From ac01b99573b43f5d8ea807759d768b7d436ea66b Mon Sep 17 00:00:00 2001 From: marco Date: Wed, 24 Jan 2024 17:01:42 +0100 Subject: [PATCH 1/5] cscli alerts: drop redundant if block and reduce indentation for readability --- cmd/crowdsec-cli/alerts.go | 71 +++++++++++++++++++------------------- 1 file changed, 35 insertions(+), 36 deletions(-) diff --git a/cmd/crowdsec-cli/alerts.go b/cmd/crowdsec-cli/alerts.go index a3736abd1b7..17ac53c6690 100644 --- a/cmd/crowdsec-cli/alerts.go +++ b/cmd/crowdsec-cli/alerts.go @@ -162,48 +162,47 @@ var alertTemplate = ` ` func DisplayOneAlert(alert *models.Alert, withDetail bool) error { - if csConfig.Cscli.Output == "human" { - tmpl, err := template.New("alert").Parse(alertTemplate) - if err != nil { - return err - } - err = tmpl.Execute(os.Stdout, alert) - if err != nil { - return err - } - - alertDecisionsTable(color.Output, alert) + tmpl, err := template.New("alert").Parse(alertTemplate) + if err != nil { + return err + } + err = tmpl.Execute(os.Stdout, alert) + if err != nil { + return err + } - if len(alert.Meta) > 0 { - fmt.Printf("\n - Context :\n") - sort.Slice(alert.Meta, func(i, j int) bool { - return alert.Meta[i].Key < alert.Meta[j].Key - }) - table := newTable(color.Output) - table.SetRowLines(false) - table.SetHeaders("Key", "Value") - for _, meta := range alert.Meta { - var valSlice []string - if err := json.Unmarshal([]byte(meta.Value), &valSlice); err != nil { - return fmt.Errorf("unknown context value type '%s' : %s", meta.Value, err) - } - for _, value := range valSlice { - table.AddRow( - meta.Key, - value, - ) - } + alertDecisionsTable(color.Output, alert) + + if len(alert.Meta) > 0 { + fmt.Printf("\n - Context :\n") + sort.Slice(alert.Meta, func(i, j int) bool { + return alert.Meta[i].Key < alert.Meta[j].Key + }) + table := newTable(color.Output) + table.SetRowLines(false) + table.SetHeaders("Key", "Value") + for _, meta := range alert.Meta { + var valSlice []string + if err := json.Unmarshal([]byte(meta.Value), &valSlice); err != nil { + return fmt.Errorf("unknown context value type '%s' : %s", meta.Value, err) + } + for _, value := range valSlice { + table.AddRow( + meta.Key, + value, + ) } - table.Render() } + table.Render() + } - if withDetail { - fmt.Printf("\n - Events :\n") - for _, event := range alert.Events { - alertEventTable(color.Output, event) - } + if withDetail { + fmt.Printf("\n - Events :\n") + for _, event := range alert.Events { + alertEventTable(color.Output, event) } } + return nil } From 4d8f3770655f80a05c0f913380841cd28194c256 Mon Sep 17 00:00:00 2001 From: marco Date: Wed, 24 Jan 2024 17:04:28 +0100 Subject: [PATCH 2/5] if -> switch --- cmd/crowdsec-cli/alerts.go | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/cmd/crowdsec-cli/alerts.go b/cmd/crowdsec-cli/alerts.go index 17ac53c6690..74f716cab3b 100644 --- a/cmd/crowdsec-cli/alerts.go +++ b/cmd/crowdsec-cli/alerts.go @@ -93,8 +93,8 @@ func SourceFromAlert(alert *models.Alert) string { } func AlertsToTable(alerts *models.GetAlertsResponse, printMachine bool) error { - - if csConfig.Cscli.Output == "raw" { + switch csConfig.Cscli.Output { + case "raw": csvwriter := csv.NewWriter(os.Stdout) header := []string{"id", "scope", "value", "reason", "country", "as", "decisions", "created_at"} if printMachine { @@ -124,7 +124,7 @@ func AlertsToTable(alerts *models.GetAlertsResponse, printMachine bool) error { } } csvwriter.Flush() - } else if csConfig.Cscli.Output == "json" { + case "json": if *alerts == nil { // avoid returning "null" in json // could be cleaner if we used slice of alerts directly @@ -132,8 +132,8 @@ func AlertsToTable(alerts *models.GetAlertsResponse, printMachine bool) error { return nil } x, _ := json.MarshalIndent(alerts, "", " ") - fmt.Printf("%s", string(x)) - } else if csConfig.Cscli.Output == "human" { + fmt.Print(string(x)) + case "human": if len(*alerts) == 0 { fmt.Println("No active alerts") return nil From 21b9fdc815b9581b433466a4357cfb1c078c5f15 Mon Sep 17 00:00:00 2001 From: marco Date: Wed, 24 Jan 2024 17:14:56 +0100 Subject: [PATCH 3/5] remove unused functions (debug helpers for papi??) --- cmd/crowdsec-cli/alerts.go | 45 -------------------------------------- 1 file changed, 45 deletions(-) diff --git a/cmd/crowdsec-cli/alerts.go b/cmd/crowdsec-cli/alerts.go index 74f716cab3b..466447445b1 100644 --- a/cmd/crowdsec-cli/alerts.go +++ b/cmd/crowdsec-cli/alerts.go @@ -11,7 +11,6 @@ import ( "strconv" "strings" "text/template" - "time" "github.com/fatih/color" "github.com/go-openapi/strfmt" @@ -48,50 +47,6 @@ func DecisionsFromAlert(alert *models.Alert) string { return ret } -func DateFromAlert(alert *models.Alert) string { - ts, err := time.Parse(time.RFC3339, alert.CreatedAt) - if err != nil { - log.Infof("while parsing %s with %s : %s", alert.CreatedAt, time.RFC3339, err) - return alert.CreatedAt - } - return ts.Format(time.RFC822) -} - -func SourceFromAlert(alert *models.Alert) string { - - //more than one item, just number and scope - if len(alert.Decisions) > 1 { - return fmt.Sprintf("%d %ss (%s)", len(alert.Decisions), *alert.Decisions[0].Scope, *alert.Decisions[0].Origin) - } - - //fallback on single decision information - if len(alert.Decisions) == 1 { - return fmt.Sprintf("%s:%s", *alert.Decisions[0].Scope, *alert.Decisions[0].Value) - } - - //try to compose a human friendly version - if *alert.Source.Value != "" && *alert.Source.Scope != "" { - scope := "" - scope = fmt.Sprintf("%s:%s", *alert.Source.Scope, *alert.Source.Value) - extra := "" - if alert.Source.Cn != "" { - extra = alert.Source.Cn - } - if alert.Source.AsNumber != "" { - extra += fmt.Sprintf("/%s", alert.Source.AsNumber) - } - if alert.Source.AsName != "" { - extra += fmt.Sprintf("/%s", alert.Source.AsName) - } - - if extra != "" { - scope += " (" + extra + ")" - } - return scope - } - return "" -} - func AlertsToTable(alerts *models.GetAlertsResponse, printMachine bool) error { switch csConfig.Cscli.Output { case "raw": From 4081ae26e455c982e4be5c9805806f2585eab8fb Mon Sep 17 00:00:00 2001 From: marco Date: Wed, 24 Jan 2024 17:17:29 +0100 Subject: [PATCH 4/5] don't export alertsToTable(), displayOneAlert() --- cmd/crowdsec-cli/alerts.go | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/cmd/crowdsec-cli/alerts.go b/cmd/crowdsec-cli/alerts.go index 466447445b1..5dbe3652d14 100644 --- a/cmd/crowdsec-cli/alerts.go +++ b/cmd/crowdsec-cli/alerts.go @@ -47,7 +47,7 @@ func DecisionsFromAlert(alert *models.Alert) string { return ret } -func AlertsToTable(alerts *models.GetAlertsResponse, printMachine bool) error { +func alertsToTable(alerts *models.GetAlertsResponse, printMachine bool) error { switch csConfig.Cscli.Output { case "raw": csvwriter := csv.NewWriter(os.Stdout) @@ -116,7 +116,7 @@ var alertTemplate = ` ` -func DisplayOneAlert(alert *models.Alert, withDetail bool) error { +func displayOneAlert(alert *models.Alert, withDetail bool) error { tmpl, err := template.New("alert").Parse(alertTemplate) if err != nil { return err @@ -305,7 +305,7 @@ cscli alerts list --type ban`, return fmt.Errorf("unable to list alerts: %v", err) } - err = AlertsToTable(alerts, printMachine) + err = alertsToTable(alerts, printMachine) if err != nil { return fmt.Errorf("unable to list alerts: %v", err) } @@ -456,7 +456,7 @@ func (cli cliAlerts) NewInspectCmd() *cobra.Command { } switch csConfig.Cscli.Output { case "human": - if err := DisplayOneAlert(alert, details); err != nil { + if err := displayOneAlert(alert, details); err != nil { continue } case "json": From e3958cbdbe13c99f527af17eea83df04ebfc741a Mon Sep 17 00:00:00 2001 From: marco Date: Wed, 24 Jan 2024 17:30:21 +0100 Subject: [PATCH 5/5] avoid globals: Client, dbClient --- cmd/crowdsec-cli/alerts.go | 28 +++++++++++++++------------- 1 file changed, 15 insertions(+), 13 deletions(-) diff --git a/cmd/crowdsec-cli/alerts.go b/cmd/crowdsec-cli/alerts.go index 5dbe3652d14..4ab71be5bbf 100644 --- a/cmd/crowdsec-cli/alerts.go +++ b/cmd/crowdsec-cli/alerts.go @@ -161,13 +161,15 @@ func displayOneAlert(alert *models.Alert, withDetail bool) error { return nil } -type cliAlerts struct{} +type cliAlerts struct{ + client *apiclient.ApiClient +} func NewCLIAlerts() *cliAlerts { return &cliAlerts{} } -func (cli cliAlerts) NewCommand() *cobra.Command { +func (cli *cliAlerts) NewCommand() *cobra.Command { cmd := &cobra.Command{ Use: "alerts [action]", Short: "Manage alerts", @@ -183,7 +185,7 @@ func (cli cliAlerts) NewCommand() *cobra.Command { if err != nil { return fmt.Errorf("parsing api url %s: %w", apiURL, err) } - Client, err = apiclient.NewClient(&apiclient.Config{ + cli.client, err = apiclient.NewClient(&apiclient.Config{ MachineID: csConfig.API.Client.Credentials.Login, Password: strfmt.Password(csConfig.API.Client.Credentials.Password), UserAgent: fmt.Sprintf("crowdsec/%s", version.String()), @@ -206,7 +208,7 @@ func (cli cliAlerts) NewCommand() *cobra.Command { return cmd } -func (cli cliAlerts) NewListCmd() *cobra.Command { +func (cli *cliAlerts) NewListCmd() *cobra.Command { var alertListFilter = apiclient.AlertsListOpts{ ScopeEquals: new(string), ValueEquals: new(string), @@ -300,7 +302,7 @@ cscli alerts list --type ban`, alertListFilter.Contains = new(bool) } - alerts, _, err := Client.Alerts.List(context.Background(), alertListFilter) + alerts, _, err := cli.client.Alerts.List(context.Background(), alertListFilter) if err != nil { return fmt.Errorf("unable to list alerts: %v", err) } @@ -331,7 +333,7 @@ cscli alerts list --type ban`, return cmd } -func (cli cliAlerts) NewDeleteCmd() *cobra.Command { +func (cli *cliAlerts) NewDeleteCmd() *cobra.Command { var ActiveDecision *bool var AlertDeleteAll bool var delAlertByID string @@ -406,12 +408,12 @@ cscli alerts delete -s crowdsecurity/ssh-bf"`, var alerts *models.DeleteAlertsResponse if delAlertByID == "" { - alerts, _, err = Client.Alerts.Delete(context.Background(), alertDeleteFilter) + alerts, _, err = cli.client.Alerts.Delete(context.Background(), alertDeleteFilter) if err != nil { return fmt.Errorf("unable to delete alerts : %v", err) } } else { - alerts, _, err = Client.Alerts.DeleteOne(context.Background(), delAlertByID) + alerts, _, err = cli.client.Alerts.DeleteOne(context.Background(), delAlertByID) if err != nil { return fmt.Errorf("unable to delete alert: %v", err) } @@ -433,7 +435,7 @@ cscli alerts delete -s crowdsecurity/ssh-bf"`, return cmd } -func (cli cliAlerts) NewInspectCmd() *cobra.Command { +func (cli *cliAlerts) NewInspectCmd() *cobra.Command { var details bool cmd := &cobra.Command{ Use: `inspect "alert_id"`, @@ -450,7 +452,7 @@ func (cli cliAlerts) NewInspectCmd() *cobra.Command { if err != nil { return fmt.Errorf("bad alert id %s", alertID) } - alert, _, err := Client.Alerts.GetByID(context.Background(), id) + alert, _, err := cli.client.Alerts.GetByID(context.Background(), id) if err != nil { return fmt.Errorf("can't find alert with id %s: %s", alertID, err) } @@ -483,7 +485,7 @@ func (cli cliAlerts) NewInspectCmd() *cobra.Command { return cmd } -func (cli cliAlerts) NewFlushCmd() *cobra.Command { +func (cli *cliAlerts) NewFlushCmd() *cobra.Command { var maxItems int var maxAge string cmd := &cobra.Command{ @@ -497,12 +499,12 @@ func (cli cliAlerts) NewFlushCmd() *cobra.Command { if err := require.LAPI(csConfig); err != nil { return err } - dbClient, err = database.NewClient(csConfig.DbConfig) + db, err := database.NewClient(csConfig.DbConfig) if err != nil { return fmt.Errorf("unable to create new database client: %s", err) } log.Info("Flushing alerts. !! This may take a long time !!") - err = dbClient.FlushAlerts(maxAge, maxItems) + err = db.FlushAlerts(maxAge, maxItems) if err != nil { return fmt.Errorf("unable to flush alerts: %s", err) }