mirrors/crowdsec
1
0
Fork 0
mirror of https://github.com/crowdsecurity/crowdsec.git synced 2025-05-10 20:05:55 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions
1841 commits 88 branches 214 tags 262 MiB
Commit graph

1841 commits

This branch
This branch
All branches
Author SHA1 Message Date
mmetc
7d6514c7cc
update user agent with version and platform information (#3035) 
* update user agent with version and platform information

* remove unused import

* user agent: omit tag correctly if git is dirty
 2024-05-30 09:45:43 +02:00
blotus
f3341c1382
Appsec: properly populate event (#2943) 2024-05-27 10:15:38 +02:00
Laurence Jones
9088f31b7d
enhance: container discovery via labels (#2959) 
* wip: attempt to autodiscover via labels

* wip: remove labels dep on docker acquistion

* wip: remove labels dep on docker acquistion

* wip: add debug

* wip: try fix parser maps

* wip: remove redundant pointer

* wip: add debug

* wip: cant type assert

* wip: reinstate debug

* wip: reinstate debug

* wip: reinstate debug

* wip: oops

* wip: add a debug

* wip: fix labels

* wip: remove redundant paramter

* wip: rename config option to be more self declarative

* wip: update log wording

* wip: the if check was not correct

* wip: me lost

* fix: add checks to typecast and log useful information

* add tests for parseLabels

* return nil instead of pointer to empty struct

* simplify EvalContainer return value

---------

Co-authored-by: Sebastien Blot <sebastien@crowdsec.net>
 2024-05-24 14:27:25 +01:00
blotus
f06e3e78ab
jwt transport: fix retry on unauthorized from CAPI(#3006) 2024-05-24 14:43:12 +02:00
blotus
09afcbe93a
appsec: respect on_success parameter in hooks (#3017) 2024-05-24 14:42:17 +02:00
mmetc
45b403ecd7
fix nil deref w/ malformed cti config (#3028) 2024-05-24 14:37:46 +02:00
mmetc
816608daf4
cscli: faster table rendering (#3027) 
* cscli: use go-pretty for tables

* lint
 2024-05-24 11:17:52 +02:00
mmetc
572b387fce
CI: improve code coverage report (#3029) 2024-05-24 10:20:47 +02:00
blotus
20e44cd18a
appsec: add files and cookies related zones (#2956) 2024-05-17 16:16:04 +02:00
mmetc
1a4ac9d239
replace log.Fatal with error return (#2996) 
* log.Fatal -> fmt.Errorf

* lint
 2024-05-17 14:26:10 +02:00
mmetc
0ba05acc03
tests: replace "docker-compose" -> "docker compose" (#3000) 
* replace "docker-compose" -> "docker compose"

* obsolete doc note

* bats: clean up extra output
 2024-05-17 10:07:28 +02:00
mmetc
b6253d567b
simulation for local scenarios (#3010) 2024-05-16 11:13:39 +02:00
mmetc
ccf08e56d9
bats: no need for openssl, netcat; allow to prevent tests from running with a lock (#3016) 
* bats: lock/unlock instance data; replace openssl w/ cfssl; update dep list

* concat pem without openssl :-/

* unused/unreachable code

* lint

* redundant {} (shellharden)
 2024-05-16 10:58:00 +02:00
blotus
1b894a292b
GetActiveDecisionsCount()and GetActiveDecisionsTimeLeft()expr helpers (#3013) 2024-05-15 15:33:43 +02:00
mmetc
cc63729b2c
version: write to stdout, add missing newline (#3012) 
* pkg/cwversion cleanup

 - add missing newline between version and codename
 - add more information to "support dump"
 - write "cscli version" and "crowdsec -version" to stdout, not stderr

* fix func test

* lint
 2024-05-15 10:52:43 +02:00
mmetc
ccab6e9910
bats: clean up extra output (#3008) 2024-05-15 10:38:36 +02:00
mmetc
41ec90ae8c
make: remove unused targets (#2998) 2024-05-15 10:37:25 +02:00
Laurence Jones
ecd82ecfbd
feat: File notification plugin (#2932) 
* wip: basic impl of file notification no log rotate but might now do it 🤷

* wip: ticker to 2 seconds and lower some log levels

* wip: remove redundant logrus formatter

* wip: the plugin should not handle it own data queue since the plugin process may timeout, so instead have a function that uses said context and loop whilst locking the filewriter this may not be the best way 🤷, however, I dont want multiple notifications to attempt to reopen the file if it has been rotated outside of the plugin context

* wip: impl log rotation which checks on check append, however, this may cause some issues in slow systems as the mutex lock doesnt give up until the file is rotated, however, the plugin looks for context and will give up if the plugin broker decides its timeout and will retry once the plugin has pushed again

* wip: update yaml dep

* wip: me no english great

* wip: even if the file has been rotated outside our control we should still compute the file size

* wip: improve context handling with creating a custom io writer struct which checks the context before attempting to write

* wip: used return byte count instead of calling a conversion again

* wip: actually check the enabled flag on log rotate

* wip: changed my mind, we check when we check file size

* wip: use io copy instead for memory alloc

* fix: add notification file to deb/rpm build
 2024-05-15 09:21:45 +01:00
blotus
6b978b09b3
docker: conditionally update hub (#2948) 2024-05-15 10:04:42 +02:00
Laurence Jones
b5e5078fc7
fix: add sslmode check and apend flag to conn string (#3009) 2024-05-14 17:31:15 +01:00
Laurence Jones
11893b2915
[cscli] Add tab completion to notifications [test, inspect] (#2765) 
* Add cscli notifications test ValidArgsFunction for tab completion

* Split function to reusable and pass to inspect since both rely on a valid plugin name, fix short/long of list command

* Short should be short

* Removed redundant prerune since Args with validate it for us

* Make english more english

* fix: bad merge now fixed

---------

Co-authored-by: Thibault "bui" Koechlin <thibault@crowdsec.net>
 2024-05-14 14:55:08 +01:00
mmetc
e3c6a5ba70
LAPI: support CRL files with multiple PEM blocks (#3002) 2024-05-13 17:09:30 +02:00
mmetc
e4a8d3b99e
deb,rpm: include empty directory etc/crowdsec/acquis.d (#2997) 2024-05-13 12:01:17 +02:00
mmetc
b4e79aaf0a
use go 1.22.3 (#2994) 
* use go 1.22.3; alpine 3.19

* revert to alpine 3.18
 2024-05-13 10:01:48 +02:00
mmetc
26b3410ef1
CI: improve test "cscli machines prune" (#2992) 2024-05-13 09:48:08 +02:00
Blesswin Samuel
14dc26b128
Add ability to configure channel, username, icon emoji/url in slack notification (#2975) 
* Add ability to configure channel, username, icon emoji/url in slack cfg

* Update slack.yaml

---------

Co-authored-by: Thibault "bui" Koechlin <thibault@crowdsec.net>
Co-authored-by: Thibault "bui" Koechlin <orixxx@gmail.com>
 2024-05-10 14:00:34 +01:00
mmetc
defa076794
CI: disable log formatting for consistency (#2989) 
* CI: disable log formatting for consistency

* lint (shellharden)
 2024-05-07 15:09:22 +02:00
mmetc
e5cd480425
update go-cs-lib to 0.0.11 (#2990) 2024-05-07 13:49:19 +02:00
mmetc
0d9e000543
use go-cs-lib/downloader for data files, hub index, item YAML (#2926) 2024-05-07 13:44:17 +02:00
mmetc
11da728b51
cscli support: collect profiling data and logs (#2987) 
* extract methods, avoid globals
* collect logs to file dump.log
* include pprof data
* include latest logs
 2024-05-07 12:59:38 +02:00
mmetc
a2dcc0ef9a
cscli: remove global dbClient (#2985) 
* cscli: remove global dbClient

* lint (whitespace, errors)
 2024-05-06 12:33:54 +02:00
mmetc
659feec496
cscli: don't print timestamps (#2984) 
* cscli: don't print timestamps

* lint (whitespace, errors)
 2024-05-06 10:43:54 +02:00
mmetc
3392e5e00f
enable linter "revive" (#2978) 
* enable linter "revive"

* enable some revive checks

* pointer receiver for crzLogger

* fix "range-loop variables always have the same address"

* lint (whitespace)
 2024-05-02 14:22:02 +02:00
mmetc
529d3b2079
minor lint/readability (#2976) 
* simplify a couple loops

* if/else -> switch

* drop redundant else

* comment + drop var declaration + explicit zero return

* lint (whitespace/fmt.Errorf)
 2024-05-02 13:42:47 +02:00
mmetc
91fbc63533
db: review update timestamps, immutable columns (#2981) 
* orm: correct behavior of created_at, updated_at, define immutable fields

* remove updatedefault for last_push, last_heartbeat

* re-generate db schema

* update last_push in CreateAlert()

* lint
 2024-05-02 12:56:41 +02:00
mmetc
c70a2fe9bf
update go dependencies (#2968) 2024-05-02 11:01:31 +02:00
mmetc
87564ea462
pkg/dumps,hubtest: use yaml.v3 (#2972) 
* pkg/dumps,hubtest: use yaml.v3

* lint (whitespace/fmt.Errorf)
 2024-05-02 10:59:24 +02:00
mmetc
3788610aff
cscli: avoid global vars (#2977) 
* cscli: avoid global usage

This is required to make it possible to split the package

* lint (fmt.Errorf)
 2024-05-02 10:25:04 +02:00
Laurence Jones
05b54687b6
feat: support stdout in cscli support dump (#2939) 
* feat: support stdout in cscli support dump

* fix: skip log.info if stdout

* fix: handle errors by returning to runE instead
 2024-04-26 15:56:15 +01:00
mmetc
c4473839c4
Refact pkg/parser/node (#2953) 
* extract method processFilter()

* extract method processWhitelist()

* lint (whitespace, errors)
 2024-04-25 17:53:10 +02:00
mmetc
d2c4bc55fc
plugins: use yaml.v3 (#2969) 
* plugins: use yaml.v3

* lint
 2024-04-25 17:34:49 +02:00
mmetc
2abc078e53
use go 1.22.2 (#2826) 2024-04-25 15:11:08 +02:00
blotus
ceb4479ec4
add zfs magic for GetFSType (#2950) 2024-04-25 15:05:11 +02:00
mmetc
845d4542bb
cscli: use yaml.v3 (#2965) 
* cscli: use yaml.v3

* lint
 2024-04-25 14:41:02 +02:00
Thibault "bui" Koechlin
f4ed7b3520
Truncate meta data (#2966) 
* truncate meta-data if they are too big
 2024-04-25 13:43:38 +02:00
mmetc
60431804d8
db config: don't exit setup if can't detect fs, improve detection for freebsd (#2963) 2024-04-25 11:11:57 +02:00
mmetc
0f942a95f1
pkg/cwhub - rename methods for clarity (#2961) 
* pkg/cwhub - rename methods for clarity

* lint
 2024-04-24 11:09:37 +02:00
mmetc
97e6588a45
cscli hub items: avoid global (#2960) 
* cscli hub items: avoid global

* lint (whitespace, errors)

* lint
 2024-04-24 10:05:55 +02:00
mmetc
725cae1fa8
CI: upload coverage with token (#2958) 2024-04-23 12:41:50 +02:00
mmetc
c64332d30a
cscli config show: avoid globals, use yaml v3 (#2863) 
* cscli config show: avoid globals, use yaml v3

* lint (whitespace/errors)
 2024-04-23 12:28:38 +02:00