* move function GetLineCountForFile from pkg/types to cscli
* move ParseDuration from pkg/types to pkg/database
* remove unused types.Profile, types.RemediationProfile
now it does not attempt any retry, instead of attempting all retries
immediately
example: cannot reach LAPI
Before:
$ CROWDSEC_FEATURE_DISABLE_HTTP_RETRY_BACKOFF=true cscli decisions list
ERRO[27-07-2023 10:44:44] error while performing request: dial tcp [::1]:8080: connect: connection refused; 4 retries left
INFO[27-07-2023 10:44:44] retrying in 0 seconds (attempt 2 of 5)
[...]
ERRO[27-07-2023 10:44:44] error while performing request: dial tcp [::1]:8080: connect: connection refused; 1 retries left
INFO[27-07-2023 10:44:44] retrying in 0 seconds (attempt 5 of 5)
ERRO[27-07-2023 10:44:44] error while performing request: dial tcp [::1]:8080: connect: connection refused; 0 retries left
FATA[27-07-2023 10:44:44] Unable to list decisions : performing request: Get "http://localhost:8080/v1/alerts?has_active_decision=true&include_capi=false&limit=100": could not get jwt token: Post "http://localhost:8080/v1/watchers/login": dial tcp [::1]:8080: connect: connection refused
After:
$ CROWDSEC_FEATURE_DISABLE_HTTP_RETRY_BACKOFF=true ./test/local/bin/cscli decisions list
FATA[11-08-2023 16:49:58] unable to retrieve decisions: performing request: Get "http://127.0.0.1:8080/v1/alerts?has_active_decision=true&include_capi=false&limit=100": could not get jwt token: Post "http://127.0.0.1:8080/v1/watchers/login": dial tcp 127.0.0.1:8080: connect: connection refused
* apic: minor refactoring
* Add whitelist length check
If user configures the file but fails to define and actual whitelist we should check length to save allocs
* Init with length from file
* extract loop method from ApplyApicWhitelists
* pass pointer
* extract loop method updateBlocklist
---------
Co-authored-by: Laurence Jones <laurence.jones@live.co.uk>
* Add bouncers prune command
* No point overloading functions
* Add prune to list of commands
* change all short desc to be similar, and made it really really clear when pruning it is not recoverable
* Dont use log. and dont return error on user input to abort
* Add machines prune command
* Fix scope variable for naming scheme
* Add some freshness and add new features
* Fix force and fix duration if less than 60
* Allow duration to be more readable
* Fix description
* Improve func wording and make int machines length
* No point overloading functions
* Add prune to list of commands
* Check if GID is already the group if so no need to chown
* Revert "Check if GID is already the group if so no need to chown"
This reverts commit c7cef1773e.
* change all short desc to be similar, and made it really really clear when pruning it is not recoverable
* Better examples
* Match bouncer like for like
* Fix merge error
* Dont use log. and dont return error on user input to abort
* Add version override and update
* Ooppsie
* Quick fix
* fgs copilot
* Allow user to overwrite image, add warning for exposing metabase and general cleanup
* One ix
* Default image if not found in config, and add a warning to remove and update
* Reorder check system memory checks so it inline with @mmetc best pratices
* No need for err
* Clean up some group code
* Change ipv6 as [] seems to wildcard
* Split loopback warn and disclaimer. Add force yes to start to allow user to accept disclaimer by default
* All cmd commands are RunE clean up
* Update flag name and dont allow a shorthand
Postgres 15 restricts the default privileges for the public schema. We set crowdsec_test as owner which is shorter than granting permissions explicitly.
A configuration syntax test is performed every time the service is
started from systemd. The resulting error, if any, is shown on
journalctl logs.
This PR removes the unnecessary output in crowdsec.log generated by the
configuration test.