waf: allow glob when including seclang files (#3948)

Author: blotus

pkg/appsec/appsec_rules_collection.go

@@ -77,24 +77,38 @@ func LoadCollection(pattern string, logger *log.Entry) ([]AppsecCollection, erro
 		if appsecRule.SecLangFilesRules != nil {
 			for _, rulesFile := range appsecRule.SecLangFilesRules {
 				logger.Debugf("Adding rules from %s", rulesFile)
-				fullPath := filepath.Join(hub.GetDataDir(), rulesFile)
+				globPattern := filepath.Join(hub.GetDataDir(), rulesFile)
+
+				matches, err := filepath.Glob(globPattern)
 
-				c, err := os.ReadFile(fullPath)
 				if err != nil {
-					logger.Errorf("unable to read file %s : %s", rulesFile, err)
+					logger.Errorf("unable to glob %s : %s", rulesFile, err)
 					continue
 				}
 
-				for line := range strings.SplitSeq(string(c), "\n") {
-					if strings.HasPrefix(line, "#") {
-						continue
-					}
+				if len(matches) == 0 {
+					logger.Warnf("no file matched pattern %s", globPattern)
+					continue
+				}
 
-					if strings.TrimSpace(line) == "" {
+				for _, fullPath := range matches {
+					c, err := os.ReadFile(fullPath)
+					if err != nil {
+						logger.Errorf("unable to read file %s : %s", rulesFile, err)
 						continue
 					}
 
-					appsecCol.NativeRules = append(appsecCol.NativeRules, line)
+					for line := range strings.SplitSeq(string(c), "\n") {
+						if strings.HasPrefix(line, "#") {
+							continue
+						}
+
+						if strings.TrimSpace(line) == "" {
+							continue
+						}
+
+						appsecCol.NativeRules = append(appsecCol.NativeRules, line)
+					}
 				}
 			}
 		}

pkg/hubops/download.go

@@ -135,6 +135,7 @@ func downloadDataSet(ctx context.Context, dataFolder string, force bool, reader
 			d := downloader.
 				New().
 				WithHTTPClient(cwhub.HubClient).
+				WithMakeDirs(true).
 				ToFile(destPath).
 				CompareContent().
 				BeforeRequest(func(req *http.Request) {