Commit graph

1094 commits

Author SHA1 Message Date
mmetc
dfc4126384
Docker config/auth/TLS refactoring from from v1.4.4 (#1967) 2023-01-04 16:43:35 +01:00
mmetc
033082a31e
ParseUnix() test fix: force UTC (#1970) 2023-01-04 16:22:17 +01:00
mmetc
2d81e751a1
fix parser test 2k23 (#1971) 2023-01-04 15:46:16 +01:00
mmetc
899f3e7eb8
func tests: redirect stderr to filter extra logs (#1961) 2022-12-30 15:57:24 +01:00
Laurence Jones
fd1c38811e
Add parse unix to dateparse enricher (#1958)
Add parse unix is we do have a strTime but wasnt parsed using convential golang time
2022-12-30 12:47:14 +00:00
mmetc
59f6610721
separate cscli cobra constructors: lapi, machines, bouncers, postoverflows (#1945) 2022-12-30 10:13:52 +01:00
mmetc
72c1753fb7
fix tls communication with lapi and user/pw auth (#1956)
allow self-signed TLS encryption with user/pw auth

docker:
 - remove defaults for certificate file locations
 - new envvar INSECURE_SKIP_VERIFY
 - register agent before TLS settings (cscli machine add removes them
   from the credentials file)
2022-12-29 22:00:11 +01:00
Laurence Jones
401739b036
Add unix expr helper (#1952)
* Add unix expr helper

* Add original value not parsed error

* return early if cannot parse

* Add tests

* Fix negative value
2022-12-29 14:53:06 +00:00
Thibault "bui" Koechlin
e4463c412b
Improve warnings around lack of evt.StrTime field (#1954)
* fix #1951 : improve error messages

* make hubtest warn you if you're missing evt.StrTime in your logs
2022-12-29 15:03:32 +01:00
mmetc
38b37db55b
systemd: same restart options across deb, rpm, wizard (#1948) 2022-12-28 10:13:05 +01:00
mmetc
6efc2688b1
simplify feature flags (#1947)
Now checking for a feature flag is a one liner,
with no need to control errors.

if fflag.Crowdsec.CscliSetup.IsEnabled() {
   ...
}
2022-12-26 14:23:41 +01:00
mmetc
c022eb1b86
remove ignored flag "-m" in "cscli machines delete" (it takes a positional argument) (#1943) 2022-12-23 17:13:20 +01:00
mmetc
ef3a130d54
Cscli config refactoring (#1934) 2022-12-22 12:22:55 +01:00
mmetc
7d6523db29
ci: authenticate when looking up release information (#1936) 2022-12-21 20:34:11 +01:00
mmetc
5d2c99bb17
runtime feature flag initialization 2022-12-21 17:19:20 +01:00
mmetc
6b71da6b78
require go 1.19, test with 1.20 too (#1935) 2022-12-21 15:40:29 +01:00
mmetc
ff88faf402
updated localstack dependencies, added build cache 2022-12-21 12:20:01 +01:00
mmetc
a32aa96752
feature flags (#1933)
Package fflag provides a simple feature flag system.

 Feature names are lowercase and can only contain letters, numbers, undercores
 and dots.

 good: "foo", "foo_bar", "foo.bar"
 bad: "Foo", "foo-bar"

 A feature flag can be enabled by the user with an environment variable
 or by adding it to {ConfigDir}/feature.yaml

 I.e. CROWDSEC_FEATURE_FOO_BAR=true
 or in feature.yaml:
```
 ---
 - foo_bar
```

 If the variable is set to false, the feature can still be enabled
 in feature.yaml. Features cannot be disabled in the file.

 A feature flag can be deprecated or retired. A deprecated feature flag is
 still accepted but a warning is logged. A retired feature flag is ignored
 and an error is logged.

 A specific deprecation message is used to inform the user of the behavior
 that has been decided when the flag is/was finally retired.
2022-12-20 16:11:51 +01:00
mmetc
f68bc113a7
docker: separate CLIENT_* and LAPI_* variables for tls certificates (#1929) 2022-12-16 20:41:39 +01:00
he2ss
579cecde04
apiclient: fix http roundtrip (clone body also) (#1758)
* apiclient: fix http roundtrip (clone body also)
2022-12-14 16:42:46 +01:00
Laurence Jones
fe23da6e0c
Add postgres socket support, clean some code (#1926) 2022-12-12 16:08:19 +00:00
mmetc
e4ff26d613
docker readme update (#1924) 2022-12-12 10:57:26 +01:00
mmetc
409721414b
docker: fix/improve support for persistent configurations (#1915)
set all defaults in config.yaml and leave environment variables empty. This way when they are set we know that we must override the values in config.yaml.
ignore tainted objects when calling install/upgrade/remove
use_wal is false by default
2022-12-10 22:09:25 +01:00
mmetc
6c19beb937
set cscli log timestamp to 24h (#1917) 2022-12-09 16:48:24 +01:00
Laurence Jones
11965f08db
Add socket support to mysql (#1911) 2022-12-08 09:33:08 +00:00
mmetc
10ee07cea0
docker: correctly extract BOUNCER_KEY_* (fix #1912) (#1913) 2022-12-06 16:03:28 +01:00
mmetc
cc228f1868
Typos, grammar (#1905) 2022-12-06 15:55:27 +01:00
blotus
fdda940ac0
Add Kubernetes audit acquisition (#1767) 2022-12-06 13:47:29 +01:00
mmetc
9131d9d568
docker/README: automatic registration with tls (#1909) 2022-12-06 11:58:32 +01:00
Laurence Jones
311cda31fe
Governance v1 (#1844)
* v1

* Update wording

* The area stuff needs a little work

* add enhancement to pr's

* Update governance and feature request template
2022-12-05 15:58:19 +00:00
Manuel Sabban
3d72ca731a
Suggest bouncers and machines to delete (#1896)
* Suggest bouncers to delete

* Autocomplete machines delete cmd

Signed-off-by: Shivam Sandbhor <shivam.sandbhor@gmail.com>

* Fix lint.

Signed-off-by: Shivam Sandbhor <shivam.sandbhor@gmail.com>

* fix compilation (git merge errors)

* cleanup go.mod unneeded changes

Signed-off-by: Shivam Sandbhor <shivam.sandbhor@gmail.com>
Co-authored-by: Shivam Sandbhor <shivam.sandbhor@gmail.com>
Co-authored-by: sabban <15465465+sabban@users.noreply.github.com>
2022-12-05 15:39:54 +01:00
mmetc
fd3e668fe1
add -error flag to crowdsec binary (#1903) 2022-12-03 08:56:11 +01:00
mmetc
fa0e590778
removed pid_dir (#1906) 2022-12-02 13:42:43 +01:00
Manuel Sabban
7c3dbffcc6
clean up BUILD_GOVERSION which is set at runtime with runtime lib (#1901)
* clean up BUILD_GOVERSION which is set at runtime with runtime lib
* simplify version check

Co-authored-by: sabban <15465465+sabban@users.noreply.github.com>
Co-authored-by: Marco Mariani <marco@crowdsec.net>
2022-12-02 13:04:00 +01:00
mmetc
4a6a9c4355
acquisition: validate datasources before configuration (static checks) (#1841)
* acquisition: validate datasources before configuration (allow static configuration checks)

* remove comment

* import reviser, format

* error wrap
2022-11-30 17:36:56 +01:00
mmetc
f2528f3e29
add USE_WAL to docker arguments (#1899) 2022-11-30 14:28:33 +01:00
mmetc
d15014f82e
silence harmless "machines delete" error in dockerfile (#1904) 2022-11-30 14:19:20 +01:00
blotus
60f1228030
use a copy of bucket processors in LeakRoutine (#1902) 2022-11-30 10:59:47 +01:00
mmetc
104f5d1fe6
lint: error handling cleanup (#1877) 2022-11-29 09:16:07 +01:00
mmetc
66543493b5
fix nil dereference: check that httpServer is set before shutting down (#1893) 2022-11-28 11:55:08 +01:00
mmetc
aa974d26c6
enable CI workflow for stable branches (#1889) 2022-11-28 10:52:42 +01:00
mmetc
fde9640364
Docker refactoring, tls setup (#1869) 2022-11-28 10:35:12 +01:00
blotus
c5079ac15e
invalidate agent token on 403 as well (#1888) 2022-11-25 14:35:50 +01:00
mmetc
2067ab0427
CI: print stack traces (#1886) 2022-11-25 12:02:38 +01:00
mmetc
5bdd3bbfcb
require at least go 1.18 to build (#1884) 2022-11-24 11:29:54 +01:00
mmetc
3288fad341
set BUILD_VERSION to the correct tag (#1885)
This fixes a regression introduced in 0449ec18 (Windows Support #1159)
where the build system uses the last local tag that has been created
(chonologically) instead of the most recent tag in the current branch.
This problem is not detected while working with stable versions because
they are built on a clean checkout.
2022-11-24 10:34:44 +01:00
mmetc
8b82939d33
fix static release upload (#1883) 2022-11-24 10:29:17 +01:00
Laurence Jones
4ac01ed880
Update perms for group read (#1876) 2022-11-21 09:49:56 +00:00
mmetc
99513f64fd
cscli config show: print host/port/user/dbname when driver=pgx (fix #1866) (#1870) 2022-11-17 11:07:37 +00:00
mmetc
3beb84bcfe
print missing "AS" values as empty strings instead of "0 " (#1867) 2022-11-14 09:55:53 +01:00