Merge branch 'master' into docker_auto_discovery

2024-04-23 13:44:02 +01:00 · 2024-04-23 13:44:02 +01:00 · 2874eb51d3
commit 2874eb51d3
parent 7c8f671fb1 725cae1fa8
14 changed files with 139 additions and 106 deletions
--- a/.github/workflows/bats-sqlite-coverage.yml
+++ b/.github/workflows/bats-sqlite-coverage.yml
@ -81,3 +81,4 @@ jobs:
      with:
        files: ./coverage-bats.out
        flags: bats
+        token: ${{ secrets.CODECOV_TOKEN }}
--- a/.github/workflows/go-tests-windows.yml
+++ b/.github/workflows/go-tests-windows.yml
@ -52,6 +52,7 @@ jobs:
      with:
        files: coverage.out
        flags: unit-windows
+        token: ${{ secrets.CODECOV_TOKEN }}

    - name: golangci-lint
      uses: golangci/golangci-lint-action@v4
--- a/.github/workflows/go-tests.yml
+++ b/.github/workflows/go-tests.yml
@ -153,6 +153,7 @@ jobs:
      with:
        files: coverage.out
        flags: unit-linux
+        token: ${{ secrets.CODECOV_TOKEN }}

    - name: golangci-lint
      uses: golangci/golangci-lint-action@v4
--- a/.golangci.yml
+++ b/.golangci.yml
@ -58,7 +58,7 @@ linters-settings:
    min-complexity: 28

  nlreturn:
-    block-size: 4
+    block-size: 5

  nolintlint:
    allow-unused: false # report any unused nolint directives
--- a/cmd/crowdsec-cli/alerts.go
+++ b/cmd/crowdsec-cli/alerts.go
@ -4,6 +4,7 @@ import (
 	"context"
 	"encoding/csv"
 	"encoding/json"
+	"errors"
 	"fmt"
 	"net/url"
 	"os"
@ -204,6 +205,7 @@ func (cli *cliAlerts) NewCommand() *cobra.Command {
 			if err != nil {
 				return fmt.Errorf("parsing api url %s: %w", apiURL, err)
 			}
+
 			cli.client, err = apiclient.NewClient(&apiclient.Config{
 				MachineID:     cfg.API.Client.Credentials.Login,
 				Password:      strfmt.Password(cfg.API.Client.Credentials.Password),
@ -211,7 +213,6 @@ func (cli *cliAlerts) NewCommand() *cobra.Command {
 				URL:           apiURL,
 				VersionPrefix: "v1",
 			})
-
 			if err != nil {
 				return fmt.Errorf("new api client: %w", err)
 			}
@ -229,7 +230,7 @@ func (cli *cliAlerts) NewCommand() *cobra.Command {
 }

 func (cli *cliAlerts) NewListCmd() *cobra.Command {
-	var alertListFilter = apiclient.AlertsListOpts{
+	alertListFilter := apiclient.AlertsListOpts{
 		ScopeEquals:    new(string),
 		ValueEquals:    new(string),
 		ScenarioEquals: new(string),
@ -363,7 +364,7 @@ func (cli *cliAlerts) NewDeleteCmd() *cobra.Command {
 		delAlertByID   string
 	)

-	var alertDeleteFilter = apiclient.AlertsDeleteOpts{
+	alertDeleteFilter := apiclient.AlertsDeleteOpts{
 		ScopeEquals:    new(string),
 		ValueEquals:    new(string),
 		ScenarioEquals: new(string),
@ -391,7 +392,7 @@ cscli alerts delete -s crowdsecurity/ssh-bf"`,
 				*alertDeleteFilter.ScenarioEquals == "" && *alertDeleteFilter.IPEquals == "" &&
 				*alertDeleteFilter.RangeEquals == "" && delAlertByID == "" {
 				_ = cmd.Usage()
-				return fmt.Errorf("at least one filter or --all must be specified")
+				return errors.New("at least one filter or --all must be specified")
 			}

 			return nil
@ -478,7 +479,7 @@ func (cli *cliAlerts) NewInspectCmd() *cobra.Command {
 			cfg := cli.cfg()
 			if len(args) == 0 {
 				printHelp(cmd)
-				return fmt.Errorf("missing alert_id")
+				return errors.New("missing alert_id")
 			}
 			for _, alertID := range args {
 				id, err := strconv.Atoi(alertID)
--- a/cmd/crowdsec-cli/config_show.go
+++ b/cmd/crowdsec-cli/config_show.go
@ -10,13 +10,15 @@ import (
 	"github.com/sanity-io/litter"
 	log "github.com/sirupsen/logrus"
 	"github.com/spf13/cobra"
-	"gopkg.in/yaml.v2"
+	"gopkg.in/yaml.v3"

 	"github.com/crowdsecurity/crowdsec/pkg/csconfig"
 	"github.com/crowdsecurity/crowdsec/pkg/exprhelpers"
 )

-func showConfigKey(key string) error {
+func (cli *cliConfig) showKey(key string) error {
+	cfg := cli.cfg()
+
 	type Env struct {
 		Config *csconfig.Config
 	}
@ -30,15 +32,15 @@ func showConfigKey(key string) error {
 		return err
 	}

-	output, err := expr.Run(program, Env{Config: csConfig})
+	output, err := expr.Run(program, Env{Config: cfg})
 	if err != nil {
 		return err
 	}

-	switch csConfig.Cscli.Output {
+	switch cfg.Cscli.Output {
 	case "human", "raw":
 		// Don't use litter for strings, it adds quotes
-		// that we didn't have before
+		// that would break compatibility with previous versions
 		switch output.(type) {
 		case string:
 			fmt.Println(output)
@ -51,13 +53,14 @@ func showConfigKey(key string) error {
 			return fmt.Errorf("failed to marshal configuration: %w", err)
 		}

-		fmt.Printf("%s\n", string(data))
+		fmt.Println(string(data))
 	}

 	return nil
 }

-var configShowTemplate = `Global:
+func (cli *cliConfig) template() string {
+	return `Global:

 {{- if .ConfigPaths }}
   - Configuration Folder   : {{.ConfigPaths.ConfigDir}}
@ -182,19 +185,11 @@ Central API:
 {{- end }}
 {{- end }}
 `
+}

-func (cli *cliConfig) show(key string) error {
+func (cli *cliConfig) show() error {
 	cfg := cli.cfg()

-	if err := cfg.LoadAPIClient(); err != nil {
-		log.Errorf("failed to load API client configuration: %s", err)
-		// don't return, we can still show the configuration
-	}
-
-	if key != "" {
-		return showConfigKey(key)
-	}
-
 	switch cfg.Cscli.Output {
 	case "human":
 		// The tests on .Enable look funny because the option has a true default which has
@ -205,7 +200,7 @@ func (cli *cliConfig) show(key string) error {
 			"ValueBool": func(b *bool) bool { return b != nil && *b },
 		}

-		tmp, err := template.New("config").Funcs(funcs).Parse(configShowTemplate)
+		tmp, err := template.New("config").Funcs(funcs).Parse(cli.template())
 		if err != nil {
 			return err
 		}
@ -220,14 +215,14 @@ func (cli *cliConfig) show(key string) error {
 			return fmt.Errorf("failed to marshal configuration: %w", err)
 		}

-		fmt.Printf("%s\n", string(data))
+		fmt.Println(string(data))
 	case "raw":
 		data, err := yaml.Marshal(cfg)
 		if err != nil {
 			return fmt.Errorf("failed to marshal configuration: %w", err)
 		}

-		fmt.Printf("%s\n", string(data))
+		fmt.Println(string(data))
 	}

 	return nil
@ -243,7 +238,16 @@ func (cli *cliConfig) newShowCmd() *cobra.Command {
 		Args:              cobra.ExactArgs(0),
 		DisableAutoGenTag: true,
 		RunE: func(_ *cobra.Command, _ []string) error {
-			return cli.show(key)
+			if err := cli.cfg().LoadAPIClient(); err != nil {
+				log.Errorf("failed to load API client configuration: %s", err)
+				// don't return, we can still show the configuration
+			}
+
+			if key != "" {
+				return cli.showKey(key)
+			}
+
+			return cli.show()
 		},
 	}

--- a/cmd/crowdsec-cli/console.go
+++ b/cmd/crowdsec-cli/console.go
@ -4,9 +4,11 @@ import (
 	"context"
 	"encoding/csv"
 	"encoding/json"
+	"errors"
 	"fmt"
 	"net/url"
 	"os"
+	"strconv"
 	"strings"

 	"github.com/fatih/color"
@ -36,7 +38,7 @@ func NewCLIConsole(cfg configGetter) *cliConsole {
 }

 func (cli *cliConsole) NewCommand() *cobra.Command {
-	var cmd = &cobra.Command{
+	cmd := &cobra.Command{
 		Use:               "console [action]",
 		Short:             "Manage interaction with Crowdsec console (https://app.crowdsec.net)",
 		Args:              cobra.MinimumNArgs(1),
@ -203,7 +205,7 @@ Enable given information push to the central API. Allows to empower the console`
 				log.Infof("All features have been enabled successfully")
 			} else {
 				if len(args) == 0 {
-					return fmt.Errorf("you must specify at least one feature to enable")
+					return errors.New("you must specify at least one feature to enable")
 				}
 				if err := cli.setConsoleOpts(args, true); err != nil {
 					return err
@ -288,11 +290,11 @@ func (cli *cliConsole) newStatusCmd() *cobra.Command {
 				}

 				rows := [][]string{
-					{csconfig.SEND_MANUAL_SCENARIOS, fmt.Sprintf("%t", *consoleCfg.ShareManualDecisions)},
-					{csconfig.SEND_CUSTOM_SCENARIOS, fmt.Sprintf("%t", *consoleCfg.ShareCustomScenarios)},
-					{csconfig.SEND_TAINTED_SCENARIOS, fmt.Sprintf("%t", *consoleCfg.ShareTaintedScenarios)},
-					{csconfig.SEND_CONTEXT, fmt.Sprintf("%t", *consoleCfg.ShareContext)},
-					{csconfig.CONSOLE_MANAGEMENT, fmt.Sprintf("%t", *consoleCfg.ConsoleManagement)},
+					{csconfig.SEND_MANUAL_SCENARIOS, strconv.FormatBool(*consoleCfg.ShareManualDecisions)},
+					{csconfig.SEND_CUSTOM_SCENARIOS, strconv.FormatBool(*consoleCfg.ShareCustomScenarios)},
+					{csconfig.SEND_TAINTED_SCENARIOS, strconv.FormatBool(*consoleCfg.ShareTaintedScenarios)},
+					{csconfig.SEND_CONTEXT, strconv.FormatBool(*consoleCfg.ShareContext)},
+					{csconfig.CONSOLE_MANAGEMENT, strconv.FormatBool(*consoleCfg.ConsoleManagement)},
 				}
 				for _, row := range rows {
 					err = csvwriter.Write(row)
--- a/cmd/crowdsec-cli/copyfile.go
+++ b/cmd/crowdsec-cli/copyfile.go
@ -9,7 +9,6 @@ import (
 	log "github.com/sirupsen/logrus"
 )

-
 /*help to copy the file, ioutil doesn't offer the feature*/

 func copyFileContents(src, dst string) (err error) {
@ -69,6 +68,7 @@ func CopyFile(sourceSymLink, destinationFile string) error {
 		if !(destinationFileStat.Mode().IsRegular()) {
 			return fmt.Errorf("copyFile: non-regular destination file %s (%q)", destinationFileStat.Name(), destinationFileStat.Mode().String())
 		}
+
 		if os.SameFile(sourceFileStat, destinationFileStat) {
 			return err
 		}
@ -80,4 +80,3 @@ func CopyFile(sourceSymLink, destinationFile string) error {

 	return err
 }
-
--- a/cmd/crowdsec-cli/decisions.go
+++ b/cmd/crowdsec-cli/decisions.go
@ -4,6 +4,7 @@ import (
 	"context"
 	"encoding/csv"
 	"encoding/json"
+	"errors"
 	"fmt"
 	"net/url"
 	"os"
@ -346,7 +347,7 @@ cscli decisions add --scope username --value foobar
 				addScope = types.Range
 			} else if addValue == "" {
 				printHelp(cmd)
-				return fmt.Errorf("missing arguments, a value is required (--ip, --range or --scope and --value)")
+				return errors.New("missing arguments, a value is required (--ip, --range or --scope and --value)")
 			}

 			if addReason == "" {
@ -371,7 +372,7 @@ cscli decisions add --scope username --value foobar
 				Scenario:        &addReason,
 				ScenarioVersion: &empty,
 				Simulated:       &simulated,
-				//setting empty scope/value broke plugins, and it didn't seem to be needed anymore w/ latest papi changes
+				// setting empty scope/value broke plugins, and it didn't seem to be needed anymore w/ latest papi changes
 				Source: &models.Source{
 					AsName:   empty,
 					AsNumber: empty,
@ -411,7 +412,7 @@ cscli decisions add --scope username --value foobar
 }

 func (cli *cliDecisions) newDeleteCmd() *cobra.Command {
-	var delFilter = apiclient.DecisionsDeleteOpts{
+	delFilter := apiclient.DecisionsDeleteOpts{
 		ScopeEquals:    new(string),
 		ValueEquals:    new(string),
 		TypeEquals:     new(string),
@ -448,7 +449,7 @@ cscli decisions delete --origin lists  --scenario list_name
 				*delFilter.RangeEquals == "" && *delFilter.ScenarioEquals == "" &&
 				*delFilter.OriginEquals == "" && delDecisionID == "" {
 				cmd.Usage()
-				return fmt.Errorf("at least one filter or --all must be specified")
+				return errors.New("at least one filter or --all must be specified")
 			}

 			return nil
--- a/cmd/crowdsec-cli/decisions_import.go
+++ b/cmd/crowdsec-cli/decisions_import.go
@ -5,6 +5,7 @@ import (
 	"bytes"
 	"context"
 	"encoding/json"
+	"errors"
 	"fmt"
 	"io"
 	"os"
@ -81,7 +82,7 @@ func (cli *cliDecisions) runImport(cmd *cobra.Command, args []string) error  {
 	}

 	if defaultDuration == "" {
-		return fmt.Errorf("--duration cannot be empty")
+		return errors.New("--duration cannot be empty")
 	}

 	defaultScope, err := flags.GetString("scope")
@ -90,7 +91,7 @@ func (cli *cliDecisions) runImport(cmd *cobra.Command, args []string) error  {
 	}

 	if defaultScope == "" {
-		return fmt.Errorf("--scope cannot be empty")
+		return errors.New("--scope cannot be empty")
 	}

 	defaultReason, err := flags.GetString("reason")
@ -99,7 +100,7 @@ func (cli *cliDecisions) runImport(cmd *cobra.Command, args []string) error  {
 	}

 	if defaultReason == "" {
-		return fmt.Errorf("--reason cannot be empty")
+		return errors.New("--reason cannot be empty")
 	}

 	defaultType, err := flags.GetString("type")
@ -108,7 +109,7 @@ func (cli *cliDecisions) runImport(cmd *cobra.Command, args []string) error  {
 	}

 	if defaultType == "" {
-		return fmt.Errorf("--type cannot be empty")
+		return errors.New("--type cannot be empty")
 	}

 	batchSize, err := flags.GetInt("batch")
@ -136,7 +137,7 @@ func (cli *cliDecisions) runImport(cmd *cobra.Command, args []string) error  {
 	}

 	if format == "" {
-		return fmt.Errorf("unable to guess format from file extension, please provide a format with --format flag")
+		return errors.New("unable to guess format from file extension, please provide a format with --format flag")
 	}

 	if input == "-" {
@ -235,7 +236,6 @@ func (cli *cliDecisions) runImport(cmd *cobra.Command, args []string) error  {
 	return nil
 }

-
 func (cli *cliDecisions) newImportCmd() *cobra.Command {
 	cmd := &cobra.Command{
 		Use:   "import [options]",
--- a/cmd/crowdsec-cli/doc.go
+++ b/cmd/crowdsec-cli/doc.go
@ -39,8 +39,10 @@ id: %s
 title: %s
 ---
 `
+
 	name := filepath.Base(filename)
 	base := strings.TrimSuffix(name, filepath.Ext(name))
+
 	return fmt.Sprintf(header, base, strings.ReplaceAll(base, "_", " "))
 }

--- a/cmd/crowdsec-cli/explain.go
+++ b/cmd/crowdsec-cli/explain.go
@ -83,7 +83,7 @@ tail -n 5 myfile.log | cscli explain --type nginx -f -
 		PersistentPreRunE: func(_ *cobra.Command, _ []string) error {
 			fileInfo, _ := os.Stdin.Stat()
 			if cli.flags.logFile == "-" && ((fileInfo.Mode() & os.ModeCharDevice) == os.ModeCharDevice) {
-				return fmt.Errorf("the option -f - is intended to work with pipes")
+				return errors.New("the option -f - is intended to work with pipes")
 			}

 			return nil
@ -160,18 +160,22 @@ func (cli *cliExplain) run() error {
 		} else if logFile == "-" {
 			reader := bufio.NewReader(os.Stdin)
 			errCount := 0
+
 			for {
 				input, err := reader.ReadBytes('\n')
 				if err != nil && errors.Is(err, io.EOF) {
 					break
 				}
+
 				if len(input) > 1 {
 					_, err = f.Write(input)
 				}
+
 				if err != nil || len(input) <= 1 {
 					errCount++
 				}
 			}
+
 			if errCount > 0 {
 				log.Warnf("Failed to write %d lines to %s", errCount, tmpFile)
 			}
@ -207,7 +211,7 @@ func (cli *cliExplain) run() error {
 	}

 	if dsn == "" {
-		return fmt.Errorf("no acquisition (--file or --dsn) provided, can't run cscli test")
+		return errors.New("no acquisition (--file or --dsn) provided, can't run cscli test")
 	}

 	cmdArgs := []string{"-c", ConfigFilePath, "-type", logType, "-dsn", dsn, "-dump-data", dir, "-no-api"}
--- a/cmd/crowdsec/metrics.go
+++ b/cmd/crowdsec/metrics.go
@ -3,7 +3,6 @@ package main
 import (
 	"fmt"
 	"net/http"
-	"time"

 	"github.com/prometheus/client_golang/prometheus"
 	"github.com/prometheus/client_golang/prometheus/promhttp"
@ -22,7 +21,8 @@ import (
 	"github.com/crowdsecurity/crowdsec/pkg/parser"
 )

-/*prometheus*/
+// Prometheus
+
 var globalParserHits = prometheus.NewCounterVec(
 	prometheus.CounterOpts{
 		Name: "cs_parser_hits_total",
@ -30,6 +30,7 @@ var globalParserHits = prometheus.NewCounterVec(
 	},
 	[]string{"source", "type"},
 )
+
 var globalParserHitsOk = prometheus.NewCounterVec(
 	prometheus.CounterOpts{
 		Name: "cs_parser_hits_ok_total",
@ -37,6 +38,7 @@ var globalParserHitsOk = prometheus.NewCounterVec(
 	},
 	[]string{"source", "type"},
 )
+
 var globalParserHitsKo = prometheus.NewCounterVec(
 	prometheus.CounterOpts{
 		Name: "cs_parser_hits_ko_total",
@ -116,9 +118,7 @@ func computeDynamicMetrics(next http.Handler, dbClient *database.Client) http.Ha
 			return
 		}

-		decisionsFilters := make(map[string][]string, 0)
-
-		decisions, err := dbClient.QueryDecisionCountByScenario(decisionsFilters)
+		decisions, err := dbClient.QueryDecisionCountByScenario()
 		if err != nil {
 			log.Errorf("Error querying decisions for metrics: %v", err)
 			next.ServeHTTP(w, r)
@ -139,7 +139,6 @@ func computeDynamicMetrics(next http.Handler, dbClient *database.Client) http.Ha
 		}

 		alerts, err := dbClient.AlertsCountPerScenario(alertsFilter)
-
 		if err != nil {
 			log.Errorf("Error querying alerts for metrics: %v", err)
 			next.ServeHTTP(w, r)
@ -194,7 +193,6 @@ func servePrometheus(config *csconfig.PrometheusCfg, dbClient *database.Client,
 	defer trace.CatchPanic("crowdsec/servePrometheus")

 	http.Handle("/metrics", computeDynamicMetrics(promhttp.Handler(), dbClient))
-	log.Debugf("serving metrics after %s ms", time.Since(crowdsecT0))

 	if err := http.ListenAndServe(fmt.Sprintf("%s:%d", config.ListenAddr, config.ListenPort), nil); err != nil {
 		// in time machine, we most likely have the LAPI using the port
--- a/pkg/database/decisions.go
+++ b/pkg/database/decisions.go
@ -37,6 +37,7 @@ func BuildDecisionRequestWithFilter(query *ent.DecisionQuery, filter map[string]
 		if v[0] == "false" {
 			query = query.Where(decision.SimulatedEQ(false))
 		}
+
 		delete(filter, "simulated")
 	} else {
 		query = query.Where(decision.SimulatedEQ(false))
@ -49,7 +50,7 @@ func BuildDecisionRequestWithFilter(query *ent.DecisionQuery, filter map[string]
 			if err != nil {
 				return nil, errors.Wrapf(InvalidFilter, "invalid contains value : %s", err)
 			}
-		case "scopes", "scope": //Swagger mentions both of them, let's just support both to make sure we don't break anything
+		case "scopes", "scope": // Swagger mentions both of them, let's just support both to make sure we don't break anything
 			scopes := strings.Split(value[0], ",")
 			for i, scope := range scopes {
 				switch strings.ToLower(scope) {
@ -63,6 +64,7 @@ func BuildDecisionRequestWithFilter(query *ent.DecisionQuery, filter map[string]
 					scopes[i] = types.AS
 				}
 			}
+
 			query = query.Where(decision.ScopeIn(scopes...))
 		case "value":
 			query = query.Where(decision.ValueEQ(value[0]))
@ -164,11 +166,11 @@ func (c *Client) QueryExpiredDecisionsWithFilters(filters map[string][]string) (
 	return data, nil
 }

-func (c *Client) QueryDecisionCountByScenario(filters map[string][]string) ([]*DecisionsByScenario, error) {
+func (c *Client) QueryDecisionCountByScenario() ([]*DecisionsByScenario, error) {
 	query := c.Ent.Decision.Query().Where(
 		decision.UntilGT(time.Now().UTC()),
 	)
-	query, err := BuildDecisionRequestWithFilter(query, filters)
+	query, err := BuildDecisionRequestWithFilter(query, make(map[string][]string))

 	if err != nil {
 		c.Log.Warningf("QueryDecisionCountByScenario : %s", err)
@ -277,10 +279,12 @@ func (c *Client) QueryNewDecisionsSinceWithFilters(since time.Time, filters map[
 		decision.CreatedAtGT(since),
 		decision.UntilGT(time.Now().UTC()),
 	)
-	//Allow a bouncer to ask for non-deduplicated results
+
+	// Allow a bouncer to ask for non-deduplicated results
 	if v, ok := filters["dedup"]; !ok || v[0] != "false" {
 		query = query.Where(longestDecisionForScopeTypeValue)
 	}
+
 	query, err := BuildDecisionRequestWithFilter(query, filters)
 	if err != nil {
 		c.Log.Warningf("QueryNewDecisionsSinceWithFilters : %s", err)
@ -294,17 +298,20 @@ func (c *Client) QueryNewDecisionsSinceWithFilters(since time.Time, filters map[
 		c.Log.Warningf("QueryNewDecisionsSinceWithFilters : %s", err)
 		return []*ent.Decision{}, errors.Wrapf(QueryFail, "new decisions since '%s'", since.String())
 	}
+
 	return data, nil
 }

-func (c *Client) DeleteDecisionById(decisionId int) ([]*ent.Decision, error) {
-	toDelete, err := c.Ent.Decision.Query().Where(decision.IDEQ(decisionId)).All(c.CTX)
+func (c *Client) DeleteDecisionById(decisionID int) ([]*ent.Decision, error) {
+	toDelete, err := c.Ent.Decision.Query().Where(decision.IDEQ(decisionID)).All(c.CTX)
 	if err != nil {
 		c.Log.Warningf("DeleteDecisionById : %s", err)
-		return nil, errors.Wrapf(DeleteFail, "decision with id '%d' doesn't exist", decisionId)
+		return nil, errors.Wrapf(DeleteFail, "decision with id '%d' doesn't exist", decisionID)
 	}
+
 	count, err := c.BulkDeleteDecisions(toDelete, false)
 	c.Log.Debugf("deleted %d decisions", count)
+
 	return toDelete, err
 }

@ -317,6 +324,7 @@ func (c *Client) DeleteDecisionsWithFilter(filter map[string][]string) (string,
 	  else, return bans that are *contained* by the given value (value is the outer) */

 	decisions := c.Ent.Decision.Query()
+
 	for param, value := range filter {
 		switch param {
 		case "contains":
@ -359,48 +367,48 @@ func (c *Client) DeleteDecisionsWithFilter(filter map[string][]string) (string,
 	} else if ip_sz == 16 {
 		if contains { /*decision contains {start_ip,end_ip}*/
 			decisions = decisions.Where(decision.And(
-				//matching addr size
+				// matching addr size
 				decision.IPSizeEQ(int64(ip_sz)),
 				decision.Or(
-					//decision.start_ip < query.start_ip
+					// decision.start_ip < query.start_ip
 					decision.StartIPLT(start_ip),
 					decision.And(
-						//decision.start_ip == query.start_ip
+						// decision.start_ip == query.start_ip
 						decision.StartIPEQ(start_ip),
-						//decision.start_suffix <= query.start_suffix
+						// decision.start_suffix <= query.start_suffix
 						decision.StartSuffixLTE(start_sfx),
 					)),
 				decision.Or(
-					//decision.end_ip > query.end_ip
+					// decision.end_ip > query.end_ip
 					decision.EndIPGT(end_ip),
 					decision.And(
-						//decision.end_ip == query.end_ip
+						// decision.end_ip == query.end_ip
 						decision.EndIPEQ(end_ip),
-						//decision.end_suffix >= query.end_suffix
+						// decision.end_suffix >= query.end_suffix
 						decision.EndSuffixGTE(end_sfx),
 					),
 				),
 			))
 		} else {
 			decisions = decisions.Where(decision.And(
-				//matching addr size
+				// matching addr size
 				decision.IPSizeEQ(int64(ip_sz)),
 				decision.Or(
-					//decision.start_ip > query.start_ip
+					// decision.start_ip > query.start_ip
 					decision.StartIPGT(start_ip),
 					decision.And(
-						//decision.start_ip == query.start_ip
+						// decision.start_ip == query.start_ip
 						decision.StartIPEQ(start_ip),
-						//decision.start_suffix >= query.start_suffix
+						// decision.start_suffix >= query.start_suffix
 						decision.StartSuffixGTE(start_sfx),
 					)),
 				decision.Or(
-					//decision.end_ip < query.end_ip
+					// decision.end_ip < query.end_ip
 					decision.EndIPLT(end_ip),
 					decision.And(
-						//decision.end_ip == query.end_ip
+						// decision.end_ip == query.end_ip
 						decision.EndIPEQ(end_ip),
-						//decision.end_suffix <= query.end_suffix
+						// decision.end_suffix <= query.end_suffix
 						decision.EndSuffixLTE(end_sfx),
 					),
 				),
@ -415,11 +423,13 @@ func (c *Client) DeleteDecisionsWithFilter(filter map[string][]string) (string,
 		c.Log.Warningf("DeleteDecisionsWithFilter : %s", err)
 		return "0", nil, errors.Wrap(DeleteFail, "decisions with provided filter")
 	}
+
 	count, err := c.BulkDeleteDecisions(toDelete, false)
 	if err != nil {
 		c.Log.Warningf("While deleting decisions : %s", err)
 		return "0", nil, errors.Wrap(DeleteFail, "decisions with provided filter")
 	}
+
 	return strconv.Itoa(count), toDelete, nil
 }

@ -432,6 +442,7 @@ func (c *Client) SoftDeleteDecisionsWithFilter(filter map[string][]string) (stri
 	/*if contains is true, return bans that *contains* the given value (value is the inner)
 	  else, return bans that are *contained* by the given value (value is the outer)*/
 	decisions := c.Ent.Decision.Query().Where(decision.UntilGT(time.Now().UTC()))
+
 	for param, value := range filter {
 		switch param {
 		case "contains":
@ -480,24 +491,24 @@ func (c *Client) SoftDeleteDecisionsWithFilter(filter map[string][]string) (stri
 		/*decision contains {start_ip,end_ip}*/
 		if contains {
 			decisions = decisions.Where(decision.And(
-				//matching addr size
+				// matching addr size
 				decision.IPSizeEQ(int64(ip_sz)),
 				decision.Or(
-					//decision.start_ip < query.start_ip
+					// decision.start_ip < query.start_ip
 					decision.StartIPLT(start_ip),
 					decision.And(
-						//decision.start_ip == query.start_ip
+						// decision.start_ip == query.start_ip
 						decision.StartIPEQ(start_ip),
-						//decision.start_suffix <= query.start_suffix
+						// decision.start_suffix <= query.start_suffix
 						decision.StartSuffixLTE(start_sfx),
 					)),
 				decision.Or(
-					//decision.end_ip > query.end_ip
+					// decision.end_ip > query.end_ip
 					decision.EndIPGT(end_ip),
 					decision.And(
-						//decision.end_ip == query.end_ip
+						// decision.end_ip == query.end_ip
 						decision.EndIPEQ(end_ip),
-						//decision.end_suffix >= query.end_suffix
+						// decision.end_suffix >= query.end_suffix
 						decision.EndSuffixGTE(end_sfx),
 					),
 				),
@ -505,24 +516,24 @@ func (c *Client) SoftDeleteDecisionsWithFilter(filter map[string][]string) (stri
 		} else {
 			/*decision is contained within {start_ip,end_ip}*/
 			decisions = decisions.Where(decision.And(
-				//matching addr size
+				// matching addr size
 				decision.IPSizeEQ(int64(ip_sz)),
 				decision.Or(
-					//decision.start_ip > query.start_ip
+					// decision.start_ip > query.start_ip
 					decision.StartIPGT(start_ip),
 					decision.And(
-						//decision.start_ip == query.start_ip
+						// decision.start_ip == query.start_ip
 						decision.StartIPEQ(start_ip),
-						//decision.start_suffix >= query.start_suffix
+						// decision.start_suffix >= query.start_suffix
 						decision.StartSuffixGTE(start_sfx),
 					)),
 				decision.Or(
-					//decision.end_ip < query.end_ip
+					// decision.end_ip < query.end_ip
 					decision.EndIPLT(end_ip),
 					decision.And(
-						//decision.end_ip == query.end_ip
+						// decision.end_ip == query.end_ip
 						decision.EndIPEQ(end_ip),
-						//decision.end_suffix <= query.end_suffix
+						// decision.end_suffix <= query.end_suffix
 						decision.EndSuffixLTE(end_sfx),
 					),
 				),
@ -531,6 +542,7 @@ func (c *Client) SoftDeleteDecisionsWithFilter(filter map[string][]string) (stri
 	} else if ip_sz != 0 {
 		return "0", nil, errors.Wrapf(InvalidFilter, "Unknown ip size %d", ip_sz)
 	}
+
 	DecisionsToDelete, err := decisions.All(c.CTX)
 	if err != nil {
 		c.Log.Warningf("SoftDeleteDecisionsWithFilter : %s", err)
@ -541,13 +553,14 @@ func (c *Client) SoftDeleteDecisionsWithFilter(filter map[string][]string) (stri
 	if err != nil {
 		return "0", nil, errors.Wrapf(DeleteFail, "soft delete decisions with provided filter : %s", err)
 	}
+
 	return strconv.Itoa(count), DecisionsToDelete, err
 }

-// BulkDeleteDecisions set the expiration of a bulk of decisions to now() or hard deletes them.
+// BulkDeleteDecisions sets the expiration of a bulk of decisions to now() or hard deletes them.
 // We are doing it this way so we can return impacted decisions for sync with CAPI/PAPI
 func (c *Client) BulkDeleteDecisions(decisionsToDelete []*ent.Decision, softDelete bool) (int, error) {
-	const bulkSize = 256 //scientifically proven to be the best value for bulk delete
+	const bulkSize = 256 // scientifically proven to be the best value for bulk delete

 	var (
 		nbUpdates    int
@ -576,6 +589,7 @@ func (c *Client) BulkDeleteDecisions(decisionsToDelete []*ent.Decision, softDele
 				return totalUpdates, fmt.Errorf("hard delete decisions with provided filter: %w", err)
 			}
 		}
+
 		totalUpdates += nbUpdates
 	}

@ -612,6 +626,7 @@ func (c *Client) CountDecisionsByValue(decisionValue string) (int, error) {

 	contains := true
 	decisions := c.Ent.Decision.Query()
+
 	decisions, err = applyStartIpEndIpFilter(decisions, contains, ip_sz, start_ip, start_sfx, end_ip, end_sfx)
 	if err != nil {
 		return 0, errors.Wrapf(err, "fail to apply StartIpEndIpFilter")
@ -667,6 +682,7 @@ func applyStartIpEndIpFilter(decisions *ent.DecisionQuery, contains bool, ip_sz
 				decision.IPSizeEQ(int64(ip_sz)),
 			))
 		}
+
 		return decisions, nil
 	}

@ -674,24 +690,24 @@ func applyStartIpEndIpFilter(decisions *ent.DecisionQuery, contains bool, ip_sz
 		/*decision contains {start_ip,end_ip}*/
 		if contains {
 			decisions = decisions.Where(decision.And(
-				//matching addr size
+				// matching addr size
 				decision.IPSizeEQ(int64(ip_sz)),
 				decision.Or(
-					//decision.start_ip < query.start_ip
+					// decision.start_ip < query.start_ip
 					decision.StartIPLT(start_ip),
 					decision.And(
-						//decision.start_ip == query.start_ip
+						// decision.start_ip == query.start_ip
 						decision.StartIPEQ(start_ip),
-						//decision.start_suffix <= query.start_suffix
+						// decision.start_suffix <= query.start_suffix
 						decision.StartSuffixLTE(start_sfx),
 					)),
 				decision.Or(
-					//decision.end_ip > query.end_ip
+					// decision.end_ip > query.end_ip
 					decision.EndIPGT(end_ip),
 					decision.And(
-						//decision.end_ip == query.end_ip
+						// decision.end_ip == query.end_ip
 						decision.EndIPEQ(end_ip),
-						//decision.end_suffix >= query.end_suffix
+						// decision.end_suffix >= query.end_suffix
 						decision.EndSuffixGTE(end_sfx),
 					),
 				),
@ -699,29 +715,30 @@ func applyStartIpEndIpFilter(decisions *ent.DecisionQuery, contains bool, ip_sz
 		} else {
 			/*decision is contained within {start_ip,end_ip}*/
 			decisions = decisions.Where(decision.And(
-				//matching addr size
+				// matching addr size
 				decision.IPSizeEQ(int64(ip_sz)),
 				decision.Or(
-					//decision.start_ip > query.start_ip
+					// decision.start_ip > query.start_ip
 					decision.StartIPGT(start_ip),
 					decision.And(
-						//decision.start_ip == query.start_ip
+						// decision.start_ip == query.start_ip
 						decision.StartIPEQ(start_ip),
-						//decision.start_suffix >= query.start_suffix
+						// decision.start_suffix >= query.start_suffix
 						decision.StartSuffixGTE(start_sfx),
 					)),
 				decision.Or(
-					//decision.end_ip < query.end_ip
+					// decision.end_ip < query.end_ip
 					decision.EndIPLT(end_ip),
 					decision.And(
-						//decision.end_ip == query.end_ip
+						// decision.end_ip == query.end_ip
 						decision.EndIPEQ(end_ip),
-						//decision.end_suffix <= query.end_suffix
+						// decision.end_suffix <= query.end_suffix
 						decision.EndSuffixLTE(end_sfx),
 					),
 				),
 			))
 		}
+
 		return decisions, nil
 	}

@ -735,8 +752,10 @@ func applyStartIpEndIpFilter(decisions *ent.DecisionQuery, contains bool, ip_sz
 func decisionPredicatesFromStr(s string, predicateFunc func(string) predicate.Decision) []predicate.Decision {
 	words := strings.Split(s, ",")
 	predicates := make([]predicate.Decision, len(words))
+
 	for i, word := range words {
 		predicates[i] = predicateFunc(word)
 	}
+
 	return predicates
 }