make: support CROWDSEC_API_DEV_ENV (#3931)

* make: support CROWDSEC_API_DEV_ENV

* lint

Author: mmetc

Makefile

@@ -77,6 +77,16 @@ ifneq (,$(DOCKER_BUILD))
 LD_OPTS_VARS += -X 'github.com/crowdsecurity/go-cs-lib/version.System=docker'
 endif
 
+# If CROWDSEC_API_DEV_ENV is set to a truthy value, connect to dev.crowdsec.net
+ifeq ($(call bool,$(CROWDSEC_API_DEV_ENV)),1)
+LD_OPTS_VARS += \
+ -X '$(GO_MODULE_NAME)/pkg/csconfig.PAPIBaseURl=https://papi.dev.crowdsec.net/' \
+ -X '$(GO_MODULE_NAME)/cmd/crowdsec-cli/clicapi.CAPIBaseURL=https://api.dev.crowdsec.net/'
+$(info envvar CROWDSEC_API_DEV_ENV=$(CROWDSEC_API_DEV_ENV): If you are not working on CAPI/PAPI, this is probably a mistake.)
+$(info Note that the DEV environment is slow, unreliable and may fail at any time.)
+$(info )
+endif
+
 #expr_debug tag is required to enable the debug mode in expr
 GO_TAGS := netgo,osusergo,sqlite_omit_load_extension,expr_debug
 

cmd/crowdsec-cli/clicapi/capi.go

@@ -22,9 +22,10 @@ import (
 	"github.com/crowdsecurity/crowdsec/pkg/cwhub"
 	"github.com/crowdsecurity/crowdsec/pkg/database"
 	"github.com/crowdsecurity/crowdsec/pkg/models"
-	"github.com/crowdsecurity/crowdsec/pkg/types"
 )
 
+var CAPIBaseURL = "https://api.crowdsec.net/"
+
 type configGetter = func() *csconfig.Config
 
 type cliCapi struct {
@@ -65,9 +66,9 @@ func (cli *cliCapi) register(ctx context.Context, capiUserPrefix string, outputF
 
 	password := strfmt.Password(pstr)
 
-	apiurl, err := url.Parse(types.CAPIBaseURL)
+	apiurl, err := url.Parse(CAPIBaseURL)
 	if err != nil {
-		return fmt.Errorf("unable to parse api url %s: %w", types.CAPIBaseURL, err)
+		return fmt.Errorf("unable to parse api url %s: %w", CAPIBaseURL, err)
 	}
 
 	_, err = apiclient.RegisterClient(ctx, &apiclient.Config{
@@ -77,7 +78,7 @@ func (cli *cliCapi) register(ctx context.Context, capiUserPrefix string, outputF
 		VersionPrefix: "v3",
 	}, nil)
 	if err != nil {
-		return fmt.Errorf("api client register ('%s'): %w", types.CAPIBaseURL, err)
+		return fmt.Errorf("api client register ('%s'): %w", CAPIBaseURL, err)
 	}
 
 	log.Infof("Successfully registered to Central API (CAPI)")
@@ -96,7 +97,7 @@ func (cli *cliCapi) register(ctx context.Context, capiUserPrefix string, outputF
 	apiCfg := csconfig.ApiCredentialsCfg{
 		Login:    capiUser,
 		Password: password.String(),
-		URL:      types.CAPIBaseURL,
+		URL:      CAPIBaseURL,
 	}
 
 	apiConfigDump, err := yaml.Marshal(apiCfg)

cmd/crowdsec-cli/cliconsole/console.go

@@ -27,7 +27,6 @@ import (
 	"github.com/crowdsecurity/crowdsec/cmd/crowdsec-cli/require"
 	"github.com/crowdsecurity/crowdsec/pkg/apiclient"
 	"github.com/crowdsecurity/crowdsec/pkg/csconfig"
-	"github.com/crowdsecurity/crowdsec/pkg/types"
 )
 
 type configGetter func() *csconfig.Config
@@ -52,6 +51,7 @@ func (cli *cliConsole) NewCommand() *cobra.Command {
 			if err := require.LAPI(cfg); err != nil {
 				return err
 			}
+
 			if err := require.CAPI(cfg); err != nil {
 				return err
 			}
@@ -240,14 +240,17 @@ Enable given information push to the central API. Allows to empower the console`
 				if err := cli.setConsoleOpts(csconfig.CONSOLE_CONFIGS, true); err != nil {
 					return err
 				}
+
 				log.Infof("All features have been enabled successfully")
 			} else {
 				if len(args) == 0 {
 					return errors.New("you must specify at least one feature to enable")
 				}
+
 				if err := cli.setConsoleOpts(args, true); err != nil {
 					return err
 				}
+
 				log.Infof("%v have been enabled", args)
 			}
 
@@ -279,14 +282,17 @@ Disable given information push to the central API.`,
 				if err := cli.setConsoleOpts(csconfig.CONSOLE_CONFIGS, false); err != nil {
 					return err
 				}
+
 				log.Infof("All features have been disabled")
 			} else {
 				if len(args) == 0 {
 					return errors.New("you must specify at least one feature to disable")
 				}
+
 				if err := cli.setConsoleOpts(args, false); err != nil {
 					return err
 				}
+
 				log.Infof("%v have been disabled", args)
 			}
 
@@ -312,6 +318,7 @@ func (cli *cliConsole) newStatusCmd() *cobra.Command {
 		RunE: func(_ *cobra.Command, _ []string) error {
 			cfg := cli.cfg()
 			consoleCfg := cfg.API.Server.ConsoleConfig
+
 			switch cfg.Cscli.Output {
 			case "human":
 				cmdConsoleStatusTable(color.Output, cfg.Cscli.Color, *consoleCfg)
@@ -323,13 +330,16 @@ func (cli *cliConsole) newStatusCmd() *cobra.Command {
 					csconfig.SEND_CONTEXT:           consoleCfg.ShareContext,
 					csconfig.CONSOLE_MANAGEMENT:     consoleCfg.ConsoleManagement,
 				}
+
 				data, err := json.MarshalIndent(out, "", "  ")
 				if err != nil {
 					return fmt.Errorf("failed to serialize configuration: %w", err)
 				}
+
 				fmt.Fprintln(os.Stdout, string(data))
 			case "raw":
 				csvwriter := csv.NewWriter(os.Stdout)
+
 				err := csvwriter.Write([]string{"option", "enabled"})
 				if err != nil {
 					return err
@@ -348,6 +358,7 @@ func (cli *cliConsole) newStatusCmd() *cobra.Command {
 						return err
 					}
 				}
+
 				csvwriter.Flush()
 			}
 
@@ -385,7 +396,7 @@ func (cli *cliConsole) setConsoleOpts(args []string, wanted bool) error {
 	for _, arg := range args {
 		switch arg {
 		case csconfig.CONSOLE_MANAGEMENT:
-			/*for each flag check if it's already set before setting it*/
+			// for each flag check if it's already set before setting it
 			if consoleCfg.ConsoleManagement != nil && *consoleCfg.ConsoleManagement == wanted {
 				log.Debugf("%s already set to %t", csconfig.CONSOLE_MANAGEMENT, wanted)
 			} else {
@@ -397,7 +408,7 @@ func (cli *cliConsole) setConsoleOpts(args []string, wanted bool) error {
 				changed := false
 				if wanted && cfg.API.Server.OnlineClient.Credentials.PapiURL == "" {
 					changed = true
-					cfg.API.Server.OnlineClient.Credentials.PapiURL = types.PAPIBaseURL
+					cfg.API.Server.OnlineClient.Credentials.PapiURL = csconfig.PAPIBaseURL
 				} else if !wanted && cfg.API.Server.OnlineClient.Credentials.PapiURL != "" {
 					changed = true
 					cfg.API.Server.OnlineClient.Credentials.PapiURL = ""
@@ -418,31 +429,31 @@ func (cli *cliConsole) setConsoleOpts(args []string, wanted bool) error {
 				}
 			}
 		case csconfig.SEND_CUSTOM_SCENARIOS:
-			/*for each flag check if it's already set before setting it*/
+			// for each flag check if it's already set before setting it
 			if consoleCfg.ShareCustomScenarios != nil && *consoleCfg.ShareCustomScenarios == wanted {
 				log.Debugf("%s already set to %t", csconfig.SEND_CUSTOM_SCENARIOS, wanted)
 			} else {
 				log.Infof("%s set to %t", csconfig.SEND_CUSTOM_SCENARIOS, wanted)
 				consoleCfg.ShareCustomScenarios = ptr.Of(wanted)
 			}
 		case csconfig.SEND_TAINTED_SCENARIOS:
-			/*for each flag check if it's already set before setting it*/
+			// for each flag check if it's already set before setting it
 			if consoleCfg.ShareTaintedScenarios != nil && *consoleCfg.ShareTaintedScenarios == wanted {
 				log.Debugf("%s already set to %t", csconfig.SEND_TAINTED_SCENARIOS, wanted)
 			} else {
 				log.Infof("%s set to %t", csconfig.SEND_TAINTED_SCENARIOS, wanted)
 				consoleCfg.ShareTaintedScenarios = ptr.Of(wanted)
 			}
 		case csconfig.SEND_MANUAL_SCENARIOS:
-			/*for each flag check if it's already set before setting it*/
+			// for each flag check if it's already set before setting it
 			if consoleCfg.ShareManualDecisions != nil && *consoleCfg.ShareManualDecisions == wanted {
 				log.Debugf("%s already set to %t", csconfig.SEND_MANUAL_SCENARIOS, wanted)
 			} else {
 				log.Infof("%s set to %t", csconfig.SEND_MANUAL_SCENARIOS, wanted)
 				consoleCfg.ShareManualDecisions = ptr.Of(wanted)
 			}
 		case csconfig.SEND_CONTEXT:
-			/*for each flag check if it's already set before setting it*/
+			// for each flag check if it's already set before setting it
 			if consoleCfg.ShareContext != nil && *consoleCfg.ShareContext == wanted {
 				log.Debugf("%s already set to %t", csconfig.SEND_CONTEXT, wanted)
 			} else {

pkg/apiserver/papi.go

@@ -23,8 +23,11 @@ import (
 )
 
 const (
-	SyncInterval = time.Second * 10
-	PapiPullKey  = "papi:last_pull"
+	PAPIVersion        = "v1"
+	PAPIPollURL        = "/decisions/stream/poll"
+	PAPIPermissionsURL = "/permissions"
+	SyncInterval       = time.Second * 10
+	PapiPullKey        = "papi:last_pull"
 )
 
 var operationMap = map[string]func(*Message, *Papi, bool) error{
@@ -89,11 +92,11 @@ func NewPAPI(apic *apic, dbClient *database.Client, consoleConfig *csconfig.Cons
 		return &Papi{}, fmt.Errorf("creating papi logger: %w", err)
 	}
 
-	papiUrl := *apic.apiClient.PapiURL
-	papiUrl.Path = fmt.Sprintf("%s%s", types.PAPIVersion, types.PAPIPollUrl)
+	papiURL := *apic.apiClient.PapiURL
+	papiURL.Path = fmt.Sprintf("%s%s", PAPIVersion, PAPIPollURL)
 
 	longPollClient, err := longpollclient.NewLongPollClient(longpollclient.LongPollClientConfig{
-		Url:        papiUrl,
+		Url:        papiURL,
 		Logger:     logger,
 		HttpClient: apic.apiClient.GetClient(),
 	})
@@ -159,9 +162,9 @@ func (p *Papi) handleEvent(event longpollclient.Event, sync bool) error {
 
 func (p *Papi) GetPermissions(ctx context.Context) (PapiPermCheckSuccess, error) {
 	httpClient := p.apiClient.GetClient()
-	papiCheckUrl := fmt.Sprintf("%s%s%s", p.URL, types.PAPIVersion, types.PAPIPermissionsUrl)
+	papiCheckURL := fmt.Sprintf("%s%s%s", p.URL, PAPIVersion, PAPIPermissionsURL)
 
-	req, err := http.NewRequestWithContext(ctx, http.MethodGet, papiCheckUrl, http.NoBody)
+	req, err := http.NewRequestWithContext(ctx, http.MethodGet, papiCheckURL, http.NoBody)
 	if err != nil {
 		return PapiPermCheckSuccess{}, fmt.Errorf("failed to create request: %w", err)
 	}
@@ -230,9 +233,10 @@ func (p *Papi) PullOnce(ctx context.Context, since time.Time, sync bool) error {
 	return nil
 }
 
-// PullPAPI is the long polling client for real-time decisions from PAPI
+// Pull is the long polling client for real-time decisions from PAPI
 func (p *Papi) Pull(ctx context.Context) error {
 	defer trace.CatchPanic("lapi/PullPAPI")
+
 	p.Logger.Infof("Starting Polling API Pull")
 
 	lastTimestamp := time.Time{}
@@ -322,7 +326,6 @@ func (p *Papi) Pull(ctx context.Context) error {
 			cancel()
 		}
 	}
-
 }
 
 func (p *Papi) SyncDecisions(ctx context.Context) error {

pkg/csconfig/api.go

@@ -21,9 +21,10 @@ import (
 	"github.com/crowdsecurity/go-cs-lib/ptr"
 
 	"github.com/crowdsecurity/crowdsec/pkg/apiclient"
-	"github.com/crowdsecurity/crowdsec/pkg/types"
 )
 
+var PAPIBaseURL = "https://papi.api.crowdsec.net/"
+
 type APICfg struct {
 	Client *LocalApiClientCfg `yaml:"client"`
 	Server *LocalApiServerCfg `yaml:"server"`
@@ -127,7 +128,7 @@ func (o *OnlineApiClientCfg) Load() error {
 	}
 
 	if o.Credentials != nil && o.Credentials.PapiURL == "" {
-		o.Credentials.PapiURL = types.PAPIBaseURL
+		o.Credentials.PapiURL = PAPIBaseURL
 	}
 
 	return nil

pkg/csconfig/api_test.go

@@ -13,8 +13,6 @@ import (
 
 	"github.com/crowdsecurity/go-cs-lib/cstest"
 	"github.com/crowdsecurity/go-cs-lib/ptr"
-
-	"github.com/crowdsecurity/crowdsec/pkg/types"
 )
 
 func TestLoadLocalApiClientCfg(t *testing.T) {
@@ -95,7 +93,7 @@ func TestLoadOnlineApiClientCfg(t *testing.T) {
 				URL:      "http://crowdsec.api",
 				Login:    "test",
 				Password: "testpassword",
-				PapiURL:  types.PAPIBaseURL,
+				PapiURL:  PAPIBaseURL,
 			},
 		},
 		{
@@ -214,7 +212,7 @@ func TestLoadAPIServer(t *testing.T) {
 						URL:      "http://crowdsec.api",
 						Login:    "test",
 						Password: "testpassword",
-						PapiURL:  types.PAPIBaseURL,
+						PapiURL:  PAPIBaseURL,
 					},
 					Sharing: ptr.Of(true),
 					PullConfig: CapiPullConfig{

pkg/types/constants.go

@@ -6,15 +6,6 @@ const (
 	PasswordAuthType = "password"
 )
 
-const (
-	PAPIBaseURL        = "https://papi.api.crowdsec.net/"
-	PAPIVersion        = "v1"
-	PAPIPollUrl        = "/decisions/stream/poll"
-	PAPIPermissionsUrl = "/permissions"
-)
-
-const CAPIBaseURL = "https://api.crowdsec.net/"
-
 const (
 	CscliOrigin                       = "cscli"
 	CrowdSecOrigin                    = "crowdsec"