diff --git a/cmd/crowdsec-cli/bouncers.go b/cmd/crowdsec-cli/bouncers.go index 8c8af923a0f..b908bc9c41e 100644 --- a/cmd/crowdsec-cli/bouncers.go +++ b/cmd/crowdsec-cli/bouncers.go @@ -58,7 +58,7 @@ Note: This command requires database direct access, so is intended to be run on DisableAutoGenTag: true, PersistentPreRunE: func(_ *cobra.Command, _ []string) error { var err error - if err = require.DB(cli.cfg()); err != nil { + if err = require.LAPI(cli.cfg()); err != nil { return err } diff --git a/cmd/crowdsec-cli/require/require.go b/cmd/crowdsec-cli/require/require.go index e4589b7ce07..683910768ed 100644 --- a/cmd/crowdsec-cli/require/require.go +++ b/cmd/crowdsec-cli/require/require.go @@ -11,7 +11,7 @@ import ( ) func LAPI(c *csconfig.Config) error { - if err := c.LoadAPIServer(); err != nil { + if err := c.LoadAPIServer(true); err != nil { return fmt.Errorf("failed to load Local API: %w", err) } diff --git a/cmd/crowdsec-cli/support.go b/cmd/crowdsec-cli/support.go index ca14ea872b8..47768e7c2ee 100644 --- a/cmd/crowdsec-cli/support.go +++ b/cmd/crowdsec-cli/support.go @@ -306,7 +306,7 @@ cscli support dump -f /tmp/crowdsec-support.zip infos[SUPPORT_AGENTS_PATH] = []byte(err.Error()) } - if err := csConfig.LoadAPIServer(); err != nil { + if err := csConfig.LoadAPIServer(true); err != nil { log.Warnf("could not load LAPI, skipping CAPI check") skipLAPI = true infos[SUPPORT_CAPI_STATUS_PATH] = []byte(err.Error()) diff --git a/cmd/crowdsec/main.go b/cmd/crowdsec/main.go index bdb04023e0b..2040141bb3e 100644 --- a/cmd/crowdsec/main.go +++ b/cmd/crowdsec/main.go @@ -262,7 +262,7 @@ func LoadConfig(configFile string, disableAgent bool, disableAPI bool, quiet boo } if !cConfig.DisableAPI { - if err := cConfig.LoadAPIServer(); err != nil { + if err := cConfig.LoadAPIServer(false); err != nil { return nil, err } } diff --git a/pkg/csconfig/api.go b/pkg/csconfig/api.go index 06b3d382826..068046c80cb 100644 --- a/pkg/csconfig/api.go +++ b/pkg/csconfig/api.go @@ -236,7 +236,7 @@ type LocalApiServerCfg struct { CapiWhitelists *CapiWhitelist `yaml:"-"` } -func (c *Config) LoadAPIServer() error { +func (c *Config) LoadAPIServer(inCli bool) error { if c.DisableAPI { log.Warning("crowdsec local API is disabled from flag") } @@ -285,7 +285,7 @@ func (c *Config) LoadAPIServer() error { } } - if c.API.Server.OnlineClient == nil || c.API.Server.OnlineClient.Credentials == nil { + if (c.API.Server.OnlineClient == nil || c.API.Server.OnlineClient.Credentials == nil) && !inCli { log.Printf("push and pull to Central API disabled") } @@ -297,7 +297,7 @@ func (c *Config) LoadAPIServer() error { return err } - if c.API.Server.CapiWhitelistsPath != "" { + if c.API.Server.CapiWhitelistsPath != "" && !inCli { log.Infof("loaded capi whitelist from %s: %d IPs, %d CIDRs", c.API.Server.CapiWhitelistsPath, len(c.API.Server.CapiWhitelists.Ips), len(c.API.Server.CapiWhitelists.Cidrs)) } diff --git a/pkg/csconfig/api_test.go b/pkg/csconfig/api_test.go index e1e24e2be34..db0dfb2d242 100644 --- a/pkg/csconfig/api_test.go +++ b/pkg/csconfig/api_test.go @@ -240,7 +240,7 @@ func TestLoadAPIServer(t *testing.T) { for _, tc := range tests { tc := tc t.Run(tc.name, func(t *testing.T) { - err := tc.input.LoadAPIServer() + err := tc.input.LoadAPIServer(true) cstest.RequireErrorContains(t, err, tc.expectedErr) if tc.expectedErr != "" { return diff --git a/pkg/csconfig/config.go b/pkg/csconfig/config.go index 09f46e25058..a704414952e 100644 --- a/pkg/csconfig/config.go +++ b/pkg/csconfig/config.go @@ -41,9 +41,9 @@ type Config struct { Hub *LocalHubCfg `yaml:"-"` } -func NewConfig(configFile string, disableAgent bool, disableAPI bool, quiet bool) (*Config, string, error) { +func NewConfig(configFile string, disableAgent bool, disableAPI bool, inCli bool) (*Config, string, error) { patcher := yamlpatch.NewPatcher(configFile, ".local") - patcher.SetQuiet(quiet) + patcher.SetQuiet(inCli) fcontent, err := patcher.MergedPatchContent() if err != nil { return nil, "", err