Skip to content

Commit

Permalink
remove PAPI feature flag (#2601)
Browse files Browse the repository at this point in the history
  • Loading branch information
blotus authored Dec 8, 2023
1 parent c707b72 commit 04f3dc0
Show file tree
Hide file tree
Showing 8 changed files with 59 additions and 72 deletions.
4 changes: 0 additions & 4 deletions cmd/crowdsec-cli/capi.go
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,6 @@ import (
"github.com/crowdsecurity/crowdsec/pkg/apiclient"
"github.com/crowdsecurity/crowdsec/pkg/csconfig"
"github.com/crowdsecurity/crowdsec/pkg/cwhub"
"github.com/crowdsecurity/crowdsec/pkg/fflag"
"github.com/crowdsecurity/crowdsec/pkg/models"
"github.com/crowdsecurity/crowdsec/pkg/types"

Expand Down Expand Up @@ -98,9 +97,6 @@ func NewCapiRegisterCmd() *cobra.Command {
Password: password.String(),
URL: types.CAPIBaseURL,
}
if fflag.PapiClient.IsEnabled() {
apiCfg.PapiURL = types.PAPIBaseURL
}
apiConfigDump, err := yaml.Marshal(apiCfg)
if err != nil {
return fmt.Errorf("unable to marshal api credentials: %w", err)
Expand Down
12 changes: 4 additions & 8 deletions cmd/crowdsec-cli/console.go
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,6 @@ import (
"github.com/crowdsecurity/crowdsec/pkg/apiclient"
"github.com/crowdsecurity/crowdsec/pkg/csconfig"
"github.com/crowdsecurity/crowdsec/pkg/cwhub"
"github.com/crowdsecurity/crowdsec/pkg/fflag"
"github.com/crowdsecurity/crowdsec/pkg/types"

"github.com/crowdsecurity/crowdsec/cmd/crowdsec-cli/require"
Expand Down Expand Up @@ -189,11 +188,11 @@ Disable given information push to the central API.`,
case "json":
c := csConfig.API.Server.ConsoleConfig
out := map[string](*bool){
csconfig.SEND_MANUAL_SCENARIOS: c.ShareManualDecisions,
csconfig.SEND_CUSTOM_SCENARIOS: c.ShareCustomScenarios,
csconfig.SEND_MANUAL_SCENARIOS: c.ShareManualDecisions,
csconfig.SEND_CUSTOM_SCENARIOS: c.ShareCustomScenarios,
csconfig.SEND_TAINTED_SCENARIOS: c.ShareTaintedScenarios,
csconfig.SEND_CONTEXT: c.ShareContext,
csconfig.CONSOLE_MANAGEMENT: c.ConsoleManagement,
csconfig.SEND_CONTEXT: c.ShareContext,
csconfig.CONSOLE_MANAGEMENT: c.ConsoleManagement,
}
data, err := json.MarshalIndent(out, "", " ")
if err != nil {
Expand Down Expand Up @@ -252,9 +251,6 @@ func SetConsoleOpts(args []string, wanted bool) error {
for _, arg := range args {
switch arg {
case csconfig.CONSOLE_MANAGEMENT:
if !fflag.PapiClient.IsEnabled() {
continue
}
/*for each flag check if it's already set before setting it*/
if csConfig.API.Server.ConsoleConfig.ConsoleManagement != nil {
if *csConfig.API.Server.ConsoleConfig.ConsoleManagement == wanted {
Expand Down
2 changes: 1 addition & 1 deletion cmd/crowdsec-cli/main.go
Original file line number Diff line number Diff line change
Expand Up @@ -242,7 +242,7 @@ It is meant to allow you to manage bans, parsers/scenarios/etc, api and generall
rootCmd.AddCommand(NewHubTestCmd())
rootCmd.AddCommand(NewCLINotifications().NewCommand())
rootCmd.AddCommand(NewCLISupport().NewCommand())

rootCmd.AddCommand(NewCLIPapi().NewCommand())
rootCmd.AddCommand(NewCollectionCLI().NewCommand())
rootCmd.AddCommand(NewParserCLI().NewCommand())
rootCmd.AddCommand(NewScenarioCLI().NewCommand())
Expand Down
63 changes: 29 additions & 34 deletions pkg/apiserver/apiserver.go
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,6 @@ import (
"github.com/crowdsecurity/crowdsec/pkg/csconfig"
"github.com/crowdsecurity/crowdsec/pkg/csplugin"
"github.com/crowdsecurity/crowdsec/pkg/database"
"github.com/crowdsecurity/crowdsec/pkg/fflag"
"github.com/crowdsecurity/crowdsec/pkg/types"
)

Expand Down Expand Up @@ -220,17 +219,15 @@ func NewServer(config *csconfig.LocalApiServerCfg) (*APIServer, error) {
log.Infof("CAPI manager configured successfully")
isMachineEnrolled = isEnrolled(apiClient.apiClient)
controller.AlertsAddChan = apiClient.AlertsAddChan
if fflag.PapiClient.IsEnabled() {
if isMachineEnrolled {
log.Infof("Machine is enrolled in the console, Loading PAPI Client")
papiClient, err = NewPAPI(apiClient, dbClient, config.ConsoleConfig, *config.PapiLogLevel)
if err != nil {
return nil, err
}
controller.DecisionDeleteChan = papiClient.Channels.DeleteDecisionChannel
} else {
log.Errorf("Machine is not enrolled in the console, can't synchronize with the console")
if isMachineEnrolled {
log.Infof("Machine is enrolled in the console, Loading PAPI Client")
papiClient, err = NewPAPI(apiClient, dbClient, config.ConsoleConfig, *config.PapiLogLevel)
if err != nil {
return nil, err
}
controller.DecisionDeleteChan = papiClient.Channels.DeleteDecisionChannel
} else {
log.Errorf("Machine is not enrolled in the console, can't synchronize with the console")
}
} else {
apiClient = nil
Expand Down Expand Up @@ -357,31 +354,29 @@ func (s *APIServer) Run(apiReady chan bool) error {

//csConfig.API.Server.ConsoleConfig.ShareCustomScenarios
if s.isEnrolled {
if fflag.PapiClient.IsEnabled() {
if s.consoleConfig.ConsoleManagement != nil && *s.consoleConfig.ConsoleManagement {
if s.papi.URL != "" {
log.Infof("Starting PAPI decision receiver")
s.papi.pullTomb.Go(func() error {
if err := s.papi.Pull(); err != nil {
log.Errorf("papi pull: %s", err)
return err
}
return nil
})

s.papi.syncTomb.Go(func() error {
if err := s.papi.SyncDecisions(); err != nil {
log.Errorf("capi decisions sync: %s", err)
return err
}
return nil
})
} else {
log.Warnf("papi_url is not set in online_api_credentials.yaml, can't synchronize with the console. Run cscli console enable console_management to add it.")
}
if s.consoleConfig.ConsoleManagement != nil && *s.consoleConfig.ConsoleManagement {
if s.papi.URL != "" {
log.Infof("Starting PAPI decision receiver")
s.papi.pullTomb.Go(func() error {
if err := s.papi.Pull(); err != nil {
log.Errorf("papi pull: %s", err)
return err
}
return nil
})

s.papi.syncTomb.Go(func() error {
if err := s.papi.SyncDecisions(); err != nil {
log.Errorf("capi decisions sync: %s", err)
return err
}
return nil
})
} else {
log.Warningf("Machine is not allowed to synchronize decisions, you can enable it with `cscli console enable console_management`")
log.Warnf("papi_url is not set in online_api_credentials.yaml, can't synchronize with the console. Run cscli console enable console_management to add it.")
}
} else {
log.Warningf("Machine is not allowed to synchronize decisions, you can enable it with `cscli console enable console_management`")
}
}

Expand Down
6 changes: 1 addition & 5 deletions pkg/csconfig/console.go
Original file line number Diff line number Diff line change
Expand Up @@ -8,8 +8,6 @@ import (
"gopkg.in/yaml.v2"

"github.com/crowdsecurity/go-cs-lib/ptr"

"github.com/crowdsecurity/crowdsec/pkg/fflag"
)

const (
Expand Down Expand Up @@ -66,9 +64,7 @@ func (c *LocalApiServerCfg) LoadConsoleConfig() error {
c.ConsoleConfig.ShareManualDecisions = ptr.Of(false)
}

if !fflag.PapiClient.IsEnabled() {
c.ConsoleConfig.ConsoleManagement = ptr.Of(false)
} else if c.ConsoleConfig.ConsoleManagement == nil {
if c.ConsoleConfig.ConsoleManagement == nil {
log.Debugf("no console_management found, setting to false")
c.ConsoleConfig.ConsoleManagement = ptr.Of(false)
}
Expand Down
2 changes: 1 addition & 1 deletion pkg/fflag/crowdsec.go
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ var Crowdsec = FeatureRegister{EnvPrefix: "CROWDSEC_FEATURE_"}
var CscliSetup = &Feature{Name: "cscli_setup", Description: "Enable cscli setup command (service detection)"}
var DisableHttpRetryBackoff = &Feature{Name: "disable_http_retry_backoff", Description: "Disable http retry backoff"}
var ChunkedDecisionsStream = &Feature{Name: "chunked_decisions_stream", Description: "Enable chunked decisions stream"}
var PapiClient = &Feature{Name: "papi_client", Description: "Enable Polling API client"}
var PapiClient = &Feature{Name: "papi_client", Description: "Enable Polling API client", State: RetiredState}
var Re2GrokSupport = &Feature{Name: "re2_grok_support", Description: "Enable RE2 support for GROK patterns"}
var Re2RegexpInfileSupport = &Feature{Name: "re2_regexp_in_file_support", Description: "Enable RE2 support for RegexpInFile expr helper"}

Expand Down
36 changes: 21 additions & 15 deletions pkg/longpollclient/client.go
Original file line number Diff line number Diff line change
Expand Up @@ -193,26 +193,32 @@ func (c *LongPollClient) PullOnce(since time.Time) ([]Event, error) {
}
defer resp.Body.Close()
decoder := json.NewDecoder(resp.Body)
var pollResp pollResponse
err = decoder.Decode(&pollResp)
if err != nil {
if err == io.EOF {
c.logger.Debugf("server closed connection")
return nil, nil
evts := []Event{}
for {
var pollResp pollResponse
err = decoder.Decode(&pollResp)
if err != nil {
if err == io.EOF {
c.logger.Debugf("server closed connection")
break
}
log.Errorf("error decoding poll response: %v", err)
break
}
return nil, fmt.Errorf("error decoding poll response: %v", err)
}

c.logger.Tracef("got response: %+v", pollResp)
c.logger.Tracef("got response: %+v", pollResp)

if len(pollResp.ErrorMessage) > 0 {
if pollResp.ErrorMessage == timeoutMessage {
c.logger.Debugf("got timeout message")
return nil, nil
if len(pollResp.ErrorMessage) > 0 {
if pollResp.ErrorMessage == timeoutMessage {
c.logger.Debugf("got timeout message")
break
}
log.Errorf("longpoll API error message: %s", pollResp.ErrorMessage)
break
}
return nil, fmt.Errorf("longpoll API error message: %s", pollResp.ErrorMessage)
evts = append(evts, pollResp.Events...)
}
return pollResp.Events, nil
return evts, nil
}

func NewLongPollClient(config LongPollClientConfig) (*LongPollClient, error) {
Expand Down
6 changes: 2 additions & 4 deletions test/bats/09_console.bats
Original file line number Diff line number Diff line change
Expand Up @@ -72,9 +72,8 @@ setup() {
assert_stderr --partial "manual already set to true"
assert_stderr --partial "tainted already set to true"
assert_stderr --partial "context already set to true"
assert_stderr --partial "All features have been enabled successfully"
CROWDSEC_FEATURE_PAPI_CLIENT=true rune -0 cscli console enable --all --debug
assert_stderr --partial "console_management set to true"
assert_stderr --partial "All features have been enabled successfully"
rune -1 cscli console enable tralala
assert_stderr --partial "unknown flag tralala"
}
Expand All @@ -94,9 +93,8 @@ setup() {
assert_stderr --partial "manual already set to false"
assert_stderr --partial "tainted already set to false"
assert_stderr --partial "context already set to false"
assert_stderr --partial "All features have been disabled"
CROWDSEC_FEATURE_PAPI_CLIENT=true rune -0 cscli console disable --all --debug
assert_stderr --partial "console_management already set to false"
assert_stderr --partial "All features have been disabled"
rune -1 cscli console disable tralala
assert_stderr --partial "unknown flag tralala"
}

0 comments on commit 04f3dc0

Please sign in to comment.