./tests -> ./testdata
* shorter tests with more error checks
* lint/formatting
* use helpers; fix tests that didn't actually test
* lint; rename expectedResult -> expected
2023-10-09 11:10:51 +02:00
blotus
6b5da29e3d
Use a default duration if no duration is provided in a profile ( #2520 )
2023-10-06 14:43:17 +02:00
Thibault "bui" Koechlin
6c20d38c41
ligten bucket logger ( #2523 )
2023-10-06 14:42:44 +02:00
mmetc
338141f067
Refact cscli hub / pkg/cwhub (part 5) ( #2521 )
...
* remove unused yaml tags
* cscli/cwhub: deduplicate, remove dead code
* log.Fatal -> fmt.Errorf
* deflate utils.go by moving functions to respective files
* indexOf() -> slices.Index()
* ItemStatus() + toEmoji() -> Item.status()
* Item.versionStatus()
* move getSHA256() to loader.go
2023-10-06 13:59:51 +02:00
mmetc
9235f55c47
Refact pkg/cwhub (part 4) ( #2518 )
...
* generalize function: GetInstalledItems, GetInstalledItemsAsString
* extracted function itemKey, happy path
* review comments / remove redundant; rename file to remove build tags
* remove unused fields in Item struct
* unix build tag
2023-10-05 09:35:03 +02:00
Sebastien Blot
92a3c4b2fb
up
2023-10-04 14:17:21 +02:00
mmetc
61d4ccbfdd
use go 1.21.1 ( #2418 )
...
* use go 1.21.1, require 1.21
* import "slices" from stdlib
* allow codeql to set version number from tags
* codeql: custom WASM build - the automated one can silently fail
2023-10-04 13:01:57 +02:00
mmetc
89028f17cf
Refact pkg/cwhub (part 3) ( #2516 )
...
* removed unused error; comment
* rename loop variables
* happy path
* rename loop variables
* extract function, method
* log.Printf -> log.Infof
* tests -> testdata
from "go help test":
The go tool will ignore a directory named "testdata", making it available
to hold ancillary data needed by the tests.
* align tags
* extract function toEmoji
2023-10-04 12:54:21 +02:00
mmetc
3253b16f0f
Refact pkg/cwhub (part 2) ( #2513 )
...
* remove globals for walker callback
* extract method getItemInfo()
* code dedup, if/else -> switch
* dedent: happy path
* remove target variable
2023-10-04 11:17:35 +02:00
mmetc
d39131d154
Refact pkg/cwhub (part 1) ( #2512 )
...
* wrap errors, whitespace
* remove named return
* reverse CheckSuffix logic, rename function
* drop redundant if/else, happy path
* log.Fatal -> fmt.Errorf
* simplify GetItemMap, AddItem
* var -> const
* removed short-lived vars
* de-duplicate function and reverse logic
2023-10-04 10:34:10 +02:00
Sebastien Blot
dd7fa82543
up
2023-10-04 10:25:32 +02:00
Sebastien Blot
535738b962
up
2023-10-04 10:25:32 +02:00
Sebastien Blot
d3ce4cbf8e
up
2023-10-04 10:25:32 +02:00
Sebastien Blot
d5e0c8a36b
up
2023-10-04 10:25:32 +02:00
Sebastien Blot
7fdd4d04fe
up
2023-10-04 10:25:32 +02:00
Sebastien Blot
ca930cce09
wip
2023-10-04 10:25:32 +02:00
Sebastien Blot
502e21bc5b
wip
2023-10-04 10:25:31 +02:00
mmetc
8b5ad6990d
lint: pkg/cwhub ( #2510 )
...
no functional changes
- reformat
- comments
- whitespace
- removed a dot or two in log messages
- some "var x=y" -> x:=y
2023-10-03 11:20:56 +02:00
mmetc
6dadfcb2ef
refact: simplify hubtest CopyDir() ( #2509 )
2023-10-03 11:17:02 +02:00