Merge branch 'master' into multi_appsec_configs

crowdsecurity · Nov 15, 2024 · 004ec4c · 004ec4c
2 parents a9ccf72 + b96a7a5
commit 004ec4c
Show file tree

Hide file tree

Showing 86 changed files with 3,918 additions and 2,000 deletions.
diff --git a/.golangci.yml b/.golangci.yml
@@ -348,10 +348,6 @@ issues:
         - errorlint
       text: "type switch on error will fail on wrapped errors. Use errors.As to check for specific errors"
 
-    - linters:
-        - errorlint
-      text: "comparing with .* will fail on wrapped errors. Use errors.Is to check for a specific error"
-
     - linters:
         - nosprintfhostport
       text: "host:port in url should be constructed with net.JoinHostPort and not directly with fmt.Sprintf"

diff --git a/Makefile b/Makefile
@@ -80,6 +80,9 @@ endif
 #expr_debug tag is required to enable the debug mode in expr
 GO_TAGS := netgo,osusergo,sqlite_omit_load_extension,expr_debug
 
+# Allow building on ubuntu 24.10, see https://github.com/golang/go/issues/70023
+export CGO_LDFLAGS_ALLOW=-Wl,--(push|pop)-state.*
+
 # this will be used by Go in the make target, some distributions require it
 export PKG_CONFIG_PATH:=/usr/local/lib/pkgconfig:$(PKG_CONFIG_PATH)
 
@@ -131,6 +134,7 @@ COMPONENTS := \
 	datasource_cloudwatch \
 	datasource_docker \
 	datasource_file \
+	datasource_http \
 	datasource_k8saudit \
 	datasource_kafka \
 	datasource_journalctl \

diff --git a/README.md b/README.md
@@ -84,7 +84,7 @@ The architecture is as follows :
  <img src="https://github.com/crowdsecurity/crowdsec-docs/blob/main/crowdsec-docs/static/img/crowdsec_architecture.png" alt="CrowdSec" title="CrowdSec"/>
 </p>
 
-Once an unwanted behavior is detected, deal with it through a [bouncer](https://hub.crowdsec.net/browse/#bouncers). The aggressive IP, scenario triggered and timestamp are sent for curation, to avoid poisoning & false positives. (This can be disabled). If verified, this IP is then redistributed to all CrowdSec users running the same scenario.
+Once an unwanted behavior is detected, deal with it through a [bouncer](https://app.crowdsec.net/hub/remediation-components). The aggressive IP, scenario triggered and timestamp are sent for curation, to avoid poisoning & false positives. (This can be disabled). If verified, this IP is then redistributed to all CrowdSec users running the same scenario.
 
 ## Outnumbering hackers all together
 

diff --git a/azure-pipelines.yml b/azure-pipelines.yml
@@ -21,7 +21,7 @@ stages:
           - task: GoTool@0
             displayName: "Install Go"
             inputs:
-                version: '1.23'
+                version: '1.23.3'
 
           - pwsh: |
               choco install -y make

diff --git a/cmd/crowdsec-cli/clialert/alerts.go b/cmd/crowdsec-cli/clialert/alerts.go
@@ -36,7 +36,7 @@ func decisionsFromAlert(alert *models.Alert) string {
 	for _, decision := range alert.Decisions {
 		k := *decision.Type
 		if *decision.Simulated {
-			k = fmt.Sprintf("(simul)%s", k)
+			k = "(simul)" + k
 		}
 
 		v := decMap[k]
@@ -465,7 +465,7 @@ cscli alerts delete --range 1.2.3.0/24
 cscli alerts delete -s crowdsecurity/ssh-bf"`,
 		DisableAutoGenTag: true,
 		Aliases:           []string{"remove"},
-		Args:              cobra.ExactArgs(0),
+		Args:              cobra.NoArgs,
 		PreRunE: func(cmd *cobra.Command, _ []string) error {
 			if deleteAll {
 				return nil

diff --git a/cmd/crowdsec-cli/clibouncer/add.go b/cmd/crowdsec-cli/clibouncer/add.go
@@ -0,0 +1,72 @@
+package clibouncer
+
+import (
+	"context"
+	"encoding/json"
+	"errors"
+	"fmt"
+
+	"github.com/spf13/cobra"
+
+	middlewares "github.com/crowdsecurity/crowdsec/pkg/apiserver/middlewares/v1"
+	"github.com/crowdsecurity/crowdsec/pkg/types"
+)
+
+func (cli *cliBouncers) add(ctx context.Context, bouncerName string, key string) error {
+	var err error
+
+	keyLength := 32
+
+	if key == "" {
+		key, err = middlewares.GenerateAPIKey(keyLength)
+		if err != nil {
+			return fmt.Errorf("unable to generate api key: %w", err)
+		}
+	}
+
+	_, err = cli.db.CreateBouncer(ctx, bouncerName, "", middlewares.HashSHA512(key), types.ApiKeyAuthType)
+	if err != nil {
+		return fmt.Errorf("unable to create bouncer: %w", err)
+	}
+
+	switch cli.cfg().Cscli.Output {
+	case "human":
+		fmt.Printf("API key for '%s':\n\n", bouncerName)
+		fmt.Printf("   %s\n\n", key)
+		fmt.Print("Please keep this key since you will not be able to retrieve it!\n")
+	case "raw":
+		fmt.Print(key)
+	case "json":
+		j, err := json.Marshal(key)
+		if err != nil {
+			return errors.New("unable to serialize api key")
+		}
+
+		fmt.Print(string(j))
+	}
+
+	return nil
+}
+
+func (cli *cliBouncers) newAddCmd() *cobra.Command {
+	var key string
+
+	cmd := &cobra.Command{
+		Use:   "add MyBouncerName",
+		Short: "add a single bouncer to the database",
+		Example: `cscli bouncers add MyBouncerName
+cscli bouncers add MyBouncerName --key <random-key>`,
+		Args:              cobra.ExactArgs(1),
+		DisableAutoGenTag: true,
+		RunE: func(cmd *cobra.Command, args []string) error {
+			return cli.add(cmd.Context(), args[0], key)
+		},
+	}
+
+	flags := cmd.Flags()
+	flags.StringP("length", "l", "", "length of the api key")
+	_ = flags.MarkDeprecated("length", "use --key instead")
+	flags.StringVarP(&key, "key", "k", "", "api key for the bouncer")
+
+	return cmd
+}