mirrors/crowdsec
1
0
Fork 0
mirror of https://github.com/crowdsecurity/crowdsec.git synced 2025-05-11 04:15:54 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

cscli inspect: don't show metrics or converted rules if an item is not installed (#3602)

Browse source
This commit is contained in:
mmetc 2025-05-02 00:12:55 +02:00 committed by GitHub
parent 54571d1688
commit 201aebaac2
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
6 changed files with 41 additions and 23 deletions
Download patch file Download diff file Expand all files Collapse all files

8
cmd/crowdsec-cli/cliitem/cmdinspect.go
View file

@ -56,12 +56,14 @@ func (cli *cliItem) inspect(ctx context.Context, args []string, url string, diff
continue continue
} }
if err = inspectItem(hub, item, !noMetrics, cfg.Cscli.Output, cfg.Cscli.PrometheusUrl, cfg.Cscli.Color); err != nil { wantMetrics := !noMetrics && item.State.IsInstalled()
if err := inspectItem(hub, item, wantMetrics, cfg.Cscli.Output, cfg.Cscli.PrometheusUrl, cfg.Cscli.Color); err != nil {
return err return err
} }
if cli.inspectDetail != nil { if cli.inspectDetail != nil {
if err = cli.inspectDetail(item); err != nil { if err := cli.inspectDetail(item); err != nil {
return err return err
} }
} }
@ -71,7 +73,7 @@ func (cli *cliItem) inspect(ctx context.Context, args []string, url string, diff
} }
// return the diff between the installed version and the latest version // return the diff between the installed version and the latest version
func (cli *cliItem) itemDiff(ctx context.Context, item *cwhub.Item, contentProvider cwhub.ContentProvider, reverse bool) (string, error) { func (*cliItem) itemDiff(ctx context.Context, item *cwhub.Item, contentProvider cwhub.ContentProvider, reverse bool) (string, error) {
if !item.State.IsInstalled() { if !item.State.IsInstalled() {
return "", fmt.Errorf("'%s' is not installed", item.FQName()) return "", fmt.Errorf("'%s' is not installed", item.FQName())
} }

20
cmd/crowdsec-cli/cliitem/hubappsec.go
View file

@ -85,10 +85,11 @@ cscli appsec-configs upgrade crowdsecurity/virtual-patching -i
cscli appsec-configs upgrade crowdsecurity/virtual-patching --interactive`, cscli appsec-configs upgrade crowdsecurity/virtual-patching --interactive`,
}, },
inspectHelp: cliHelp{ inspectHelp: cliHelp{
example: `# Display metadata, state, metrics and ancestor collections of appsec-configs (installed or not). example: `# Display metadata, state, ancestor collections of appsec-configs (installed or not).
cscli appsec-configs inspect crowdsecurity/virtual-patching cscli appsec-configs inspect crowdsecurity/virtual-patching
# Don't collect metrics (avoid error if crowdsec is not running). # If the config is installed, its metrics are collected and shown as well (with an error if crowdsec is not running).
# To avoid this, use --no-metrics.
cscli appsec-configs inspect crowdsecurity/virtual-patching --no-metrics cscli appsec-configs inspect crowdsecurity/virtual-patching --no-metrics
# Display difference between a tainted item and the latest one. # Display difference between a tainted item and the latest one.
@ -119,6 +120,10 @@ func NewAppsecRule(cfg configGetter) *cliItem {
appsecRule := appsec.AppsecCollectionConfig{} appsecRule := appsec.AppsecCollectionConfig{}
if item.State.LocalPath == "" {
return nil
}
yamlContent, err := os.ReadFile(item.State.LocalPath) yamlContent, err := os.ReadFile(item.State.LocalPath)
if err != nil { if err != nil {
return fmt.Errorf("unable to read file %s: %w", item.State.LocalPath, err) return fmt.Errorf("unable to read file %s: %w", item.State.LocalPath, err)
@ -129,7 +134,7 @@ func NewAppsecRule(cfg configGetter) *cliItem {
} }
for _, ruleType := range appsec_rule.SupportedTypes() { for _, ruleType := range appsec_rule.SupportedTypes() {
fmt.Printf("\n%s format:\n", cases.Title(language.Und, cases.NoLower).String(ruleType)) fmt.Fprintf(os.Stdout, "\n%s format:\n", cases.Title(language.Und, cases.NoLower).String(ruleType))
for _, rule := range appsecRule.Rules { for _, rule := range appsecRule.Rules {
convertedRule, _, err := rule.Convert(ruleType, appsecRule.Name) convertedRule, _, err := rule.Convert(ruleType, appsecRule.Name)
@ -137,13 +142,13 @@ func NewAppsecRule(cfg configGetter) *cliItem {
return fmt.Errorf("unable to convert rule %s: %w", rule.Name, err) return fmt.Errorf("unable to convert rule %s: %w", rule.Name, err)
} }
fmt.Println(convertedRule) fmt.Fprintln(os.Stdout, convertedRule)
} }
switch ruleType { //nolint:gocritic switch ruleType { //nolint:gocritic
case appsec_rule.ModsecurityRuleType: case appsec_rule.ModsecurityRuleType:
for _, rule := range appsecRule.SecLangRules { for _, rule := range appsecRule.SecLangRules {
fmt.Println(rule) fmt.Fprintln(os.Stdout, rule)
} }
} }
} }
@ -222,10 +227,11 @@ cscli appsec-rules upgrade crowdsecurity/crs -i
cscli appsec-rules upgrade crowdsecurity/crs --interactive`, cscli appsec-rules upgrade crowdsecurity/crs --interactive`,
}, },
inspectHelp: cliHelp{ inspectHelp: cliHelp{
example: `# Display metadata, state, metrics and ancestor collections of appsec-rules (installed or not). example: `# Display metadata, state, ancestor collections of appsec-rules (installed or not).
cscli appsec-rules inspect crowdsecurity/crs cscli appsec-rules inspect crowdsecurity/crs
# Don't collect metrics (avoid error if crowdsec is not running). # If the rule is installed, its metrics are collected and shown as well (with an error if crowdsec is not running).
# To avoid this, use --no-metrics.
cscli appsec-configs inspect crowdsecurity/crs --no-metrics cscli appsec-configs inspect crowdsecurity/crs --no-metrics
# Display difference between a tainted item and the latest one. # Display difference between a tainted item and the latest one.

5
cmd/crowdsec-cli/cliitem/hubcollection.go
View file

@ -76,10 +76,11 @@ cscli collections upgrade crowdsecurity/http-cve crowdsecurity/iptables -i
cscli collections upgrade crowdsecurity/http-cve crowdsecurity/iptables --interactive`, cscli collections upgrade crowdsecurity/http-cve crowdsecurity/iptables --interactive`,
}, },
inspectHelp: cliHelp{ inspectHelp: cliHelp{
example: `# Display metadata, state, metrics and dependencies of collections (installed or not). example: `# Display metadata, state, and dependencies of collections (installed or not).
cscli collections inspect crowdsecurity/http-cve crowdsecurity/iptables cscli collections inspect crowdsecurity/http-cve crowdsecurity/iptables
# Don't collect metrics (avoid error if crowdsec is not running). # If the collection is installed, its metrics are collected and shown as well (with an error if crowdsec is not running).
# To avoid this, use --no-metrics.
cscli collections inspect crowdsecurity/http-cve crowdsecurity/iptables --no-metrics cscli collections inspect crowdsecurity/http-cve crowdsecurity/iptables --no-metrics
# Display difference between a tainted item and the latest one, or the reason for the taint if it's a dependency. # Display difference between a tainted item and the latest one, or the reason for the taint if it's a dependency.

5
cmd/crowdsec-cli/cliitem/hubparser.go
View file

@ -76,10 +76,11 @@ cscli parsers upgrade crowdsecurity/caddy-logs crowdsecurity/sshd-logs -i
cscli parsers upgrade crowdsecurity/caddy-logs crowdsecurity/sshd-logs --interactive`, cscli parsers upgrade crowdsecurity/caddy-logs crowdsecurity/sshd-logs --interactive`,
}, },
inspectHelp: cliHelp{ inspectHelp: cliHelp{
example: `# Display metadata, state, metrics and ancestor collections of parsers (installed or not). example: `# Display metadata, state and ancestor collections of parsers (installed or not).
cscli parsers inspect crowdsecurity/httpd-logs crowdsecurity/sshd-logs cscli parsers inspect crowdsecurity/httpd-logs crowdsecurity/sshd-logs
# Don't collect metrics (avoid error if crowdsec is not running). # If the parser is installed, its metrics are collected and shown as well (with an error if crowdsec is not running).
# To avoid this, use --no-metrics.
cscli parsers inspect crowdsecurity/httpd-logs --no-metrics cscli parsers inspect crowdsecurity/httpd-logs --no-metrics
# Display difference between a tainted item and the latest one. # Display difference between a tainted item and the latest one.

5
cmd/crowdsec-cli/cliitem/hubscenario.go
View file

@ -76,10 +76,11 @@ cscli scenarios upgrade crowdsecurity/ssh-bf crowdsecurity/http-probing -i
cscli scenarios upgrade crowdsecurity/ssh-bf crowdsecurity/http-probing --interactive`, cscli scenarios upgrade crowdsecurity/ssh-bf crowdsecurity/http-probing --interactive`,
}, },
inspectHelp: cliHelp{ inspectHelp: cliHelp{
example: `# Display metadata, state, metrics and ancestor collections of scenarios (installed or not). example: `# Display metadata, state and ancestor collections of scenarios (installed or not).
cscli scenarios inspect crowdsecurity/ssh-bf crowdsecurity/http-probing cscli scenarios inspect crowdsecurity/ssh-bf crowdsecurity/http-probing
# Don't collect metrics (avoid error if crowdsec is not running). # If the scenario is installed, its metrics are collected and shown as well (with an error if crowdsec is not running).
# To avoid this, use --no-metrics.
cscli scenarios inspect crowdsecurity/ssh-bf --no-metrics cscli scenarios inspect crowdsecurity/ssh-bf --no-metrics
# Display difference between a tainted item and the latest one. # Display difference between a tainted item and the latest one.

21
test/bats/cscli-hubtype-inspect.bats
View file

@ -42,29 +42,34 @@ teardown() {
rune -1 cscli parsers inspect blahblah/blahblah rune -1 cscli parsers inspect blahblah/blahblah
assert_stderr --partial "can't find 'blahblah/blahblah' in parsers" assert_stderr --partial "can't find 'blahblah/blahblah' in parsers"
# one item # one item. if it's not installed, metrics won't be read.
rune -0 cscli parsers inspect crowdsecurity/sshd-logs --no-metrics rune -0 cscli parsers inspect crowdsecurity/sshd-logs
assert_line 'type: parsers' assert_line 'type: parsers'
assert_line 'name: crowdsecurity/sshd-logs' assert_line 'name: crowdsecurity/sshd-logs'
assert_line 'path: parsers/s01-parse/crowdsecurity/sshd-logs.yaml' assert_line 'path: parsers/s01-parse/crowdsecurity/sshd-logs.yaml'
assert_line 'installed: false' assert_line 'installed: false'
refute_line --partial 'Current metrics:' refute_output --partial 'Current metrics:'
rune -0 cscli parsers install crowdsecurity/sshd-logs
rune -0 cscli parsers inspect crowdsecurity/sshd-logs --no-metrics
refute_output --partial 'Current metrics:'
# one item, with metrics # one item, with metrics
rune -0 cscli parsers inspect crowdsecurity/sshd-logs rune -0 cscli parsers inspect crowdsecurity/sshd-logs
assert_line --partial 'Current metrics:' assert_output --partial 'Current metrics:'
# one item, json # one item, json
rune -0 cscli parsers inspect crowdsecurity/sshd-logs -o json rune -0 cscli parsers inspect crowdsecurity/sshd-logs -o json
rune -0 jq -c '[.type, .name, .path, .installed]' <(output) rune -0 jq -c '[.type, .name, .path, .installed]' <(output)
assert_json '["parsers","crowdsecurity/sshd-logs","parsers/s01-parse/crowdsecurity/sshd-logs.yaml",false]' assert_json '["parsers","crowdsecurity/sshd-logs","parsers/s01-parse/crowdsecurity/sshd-logs.yaml",true]'
# one item, raw # one item, raw
rune -0 cscli parsers inspect crowdsecurity/sshd-logs -o raw rune -0 cscli parsers inspect crowdsecurity/sshd-logs -o raw
assert_line 'type: parsers' assert_line 'type: parsers'
assert_line 'name: crowdsecurity/sshd-logs' assert_line 'name: crowdsecurity/sshd-logs'
assert_line 'path: parsers/s01-parse/crowdsecurity/sshd-logs.yaml' assert_line 'path: parsers/s01-parse/crowdsecurity/sshd-logs.yaml'
assert_line 'installed: false' assert_line 'installed: true'
refute_line --partial 'Current metrics:' refute_line --partial 'Current metrics:'
# multiple items # multiple items
@ -74,6 +79,8 @@ teardown() {
rune -1 grep -c 'Current metrics:' <(output) rune -1 grep -c 'Current metrics:' <(output)
assert_output "0" assert_output "0"
rune -0 cscli parsers install crowdsecurity/whitelists
# multiple items, with metrics # multiple items, with metrics
rune -0 cscli parsers inspect crowdsecurity/sshd-logs crowdsecurity/whitelists rune -0 cscli parsers inspect crowdsecurity/sshd-logs crowdsecurity/whitelists
rune -0 grep -c 'Current metrics:' <(output) rune -0 grep -c 'Current metrics:' <(output)
@ -82,7 +89,7 @@ teardown() {
# multiple items, json # multiple items, json
rune -0 cscli parsers inspect crowdsecurity/sshd-logs crowdsecurity/whitelists -o json rune -0 cscli parsers inspect crowdsecurity/sshd-logs crowdsecurity/whitelists -o json
rune -0 jq -sc '[.[] | [.type, .name, .path, .installed]]' <(output) rune -0 jq -sc '[.[] | [.type, .name, .path, .installed]]' <(output)
assert_json '[["parsers","crowdsecurity/sshd-logs","parsers/s01-parse/crowdsecurity/sshd-logs.yaml",false],["parsers","crowdsecurity/whitelists","parsers/s02-enrich/crowdsecurity/whitelists.yaml",false]]' assert_json '[["parsers","crowdsecurity/sshd-logs","parsers/s01-parse/crowdsecurity/sshd-logs.yaml",true],["parsers","crowdsecurity/whitelists","parsers/s02-enrich/crowdsecurity/whitelists.yaml",true]]'
# multiple items, raw # multiple items, raw
rune -0 cscli parsers inspect crowdsecurity/sshd-logs crowdsecurity/whitelists -o raw rune -0 cscli parsers inspect crowdsecurity/sshd-logs crowdsecurity/whitelists -o raw