Commit graph

84 commits

Author SHA1 Message Date
mmetc
4a6fd338e0
replace 'timeout' helper with async python script; allow hub preload in func tests; improve item removal (#2591)
* replace 'timeout' helper with async python script; allow hub preload in func tests; improve item removal
* func tests: cscli hub update/upgrade
* docker test update
* Update docker entrypoint to disable items with --force

The --force flag was not transmitted to cscli, but is required after the hub refact
to disable items inside installed collections
2023-11-14 17:36:07 +01:00
mmetc
6b8ed0c9d0
Refactor hub URL/branch configuration (#2559)
* Refactor hub URL/branch configuration
* docker: using --force to implement $DISABLE (required for items in collections)
* use pointer receiver for consistency
2023-10-27 10:25:29 +02:00
mmetc
be6555e46c
Refact pkg/csconfig, HubCfg (#2552)
- rename csconfig.Hub -> HubCfg
 - move some Load*() functions to NewConfig()
 - config.yaml: optional common section
 - remove unused working_dir
2023-10-18 09:38:33 +02:00
Laurence Jones
e7ad3d88ae
Clear up some community confusion (#2543) 2023-10-16 10:08:41 +01:00
mmetc
0d1c4c6070
update test dependencies (#2490) 2023-09-29 10:19:55 +02:00
mmetc
6b9e065764
CI: update pytest-cs - don't remove stopped containers after tests (#2459) 2023-09-12 11:10:22 +02:00
mmetc
0f319b31fd
update pytest dependencies (#2407) 2023-08-09 00:49:52 +02:00
mmetc
643445b7cf
docker: allow GID with no persistent sqlite db (#2381) 2023-07-28 16:01:50 +02:00
mmetc
9dfc66ef04
update pytest dependencies (#2389) 2023-07-28 14:39:03 +02:00
mmetc
5cb7013575
Check cscli preconditions with crowdsec-cli/require package (#2388) 2023-07-27 17:02:20 +02:00
mmetc
1a6f12c88e
Build target for "make tidy" (#2378)
The make tidy target runs "go mod tidy" in the root directory and all plugins.
2023-07-26 10:24:37 +02:00
blotus
77d58652a3
add sentinel notification plugin (#2268) 2023-07-25 15:07:10 +02:00
mmetc
9af546bd0a
update pytest dependencies (#2356) 2023-07-18 09:50:06 +02:00
mmetc
2fa826318e
CI: bump and lock pytest dependencies (#2340) 2023-07-06 10:29:08 +02:00
mmetc
4137482f65
docker: always merge .yaml.local in conf_get() (#2272)
With this change, all queries to the configuration will return the
values from .local if they are set. However, conf_set will only write
to .yaml and never to .local. This means users can potentially override
values that are supposed to be under control of the entrypoint
(credentials and things set from envvars).
2023-06-23 15:49:09 +02:00
mmetc
89c3c18c19
allow running rootless docker tests (#2281)
Co-authored-by: Thibault "bui" Koechlin <thibault@crowdsec.net>
2023-06-19 12:02:59 +02:00
mmetc
e1400d28f1
support capi_whitelists.yaml (#2224) 2023-05-25 10:02:33 +02:00
mmetc
0c5d233563
Minor cleanup and dead code removal (#2166) 2023-04-12 16:57:38 +02:00
mmetc
ea6401ce09
CI: Static builds by default; replace bincover with go -cover from 1.20 (#2150)
* Makefile: build static binaries only
* Replace bincover with go -cover from 1.20
* CI: Fix timing issue between lapi and agent containers
2023-03-30 15:05:09 +02:00
mmetc
f39fbf07fa
Docker: don't re-register local agent if not needed (#2141) 2023-03-27 15:38:38 +02:00
mmetc
68d4bdc1bd
Docker: correct behavior of AGENTS_ALLOWED_OU, BOUNCERS_ALLOWED_OU (#2140) 2023-03-24 11:23:04 +01:00
mmetc
80de87ac34
Report docker systems in version and user agents (#2136) 2023-03-22 11:57:29 +01:00
mmetc
9c90144867
Docker readme: update build instructions, recommend acquis.d and config.yaml.local (#2115) 2023-03-10 17:30:08 +01:00
mmetc
0a114ca7d1
Fix docker tests by increasing timeout (again) and move compose test to plugin (#2112)
* Fix docker tests by increasing timeout (again) and move compose test to plugin

* Bump workflow timeout to 30 min

* Test only alpine-slim and debian-full flavors
2023-03-09 12:00:29 +01:00
mmetc
e71d146a2d
Fix docker tests by increasing timeout (#2107) 2023-03-08 14:51:49 +01:00
mmetc
301782ae18
Docker tests: use pytest-cs 0.2 (#2079)
* Use pytest-cs 0.2

* fix pipenv cache key

* Cache docker layers

* Load build images from buildx to docker

* CI: commit Pipfile.lock

* Add full docker tag

* Cache only amd64 docker layers

* Cache layer mode=min
2023-02-28 17:49:32 +01:00
mmetc
addf60b3ee
Pin pytest-cs to a stable tag, cache virtualenvs, don't install ipython in CI (#2075) 2023-02-24 11:01:45 +01:00
mmetc
be18fea136
Propagate taints to top collections (fix #2064) (#2066) 2023-02-21 22:12:08 +01:00
mmetc
8fce946850
CI: functional docker tests (#2056) 2023-02-20 14:55:56 +01:00
mmetc
3bf95e1a83
docker: skip temporary installation of disabled items (#2018) 2023-01-26 17:13:57 +01:00
mmetc
b0f370bae2
fix docker support for legacy vars (#2021) 2023-01-26 17:12:40 +01:00
he2ss
ce60c7b056
docker: add cri-logs collection by default to support CRI log format (#2005) 2023-01-20 16:02:04 +00:00
mmetc
1e4441b6ae
docker: replace BUILD_ENV with --target (#1995) 2023-01-19 11:02:23 +01:00
Ben Scobie
3d8c891699
Fix reference to ghcr.io (#1999) 2023-01-17 16:50:27 +00:00
Yip Rui Fung
ecb5562b57
Fix docker_start.sh not properly handling env vars (#1993)
For example, the COLLECTIONS environment variable is supposed to do a space separated list.
But with the unquoted call to cscli_if_clean without quotes on the $COLLECTIONS environment variable, only the first entry is passed to it.
As a result, only the first entry is installed.

Would likely affect all call sites to cscli_if_clean
2023-01-14 19:56:27 +01:00
mmetc
d986ae0ee5
fix yq behavior with bind-mount config.yaml (#1968)
Co-authored-by: Thibault "bui" Koechlin <thibault@crowdsec.net>
2023-01-09 21:47:25 +01:00
mmetc
dfc4126384
Docker config/auth/TLS refactoring from from v1.4.4 (#1967) 2023-01-04 16:43:35 +01:00
mmetc
72c1753fb7
fix tls communication with lapi and user/pw auth (#1956)
allow self-signed TLS encryption with user/pw auth

docker:
 - remove defaults for certificate file locations
 - new envvar INSECURE_SKIP_VERIFY
 - register agent before TLS settings (cscli machine add removes them
   from the credentials file)
2022-12-29 22:00:11 +01:00
mmetc
f68bc113a7
docker: separate CLIENT_* and LAPI_* variables for tls certificates (#1929) 2022-12-16 20:41:39 +01:00
mmetc
e4ff26d613
docker readme update (#1924) 2022-12-12 10:57:26 +01:00
mmetc
409721414b
docker: fix/improve support for persistent configurations (#1915)
set all defaults in config.yaml and leave environment variables empty. This way when they are set we know that we must override the values in config.yaml.
ignore tainted objects when calling install/upgrade/remove
use_wal is false by default
2022-12-10 22:09:25 +01:00
mmetc
10ee07cea0
docker: correctly extract BOUNCER_KEY_* (fix #1912) (#1913) 2022-12-06 16:03:28 +01:00
mmetc
cc228f1868
Typos, grammar (#1905) 2022-12-06 15:55:27 +01:00
mmetc
9131d9d568
docker/README: automatic registration with tls (#1909) 2022-12-06 11:58:32 +01:00
mmetc
fa0e590778
removed pid_dir (#1906) 2022-12-02 13:42:43 +01:00
mmetc
f2528f3e29
add USE_WAL to docker arguments (#1899) 2022-11-30 14:28:33 +01:00
mmetc
d15014f82e
silence harmless "machines delete" error in dockerfile (#1904) 2022-11-30 14:19:20 +01:00
mmetc
fde9640364
Docker refactoring, tls setup (#1869) 2022-11-28 10:35:12 +01:00
mmetc
b0889d7751
docker build flavors: slim, with-plugins, with-geoip, full (#1862) 2022-11-08 12:28:57 +01:00
AlteredCoder
59fc403e32
fix docker_start without using jq (#1855)
* fix docker_start without using jq
2022-11-07 10:07:26 +01:00