Commit graph

1657 commits

Author SHA1 Message Date
mmetc
1e0bcedef5
Ignore missing console/context.yaml if not explicitly required by config.yaml (#2726) 2024-01-12 16:29:04 +01:00
mmetc
733f5e165b
csprofiles: fix default decision duration, lint (#2703)
* return nil with errors
* errors.Wrap -> fmt.Errorf
* var -> const
* fix default decision duration
* lint (whitespace)
2024-01-12 15:18:59 +01:00
mmetc
0ef5f20aa7
bin/crowdsec: avoid writing errors twice when log_media=stdout (#2729)
* bin/crowdsec: avoid writing errors twice when log_media=stdout
* lint
2024-01-12 14:44:09 +01:00
mmetc
fca8883cd9
cscli capi status -> message for missing credentials (#2730)
* cscli capi status -> message for missing credentials
* lint
2024-01-12 14:41:36 +01:00
Thibault "bui" Koechlin
896dfefcdf
[appsec] implement count transformation (#2698)
* implement count transfo
2024-01-12 14:30:08 +01:00
mmetc
6960419a2e
Remove redundant file check for capi_whitelists_path (#2728) 2024-01-12 14:17:01 +01:00
Thibault "bui" Koechlin
adba4e2a2f
fix multizone multivar (#2727) 2024-01-12 10:11:13 +01:00
mmetc
aa4f02c798
wizard: while installing, don't hide hub download/timeout errors (#2710)
* wizard: while installing, don't hide hub download/timeout errors
* lint, whitespace
2024-01-11 16:30:42 +01:00
mmetc
260f5a7992
pkg/cwhub: improve error messages (#2712)
* pkg/cwhub: improve error messages
* lint
2024-01-11 10:28:58 +01:00
mmetc
0f722916b8
use go 1.21.6 (#2714)
* use go 1.21.6
2024-01-11 09:40:51 +01:00
mmetc
a59ae61441
Makefile: use GO macro if set, to check for version (#2706) 2024-01-11 09:25:33 +01:00
mmetc
437a97510a
apiclient: handle 0-byte error response (#2716)
* apiclient: correctly handle 0-byte response
* lint
2024-01-10 12:00:22 +01:00
mmetc
f306d59016
logging: full timestamp with timezone in crowdsec.log (#2707)
RFC3339 = "2006-01-02T15:04:05Z07:00" (same as /var/log/syslog)
2024-01-08 21:20:25 +01:00
blotus
58f91dc951
update coraza (#2705) 2024-01-08 19:44:24 +01:00
AlteredCoder
bd47dac6a3
Fix #2697 (#2702)
* Print also sec lang rules in cscli inspect
2024-01-08 16:44:05 +01:00
blotus
5d5a1117e1
Send installed appsec rules as part of the scenarios on login (#2704) 2024-01-08 14:33:53 +01:00
Sebastien Blot
ecd1a8bfed
Revert "Send installed appsec rules as part of the scenarios on login"
This reverts commit f99f003a50.
2024-01-08 10:54:39 +01:00
Sebastien Blot
f99f003a50
Send installed appsec rules as part of the scenarios on login 2024-01-08 10:54:07 +01:00
mmetc
5622ac8338
CI: enable testifylint (#2696)
- reverse actual and expected values
 - use assert.False, assert.True
 - use assert.Len, assert.Emtpy
 - use require.Error, require.NoError
 - use assert.InDelta
2024-01-05 15:26:13 +01:00
mmetc
da746f77d5
apiserver/apiclient: compact tests (#2694)
* apiserver/apiclient: compact tests
* update golangci-lint configuration
2024-01-04 17:10:36 +01:00
Thibault "bui" Koechlin
1c03fbe99e
minor waf fixes (#2693) 2024-01-03 17:19:48 +01:00
mmetc
a504113186
lint (wsl) (#2692) 2024-01-03 10:55:41 +01:00
mmetc
2a2b09b52a
cwhub: install --force repair tainted, non-installed items (#2686) 2024-01-03 10:08:45 +01:00
mmetc
ca784b147b
test and log fixes (#2690)
* cscli inspect: suggest --diff if an item is tainted
* appropriate warning, or error if context configuration file is empty
* fix user/group lookup unit test
* fix: allow hub upgrade --force with local items
* fix pkg/parser lookup for 8.8.8.8
* fix func test
* fix hubtests: machines add --force
2024-01-03 09:33:52 +01:00
blotus
b6f272d09a
always set the transaction in the current request (#2682) 2023-12-22 11:44:06 +01:00
blotus
a62e28fdfb
always set inband transaction even if we have no rules (#2681) 2023-12-22 10:18:35 +01:00
Laurence Jones
bc9bfa81b2
[notifications] fix segfault because url is not loaded (#2679) 2023-12-21 12:27:34 +00:00
mmetc
162768bdec
Bump golangci-lint run to 1.55, update defaults (#2677)
The plan is to enable linters first, then fix issues types one by one.
2023-12-21 12:30:20 +01:00
Laurence Jones
2212c2f847
[notifications] Fix bug, list show non active (#2678)
* Fix bug, show non active notifications and sort based on profiles

* diff fix
2023-12-21 11:16:54 +00:00
blotus
33e3fdabe4
Appsec additional fixes (#2676) 2023-12-21 11:51:04 +01:00
Zafer Balkan
e1932ff01e
Used asterisk for Defender Firewall log name (#2671)
Log name is configurable. MD Docs recommend a log file per profile: https://learn.microsoft.com/en-us/windows/security/operating-system-security/network-security/windows-firewall/configure-logging?tabs=intune
2023-12-20 10:28:40 +01:00
Manuel Sabban
052accd6bb
welcome message when installing packages (#2672)
* welcome message when installing packages
2023-12-20 09:44:10 +01:00
mmetc
240f057f95
postinst: update check for enabled lapi (#2674) 2023-12-19 21:46:34 +01:00
mmetc
6e34d609b7
cscli: silence cwhub logger for non-hub related commands (#2675) 2023-12-19 17:20:09 +01:00
mmetc
fd22bb5ec2
CI: update test dependencies (#2668) 2023-12-19 15:28:30 +01:00
mmetc
1530d93fc1
Update localstack services + loki (dev and CI) (#2649) 2023-12-19 15:27:04 +01:00
dependabot[bot]
e0e9e3ef16
Bump golang.org/x/crypto from 0.16.0 to 0.17.0 (#2670)
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.16.0 to 0.17.0.
- [Commits](https://github.com/golang/crypto/compare/v0.16.0...v0.17.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-19 09:45:53 +01:00
mmetc
44eb4d4a94
Makefile: "make help" target, remove obsolete "notification-email" target (#2282) 2023-12-18 10:13:08 +01:00
mmetc
822fcdacbb
fflags: don't print deprecation warning if there is no message (papi) (#2666) 2023-12-18 09:35:57 +01:00
mmetc
08694adf1b
lint (errorlint) (#2644) 2023-12-18 09:35:28 +01:00
mmetc
c2c173ac7e
Parallel hubtests (#2667)
* generate hub tests in python
* run hub tests in 3 batches at the same time (hardcoded)
2023-12-15 18:30:20 +01:00
mmetc
a79fcaf378
Add "taintedBy" and "--diff" flag to cscli... inspect (#2665)
* "cscli inspect" reports tainted sub-items
* cscli... inspect --diff
* unified diff
* option --diff --rev
* tainted message
* correctly report multiple taint reasons
2023-12-15 15:27:22 +01:00
blotus
bc3a179af9
Add env vars to install/remove appsec-{configs,rules} in docker image (#2664) 2023-12-14 16:54:12 +01:00
blotus
9b07e1f7ce
update scenarios and parsers constraints (#2663) 2023-12-14 16:34:51 +01:00
mmetc
a851e14c88
improve deprecation message with file location (#2662)
* better "lapi context" messages
* func tests: include all items in hub_purge_all
* docker + tests: update yq
2023-12-14 16:11:11 +01:00
AlteredCoder
a941576acc
Improvement to run hubtest for appsec in docker (#2660) 2023-12-14 16:05:16 +01:00
mmetc
89f704ef18
light pkg/api{client,server} refact (#2659)
* tests: don't run crowdsec if not necessary
* make listen_uri report the random port number when 0 is requested
* move apiserver.getTLSAuthType() -> csconfig.TLSCfg.GetAuthType()
* move apiserver.isEnrolled() -> apiclient.ApiClient.IsEnrolled()
* extract function apiserver.recoverFromPanic()
* simplify and move APIServer.GetTLSConfig() -> TLSCfg.GetTLSConfig()
* moved TLSCfg type to csconfig/tls.go
* APIServer.InitController(): early return / happy path
* extract function apiserver.newGinLogger()
* lapi tests
* update unit test
* lint (testify)
* lint (whitespace, variable names)
* update docker tests
2023-12-14 14:54:11 +01:00
mmetc
67cdf91f94
Short build tag in version number (#2658)
* use short commit hash in version number
* var -> const
* cscli: extract version.go, doc.go
* don't repeat commit hash in version number
2023-12-14 09:16:38 +01:00
Thibault "bui" Koechlin
51f70e47e3
Minor improvements to hubtest and appsec component (#2656) 2023-12-13 17:45:56 +01:00
mmetc
12d9fba4b3
cscli machines: lint + write output to stdout instead of log (#2657)
* feedback on stdout, not log.Info
* rename parameters to silence warnings from "unusedparams"
* debian postinst: skip duplicate warnings with 'cscli machines add'
* rpm postinst: skip duplicate warnings in 'cscli machines add'
* update func tests
* debian prerm: if dashboard remove fails, explain it's ok
* debian prerm: suppress warnings about wal, capi when attempting to remove the dashboard
* wizard.sh: log format like crowdsec
2023-12-13 15:43:46 +01:00