remove PAPI feature flag (#2601)

This commit is contained in:
blotus 2023-12-08 14:55:45 +01:00 committed by GitHub
parent c707b72b03
commit 04f3dc09f9
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
8 changed files with 58 additions and 71 deletions

View file

@ -16,7 +16,6 @@ import (
"github.com/crowdsecurity/crowdsec/pkg/apiclient"
"github.com/crowdsecurity/crowdsec/pkg/csconfig"
"github.com/crowdsecurity/crowdsec/pkg/cwhub"
"github.com/crowdsecurity/crowdsec/pkg/fflag"
"github.com/crowdsecurity/crowdsec/pkg/models"
"github.com/crowdsecurity/crowdsec/pkg/types"
@ -98,9 +97,6 @@ func NewCapiRegisterCmd() *cobra.Command {
Password: password.String(),
URL: types.CAPIBaseURL,
}
if fflag.PapiClient.IsEnabled() {
apiCfg.PapiURL = types.PAPIBaseURL
}
apiConfigDump, err := yaml.Marshal(apiCfg)
if err != nil {
return fmt.Errorf("unable to marshal api credentials: %w", err)

View file

@ -20,7 +20,6 @@ import (
"github.com/crowdsecurity/crowdsec/pkg/apiclient"
"github.com/crowdsecurity/crowdsec/pkg/csconfig"
"github.com/crowdsecurity/crowdsec/pkg/cwhub"
"github.com/crowdsecurity/crowdsec/pkg/fflag"
"github.com/crowdsecurity/crowdsec/pkg/types"
"github.com/crowdsecurity/crowdsec/cmd/crowdsec-cli/require"
@ -189,11 +188,11 @@ Disable given information push to the central API.`,
case "json":
c := csConfig.API.Server.ConsoleConfig
out := map[string](*bool){
csconfig.SEND_MANUAL_SCENARIOS: c.ShareManualDecisions,
csconfig.SEND_CUSTOM_SCENARIOS: c.ShareCustomScenarios,
csconfig.SEND_MANUAL_SCENARIOS: c.ShareManualDecisions,
csconfig.SEND_CUSTOM_SCENARIOS: c.ShareCustomScenarios,
csconfig.SEND_TAINTED_SCENARIOS: c.ShareTaintedScenarios,
csconfig.SEND_CONTEXT: c.ShareContext,
csconfig.CONSOLE_MANAGEMENT: c.ConsoleManagement,
csconfig.SEND_CONTEXT: c.ShareContext,
csconfig.CONSOLE_MANAGEMENT: c.ConsoleManagement,
}
data, err := json.MarshalIndent(out, "", " ")
if err != nil {
@ -252,9 +251,6 @@ func SetConsoleOpts(args []string, wanted bool) error {
for _, arg := range args {
switch arg {
case csconfig.CONSOLE_MANAGEMENT:
if !fflag.PapiClient.IsEnabled() {
continue
}
/*for each flag check if it's already set before setting it*/
if csConfig.API.Server.ConsoleConfig.ConsoleManagement != nil {
if *csConfig.API.Server.ConsoleConfig.ConsoleManagement == wanted {

View file

@ -242,7 +242,7 @@ It is meant to allow you to manage bans, parsers/scenarios/etc, api and generall
rootCmd.AddCommand(NewHubTestCmd())
rootCmd.AddCommand(NewCLINotifications().NewCommand())
rootCmd.AddCommand(NewCLISupport().NewCommand())
rootCmd.AddCommand(NewCLIPapi().NewCommand())
rootCmd.AddCommand(NewCollectionCLI().NewCommand())
rootCmd.AddCommand(NewParserCLI().NewCommand())
rootCmd.AddCommand(NewScenarioCLI().NewCommand())

View file

@ -29,7 +29,6 @@ import (
"github.com/crowdsecurity/crowdsec/pkg/csconfig"
"github.com/crowdsecurity/crowdsec/pkg/csplugin"
"github.com/crowdsecurity/crowdsec/pkg/database"
"github.com/crowdsecurity/crowdsec/pkg/fflag"
"github.com/crowdsecurity/crowdsec/pkg/types"
)
@ -220,17 +219,15 @@ func NewServer(config *csconfig.LocalApiServerCfg) (*APIServer, error) {
log.Infof("CAPI manager configured successfully")
isMachineEnrolled = isEnrolled(apiClient.apiClient)
controller.AlertsAddChan = apiClient.AlertsAddChan
if fflag.PapiClient.IsEnabled() {
if isMachineEnrolled {
log.Infof("Machine is enrolled in the console, Loading PAPI Client")
papiClient, err = NewPAPI(apiClient, dbClient, config.ConsoleConfig, *config.PapiLogLevel)
if err != nil {
return nil, err
}
controller.DecisionDeleteChan = papiClient.Channels.DeleteDecisionChannel
} else {
log.Errorf("Machine is not enrolled in the console, can't synchronize with the console")
if isMachineEnrolled {
log.Infof("Machine is enrolled in the console, Loading PAPI Client")
papiClient, err = NewPAPI(apiClient, dbClient, config.ConsoleConfig, *config.PapiLogLevel)
if err != nil {
return nil, err
}
controller.DecisionDeleteChan = papiClient.Channels.DeleteDecisionChannel
} else {
log.Errorf("Machine is not enrolled in the console, can't synchronize with the console")
}
} else {
apiClient = nil
@ -357,31 +354,29 @@ func (s *APIServer) Run(apiReady chan bool) error {
//csConfig.API.Server.ConsoleConfig.ShareCustomScenarios
if s.isEnrolled {
if fflag.PapiClient.IsEnabled() {
if s.consoleConfig.ConsoleManagement != nil && *s.consoleConfig.ConsoleManagement {
if s.papi.URL != "" {
log.Infof("Starting PAPI decision receiver")
s.papi.pullTomb.Go(func() error {
if err := s.papi.Pull(); err != nil {
log.Errorf("papi pull: %s", err)
return err
}
return nil
})
if s.consoleConfig.ConsoleManagement != nil && *s.consoleConfig.ConsoleManagement {
if s.papi.URL != "" {
log.Infof("Starting PAPI decision receiver")
s.papi.pullTomb.Go(func() error {
if err := s.papi.Pull(); err != nil {
log.Errorf("papi pull: %s", err)
return err
}
return nil
})
s.papi.syncTomb.Go(func() error {
if err := s.papi.SyncDecisions(); err != nil {
log.Errorf("capi decisions sync: %s", err)
return err
}
return nil
})
} else {
log.Warnf("papi_url is not set in online_api_credentials.yaml, can't synchronize with the console. Run cscli console enable console_management to add it.")
}
s.papi.syncTomb.Go(func() error {
if err := s.papi.SyncDecisions(); err != nil {
log.Errorf("capi decisions sync: %s", err)
return err
}
return nil
})
} else {
log.Warningf("Machine is not allowed to synchronize decisions, you can enable it with `cscli console enable console_management`")
log.Warnf("papi_url is not set in online_api_credentials.yaml, can't synchronize with the console. Run cscli console enable console_management to add it.")
}
} else {
log.Warningf("Machine is not allowed to synchronize decisions, you can enable it with `cscli console enable console_management`")
}
}

View file

@ -8,8 +8,6 @@ import (
"gopkg.in/yaml.v2"
"github.com/crowdsecurity/go-cs-lib/ptr"
"github.com/crowdsecurity/crowdsec/pkg/fflag"
)
const (
@ -66,9 +64,7 @@ func (c *LocalApiServerCfg) LoadConsoleConfig() error {
c.ConsoleConfig.ShareManualDecisions = ptr.Of(false)
}
if !fflag.PapiClient.IsEnabled() {
c.ConsoleConfig.ConsoleManagement = ptr.Of(false)
} else if c.ConsoleConfig.ConsoleManagement == nil {
if c.ConsoleConfig.ConsoleManagement == nil {
log.Debugf("no console_management found, setting to false")
c.ConsoleConfig.ConsoleManagement = ptr.Of(false)
}

View file

@ -5,7 +5,7 @@ var Crowdsec = FeatureRegister{EnvPrefix: "CROWDSEC_FEATURE_"}
var CscliSetup = &Feature{Name: "cscli_setup", Description: "Enable cscli setup command (service detection)"}
var DisableHttpRetryBackoff = &Feature{Name: "disable_http_retry_backoff", Description: "Disable http retry backoff"}
var ChunkedDecisionsStream = &Feature{Name: "chunked_decisions_stream", Description: "Enable chunked decisions stream"}
var PapiClient = &Feature{Name: "papi_client", Description: "Enable Polling API client"}
var PapiClient = &Feature{Name: "papi_client", Description: "Enable Polling API client", State: RetiredState}
var Re2GrokSupport = &Feature{Name: "re2_grok_support", Description: "Enable RE2 support for GROK patterns"}
var Re2RegexpInfileSupport = &Feature{Name: "re2_regexp_in_file_support", Description: "Enable RE2 support for RegexpInFile expr helper"}

View file

@ -193,26 +193,32 @@ func (c *LongPollClient) PullOnce(since time.Time) ([]Event, error) {
}
defer resp.Body.Close()
decoder := json.NewDecoder(resp.Body)
var pollResp pollResponse
err = decoder.Decode(&pollResp)
if err != nil {
if err == io.EOF {
c.logger.Debugf("server closed connection")
return nil, nil
evts := []Event{}
for {
var pollResp pollResponse
err = decoder.Decode(&pollResp)
if err != nil {
if err == io.EOF {
c.logger.Debugf("server closed connection")
break
}
log.Errorf("error decoding poll response: %v", err)
break
}
return nil, fmt.Errorf("error decoding poll response: %v", err)
}
c.logger.Tracef("got response: %+v", pollResp)
c.logger.Tracef("got response: %+v", pollResp)
if len(pollResp.ErrorMessage) > 0 {
if pollResp.ErrorMessage == timeoutMessage {
c.logger.Debugf("got timeout message")
return nil, nil
if len(pollResp.ErrorMessage) > 0 {
if pollResp.ErrorMessage == timeoutMessage {
c.logger.Debugf("got timeout message")
break
}
log.Errorf("longpoll API error message: %s", pollResp.ErrorMessage)
break
}
return nil, fmt.Errorf("longpoll API error message: %s", pollResp.ErrorMessage)
evts = append(evts, pollResp.Events...)
}
return pollResp.Events, nil
return evts, nil
}
func NewLongPollClient(config LongPollClientConfig) (*LongPollClient, error) {

View file

@ -72,9 +72,8 @@ setup() {
assert_stderr --partial "manual already set to true"
assert_stderr --partial "tainted already set to true"
assert_stderr --partial "context already set to true"
assert_stderr --partial "All features have been enabled successfully"
CROWDSEC_FEATURE_PAPI_CLIENT=true rune -0 cscli console enable --all --debug
assert_stderr --partial "console_management set to true"
assert_stderr --partial "All features have been enabled successfully"
rune -1 cscli console enable tralala
assert_stderr --partial "unknown flag tralala"
}
@ -94,9 +93,8 @@ setup() {
assert_stderr --partial "manual already set to false"
assert_stderr --partial "tainted already set to false"
assert_stderr --partial "context already set to false"
assert_stderr --partial "All features have been disabled"
CROWDSEC_FEATURE_PAPI_CLIENT=true rune -0 cscli console disable --all --debug
assert_stderr --partial "console_management already set to false"
assert_stderr --partial "All features have been disabled"
rune -1 cscli console disable tralala
assert_stderr --partial "unknown flag tralala"
}