diff --git a/cmd/crowdsec-cli/capi.go b/cmd/crowdsec-cli/capi.go index e748baa4f..8a0ca6959 100644 --- a/cmd/crowdsec-cli/capi.go +++ b/cmd/crowdsec-cli/capi.go @@ -16,7 +16,6 @@ import ( "github.com/crowdsecurity/crowdsec/pkg/apiclient" "github.com/crowdsecurity/crowdsec/pkg/csconfig" "github.com/crowdsecurity/crowdsec/pkg/cwhub" - "github.com/crowdsecurity/crowdsec/pkg/fflag" "github.com/crowdsecurity/crowdsec/pkg/models" "github.com/crowdsecurity/crowdsec/pkg/types" @@ -98,9 +97,6 @@ func NewCapiRegisterCmd() *cobra.Command { Password: password.String(), URL: types.CAPIBaseURL, } - if fflag.PapiClient.IsEnabled() { - apiCfg.PapiURL = types.PAPIBaseURL - } apiConfigDump, err := yaml.Marshal(apiCfg) if err != nil { return fmt.Errorf("unable to marshal api credentials: %w", err) diff --git a/cmd/crowdsec-cli/console.go b/cmd/crowdsec-cli/console.go index f119c6bc1..471ae81ff 100644 --- a/cmd/crowdsec-cli/console.go +++ b/cmd/crowdsec-cli/console.go @@ -20,7 +20,6 @@ import ( "github.com/crowdsecurity/crowdsec/pkg/apiclient" "github.com/crowdsecurity/crowdsec/pkg/csconfig" "github.com/crowdsecurity/crowdsec/pkg/cwhub" - "github.com/crowdsecurity/crowdsec/pkg/fflag" "github.com/crowdsecurity/crowdsec/pkg/types" "github.com/crowdsecurity/crowdsec/cmd/crowdsec-cli/require" @@ -189,11 +188,11 @@ Disable given information push to the central API.`, case "json": c := csConfig.API.Server.ConsoleConfig out := map[string](*bool){ - csconfig.SEND_MANUAL_SCENARIOS: c.ShareManualDecisions, - csconfig.SEND_CUSTOM_SCENARIOS: c.ShareCustomScenarios, + csconfig.SEND_MANUAL_SCENARIOS: c.ShareManualDecisions, + csconfig.SEND_CUSTOM_SCENARIOS: c.ShareCustomScenarios, csconfig.SEND_TAINTED_SCENARIOS: c.ShareTaintedScenarios, - csconfig.SEND_CONTEXT: c.ShareContext, - csconfig.CONSOLE_MANAGEMENT: c.ConsoleManagement, + csconfig.SEND_CONTEXT: c.ShareContext, + csconfig.CONSOLE_MANAGEMENT: c.ConsoleManagement, } data, err := json.MarshalIndent(out, "", " ") if err != nil { @@ -252,9 +251,6 @@ func SetConsoleOpts(args []string, wanted bool) error { for _, arg := range args { switch arg { case csconfig.CONSOLE_MANAGEMENT: - if !fflag.PapiClient.IsEnabled() { - continue - } /*for each flag check if it's already set before setting it*/ if csConfig.API.Server.ConsoleConfig.ConsoleManagement != nil { if *csConfig.API.Server.ConsoleConfig.ConsoleManagement == wanted { diff --git a/cmd/crowdsec-cli/main.go b/cmd/crowdsec-cli/main.go index 31f5cb158..0a6323fca 100644 --- a/cmd/crowdsec-cli/main.go +++ b/cmd/crowdsec-cli/main.go @@ -242,7 +242,7 @@ It is meant to allow you to manage bans, parsers/scenarios/etc, api and generall rootCmd.AddCommand(NewHubTestCmd()) rootCmd.AddCommand(NewCLINotifications().NewCommand()) rootCmd.AddCommand(NewCLISupport().NewCommand()) - + rootCmd.AddCommand(NewCLIPapi().NewCommand()) rootCmd.AddCommand(NewCollectionCLI().NewCommand()) rootCmd.AddCommand(NewParserCLI().NewCommand()) rootCmd.AddCommand(NewScenarioCLI().NewCommand()) diff --git a/pkg/apiserver/apiserver.go b/pkg/apiserver/apiserver.go index cfeb13d27..9c455a38a 100644 --- a/pkg/apiserver/apiserver.go +++ b/pkg/apiserver/apiserver.go @@ -29,7 +29,6 @@ import ( "github.com/crowdsecurity/crowdsec/pkg/csconfig" "github.com/crowdsecurity/crowdsec/pkg/csplugin" "github.com/crowdsecurity/crowdsec/pkg/database" - "github.com/crowdsecurity/crowdsec/pkg/fflag" "github.com/crowdsecurity/crowdsec/pkg/types" ) @@ -220,17 +219,15 @@ func NewServer(config *csconfig.LocalApiServerCfg) (*APIServer, error) { log.Infof("CAPI manager configured successfully") isMachineEnrolled = isEnrolled(apiClient.apiClient) controller.AlertsAddChan = apiClient.AlertsAddChan - if fflag.PapiClient.IsEnabled() { - if isMachineEnrolled { - log.Infof("Machine is enrolled in the console, Loading PAPI Client") - papiClient, err = NewPAPI(apiClient, dbClient, config.ConsoleConfig, *config.PapiLogLevel) - if err != nil { - return nil, err - } - controller.DecisionDeleteChan = papiClient.Channels.DeleteDecisionChannel - } else { - log.Errorf("Machine is not enrolled in the console, can't synchronize with the console") + if isMachineEnrolled { + log.Infof("Machine is enrolled in the console, Loading PAPI Client") + papiClient, err = NewPAPI(apiClient, dbClient, config.ConsoleConfig, *config.PapiLogLevel) + if err != nil { + return nil, err } + controller.DecisionDeleteChan = papiClient.Channels.DeleteDecisionChannel + } else { + log.Errorf("Machine is not enrolled in the console, can't synchronize with the console") } } else { apiClient = nil @@ -357,31 +354,29 @@ func (s *APIServer) Run(apiReady chan bool) error { //csConfig.API.Server.ConsoleConfig.ShareCustomScenarios if s.isEnrolled { - if fflag.PapiClient.IsEnabled() { - if s.consoleConfig.ConsoleManagement != nil && *s.consoleConfig.ConsoleManagement { - if s.papi.URL != "" { - log.Infof("Starting PAPI decision receiver") - s.papi.pullTomb.Go(func() error { - if err := s.papi.Pull(); err != nil { - log.Errorf("papi pull: %s", err) - return err - } - return nil - }) + if s.consoleConfig.ConsoleManagement != nil && *s.consoleConfig.ConsoleManagement { + if s.papi.URL != "" { + log.Infof("Starting PAPI decision receiver") + s.papi.pullTomb.Go(func() error { + if err := s.papi.Pull(); err != nil { + log.Errorf("papi pull: %s", err) + return err + } + return nil + }) - s.papi.syncTomb.Go(func() error { - if err := s.papi.SyncDecisions(); err != nil { - log.Errorf("capi decisions sync: %s", err) - return err - } - return nil - }) - } else { - log.Warnf("papi_url is not set in online_api_credentials.yaml, can't synchronize with the console. Run cscli console enable console_management to add it.") - } + s.papi.syncTomb.Go(func() error { + if err := s.papi.SyncDecisions(); err != nil { + log.Errorf("capi decisions sync: %s", err) + return err + } + return nil + }) } else { - log.Warningf("Machine is not allowed to synchronize decisions, you can enable it with `cscli console enable console_management`") + log.Warnf("papi_url is not set in online_api_credentials.yaml, can't synchronize with the console. Run cscli console enable console_management to add it.") } + } else { + log.Warningf("Machine is not allowed to synchronize decisions, you can enable it with `cscli console enable console_management`") } } diff --git a/pkg/csconfig/console.go b/pkg/csconfig/console.go index 32c4cff88..c8e83dcd8 100644 --- a/pkg/csconfig/console.go +++ b/pkg/csconfig/console.go @@ -8,8 +8,6 @@ import ( "gopkg.in/yaml.v2" "github.com/crowdsecurity/go-cs-lib/ptr" - - "github.com/crowdsecurity/crowdsec/pkg/fflag" ) const ( @@ -66,9 +64,7 @@ func (c *LocalApiServerCfg) LoadConsoleConfig() error { c.ConsoleConfig.ShareManualDecisions = ptr.Of(false) } - if !fflag.PapiClient.IsEnabled() { - c.ConsoleConfig.ConsoleManagement = ptr.Of(false) - } else if c.ConsoleConfig.ConsoleManagement == nil { + if c.ConsoleConfig.ConsoleManagement == nil { log.Debugf("no console_management found, setting to false") c.ConsoleConfig.ConsoleManagement = ptr.Of(false) } diff --git a/pkg/fflag/crowdsec.go b/pkg/fflag/crowdsec.go index 889f62dcf..814bd02f3 100644 --- a/pkg/fflag/crowdsec.go +++ b/pkg/fflag/crowdsec.go @@ -5,7 +5,7 @@ var Crowdsec = FeatureRegister{EnvPrefix: "CROWDSEC_FEATURE_"} var CscliSetup = &Feature{Name: "cscli_setup", Description: "Enable cscli setup command (service detection)"} var DisableHttpRetryBackoff = &Feature{Name: "disable_http_retry_backoff", Description: "Disable http retry backoff"} var ChunkedDecisionsStream = &Feature{Name: "chunked_decisions_stream", Description: "Enable chunked decisions stream"} -var PapiClient = &Feature{Name: "papi_client", Description: "Enable Polling API client"} +var PapiClient = &Feature{Name: "papi_client", Description: "Enable Polling API client", State: RetiredState} var Re2GrokSupport = &Feature{Name: "re2_grok_support", Description: "Enable RE2 support for GROK patterns"} var Re2RegexpInfileSupport = &Feature{Name: "re2_regexp_in_file_support", Description: "Enable RE2 support for RegexpInFile expr helper"} diff --git a/pkg/longpollclient/client.go b/pkg/longpollclient/client.go index 587826452..a35afa813 100644 --- a/pkg/longpollclient/client.go +++ b/pkg/longpollclient/client.go @@ -193,26 +193,32 @@ func (c *LongPollClient) PullOnce(since time.Time) ([]Event, error) { } defer resp.Body.Close() decoder := json.NewDecoder(resp.Body) - var pollResp pollResponse - err = decoder.Decode(&pollResp) - if err != nil { - if err == io.EOF { - c.logger.Debugf("server closed connection") - return nil, nil + evts := []Event{} + for { + var pollResp pollResponse + err = decoder.Decode(&pollResp) + if err != nil { + if err == io.EOF { + c.logger.Debugf("server closed connection") + break + } + log.Errorf("error decoding poll response: %v", err) + break } - return nil, fmt.Errorf("error decoding poll response: %v", err) - } - c.logger.Tracef("got response: %+v", pollResp) + c.logger.Tracef("got response: %+v", pollResp) - if len(pollResp.ErrorMessage) > 0 { - if pollResp.ErrorMessage == timeoutMessage { - c.logger.Debugf("got timeout message") - return nil, nil + if len(pollResp.ErrorMessage) > 0 { + if pollResp.ErrorMessage == timeoutMessage { + c.logger.Debugf("got timeout message") + break + } + log.Errorf("longpoll API error message: %s", pollResp.ErrorMessage) + break } - return nil, fmt.Errorf("longpoll API error message: %s", pollResp.ErrorMessage) + evts = append(evts, pollResp.Events...) } - return pollResp.Events, nil + return evts, nil } func NewLongPollClient(config LongPollClientConfig) (*LongPollClient, error) { diff --git a/test/bats/09_console.bats b/test/bats/09_console.bats index d3cf5286d..2e2f9bf05 100644 --- a/test/bats/09_console.bats +++ b/test/bats/09_console.bats @@ -72,9 +72,8 @@ setup() { assert_stderr --partial "manual already set to true" assert_stderr --partial "tainted already set to true" assert_stderr --partial "context already set to true" - assert_stderr --partial "All features have been enabled successfully" - CROWDSEC_FEATURE_PAPI_CLIENT=true rune -0 cscli console enable --all --debug assert_stderr --partial "console_management set to true" + assert_stderr --partial "All features have been enabled successfully" rune -1 cscli console enable tralala assert_stderr --partial "unknown flag tralala" } @@ -94,9 +93,8 @@ setup() { assert_stderr --partial "manual already set to false" assert_stderr --partial "tainted already set to false" assert_stderr --partial "context already set to false" - assert_stderr --partial "All features have been disabled" - CROWDSEC_FEATURE_PAPI_CLIENT=true rune -0 cscli console disable --all --debug assert_stderr --partial "console_management already set to false" + assert_stderr --partial "All features have been disabled" rune -1 cscli console disable tralala assert_stderr --partial "unknown flag tralala" }