Merge branch 'master' into cscli-bouncers

.golangci.yml

@@ -295,10 +295,6 @@ issues:
         - nosprintfhostport
       text: "host:port in url should be constructed with net.JoinHostPort and not directly with fmt.Sprintf"
 
-    - linters:
-        - wastedassign
-      text: "assigned to .*, but reassigned without using the value"
-
     # https://github.com/timakin/bodyclose
     - linters:
         - bodyclose
@@ -310,11 +306,6 @@ issues:
         - nonamedreturns
       text: "named return .* with type .* found"
 
-    # https://github.com/alexkohler/nakedret#purpose
-    - linters:
-        - nakedret
-      text: "naked return in func .* with .* lines of code"
-
     #
     # Will fix,  might be trickier
     #

cmd/crowdsec-cli/alerts.go

@@ -71,8 +71,7 @@ func SourceFromAlert(alert *models.Alert) string {
 
 	//try to compose a human friendly version
 	if *alert.Source.Value != "" && *alert.Source.Scope != "" {
-		scope := ""
-		scope = fmt.Sprintf("%s:%s", *alert.Source.Scope, *alert.Source.Value)
+		scope := fmt.Sprintf("%s:%s", *alert.Source.Scope, *alert.Source.Value)
 		extra := ""
 		if alert.Source.Cn != "" {
 			extra = alert.Source.Cn

cmd/crowdsec-cli/copyfile.go

@@ -41,7 +41,7 @@ func copyFileContents(src, dst string) (err error) {
 }
 
 /*copy the file, ioutile doesn't offer the feature*/
-func CopyFile(sourceSymLink, destinationFile string) (err error) {
+func CopyFile(sourceSymLink, destinationFile string) error {
 	sourceFile, err := filepath.EvalSymlinks(sourceSymLink)
 	if err != nil {
 		log.Infof("Not a symlink : %s", err)
@@ -51,7 +51,7 @@ func CopyFile(sourceSymLink, destinationFile string) (err error) {
 
 	sourceFileStat, err := os.Stat(sourceFile)
 	if err != nil {
-		return
+		return err
 	}
 
 	if !sourceFileStat.Mode().IsRegular() {
@@ -63,21 +63,21 @@ func CopyFile(sourceSymLink, destinationFile string) (err error) {
 	destinationFileStat, err := os.Stat(destinationFile)
 	if err != nil {
 		if !os.IsNotExist(err) {
-			return
+			return err
 		}
 	} else {
 		if !(destinationFileStat.Mode().IsRegular()) {
 			return fmt.Errorf("copyFile: non-regular destination file %s (%q)", destinationFileStat.Name(), destinationFileStat.Mode().String())
 		}
 		if os.SameFile(sourceFileStat, destinationFileStat) {
-			return
+			return err
 		}
 	}
 
 	if err = os.Link(sourceFile, destinationFile); err != nil {
 		err = copyFileContents(sourceFile, destinationFile)
 	}
 
-	return
+	return err
 }
 

cmd/crowdsec-cli/explain.go

@@ -188,10 +188,9 @@ func (cli cliExplain) run(cmd *cobra.Command, args []string) error {
 			}
 		}
 	}()
-	tmpFile := ""
 	// we create a  temporary log file if a log line/stdin has been provided
 	if logLine != "" || logFile == "-" {
-		tmpFile = filepath.Join(dir, "cscli_test_tmp.log")
+		tmpFile := filepath.Join(dir, "cscli_test_tmp.log")
 		f, err = os.Create(tmpFile)
 		if err != nil {
 			return err

cmd/crowdsec-cli/require/branch.go

@@ -56,3 +56,7 @@ func HubBranch(cfg *csconfig.Config) string {
 
 	return branch
 }
+
+func HubURLTemplate(cfg *csconfig.Config) string {
+	return cfg.Cscli.HubURLTemplate
+}

cmd/crowdsec-cli/require/require.go

@@ -66,10 +66,10 @@ func Notifications(c *csconfig.Config) error {
 func RemoteHub(c *csconfig.Config) *cwhub.RemoteHubCfg {
 	// set branch in config, and log if necessary
 	branch := HubBranch(c)
+	urlTemplate := HubURLTemplate(c)
 	remote := &cwhub.RemoteHubCfg{
 		Branch:      branch,
-		URLTemplate: "https://hub-cdn.crowdsec.net/%s/%s",
-		// URLTemplate: "http://localhost:8000/crowdsecurity/%s/hub/%s",
+		URLTemplate: urlTemplate,
 		IndexPath: ".index.json",
 	}
 

cmd/crowdsec/win_service.go

@@ -23,7 +23,7 @@ type crowdsec_winservice struct {
 	config *csconfig.Config
 }
 
-func (m *crowdsec_winservice) Execute(args []string, r <-chan svc.ChangeRequest, changes chan<- svc.Status) (ssec bool, errno uint32) {
+func (m *crowdsec_winservice) Execute(args []string, r <-chan svc.ChangeRequest, changes chan<- svc.Status) (bool, uint32) {
 	const cmdsAccepted = svc.AcceptStop | svc.AcceptShutdown
 	changes <- svc.Status{State: svc.StartPending}
 	tick := time.Tick(500 * time.Millisecond)
@@ -59,7 +59,8 @@ func (m *crowdsec_winservice) Execute(args []string, r <-chan svc.ChangeRequest,
 	if err != nil {
 		log.Fatal(err)
 	}
-	return
+
+	return false, 0
 }
 
 func runService(name string) error {

docker/docker_start.sh

@@ -3,7 +3,7 @@
 # shellcheck disable=SC2292      # allow [ test ] syntax
 # shellcheck disable=SC2310      # allow "if function..." syntax with -e
 
-set -e
+# set -e
 shopt -s inherit_errexit
 
 # match true, TRUE, True, tRuE, etc.
@@ -302,9 +302,8 @@ conf_set_if "$PLUGIN_DIR" '.config_paths.plugin_dir = strenv(PLUGIN_DIR)'
 
 ## Install hub items
 cscli hub update
+cscli hub upgrade
 
-cscli_if_clean collections upgrade crowdsecurity/linux
-cscli_if_clean parsers upgrade crowdsecurity/whitelists
 cscli_if_clean parsers install crowdsecurity/docker-logs
 cscli_if_clean parsers install crowdsecurity/cri-logs
 

docker/test/tests/test_flavors.py

@@ -22,6 +22,7 @@ def test_cscli_lapi(crowdsec, flavor):
         assert "You can successfully interact with Local API (LAPI)" in stdout
 
 
+@pytest.mark.skip(reason="currently broken by hub upgrade")
 def test_flavor_content(crowdsec, flavor):
     """Test flavor contents"""
     with crowdsec(flavor=flavor) as cs:

pkg/acquisition/modules/appsec/utils.go

@@ -179,11 +179,9 @@ func (r *AppsecRunner) AccumulateTxToEvent(evt *types.Event, req *appsec.ParsedR
 
 	req.Tx.Variables().All(func(v variables.RuleVariable, col collection.Collection) bool {
 		for _, variable := range col.FindAll() {
-			key := ""
-			if variable.Key() == "" {
-				key = variable.Variable().Name()
-			} else {
-				key = variable.Variable().Name() + "." + variable.Key()
+			key := variable.Variable().Name()
+			if variable.Key() != "" {
+				key += "." + variable.Key()
 			}
 			if variable.Value() == "" {
 				continue
@@ -214,7 +212,7 @@ func (r *AppsecRunner) AccumulateTxToEvent(evt *types.Event, req *appsec.ParsedR
 			evt.Appsec.HasOutBandMatches = true
 		}
 
-		name := ""
+		var name string
 		version := ""
 		hash := ""
 		ruleNameProm := fmt.Sprintf("%d", rule.Rule().ID())

pkg/csconfig/cscli.go

@@ -9,13 +9,16 @@ type CscliCfg struct {
 	Output             string            `yaml:"output,omitempty"`
 	Color              string            `yaml:"color,omitempty"`
 	HubBranch          string            `yaml:"hub_branch"`
+	HubURLTemplate     string            `yaml:"__hub_url_template__,omitempty"`
 	SimulationConfig   *SimulationConfig `yaml:"-"`
 	DbConfig           *DatabaseCfg      `yaml:"-"`
 
 	SimulationFilePath string            `yaml:"-"`
 	PrometheusUrl      string            `yaml:"prometheus_uri"`
 }
 
+const defaultHubURLTemplate = "https://hub-cdn.crowdsec.net/%s/%s"
+
 func (c *Config) loadCSCLI() error {
 	if c.Cscli == nil {
 		c.Cscli = &CscliCfg{}
@@ -25,5 +28,9 @@ func (c *Config) loadCSCLI() error {
 		c.Cscli.PrometheusUrl = fmt.Sprintf("http://%s:%d/metrics", c.Prometheus.ListenAddr, c.Prometheus.ListenPort)
 	}
 
+	if c.Cscli.HubURLTemplate == "" {
+		c.Cscli.HubURLTemplate = defaultHubURLTemplate
+	}
+
 	return nil
 }

pkg/csconfig/cscli_test.go

@@ -32,7 +32,8 @@ func TestLoadCSCLI(t *testing.T) {
 				},
 			},
 			expected: &CscliCfg{
-				PrometheusUrl: "http://127.0.0.1:6060/metrics",
+				PrometheusUrl:  "http://127.0.0.1:6060/metrics",
+				HubURLTemplate: defaultHubURLTemplate,
 			},
 		},
 	}

pkg/database/alerts.go

@@ -77,14 +77,11 @@ func formatAlertSource(alert *models.Alert) string {
 func formatAlertAsString(machineID string, alert *models.Alert) []string {
 	src := formatAlertSource(alert)
 
-	/**/
-	msg := ""
+	msg := "empty scenario"
 	if alert.Scenario != nil && *alert.Scenario != "" {
 		msg = *alert.Scenario
 	} else if alert.Message != nil && *alert.Message != "" {
 		msg = *alert.Message
-	} else {
-		msg = "empty scenario"
 	}
 
 	reason := fmt.Sprintf("%s by %s", msg, src)
@@ -116,7 +113,7 @@ func formatAlertAsString(machineID string, alert *models.Alert) []string {
 			reason = fmt.Sprintf("%s for %d/%d decisions", msg, i+1, len(alert.Decisions))
 		}
 
-		machineIDOrigin := ""
+		var machineIDOrigin string
 		if machineID == "" {
 			machineIDOrigin = *decisionItem.Origin
 		} else {

pkg/hubtest/parser_assert.go

@@ -107,7 +107,7 @@ func (p *ParserAssert) AssertFile(testFile string) error {
 			}
 
 			match := variableRE.FindStringSubmatch(scanner.Text())
-			variable := ""
+			var variable string
 
 			if len(match) == 0 {
 				log.Infof("Couldn't get variable of line '%s'", scanner.Text())

pkg/parser/runtime.go

@@ -319,7 +319,7 @@ func Parse(ctx UnixParserCtx, xp types.Event, nodes []Node) (types.Event, error)
 			}
 			clog.Tracef("node (%s) ret : %v", node.rn, ret)
 			if ParseDump {
-				parserIdxInStage := 0
+				var parserIdxInStage int
 				StageParseMutex.Lock()
 				if len(StageParseCache[stage][node.Name]) == 0 {
 					StageParseCache[stage][node.Name] = make([]dumps.ParserResult, 0)

test/bats/01_cscli.bats

@@ -115,15 +115,18 @@ teardown() {
     assert_output "&false"
 
     # complex type
-    rune -0 cscli config show --key Config.PluginConfig
+    rune -0 cscli config show --key Config.Prometheus
     assert_output - <<-EOT
-	&csconfig.PluginCfg{
-	  User: "nobody",
-	  Group: "nogroup",
+	&csconfig.PrometheusCfg{
+	  Enabled: true,
+	  Level: "full",
+	  ListenAddr: "127.0.0.1",
+	  ListenPort: 6060,
 	}
 	EOT
 }
 
+
 @test "cscli - required configuration paths" {
     config=$(cat "${CONFIG_YAML}")
     configdir=$(config_get '.config_paths.config_dir')

test/bats/04_capi.bats

@@ -43,7 +43,7 @@ setup() {
 
     config_set 'del(.api.server.online_client)'
     rune -1 cscli capi status
-    assert_stderr --partial "no configuration for Central API (CAPI) in '$CONFIG_YAML'"
+    assert_stderr --regexp "no configuration for Central API \(CAPI\) in '$(echo $CONFIG_YAML|sed s#//#/#g)'"
 }
 
 @test "cscli capi status" {