Merge pull request #114 from julienloizelet/feat/timeout-and-php-8-2

Feat/timeout and php 8 2
crowdsecurity · Dec 16, 2022 · cc6a8ee · cc6a8ee
2 parents 2334a9c + 694b375
commit cc6a8ee
Show file tree

Hide file tree

Showing 16 changed files with 72 additions and 42 deletions.
diff --git a/.github/workflows/coding-standards.yml b/.github/workflows/coding-standards.yml
@@ -12,7 +12,7 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        php-version: ['7.4', '8.0', '8.1']
+        php-version: ['7.4', '8.0', '8.1', '8.2']
 
     name: Coding standards
     runs-on: ubuntu-latest
@@ -30,7 +30,7 @@ jobs:
 
       - name: Install DDEV
         env:
-          DDEV_VERSION: v1.21.2
+          DDEV_VERSION: v1.21.4
         run: |
           # @see https://ddev.readthedocs.io/en/stable/#installationupgrade-script-linux-and-macos-armarm64-and-amd64-architectures
           sudo apt-get -qq update

diff --git a/.github/workflows/markdown.yml b/.github/workflows/markdown.yml
@@ -9,7 +9,7 @@ jobs:
     steps:
 
       - name: Clone sources
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3
         with:
           path: extension
 

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -37,7 +37,7 @@ jobs:
           echo "VERSION_NUMBER=$(echo ${{ github.event.inputs.tag_name }} | sed 's/v//g' )" >> $GITHUB_ENV
 
       - name: Clone sources
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3
 
       - name: Check version ${{ env.VERSION_NUMBER }} consistency in files
         # Check src/Constants.php and CHANGELOG.md
@@ -79,11 +79,11 @@ jobs:
           fi
 
       - name: Create Tag ${{ github.event.inputs.tag_name }}
-        uses: actions/github-script@v3
+        uses: actions/github-script@v6
         with:
           github-token: ${{ github.token }}
           script: |
-            github.git.createRef({
+            github.rest.git.createRef({
               owner: context.repo.owner,
               repo: context.repo.repo,
               ref: "refs/tags/${{ github.event.inputs.tag_name }}",

diff --git a/.github/workflows/test-suite.yml b/.github/workflows/test-suite.yml
@@ -12,7 +12,7 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        php-version: ['7.2', '7.3', '7.4', '8.0', '8.1']
+        php-version: ['7.2', '7.3', '7.4', '8.0', '8.1', '8.2']
 
     name: Test suite
     runs-on: ubuntu-latest
@@ -33,7 +33,7 @@ jobs:
 
       - name: Install DDEV
         env:
-          DDEV_VERSION: v1.21.2
+          DDEV_VERSION: v1.21.4
         run: |
           # @see https://ddev.readthedocs.io/en/stable/#installationupgrade-script-linux-and-macos-armarm64-and-amd64-architectures
           sudo apt-get -qq update
@@ -315,3 +315,38 @@ jobs:
             echo "There are pending tests: $PENDING_TESTS (KO)"
             exit 1
           fi
+          
+
+      - name: Run "stream mode with TLS auth and cURL and Redis" test
+        run: |
+          cd ${{ github.workspace }}/${{env.EXTENSION_PATH}}
+          sed -i  's/\x27cache_system\x27 => \x27Constants::CACHE_SYSTEM_PHPFS\x27/\x27cache_system\x27 => \x27Constants::CACHE_SYSTEM_REDIS\x27/g' scripts/auto-prepend/settings.php
+          cat scripts/auto-prepend/settings.php
+          cd ${{ github.workspace }}/${{env.EXTENSION_PATH}}/tests/end-to-end/
+          ./__scripts__/run-tests.sh ci "./__tests__/3-stream-mode.js"
+          PENDING_TESTS=$(grep -oP '"numPendingTests":\K(.*),"numRuntimeErrorTestSuites"' .test-results.json | sed  's/,"numRuntimeErrorTestSuites"//g')
+          if [[ $PENDING_TESTS == "0" ]]
+          then
+            echo "No pending tests: OK"
+          else
+            echo "There are pending tests: $PENDING_TESTS (KO)"
+            exit 1
+          fi
+          
+
+      - name: Run "stream mode with TLS auth and cURL and Memcached" test
+        run: |
+          cd ${{ github.workspace }}/${{env.EXTENSION_PATH}}
+          sed -i  's/\x27cache_system\x27 => \x27Constants::CACHE_SYSTEM_REDIS\x27/\x27cache_system\x27 => \x27Constants::CACHE_SYSTEM_MEMCACHED\x27/g' scripts/auto-prepend/settings.php
+          cat scripts/auto-prepend/settings.php
+          cd ${{ github.workspace }}/${{env.EXTENSION_PATH}}/tests/end-to-end/
+          ./__scripts__/run-tests.sh ci "./__tests__/3-stream-mode.js"
+          PENDING_TESTS=$(grep -oP '"numPendingTests":\K(.*),"numRuntimeErrorTestSuites"' .test-results.json | sed  's/,"numRuntimeErrorTestSuites"//g')
+          if [[ $PENDING_TESTS == "0" ]]
+          then
+            echo "No pending tests: OK"
+          else
+            echo "There are pending tests: $PENDING_TESTS (KO)"
+            exit 1
+          fi    
+    
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -5,6 +5,15 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/)
 and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.html).
 
 
+## [0.35.0](https://github.com/crowdsecurity/php-cs-bouncer/releases/tag/v0.35.0) - 2022-12-16
+[_Compare with previous release_](https://github.com/crowdsecurity/php-cs-bouncer/compare/v0.34.0...v0.35.0)
+
+### Changed
+- Set default timeout to 120 and allow negative value for unlimited timeout
+
+---
+
+
 ## [0.34.0](https://github.com/crowdsecurity/php-cs-bouncer/releases/tag/v0.34.0) - 2022-11-24
 [_Compare with previous release_](https://github.com/crowdsecurity/php-cs-bouncer/compare/v0.33.0...v0.34.0)
 

diff --git a/docs/DEVELOPER.md b/docs/DEVELOPER.md
@@ -72,16 +72,8 @@ For a quick start, follow the below steps.
 
 #### DDEV installation
 
-This project is fully compatible with DDEV 1.21.2, and it is recommended to use this specific version.
-For the DDEV installation, please follow the [official instructions](https://ddev.readthedocs.io/en/stable/#installation).
-On a Linux distribution, you can run:
-```
-sudo apt-get -qq update
-sudo apt-get -qq -y install libnss3-tools
-curl -LO https://raw.githubusercontent.com/drud/ddev/master/scripts/install_ddev.sh
-bash install_ddev.sh v1.21.2
-rm install_ddev.sh
-```
+This project is fully compatible with DDEV 1.21.4, and it is recommended to use this specific version.
+For the DDEV installation, please follow the [official instructions](https://ddev.readthedocs.io/en/stable/users/install/ddev-installation/).
 
 
 #### Prepare DDEV PHP environment

diff --git a/docs/USER_GUIDE.md b/docs/USER_GUIDE.md
@@ -46,13 +46,12 @@ Please note that first and foremost a CrowdSec agent must be installed on a serv
   - Handle IP, IP ranges and Country scoped decisions
   - Clear, prune and refresh the Local API cache
   - `Live mode` or `Stream mode`
-- Large PHP matrix compatibility: 7.2.x, 7.3.x, 7.4.x, 8.0.x and 8.1.x
+- Large PHP matrix compatibility: 7.2, 7.3, 7.4, 8.0, 8.1 and 8.2
 - Built-in support for the most known cache systems like Redis, Memcached, PhpFiles
 - Events logged using monolog
 - Cap remediation level (ex: for sensitives websites: ban will be capped to captcha)
 
 
-
 ## Usage
 
 When a user is suspected by CrowdSec to be malevolent, a bouncer will either send him/her a captcha to resolve or
@@ -150,7 +149,8 @@ Here is the list of available settings:
 - `api_url`: Define the URL to your Local API server, default to `http://localhost:8080`.
 
 
-- `api_timeout`: In seconds. The timeout when calling Local API. Must be greater or equal than 1. Default to 1 sec.
+- `api_timeout`: In seconds. The timeout when calling Local API. Default to 120 sec. If set to a negative value, 
+  timeout will be unlimited.
 
 
 - `use_curl`: By default, this lib call the REST Local API using `file_get_contents` method (`allow_url_fopen` is required).

diff --git a/src/AbstractBounce.php b/src/AbstractBounce.php
@@ -404,7 +404,7 @@ protected function prepareBouncerConfigs(): array
             'api_key' => $this->getStringSettings('api_key'),
             'api_url' => $this->getStringSettings('api_url'),
             'api_user_agent' => $this->getStringSettings('api_user_agent'),
-            'api_timeout' => $apiTimeout > 0 ? $apiTimeout : Constants::API_TIMEOUT,
+            'api_timeout' => $apiTimeout !== 0 ? $apiTimeout : Constants::API_TIMEOUT,
             'use_curl' => $this->getBoolSettings('use_curl'),
             // Debug
             'debug_mode' => $this->getBoolSettings('debug_mode'),

diff --git a/src/AbstractCache.php b/src/AbstractCache.php
@@ -396,9 +396,9 @@ protected function hit(string $ip): string
         $remediations = $this->adapter->getItem(base64_encode($ip))->get();
 
         // We apply array values first because keys are ids.
+        /** @var array $firstRemediation */
         $firstRemediation = array_values($remediations)[0];
 
-        /** @var string */
         return $firstRemediation[0];
     }
 

diff --git a/src/Configuration.php b/src/Configuration.php
@@ -152,7 +152,7 @@ private function addConnectionNodes($rootNode)
                 ->info('Absolute path to the CA used to process TLS handshake')->defaultValue('')
             ->end()
             ->booleanNode('tls_verify_peer')->defaultValue(false)->end()
-            ->integerNode('api_timeout')->min(Constants::API_TIMEOUT)->defaultValue(Constants::API_TIMEOUT)->end()
+            ->integerNode('api_timeout')->defaultValue(Constants::API_TIMEOUT)->end()
             ->booleanNode('use_curl')->defaultValue(false)->end()
         ->end();
     }

diff --git a/src/Constants.php b/src/Constants.php
@@ -17,7 +17,7 @@
 class Constants
 {
     /** @var int The timeout when calling LAPI */
-    public const API_TIMEOUT = 1;
+    public const API_TIMEOUT = 120;
     /** @var string The API-KEY auth type */
     public const AUTH_KEY = 'api_key';
     /** @var string The TLS auth type */
@@ -75,7 +75,7 @@ class Constants
     /** @var string Path for html templates folder (e.g. ban and captcha wall) */
     public const TEMPLATES_DIR = __DIR__ . "/templates";
     /** @var string The last version of this library */
-    public const VERSION = 'v0.34.0';
+    public const VERSION = 'v0.35.0';
     /** @var string The "disabled" x-forwarded-for setting */
     public const X_FORWARDED_DISABLED = 'no_forward';
 }
diff --git a/src/RestClient/AbstractClient.php b/src/RestClient/AbstractClient.php
@@ -68,7 +68,6 @@ abstract public function request(
         array $queryParams = null,
         array $bodyParams = null,
         string $method = 'GET',
-        array $headers = null,
-        int $timeout = null
+        array $headers = null
     ): ?array;
 }
diff --git a/src/RestClient/Curl.php b/src/RestClient/Curl.php
@@ -21,8 +21,7 @@ public function request(
         array $queryParams = null,
         array $bodyParams = null,
         string $method = 'GET',
-        array $headers = null,
-        int $timeout = null
+        array $headers = null
     ): ?array {
         $handle = curl_init();
         $curlOptions = $this->createOptions($endpoint, $queryParams, $bodyParams, $method, $headers ?: $this->headers);

diff --git a/src/RestClient/FileGetContents.php b/src/RestClient/FileGetContents.php
@@ -29,14 +29,13 @@ public function request(
         array $queryParams = null,
         array $bodyParams = null,
         string $method = 'GET',
-        array $headers = null,
-        int $timeout = null
+        array $headers = null
     ): ?array {
         if ($queryParams) {
             $endpoint .= '?' . http_build_query($queryParams);
         }
 
-        $config = $this->createConfig($bodyParams, $method, $headers, $timeout);
+        $config = $this->createConfig($bodyParams, $method, $headers);
         $context = stream_context_create($config);
 
         $this->logger->debug('', [
@@ -81,15 +80,14 @@ private function convertHeadersToString(array $headers): string
     private function createConfig(
         array $bodyParams = null,
         string $method = 'GET',
-        array $headers = null,
-        int $timeout = null
+        array $headers = null
     ): array {
         $header = $headers ? $this->convertHeadersToString($headers) : $this->headerString;
         $config = [
             'http' => [
                 'method' => $method,
                 'header' => $header,
-                'timeout' => $timeout ?: $this->timeout,
+                'timeout' => $this->timeout,
                 'ignore_errors' => true,
             ],
         ];

diff --git a/tests/Integration/WatcherClient.php b/tests/Integration/WatcherClient.php
@@ -115,8 +115,7 @@ private function request(
         array $queryParams = null,
         array $bodyParams = null,
         string $method = 'GET',
-        array $headers = null,
-        int $timeout = null
+        array $headers = null
     ): ?array {
         $this->ensureLogin();
 
@@ -125,8 +124,7 @@ private function request(
             $queryParams,
             $bodyParams,
             $method,
-            $headers ?: $this->baseHeaders,
-            $timeout
+            $headers ?: $this->baseHeaders
         );
     }
 

diff --git a/tests/end-to-end/settings/base.php.dist b/tests/end-to-end/settings/base.php.dist
@@ -30,8 +30,8 @@ $crowdSecStandaloneBouncerConfig = [
     'trust_ip_forward_array' => ['REPLACE_PROXY_IP'],
     // Cache
     'cache_system' => Constants::CACHE_SYSTEM_PHPFS,
-    'redis_dsn' => '',
-    'memcached_dsn' => '',
+    'redis_dsn' => 'redis://redis:6379',
+    'memcached_dsn' => 'memcached://memcached:11211',
     'clean_ip_cache_duration' => 1,
     'bad_ip_cache_duration' => 1,
     'captcha_cache_duration'=> 86400,