From b7286d6a85ac487b5aae40d8563b7f5cf839619c Mon Sep 17 00:00:00 2001
From: AlteredCoder <64792091+AlteredCoder@users.noreply.github.com>
Date: Tue, 1 Sep 2020 14:32:45 +0200
Subject: [PATCH] make cscli use crowdsec version for hub (#194)

---
 .github/workflows/ci_hub-tests.yml | 15 +++++++++++----
 .gitignore                         |  5 +++++
 Makefile                           |  2 +-
 cmd/crowdsec-cli/install.go        |  4 ++++
 cmd/crowdsec-cli/list.go           |  1 +
 cmd/crowdsec-cli/main.go           |  3 ++-
 cmd/crowdsec-cli/update.go         |  6 +++++-
 cmd/crowdsec-cli/upgrade.go        |  4 ++++
 cmd/crowdsec-cli/utils.go          | 30 ++++++++++++++++++++++++++++++
 docs/cheat_sheets/config-mgmt.md   |  3 +++
 pkg/cwversion/version.go           | 23 +++++++++++++++++++++++
 11 files changed, 89 insertions(+), 7 deletions(-)

diff --git a/.github/workflows/ci_hub-tests.yml b/.github/workflows/ci_hub-tests.yml
index 27f07f1e0..4b59c77a4 100644
--- a/.github/workflows/ci_hub-tests.yml
+++ b/.github/workflows/ci_hub-tests.yml
@@ -18,8 +18,10 @@ jobs:
       id: go
     - name: Check out code into the Go module directory
       uses: actions/checkout@v2
+      with:
+        fetch-depth: 0
     - name: Build release
-      run: BUILD_VERSION=xxx make release
+      run: make release
     # - name: Cache release
     #   uses: actions/cache@v2
     #   id: cache
@@ -31,21 +33,26 @@ jobs:
         git clone https://github.com/crowdsecurity/hub-tests.git
         cd hub-tests
         make
+    - uses: oprypin/find-latest-tag@v1
+      with:
+        repository: crowdsecurity/crowdsec  # The repository to scan.
+        releases-only: false  # We know that all relevant tags have a GitHub release for them.
+      id: crowdsec  # The step ID to refer to later.
     - name: Create crowdsec test env with all parsers from the release
       run: |
-        cd crowdsec-xxx
+        cd crowdsec-${{ steps.crowdsec.outputs.tag }}
         ./test_env.sh
         cd tests
         for i in `./cscli -c dev.yaml list parsers -a -o json | jq -r ".[].name" ` ; do 
           ./cscli -c dev.yaml install parser $i ; 
         done
     - name: Setup hub ci in crowdsec
-      working-directory: ./crowdsec-xxx/tests/
+      working-directory: ./crowdsec-${{ steps.crowdsec.outputs.tag }}/tests/
       run: |
         cp -R ../../hub-tests/tests .
         cp ../../hub-tests/main .
     - name: Run the HUB CI
-      working-directory: ./crowdsec-xxx/tests/
+      working-directory: ./crowdsec-${{ steps.crowdsec.outputs.tag }}/tests/
       run: |
         for i in `find ./tests -mindepth 1 -maxdepth 1 -type d` ; do 
           echo "::group::Test-${i}" ; 
diff --git a/.gitignore b/.gitignore
index 66fd13c90..a2c8f3b46 100644
--- a/.gitignore
+++ b/.gitignore
@@ -13,3 +13,8 @@
 
 # Dependency directories (remove the comment below to include it)
 # vendor/
+
+
+# crowdsec binaries
+cmd/crowdsec-cli/cscli
+cmd/crowdsec/crowdsec
\ No newline at end of file
diff --git a/Makefile b/Makefile
index 56238dcb9..f2becedea 100644
--- a/Makefile
+++ b/Makefile
@@ -17,7 +17,7 @@ REQUIRE_GOVERSION="1.13"
 
 
 #Current versioning information from env
-BUILD_VERSION?="$(shell git for-each-ref --sort=-v:refname --count=1 --format '%(refname)'  | cut -d '/' -f3)"
+BUILD_VERSION?="$(shell git describe --tags `git rev-list --tags --max-count=1`)"
 BUILD_GOVERSION="$(shell go version | cut -d " " -f3 | sed -r 's/[go]+//g')"
 BUILD_CODENAME=$(shell cat RELEASE.json | jq -r .CodeName)
 BUILD_TIMESTAMP=$(shell date +%F"_"%T)
diff --git a/cmd/crowdsec-cli/install.go b/cmd/crowdsec-cli/install.go
index f27339db1..bcc476321 100644
--- a/cmd/crowdsec-cli/install.go
+++ b/cmd/crowdsec-cli/install.go
@@ -63,6 +63,10 @@ you should [update cscli](./cscli_update.md).
 			if !config.configured {
 				return fmt.Errorf("you must configure cli before interacting with hub")
 			}
+
+			if err := setHubBranch(); err != nil {
+				return fmt.Errorf("error while setting hub branch: %s", err)
+			}
 			return nil
 		},
 		PersistentPostRun: func(cmd *cobra.Command, args []string) {
diff --git a/cmd/crowdsec-cli/list.go b/cmd/crowdsec-cli/list.go
index eb43ff2bc..5e9f5502e 100644
--- a/cmd/crowdsec-cli/list.go
+++ b/cmd/crowdsec-cli/list.go
@@ -72,6 +72,7 @@ cscli list -a # List all local and remote configurations
 			if !config.configured {
 				return fmt.Errorf("you must configure cli before interacting with hub")
 			}
+
 			return nil
 		},
 		Run: func(cmd *cobra.Command, args []string) {
diff --git a/cmd/crowdsec-cli/main.go b/cmd/crowdsec-cli/main.go
index b62509544..71c1ce753 100644
--- a/cmd/crowdsec-cli/main.go
+++ b/cmd/crowdsec-cli/main.go
@@ -122,7 +122,8 @@ API interaction:
 	rootCmd.PersistentFlags().BoolVar(&nfo_lvl, "info", false, "Set logging to info.")
 	rootCmd.PersistentFlags().BoolVar(&wrn_lvl, "warning", false, "Set logging to warning.")
 	rootCmd.PersistentFlags().BoolVar(&err_lvl, "error", false, "Set logging to error.")
-	rootCmd.PersistentFlags().StringVar(&cwhub.HubBranch, "branch", "master", "Override hub branch on github")
+
+	rootCmd.PersistentFlags().StringVar(&cwhub.HubBranch, "branch", "", "Override hub branch on github")
 	if err := rootCmd.PersistentFlags().MarkHidden("branch"); err != nil {
 		log.Fatalf("failed to make branch hidden : %s", err)
 	}
diff --git a/cmd/crowdsec-cli/update.go b/cmd/crowdsec-cli/update.go
index c9ba1bf33..15f241c28 100644
--- a/cmd/crowdsec-cli/update.go
+++ b/cmd/crowdsec-cli/update.go
@@ -20,7 +20,11 @@ Fetches the [.index.json](https://github.com/crowdsecurity/hub/blob/master/.inde
 		Args: cobra.ExactArgs(0),
 		PersistentPreRunE: func(cmd *cobra.Command, args []string) error {
 			if !config.configured {
-				return fmt.Errorf("you must configure cli before interacting with hub.")
+				return fmt.Errorf("you must configure cli before interacting with hub")
+			}
+
+			if err := setHubBranch(); err != nil {
+				return fmt.Errorf("error while setting hub branch: %s", err)
 			}
 			return nil
 		},
diff --git a/cmd/crowdsec-cli/upgrade.go b/cmd/crowdsec-cli/upgrade.go
index 3e02c372a..4c865c9b7 100644
--- a/cmd/crowdsec-cli/upgrade.go
+++ b/cmd/crowdsec-cli/upgrade.go
@@ -90,6 +90,10 @@ cscli upgrade --force # Overwrite tainted configuration
 			if !config.configured {
 				return fmt.Errorf("you must configure cli before interacting with hub")
 			}
+
+			if err := setHubBranch(); err != nil {
+				return fmt.Errorf("error while setting hub branch: %s", err)
+			}
 			return nil
 		},
 		Run: func(cmd *cobra.Command, args []string) {
diff --git a/cmd/crowdsec-cli/utils.go b/cmd/crowdsec-cli/utils.go
index 032a90a5c..cf8d90288 100644
--- a/cmd/crowdsec-cli/utils.go
+++ b/cmd/crowdsec-cli/utils.go
@@ -1,5 +1,11 @@
 package main
 
+import (
+	"github.com/crowdsecurity/crowdsec/pkg/cwhub"
+	"github.com/crowdsecurity/crowdsec/pkg/cwversion"
+	log "github.com/sirupsen/logrus"
+)
+
 func inSlice(s string, slice []string) bool {
 	for _, str := range slice {
 		if s == str {
@@ -17,3 +23,27 @@ func indexOf(s string, slice []string) int {
 	}
 	return -1
 }
+
+func setHubBranch() error {
+	/*
+		if no branch has been specified in flags for the hub, then use the one corresponding to crowdsec version
+	*/
+
+	if cwhub.HubBranch == "" {
+		latest, err := cwversion.Latest()
+		if err != nil {
+			cwhub.HubBranch = "master"
+			return err
+		}
+
+		if cwversion.Version == latest {
+			cwhub.HubBranch = "master"
+		} else {
+			log.Warnf("Crowdsec is not the latest version. Current version is '%s' and latest version is '%s'. Please update it!", cwversion.Version, latest)
+			log.Warnf("As a result, you will not be able to use parsers/scenarios/collections added to Crowdsec Hub after CrowdSec %s", latest)
+			cwhub.HubBranch = cwversion.Version
+		}
+		log.Debugf("Using branch '%s' for the hub", cwhub.HubBranch)
+	}
+	return nil
+}
diff --git a/docs/cheat_sheets/config-mgmt.md b/docs/cheat_sheets/config-mgmt.md
index c4a6c8477..b4ea65b69 100644
--- a/docs/cheat_sheets/config-mgmt.md
+++ b/docs/cheat_sheets/config-mgmt.md
@@ -1,5 +1,8 @@
 {{cli.bin}} allows you install, list, upgrade and remove configurations : parsers, enrichment, scenarios.
 
+!!! warning
+    If you're not running the latest CrowdSec version, configurations might not be the latest available. `cscli` will use the branch of the corresponding CrowdSec version to download and install configurations from the hub (it will use the `master` branch if you are on the latest CrowdSec version). 
+
 The various parsers, enrichers and scenarios installed on your machine makes a coherent ensemble to provide detection capabilities.
 
 _Parsers, Scenarios and Enrichers are often bundled together in "collections" to facilitate configuration._
diff --git a/pkg/cwversion/version.go b/pkg/cwversion/version.go
index a6e2ec728..b4b68498d 100644
--- a/pkg/cwversion/version.go
+++ b/pkg/cwversion/version.go
@@ -1,8 +1,10 @@
 package cwversion
 
 import (
+	"encoding/json"
 	"fmt"
 	"log"
+	"net/http"
 
 	version "github.com/hashicorp/go-version"
 )
@@ -60,3 +62,24 @@ func Statisfies(strvers string, constraint string) (bool, error) {
 	}
 	return true, nil
 }
+
+// Latest return latest crowdsec version based on github
+func Latest() (string, error) {
+	latest := make(map[string]interface{})
+
+	resp, err := http.Get("https://api.github.com/repos/crowdsecurity/crowdsec/releases/latest")
+	if err != nil {
+		return "", err
+	}
+	defer resp.Body.Close()
+
+	err = json.NewDecoder(resp.Body).Decode(&latest)
+	if err != nil {
+		return "", err
+	}
+	if _, ok := latest["name"]; !ok {
+		return "", fmt.Errorf("unable to find latest release name from github api")
+	}
+
+	return latest["name"].(string), nil
+}