Send installed appsec rules as part of the scenarios on login
This commit is contained in:
Sebastien Blot
parent
5622ac8338
commit
f99f003a50
1 changed files with 31 additions and 9 deletions
|
|
@ -76,6 +76,15 @@ func runOutput(input chan types.Event, overflow chan types.Event, buckets *leaky
|
||||||
return fmt.Errorf("loading list of installed hub scenarios: %w", err)
|
return fmt.Errorf("loading list of installed hub scenarios: %w", err)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
appsecRules, err := hub.GetInstalledItemNames(cwhub.APPSEC_RULES)
|
||||||
|
if err != nil {
|
||||||
|
return fmt.Errorf("loading list of installed hub appsec rules: %w", err)
|
||||||
|
}
|
||||||
|
|
||||||
|
installedScenariosAndAppsecRules := make([]string, 0, len(scenarios)+len(appsecRules))
|
||||||
|
installedScenariosAndAppsecRules = append(installedScenariosAndAppsecRules, scenarios...)
|
||||||
|
installedScenariosAndAppsecRules = append(installedScenariosAndAppsecRules, appsecRules...)
|
||||||
|
|
||||||
apiURL, err := url.Parse(apiConfig.URL)
|
apiURL, err := url.Parse(apiConfig.URL)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return fmt.Errorf("parsing api url ('%s'): %w", apiConfig.URL, err)
|
return fmt.Errorf("parsing api url ('%s'): %w", apiConfig.URL, err)
|
||||||
|
|
@ -89,12 +98,25 @@ func runOutput(input chan types.Event, overflow chan types.Event, buckets *leaky
|
||||||
Client, err := apiclient.NewClient(&apiclient.Config{
|
Client, err := apiclient.NewClient(&apiclient.Config{
|
||||||
MachineID: apiConfig.Login,
|
MachineID: apiConfig.Login,
|
||||||
Password: password,
|
Password: password,
|
||||||
Scenarios: scenarios,
|
Scenarios: installedScenariosAndAppsecRules,
|
||||||
UserAgent: fmt.Sprintf("crowdsec/%s", version.String()),
|
UserAgent: fmt.Sprintf("crowdsec/%s", version.String()),
|
||||||
URL: apiURL,
|
URL: apiURL,
|
||||||
PapiURL: papiURL,
|
PapiURL: papiURL,
|
||||||
VersionPrefix: "v1",
|
VersionPrefix: "v1",
|
||||||
UpdateScenario: func() ([]string, error) {return hub.GetInstalledItemNames(cwhub.SCENARIOS)},
|
UpdateScenario: func() ([]string, error) {
|
||||||
|
scenarios, err := hub.GetInstalledItemNames(cwhub.SCENARIOS)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
appsecRules, err := hub.GetInstalledItemNames(cwhub.APPSEC_RULES)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
ret := make([]string, 0, len(scenarios)+len(appsecRules))
|
||||||
|
ret = append(ret, scenarios...)
|
||||||
|
ret = append(ret, appsecRules...)
|
||||||
|
return ret, nil
|
||||||
|
},
|
||||||
})
|
})
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return fmt.Errorf("new client api: %w", err)
|
return fmt.Errorf("new client api: %w", err)
|
||||||
|
|
@ -102,7 +124,7 @@ func runOutput(input chan types.Event, overflow chan types.Event, buckets *leaky
|
||||||
authResp, _, err := Client.Auth.AuthenticateWatcher(context.Background(), models.WatcherAuthRequest{
|
authResp, _, err := Client.Auth.AuthenticateWatcher(context.Background(), models.WatcherAuthRequest{
|
||||||
MachineID: &apiConfig.Login,
|
MachineID: &apiConfig.Login,
|
||||||
Password: &password,
|
Password: &password,
|
||||||
Scenarios: scenarios,
|
Scenarios: installedScenariosAndAppsecRules,
|
||||||
})
|
})
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return fmt.Errorf("authenticate watcher (%s): %w", apiConfig.Login, err)
|
return fmt.Errorf("authenticate watcher (%s): %w", apiConfig.Login, err)
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue