beenull/crowdsec

Author	SHA1	Message	Date
blotus	85ab9c68a2	Add `cscli papi status` and `cscli papi sync` (#2091 )	2023-03-03 13:46:28 +01:00
mmetc	f6d6c5bb2b	Add tests and typo fixes (#2092 )	2023-03-03 11:06:27 +01:00
Laurence Jones	8acce4637a	Option to disable remote lapi registration (#2010 ) * Allow to disable remote lapi registration * Extract method and make it extendable as a generic middleware * Change method name so it make sense to read abort remote if <config> * golint	2023-02-24 13:44:21 +00:00
blotus	90c38db9f2	Stream decisions from db (#1927 )	2023-02-20 15:26:30 +01:00
JDEV	12a4a5fb14	CAPI error code handling tests (#2027 ) * Registration mocked error cases * Authentication mock error cases * mini facto * check that getMEtric still has bouncers/machines keys in output even with empty collections * fixed defer body close(), no need to defer and fprint arg * fix fatal call --------- Co-authored-by: jdv <julien@crowdsec.net>	2023-02-17 14:57:46 +01:00
blotus	83c3818504	Do not try to refresh JWT token when doing a login request (#2059 )	2023-02-16 16:16:26 +01:00
Cristian Nitescu	ecb32d74c6	optimize blocklist fetch (#2039 )	2023-02-13 15:06:14 +01:00
Cristian Nitescu	f280505eaa	omtimization - remove useless login call (#2036 )	2023-02-13 15:05:58 +01:00
Thibault "bui" Koechlin	1d7d377f8b	changes following BL tests (#2038 ) Co-authored-by: Sebastien Blot <sebastien@crowdsec.net>	2023-02-08 10:35:21 +01:00
Cristian Nitescu	987f119c4b	v3 capi and blocklists links support (#2019 ) * v3 model generation * v3 model generation * comms * fixes after master merge * missing reader close * use constants defined for types --------- Co-authored-by: bui <thibault@crowdsec.net>	2023-02-06 14:06:14 +01:00
Thibault "bui" Koechlin	e927717fa0	Polling API Integration (#1715 ) Co-authored-by: alteredCoder <kevin@crowdsec.net> Co-authored-by: he2ss <hamza.essahely@gmail.com> Co-authored-by: Sebastien Blot <sebastien@crowdsec.net>	2023-01-31 14:47:44 +01:00
mmetc	3fb3decf49	error if tls.key_file or cert_file are missing (#2020 )	2023-01-26 17:12:59 +01:00
Thibault "bui" Koechlin	4f29ce2ee7	CTI API Helpers in expr (#1851 ) * Add CTI API helpers in expr * Allow profiles to have an `on_error` option to profiles Co-authored-by: Sebastien Blot <sebastien@crowdsec.net>	2023-01-19 08:45:50 +01:00
Thibault "bui" Koechlin	f25fdecc3f	normalize scopes for alerts and decisions (#2001 ) * normalize scopes for alerts and decisions	2023-01-18 14:50:03 +01:00
AlteredCoder	185f9ad541	Alert context (#1895 ) Co-authored-by: bui <thibault@crowdsec.net>	2023-01-04 16:50:02 +01:00
mmetc	104f5d1fe6	lint: error handling cleanup (#1877 )	2022-11-29 09:16:07 +01:00
mmetc	66543493b5	fix nil dereference: check that httpServer is set before shutting down (#1893 )	2022-11-28 11:55:08 +01:00
mmetc	fde9640364	Docker refactoring, tls setup (#1869 )	2022-11-28 10:35:12 +01:00
Thibault "bui" Koechlin	523343b174	notify when community-blocklist starts pull (#1845 ) * minor change to notify blocklist pull update, will make eventual troubleshooting easier	2022-11-08 10:44:25 +01:00
mmetc	895691dad1	enabled linters: gocritic, nilerr (#1853 )	2022-11-07 10:36:50 +01:00
mmetc	df88f4e1e9	randomize pull, push and metric intervals; reload crowdsec only when hub changed (#1846 )	2022-10-28 13:55:59 +02:00
blotus	b7c4bfd4e3	Use explicit transaction when inserting community blocklist (#1835 )	2022-10-26 10:48:17 +02:00
Thibault "bui" Koechlin	ae6bf39495	support decisions deletion via scenario + alerts delete via ID (#1798 )	2022-10-19 14:37:27 +02:00
mmetc	8fecc2c00b	enable staticcheck linter; fixes (#1806 ) - explicitly ignore returned parameters - replace Walk with faster WalkDir - log path error during hub dir sync - colorize static unit tests - removed duplicate import in crowdsec/main.go - typos - func tests: default datasource in tests/var/log instead of /tmp - action setup-go v3	2022-10-14 16:12:21 +02:00
blotus	3ba67bad3d	remove a wrong warning when pulling list content from CAPI (#1789 )	2022-10-06 11:48:06 +02:00
mmetc	edced6818a	cleanup + fix flaky tests in file_test.go, apic_test.go (#1773 )	2022-09-30 16:01:42 +02:00
mmetc	414282a2c9	golangci-lint 1.49 and related fixes (#1736 )	2022-09-06 13:55:03 +02:00
Thibault "bui" Koechlin	bacea50485	allow user to disable decision deduplication (#1687 ) * allow user to disable decision deduplication	2022-08-26 14:17:46 +02:00
mmetc	eea07b7a1a	golangci-lint v1.48 and fixes for "usestdlibvars" (#1711 )	2022-08-16 09:46:10 +02:00
Thibault "bui" Koechlin	0eea20fa7c	revert decision dedup behavior to 1.3.4 (#1675 ) * revert decision dedup behavior to 1.3.4	2022-07-22 11:20:10 +02:00
AlteredCoder	5f62d738fc	Add no-capi flag and review some logs (#1628 ) * Add no-capi flag and review some logs	2022-07-01 16:56:13 +02:00
blotus	863facaa33	Properly handle expired decisions with different scopes (#1616 )	2022-06-29 16:13:04 +02:00
mmetc	8e7e799304	[wip] serve metrics only after agent and/or lapi are ready; fixed some func tests (#1613 )	2022-06-24 15:55:21 +02:00
mmetc	628d7be1d8	simplify err.Error() to err when used in printf context (#1603 )	2022-06-22 15:53:53 +02:00
he2ss	3d6f015211	Add duration expr to add duration formula (#1556 ) * add duration expr to add duration formula	2022-06-22 11:29:52 +02:00
Thibault "bui" Koechlin	a6ed08b239	Add alerts and decisions metrics, LAPI and agent timing prom metrics (#1546 )	2022-06-22 11:14:34 +02:00
AlteredCoder	0a39066f9d	Fix #1552 (#1569 )	2022-06-22 10:29:02 +02:00
mmetc	d71279f023	added flag crowdsec --warning (#1461 )	2022-06-22 09:38:23 +02:00
mmetc	c78c833400	CI: colored test output, colored crowdsec and crowdsec-api logs, full final db dump for mysql and sqlite (#1596 ) * github-ci: color unit test output and logs * new config option: force_color_logs (useful in CI) * bats: show sqlite/mysql dump at the end * removed "-v" (print package names) from "go build" * general workflow cleanup	2022-06-17 16:12:49 +02:00
mmetc	10585bfecc	enabled linters and fixes for: misspell, predeclared, unconvert, ineffassign, gosimple, govet (#1595 )	2022-06-16 14:41:54 +02:00
blotus	9c1b78395a	reduce verbosity of TLS auth and FlushAgentsAndBouncers (#1588 )	2022-06-13 16:08:00 +02:00
Thibault "bui" Koechlin	1c0fe09576	Add support for certificate authentication for agents and bouncers (#1428 )	2022-06-08 16:05:52 +02:00
mmetc	799cc82bb5	functional tests, minor refactoring and lint/cleanup (#1570 ) * cmd/crowdsec: removed log.Fatal()s, added tests and print error for unrecognized argument * updated golangci-lint to v1.46 * lint/deadcode: fix existing issues * tests: cscli config backup/restore * tests: cscli completion powershell/fish * err check: pflags MarkHidden() * empty .dockerignore (and explain the reason) * tests, errors.Wrap * test for CS_LAPI_SECRET and minor refactoring * minor style changes * log cleanup	2022-06-06 15:24:48 +02:00
he2ss	e88e9946f9	Crowdsec/decisions_stream bug fix (#1517 ) * Fix bug when stream interval is greater or equal to 60s Co-authored-by: alteredCoder <kevin@crowdsec.net>	2022-05-27 15:23:59 +02:00
mmetc	1fc9587919	fix #1283 : update and enable error reports from golangci (#1523 )	2022-05-25 22:27:50 +02:00
Thibault "bui" Koechlin	fe09737d80	Add support for machine heartbeat (#1541 ) * add the last_heartbeat field * add heartbeat controller * add endpoint of heartbeat * heartbeat integration * add last_heartbeat to cscli machines list	2022-05-19 15:47:27 +02:00
mmetc	131ed1b0a7	error reporting (#1501 ) * unified error reporting, removed redundancy, tests	2022-05-19 10:48:08 +02:00
blotus	39f7e38444	retry to send alert to plugin channel if it fails (#1530 )	2022-05-17 16:57:15 +02:00
blotus	0449ec1868	Windows Support (#1159 )	2022-05-17 12:14:59 +02:00
Greg Myers	0f4ab71f01	Fix typos in docs, comments, code (#1483 )	2022-04-27 11:04:12 +02:00
mmetc	4b9a0c4ef7	typos (#1453 )	2022-04-19 11:25:27 +02:00
Shivam Sandbhor	4a3ec85686	Update bouncer pull in rupture mode (#1445 ) * Update bouncer pull in rupture mode Signed-off-by: Shivam Sandbhor <shivam.sandbhor@gmail.com>	2022-04-15 12:24:01 +02:00
Thibault "bui" Koechlin	ba7f4fcec0	make this info level (#1409 ) * make this info level	2022-04-01 15:31:33 +02:00
Thibault "bui" Koechlin	d8dc01cd94	Revamp unit tests (#1368 ) * Revamp unit tests * Increase coverage * Use go-acc to get cross packages coverage Signed-off-by: Shivam Sandbhor <shivam.sandbhor@gmail.com>	2022-03-29 14:20:26 +02:00
Shivam Sandbhor	c5566e92f3	Fix 1262 pgsql conflict resolve (#1363 ) * Fix api for all dbs (#1310) * DB agnostic lapi sanitize Signed-off-by: Shivam Sandbhor <shivam.sandbhor@gmail.com> * Update ent Signed-off-by: Shivam Sandbhor <shivam.sandbhor@gmail.com> * Fix go dep mess. Signed-off-by: Shivam Sandbhor <shivam.sandbhor@gmail.com>	2022-03-17 14:12:13 +01:00
Shivam Sandbhor	023ac9e138	Add trusted IPs which have admin API access (#1352 ) * Add trusted IPs which have admin API access	2022-03-16 17:28:34 +01:00
Shivam Sandbhor	42a1bc0260	Add query param to filter decisions by scenarios and origin (#1294 ) * Add query param to filter decisions by scenarios	2022-03-16 14:37:42 +01:00
mmetc	7c0593c659	noop code removal, typos and lint fixes (#1329 )	2022-03-09 16:15:18 +01:00
Thibault "bui" Koechlin	b66366c28c	Revert "Handle decisions with varying expiry for same IP (#1262 )" (#1308 ) This reverts commit `e4f6cdfc14`.	2022-03-04 10:17:31 +01:00
blotus	fb74b2fda7	Improve LAPI performance when under high load (#1273 )	2022-02-17 17:52:04 +01:00
Shivam Sandbhor	e4f6cdfc14	Handle decisions with varying expiry for same IP (#1262 ) * Upgrade ent and add sql/modifier in codegen * update db wrappers to sanitize LAPI Signed-off-by: Shivam Sandbhor <shivam.sandbhor@gmail.com>	2022-02-16 15:19:14 +01:00
mmetc	ad28a979e9	local control flow cleanup (#1215 ) removed redundant/unreachable returns, else branches, type declarations, unused variables	2022-02-01 22:08:06 +01:00
blotus	19323ba4aa	fix crash on upgrade with nil last push field (#1191 )	2022-01-20 18:10:40 +01:00
Thibault "bui" Koechlin	cc1ab8c50d	switch to utc time everywhere (#1167 ) * switch to utc time everywhere Co-authored-by: alteredCoder <kevin@crowdsec.net>	2022-01-19 14:56:05 +01:00
Thibault "bui" Koechlin	a88848009a	fix default perms for log file (#1177 ) * fix default perms	2022-01-18 16:54:02 +01:00
Thibault "bui" Koechlin	40ed810c0b	Gin upgrade (#1174 ) * upgrade gin / gin-jwt, and add a new 'trusted_proxies' option to provide trusted CIDRs	2022-01-17 17:18:12 +01:00
Thibault "bui" Koechlin	6e92da76ad	lapi to capi : allow push of tainted/custom/manual decisions (#1154 ) * add console command to control signal sharing * modify metrics endpoint to add lastpush Co-authored-by: alteredCoder <kevin@crowdsec.net>	2022-01-13 16:46:16 +01:00
blotus	cc72800f50	Update LAPI swagger (#1155 )	2022-01-11 16:45:34 +01:00
Thibault "bui" Koechlin	3bca25fd6d	lists support from central api (#1074 ) * lists support from central api Co-authored-by: Sebastien Blot <sebastien@crowdsec.net>	2022-01-11 14:31:51 +01:00
blotus	3105897f37	Allow to configure log rotation (#1130 )	2021-12-28 11:59:03 +01:00
AlteredCoder	88d06260d7	add cscli decisions import (#1038 ) * add cscli decisions import Co-authored-by: Sebastien Blot <sebastien@crowdsec.net> Co-authored-by: bui <thibault@crowdsec.net>	2021-12-15 11:39:37 +01:00
AlteredCoder	fb54388e93	Fix issue 1033 (#1034 ) * Fix issue 1033	2021-11-02 12:16:33 +01:00
Thibault "bui" Koechlin	2961a0ed02	ensure machineID is included early enough into the alert (#1004 )	2021-10-11 15:02:16 +02:00
AlteredCoder	0ccc69696b	Break on success when alert already has decision (#997 ) (#999 ) * Break on success when alert already has decision (#997) Signed-off-by: Shivam Sandbhor <shivam.sandbhor@gmail.com>	2021-10-05 11:30:34 +02:00
Thibault "bui" Koechlin	68c11dd827	don't try to send/don't notify if plugin chan is nil (#923 )	2021-08-31 14:39:32 +02:00
ThinkChaos	448a227079	Minor changes to specific logs (#900 ) - Minor changes to specific logs - Fix LAPI to not push signals to CAPI when disabled #907	2021-08-25 18:30:05 +02:00
Thibault "bui" Koechlin	c188d401a3	Improve CAPI pull management (#871 ) * prepare for new consensus : thousands of ips Co-authored-by: Sebastien Blot <sebastien@crowdsec.net>	2021-08-25 11:45:29 +02:00
Thibault "bui" Koechlin	950759f6d6	Output plugins (#878 ) * Add plugin system for notifications (#857)	2021-08-25 11:43:29 +02:00
Nanik	b0746fbc4d	fix: add /health endpoint (#881 ) * fix: add /health endpoint	2021-08-18 09:06:01 +02:00
Thibault "bui" Koechlin	01028d0a09	Goroutine leak hunt (#874 ) * close the writers of gin loggers + kill the tomb of httpServer * body close defer	2021-07-30 11:41:17 +02:00
Thibault "bui" Koechlin	b6ee006078	ensure decisions from CAPI have proper case (#848 )	2021-07-02 11:23:46 +02:00
Shivam Sandbhor	f25d02a7c8	Allow bouncers to filter decisions by scope (#817 ) Signed-off-by: Shivam Sandbhor <shivam@crowdsec.net>	2021-05-31 15:07:09 +02:00
Thibault "bui" Koechlin	bf6b791420	fix #781 - avoid unconsistent body : do not send NbDeleted on error (#812 )	2021-05-28 11:17:30 +02:00
he2ss	eb0bd70046	fix #787 : load simulation config at startup (#793 ) * fix #787 : load simulation config at startup	2021-05-17 11:54:28 +02:00
AlteredCoder	fd830b4293	Fix some bugs (#788 ) * fix config restore * fix panic on middleware Co-authored-by: AlteredCoder <AlteredCoder>	2021-05-07 18:40:01 +02:00
Lars Lehtonen	d86ba98cff	pkg/apiserver: fix dropped error (#700 ) * pkg/apiserver: fix dropped error * pkg/apiserver: remove unused Context from APIServer{}	2021-04-07 14:51:00 +02:00
Thibault "bui" Koechlin	4bb34d8e77	fix #723 : intercept http2 stream closed errors (#724 ) * fix #723 : intercept http2 stream closed errors * factorize the 'dump stacktrace' code	2021-04-07 14:31:03 +02:00
Thibault "bui" Koechlin	cd06929e75	honor log levels for api : don't log access logs if level is warn/err (#732 ) * honor log levels for api : don't log access logs if level is warn/err * add basic test for logging of api server	2021-04-07 11:39:24 +02:00
AlteredCoder	1e899c2211	Refactor configuration management (#698 )	2021-03-24 18:16:17 +01:00
Thibault "bui" Koechlin	6d28599efa	Ensure LAPI logs respect `log_media` (#707 ) * if log_media is set to file, don't try to log to stdout * use the log media no matter what	2021-03-22 17:46:55 +01:00
registergoofy	a8b16a66b1	truely don't try to send anything with empty online credentials configuration file (#657 ) * truely don't try to send anything with empty online credentials config file Co-authored-by: AlteredCoder <AlteredCoder>	2021-03-02 09:25:12 +01:00
Thibault "bui" Koechlin	7f40160f6e	only set logfile dir if media is file (#615 )	2021-02-11 18:28:01 +01:00
blotus	260332c726	Add use_forwarded_for_headers configuration option for LAPI (#610 ) * Add use_forwarded_for_headers configuration option for LAPI * update documentation	2021-02-09 19:10:14 +01:00
Thibault "bui" Koechlin	e74f221044	Fix default configurations (#597 ) * fix default perms on SQLite file * seed the prng securely * fix defaults to enforce certificates verification * ensure file is within path * ensure the directory doesn't exist beforehand * verify certificate by default * disable http ip forward headers	2021-02-02 14:15:13 +01:00
Shivam Sandbhor	36844e50b3	Fix typo in apic.go logs (#592 )	2021-01-31 11:42:17 +01:00
AlteredCoder	5544000d38	lapi: fix ipv6 operations (#567 )	2021-01-14 16:27:45 +01:00
registergoofy	eda9c03c82	jwt token generation improvement (#557 ) * add some warning comment for those who want to choose their secret * strictly follow the golang doc for using crypto/rand * fatal if not enough entropy * add a check when using pre-choosen secret	2021-01-07 14:24:53 +01:00
Thibault "bui" Koechlin	f2b30db684	ensure decisions from local or tainted scenarios aren't push, neither are manual decisions (#536 )	2020-12-14 12:46:07 +01:00
Thibault "bui" Koechlin	bb679310c7	deal with LAPI down : ensure client will reauthenticate (#527 ) * to avoid keeping apiclient in broken state, reset the token on error	2020-12-14 11:54:16 +01:00
erenJag	339cb6cce7	update prometheus doc (#509 )	2020-12-04 11:24:12 +01:00

1 2 3 4

154 commits