For example, the COLLECTIONS environment variable is supposed to do a space separated list.
But with the unquoted call to cscli_if_clean without quotes on the $COLLECTIONS environment variable, only the first entry is passed to it.
As a result, only the first entry is installed.
Would likely affect all call sites to cscli_if_clean
For cscli: it should provide a terse output, not nag users with configuration details. Although it's usually important that cscli and crowdsec have the same enabled features, having it list them every time the command is invoked can be too much.
For crowdsec: when features are set from the environment, it's too early to log where we should. So we can use log.Debug at activation time, and list them again once logging is configured.
- wrap some functions in csconfig for convenience and DRY
- for each enabled feature, log.Debug
- log all enabled features once as Info (crowdsec) or Debug (cscli)
- file does not exist -> log.Trace
* backoff on refresh token error
* fix tls communication with lapi and user/pw auth (#1956)
allow self-signed TLS encryption with user/pw auth
docker:
- remove defaults for certificate file locations
- new envvar INSECURE_SKIP_VERIFY
- register agent before TLS settings (cscli machine add removes them
from the credentials file)
* separate cscli cobra constructors: lapi, machines, bouncers, postoverflows (#1945)
* use feature toggling to improve testability with http retry backoff
* Add parse unix to dateparse enricher (#1958)
Add parse unix is we do have a strTime but wasnt parsed using convential golang time
* func tests: redirect stderr to filter extra logs (#1961)
* backoff on refresh token error
* use feature toggling to improve testability with http retry backoff
* refactor feature backoff toggle for tests
Co-authored-by: mmetc <92726601+mmetc@users.noreply.github.com>
Co-authored-by: Laurence Jones <laurence.jones@live.co.uk>
allow self-signed TLS encryption with user/pw auth
docker:
- remove defaults for certificate file locations
- new envvar INSECURE_SKIP_VERIFY
- register agent before TLS settings (cscli machine add removes them
from the credentials file)
Package fflag provides a simple feature flag system.
Feature names are lowercase and can only contain letters, numbers, undercores
and dots.
good: "foo", "foo_bar", "foo.bar"
bad: "Foo", "foo-bar"
A feature flag can be enabled by the user with an environment variable
or by adding it to {ConfigDir}/feature.yaml
I.e. CROWDSEC_FEATURE_FOO_BAR=true
or in feature.yaml:
```
---
- foo_bar
```
If the variable is set to false, the feature can still be enabled
in feature.yaml. Features cannot be disabled in the file.
A feature flag can be deprecated or retired. A deprecated feature flag is
still accepted but a warning is logged. A retired feature flag is ignored
and an error is logged.
A specific deprecation message is used to inform the user of the behavior
that has been decided when the flag is/was finally retired.
set all defaults in config.yaml and leave environment variables empty. This way when they are set we know that we must override the values in config.yaml.
ignore tainted objects when calling install/upgrade/remove
use_wal is false by default
