Commit graph

56 commits

Author SHA1 Message Date
mmetc
6a6501691a
change behavior of flag disable_http_retry_backoff (#2426)
now it does not attempt any retry, instead of attempting all retries
immediately

example: cannot reach LAPI

Before:

$ CROWDSEC_FEATURE_DISABLE_HTTP_RETRY_BACKOFF=true cscli decisions list
ERRO[27-07-2023 10:44:44] error while performing request: dial tcp [::1]:8080: connect: connection refused; 4 retries left
INFO[27-07-2023 10:44:44] retrying in 0 seconds (attempt 2 of 5)
[...]
ERRO[27-07-2023 10:44:44] error while performing request: dial tcp [::1]:8080: connect: connection refused; 1 retries left
INFO[27-07-2023 10:44:44] retrying in 0 seconds (attempt 5 of 5)
ERRO[27-07-2023 10:44:44] error while performing request: dial tcp [::1]:8080: connect: connection refused; 0 retries left
FATA[27-07-2023 10:44:44] Unable to list decisions : performing request: Get "http://localhost:8080/v1/alerts?has_active_decision=true&include_capi=false&limit=100": could not get jwt token: Post "http://localhost:8080/v1/watchers/login": dial tcp [::1]:8080: connect: connection refused

After:

$ CROWDSEC_FEATURE_DISABLE_HTTP_RETRY_BACKOFF=true ./test/local/bin/cscli decisions list
FATA[11-08-2023 16:49:58] unable to retrieve decisions: performing request: Get "http://127.0.0.1:8080/v1/alerts?has_active_decision=true&include_capi=false&limit=100": could not get jwt token: Post "http://127.0.0.1:8080/v1/watchers/login": dial tcp 127.0.0.1:8080: connect: connection refused
2023-08-16 21:04:07 +02:00
mmetc
ffadd42779
update dependency on go-cs-lib; drop the pkg/ part (#2393) 2023-07-28 16:35:08 +02:00
mmetc
fddf597040
errors.Wrap -> fmt.Errorf; clean up imports (#2297) 2023-06-22 15:01:34 +02:00
mmetc
e5fe74ce77
decouple bouncer dependencies: use go-cs-lib/pkg/ptr in apiclient (#2227) 2023-05-25 10:08:52 +02:00
mmetc
534328ca30
decouple bouncer dependencies: use go-cs-lib/pkg/* (#2216)
* decouple bouncer dependencies: use go-cs-lib/pkg/trace
* decouple bouncer dependencies: use go-cs-lib/pkg/version
* decouple bouncer dependencies: use go-cs-lib/pkg/yamlpatch
* decouple bouncer dependencies: use go-cs-lib/pkg/csstring
* unused import
2023-05-23 10:52:47 +02:00
mmetc
e161507d08
Lint (type inference): remove redundant type declarations (#2111) 2023-03-09 11:56:02 +01:00
Thibault "bui" Koechlin
9d5aaf5ea2
add --origin to cscli decisions delete (#2109) 2023-03-08 18:29:20 +01:00
JDEV
12a4a5fb14
CAPI error code handling tests (#2027)
* Registration mocked error cases

* Authentication mock error cases

* mini facto

* check that getMEtric still has bouncers/machines keys in output even with empty collections

* fixed defer body close(), no need to defer and fprint arg

* fix fatal call

---------

Co-authored-by: jdv <julien@crowdsec.net>
2023-02-17 14:57:46 +01:00
blotus
83c3818504
Do not try to refresh JWT token when doing a login request (#2059) 2023-02-16 16:16:26 +01:00
Cristian Nitescu
ecb32d74c6
optimize blocklist fetch (#2039) 2023-02-13 15:06:14 +01:00
Thibault "bui" Koechlin
1d7d377f8b
changes following BL tests (#2038)
Co-authored-by: Sebastien Blot <sebastien@crowdsec.net>
2023-02-08 10:35:21 +01:00
Cristian Nitescu
987f119c4b
v3 capi and blocklists links support (#2019)
* v3 model generation

* v3 model generation

* comms

* fixes after master merge

* missing reader close

* use constants defined for types

---------

Co-authored-by: bui <thibault@crowdsec.net>
2023-02-06 14:06:14 +01:00
Thibault "bui" Koechlin
e927717fa0
Polling API Integration (#1715)
Co-authored-by: alteredCoder <kevin@crowdsec.net>
Co-authored-by: he2ss <hamza.essahely@gmail.com>
Co-authored-by: Sebastien Blot <sebastien@crowdsec.net>
2023-01-31 14:47:44 +01:00
Cristian Nitescu
73663ff9e7
log the request error even in case of retry (#1988) 2023-01-13 12:58:12 +01:00
Cristian Nitescu
7284c0a47a
retry with backoff requests to CAPI (#1957)
* backoff on refresh token error

* fix tls communication with lapi and user/pw auth (#1956)

allow self-signed TLS encryption with user/pw auth

docker:
 - remove defaults for certificate file locations
 - new envvar INSECURE_SKIP_VERIFY
 - register agent before TLS settings (cscli machine add removes them
   from the credentials file)

* separate cscli cobra constructors:  lapi, machines, bouncers, postoverflows (#1945)

* use feature toggling to improve testability with http retry backoff

* Add parse unix to dateparse enricher (#1958)

Add parse unix is we do have a strTime but wasnt parsed using convential golang time

* func tests: redirect stderr to filter extra logs (#1961)

* backoff on refresh token error

* use feature toggling to improve testability with http retry backoff

* refactor feature backoff toggle for tests

Co-authored-by: mmetc <92726601+mmetc@users.noreply.github.com>
Co-authored-by: Laurence Jones <laurence.jones@live.co.uk>
2023-01-09 14:49:21 +01:00
mmetc
72c1753fb7
fix tls communication with lapi and user/pw auth (#1956)
allow self-signed TLS encryption with user/pw auth

docker:
 - remove defaults for certificate file locations
 - new envvar INSECURE_SKIP_VERIFY
 - register agent before TLS settings (cscli machine add removes them
   from the credentials file)
2022-12-29 22:00:11 +01:00
he2ss
579cecde04
apiclient: fix http roundtrip (clone body also) (#1758)
* apiclient: fix http roundtrip (clone body also)
2022-12-14 16:42:46 +01:00
mmetc
104f5d1fe6
lint: error handling cleanup (#1877) 2022-11-29 09:16:07 +01:00
blotus
c5079ac15e
invalidate agent token on 403 as well (#1888) 2022-11-25 14:35:50 +01:00
Thibault "bui" Koechlin
ae6bf39495
support decisions deletion via scenario + alerts delete via ID (#1798) 2022-10-19 14:37:27 +02:00
mmetc
8fecc2c00b
enable staticcheck linter; fixes (#1806)
- explicitly ignore returned parameters
 - replace Walk with faster WalkDir
 - log path error during hub dir sync
 - colorize static unit tests
 - removed duplicate import in crowdsec/main.go
 - typos
 - func tests: default datasource in tests/var/log instead of /tmp
 - action setup-go v3
2022-10-14 16:12:21 +02:00
mmetc
7674f907c4
replace log.Fatal with t.Fatal (#1805)
This is required to run deferred teardown functions
2022-10-13 10:42:46 +02:00
mmetc
1d9f861f28
unit tests: always capture testcase variable -> allow parallel testing (#1797) 2022-10-10 10:48:26 +02:00
mmetc
414282a2c9
golangci-lint 1.49 and related fixes (#1736) 2022-09-06 13:55:03 +02:00
mmetc
eea07b7a1a
golangci-lint v1.48 and fixes for "usestdlibvars" (#1711) 2022-08-16 09:46:10 +02:00
blotus
5c1c941851
close response body in heartbeat (#1637) 2022-07-06 14:50:54 +02:00
mmetc
628d7be1d8
simplify err.Error() to err when used in printf context (#1603) 2022-06-22 15:53:53 +02:00
mmetc
10585bfecc
enabled linters and fixes for: misspell, predeclared, unconvert, ineffassign, gosimple, govet (#1595) 2022-06-16 14:41:54 +02:00
Thibault "bui" Koechlin
1c0fe09576
Add support for certificate authentication for agents and bouncers (#1428) 2022-06-08 16:05:52 +02:00
mmetc
799cc82bb5
functional tests, minor refactoring and lint/cleanup (#1570)
* cmd/crowdsec: removed log.Fatal()s, added tests and print error for unrecognized argument
* updated golangci-lint to v1.46
* lint/deadcode: fix existing issues
* tests: cscli config backup/restore
* tests: cscli completion powershell/fish
* err check: pflags MarkHidden()
* empty .dockerignore (and explain the reason)
* tests, errors.Wrap
* test for CS_LAPI_SECRET and minor refactoring
* minor style changes
* log cleanup
2022-06-06 15:24:48 +02:00
mmetc
1fc9587919
fix #1283: update and enable error reports from golangci (#1523) 2022-05-25 22:27:50 +02:00
Thibault "bui" Koechlin
fe09737d80
Add support for machine heartbeat (#1541)
* add the last_heartbeat field

* add heartbeat controller

* add endpoint of heartbeat

* heartbeat integration

* add last_heartbeat to cscli machines list
2022-05-19 15:47:27 +02:00
blotus
0449ec1868
Windows Support (#1159) 2022-05-17 12:14:59 +02:00
he2ss
615895da9d
cscli: add force enroll feature (#1430)
* cscli: add force enroll feature
2022-04-20 13:34:17 +02:00
Shivam Sandbhor
a8089c8ddb
Add origins param in decision stream service (#1429)
Signed-off-by: Shivam Sandbhor <shivam.sandbhor@gmail.com>
2022-04-07 12:40:27 +02:00
Thibault "bui" Koechlin
d8dc01cd94
Revamp unit tests (#1368)
* Revamp unit tests
* Increase coverage
* Use go-acc to get cross packages coverage

Signed-off-by: Shivam Sandbhor <shivam.sandbhor@gmail.com>
2022-03-29 14:20:26 +02:00
Shivam Sandbhor
42a1bc0260
Add query param to filter decisions by scenarios and origin (#1294)
* Add query param to filter decisions by scenarios
2022-03-16 14:37:42 +01:00
Shivam Sandbhor
76e3612088
Check log level before dumping resp (#1243)
* Check log level before dumping resp
* Sleep longer in func tests

Signed-off-by: Shivam Sandbhor <shivam.sandbhor@gmail.com>
2022-02-08 15:40:01 +01:00
mmetc
ad28a979e9
local control flow cleanup (#1215)
removed redundant/unreachable returns, else branches, type declarations, unused variables
2022-02-01 22:08:06 +01:00
Thibault "bui" Koechlin
cc1ab8c50d
switch to utc time everywhere (#1167)
* switch to utc time everywhere


Co-authored-by: alteredCoder <kevin@crowdsec.net>
2022-01-19 14:56:05 +01:00
Thibault "bui" Koechlin
6e92da76ad
lapi to capi : allow push of tainted/custom/manual decisions (#1154)
* add console command to control signal sharing
* modify metrics endpoint to add lastpush

Co-authored-by: alteredCoder <kevin@crowdsec.net>
2022-01-13 16:46:16 +01:00
Thibault "bui" Koechlin
3bca25fd6d
lists support from central api (#1074)
* lists support from central api

Co-authored-by: Sebastien Blot <sebastien@crowdsec.net>
2022-01-11 14:31:51 +01:00
AlteredCoder
cf57c89177
add name and alias in cscli console enroll (#950)
* add name and alias in cscli console enroll
2021-10-26 15:33:17 +02:00
Thibault "bui" Koechlin
bed90a832e
fix #919 : display error message (#929)
* fix #919

* fix tests
2021-09-02 12:46:32 +02:00
Thibault "bui" Koechlin
01028d0a09
Goroutine leak hunt (#874)
* close the writers of gin loggers + kill the tomb of httpServer

* body close defer
2021-07-30 11:41:17 +02:00
blotus
3994aec7fe
add console enroll command to cscli (#828) 2021-06-28 17:34:19 +02:00
Shivam Sandbhor
f25d02a7c8
Allow bouncers to filter decisions by scope (#817)
Signed-off-by: Shivam Sandbhor <shivam@crowdsec.net>
2021-05-31 15:07:09 +02:00
AlteredCoder
a19f13ab45
fix cscli alerts delete -all (#769)
Co-authored-by: AlteredCoder <AlteredCoder>
2021-04-27 11:59:18 +02:00
Lars Lehtonen
7f8faa7565
pkg/apiclient: pick up dropped errors (#676) 2021-03-17 12:36:47 +01:00
Thibault "bui" Koechlin
e74f221044
Fix default configurations (#597)
* fix default perms on SQLite file

* seed the prng securely

* fix defaults to enforce certificates verification

* ensure file is within path

* ensure the directory doesn't exist beforehand

* verify certificate by default

* disable http ip forward headers
2021-02-02 14:15:13 +01:00