CVELab · pull · Apr 3, 2024 · Apr 5, 2024 · Apr 5, 2024 · Apr 8, 2024
diff --git a/.github/codecov.yml b/.github/codecov.yml
@@ -1,5 +1,8 @@
 # we measure coverage but don't enforce it
 # https://docs.codecov.com/docs/codecov-yaml
+codecov:
+  require_ci_to_pass: false
+
 coverage:
   status:
     patch:
@@ -8,3 +11,154 @@ coverage:
     project:
       default:
         target: 0%
+
+# if a directory is ignored, there is no way to un-ignore files like pkg/models/helpers.go
+# so we make a full list
+ignore:
+  - "./pkg/modelscapi/success_response.go"
+  - "./pkg/modelscapi/get_decisions_stream_response_deleted.go"
+  - "./pkg/modelscapi/login_request.go"
+  - "./pkg/modelscapi/get_decisions_stream_response_links.go"
+  - "./pkg/modelscapi/login_response.go"
+  - "./pkg/modelscapi/add_signals_request_item.go"
+  - "./pkg/modelscapi/blocklist_link.go"
+  - "./pkg/modelscapi/get_decisions_stream_response_deleted_item.go"
+  - "./pkg/modelscapi/decisions_sync_request.go"
+  - "./pkg/modelscapi/get_decisions_stream_response.go"
+  - "./pkg/modelscapi/metrics_request_machines_item.go"
+  - "./pkg/modelscapi/metrics_request.go"
+  - "./pkg/modelscapi/get_decisions_stream_response_new.go"
+  - "./pkg/modelscapi/add_signals_request_item_decisions_item.go"
+  - "./pkg/modelscapi/metrics_request_bouncers_item.go"
+  - "./pkg/modelscapi/decisions_sync_request_item_decisions_item.go"
+  - "./pkg/modelscapi/decisions_delete_request_item.go"
+  - "./pkg/modelscapi/get_decisions_stream_response_new_item.go"
+  - "./pkg/modelscapi/decisions_sync_request_item.go"
+  - "./pkg/modelscapi/add_signals_request.go"
+  - "./pkg/modelscapi/reset_password_request.go"
+  - "./pkg/modelscapi/add_signals_request_item_decisions.go"
+  - "./pkg/modelscapi/decisions_sync_request_item_source.go"
+  - "./pkg/modelscapi/error_response.go"
+  - "./pkg/modelscapi/decisions_delete_request.go"
+  - "./pkg/modelscapi/decisions_sync_request_item_decisions.go"
+  - "./pkg/modelscapi/enroll_request.go"
+  - "./pkg/modelscapi/register_request.go"
+  - "./pkg/modelscapi/add_signals_request_item_source.go"
+  - "./pkg/models/success_response.go"
+  - "./pkg/models/hub_items.go"
+  - "./pkg/models/alert.go"
+  - "./pkg/models/metrics_bouncer_info.go"
+  - "./pkg/models/add_signals_request_item.go"
+  - "./pkg/models/metrics_meta.go"
+  - "./pkg/models/metrics_detail_item.go"
+  - "./pkg/models/add_signals_request_item_decisions_item.go"
+  - "./pkg/models/hub_item.go"
+  - "./pkg/models/get_alerts_response.go"
+  - "./pkg/models/metrics_labels.go"
+  - "./pkg/models/watcher_auth_request.go"
+  - "./pkg/models/add_alerts_request.go"
+  - "./pkg/models/event.go"
+  - "./pkg/models/decisions_delete_request_item.go"
+  - "./pkg/models/meta.go"
+  - "./pkg/models/detailed_metrics.go"
+  - "./pkg/models/delete_alerts_response.go"
+  - "./pkg/models/remediation_components_metrics.go"
+  - "./pkg/models/console_options.go"
+  - "./pkg/models/topx_response.go"
+  - "./pkg/models/add_signals_request.go"
+  - "./pkg/models/delete_decision_response.go"
+  - "./pkg/models/get_decisions_response.go"
+  - "./pkg/models/add_signals_request_item_decisions.go"
+  - "./pkg/models/source.go"
+  - "./pkg/models/decisions_stream_response.go"
+  - "./pkg/models/error_response.go"
+  - "./pkg/models/all_metrics.go"
+  - "./pkg/models/o_sversion.go"
+  - "./pkg/models/decision.go"
+  - "./pkg/models/decisions_delete_request.go"
+  - "./pkg/models/flush_decision_response.go"
+  - "./pkg/models/watcher_auth_response.go"
+  - "./pkg/models/lapi_metrics.go"
+  - "./pkg/models/watcher_registration_request.go"
+  - "./pkg/models/metrics_agent_info.go"
+  - "./pkg/models/log_processors_metrics.go"
+  - "./pkg/models/add_signals_request_item_source.go"
+  - "./pkg/models/base_metrics.go"
+  - "./pkg/models/add_alerts_response.go"
+  - "./pkg/models/metrics.go"
+  - "./pkg/protobufs/notifier.pb.go"
+  - "./pkg/protobufs/notifier_grpc.pb.go"
+  - "./pkg/database/ent/metric_update.go"
+  - "./pkg/database/ent/machine_delete.go"
+  - "./pkg/database/ent/decision_query.go"
+  - "./pkg/database/ent/meta_query.go"
+  - "./pkg/database/ent/metric/where.go"
+  - "./pkg/database/ent/metric/metric.go"
+  - "./pkg/database/ent/machine_create.go"
+  - "./pkg/database/ent/alert.go"
+  - "./pkg/database/ent/event_update.go"
+  - "./pkg/database/ent/alert_create.go"
+  - "./pkg/database/ent/alert_query.go"
+  - "./pkg/database/ent/metric_delete.go"
+  - "./pkg/database/ent/lock_create.go"
+  - "./pkg/database/ent/bouncer_update.go"
+  - "./pkg/database/ent/meta_update.go"
+  - "./pkg/database/ent/decision_create.go"
+  - "./pkg/database/ent/configitem_update.go"
+  - "./pkg/database/ent/machine_query.go"
+  - "./pkg/database/ent/client.go"
+  - "./pkg/database/ent/predicate/predicate.go"
+  - "./pkg/database/ent/lock/where.go"
+  - "./pkg/database/ent/lock/lock.go"
+  - "./pkg/database/ent/mutation.go"
+  - "./pkg/database/ent/migrate/migrate.go"
+  - "./pkg/database/ent/migrate/schema.go"
+  - "./pkg/database/ent/configitem.go"
+  - "./pkg/database/ent/metric_query.go"
+  - "./pkg/database/ent/event.go"
+  - "./pkg/database/ent/event_query.go"
+  - "./pkg/database/ent/lock_update.go"
+  - "./pkg/database/ent/meta.go"
+  - "./pkg/database/ent/configitem_query.go"
+  - "./pkg/database/ent/bouncer.go"
+  - "./pkg/database/ent/alert_update.go"
+  - "./pkg/database/ent/meta/meta.go"
+  - "./pkg/database/ent/meta/where.go"
+  - "./pkg/database/ent/decision_update.go"
+  - "./pkg/database/ent/alert_delete.go"
+  - "./pkg/database/ent/lock.go"
+  - "./pkg/database/ent/runtime/runtime.go"
+  - "./pkg/database/ent/alert/alert.go"
+  - "./pkg/database/ent/alert/where.go"
+  - "./pkg/database/ent/runtime.go"
+  - "./pkg/database/ent/bouncer/bouncer.go"
+  - "./pkg/database/ent/bouncer/where.go"
+  - "./pkg/database/ent/hook/hook.go"
+  - "./pkg/database/ent/metric.go"
+  - "./pkg/database/ent/configitem_create.go"
+  - "./pkg/database/ent/configitem_delete.go"
+  - "./pkg/database/ent/tx.go"
+  - "./pkg/database/ent/decision.go"
+  - "./pkg/database/ent/lock_delete.go"
+  - "./pkg/database/ent/decision_delete.go"
+  - "./pkg/database/ent/machine/where.go"
+  - "./pkg/database/ent/machine/machine.go"
+  - "./pkg/database/ent/event_create.go"
+  - "./pkg/database/ent/metric_create.go"
+  - "./pkg/database/ent/decision/where.go"
+  - "./pkg/database/ent/decision/decision.go"
+  - "./pkg/database/ent/enttest/enttest.go"
+  - "./pkg/database/ent/lock_query.go"
+  - "./pkg/database/ent/bouncer_create.go"
+  - "./pkg/database/ent/event_delete.go"
+  - "./pkg/database/ent/bouncer_delete.go"
+  - "./pkg/database/ent/event/event.go"
+  - "./pkg/database/ent/event/where.go"
+  - "./pkg/database/ent/machine.go"
+  - "./pkg/database/ent/ent.go"
+  - "./pkg/database/ent/meta_create.go"
+  - "./pkg/database/ent/bouncer_query.go"
+  - "./pkg/database/ent/meta_delete.go"
+  - "./pkg/database/ent/machine_update.go"
+  - "./pkg/database/ent/configitem/configitem.go"
+  - "./pkg/database/ent/configitem/where.go"
diff --git a/.github/generate-codecov-yml.sh b/.github/generate-codecov-yml.sh
@@ -0,0 +1,31 @@
+#!/bin/bash
+
+# Run this from the repository root:
+#
+# .github/generate-codecov-yml.sh >> .github/codecov.yml
+
+cat <<EOT
+# we measure coverage but don't enforce it
+# https://docs.codecov.com/docs/codecov-yaml
+codecov:
+  require_ci_to_pass: false
+
+coverage:
+  status:
+    patch:
+      default:
+        target: 0%
+    project:
+      default:
+        target: 0%
+
+# if a directory is ignored, there is no way to un-ignore files like pkg/models/helpers.go
+# so we make a full list
+ignore:
+EOT
+
+find . -name "*.go" | while read -r file; do
+    if head -n 1 "$file" | grep -q "Code generated by"; then
+        echo "  - \"$file\""
+    fi
+done
diff --git a/.github/governance.yml b/.github/governance.yml
@@ -42,7 +42,7 @@ issue:
           3. Check [Releases](https://github.com/crowdsecurity/crowdsec/releases/latest) to make sure your agent is on the latest version.
 
     - prefix: kind
-      list: ['feature', 'bug', 'packaging', 'enhancement']
+      list: ['feature', 'bug', 'packaging', 'enhancement', 'refactoring']
       multiple: false
       author_association:
         author: true
@@ -54,6 +54,7 @@ issue:
           @$AUTHOR: There are no 'kind' label on this issue. You need a 'kind' label to start the triage process.
           * `/kind feature`
           * `/kind enhancement`
+          * `/kind refactoring`
           * `/kind bug`
           * `/kind packaging`
 
@@ -65,12 +66,13 @@ pull_request:
   labels:
     - prefix: kind
       multiple: false
-      list: [ 'feature', 'enhancement', 'fix', 'chore', 'dependencies']
+      list: [ 'feature', 'enhancement', 'fix', 'chore', 'dependencies', 'refactoring']
       needs:
         comment: |
           @$AUTHOR: There are no 'kind' label on this PR. You need a 'kind' label to generate the release automatically.
           * `/kind feature`
           * `/kind enhancement`
+          * `/kind refactoring`
           * `/kind fix`
           * `/kind chore`
           * `/kind dependencies`

diff --git a/.github/workflows/bats-hub.yml b/.github/workflows/bats-hub.yml
@@ -8,9 +8,6 @@ on:
       GIST_BADGES_ID:
         required: true
 
-env:
-  PREFIX_TEST_NAMES_WITH_FILE: true
-
 jobs:
   build:
     strategy:
@@ -36,7 +33,7 @@ jobs:
     - name: "Set up Go"
       uses: actions/setup-go@v5
       with:
-        go-version: "1.21.6"
+        go-version: "1.23"
 
     - name: "Install bats dependencies"
       env:
@@ -50,13 +47,13 @@ jobs:
     - name: "Run hub tests"
       run: |
           ./test/bin/generate-hub-tests
-          ./test/run-tests test/dyn-bats/${{ matrix.test-file }}
+          ./test/run-tests ./test/dyn-bats/${{ matrix.test-file }} --formatter $(pwd)/test/lib/color-formatter
 
     - name: "Collect hub coverage"
       run: ./test/bin/collect-hub-coverage >> $GITHUB_ENV
 
     - name: "Create Parsers badge"
-      uses: schneegans/dynamic-badges-action@v1.6.0
+      uses: schneegans/dynamic-badges-action@v1.7.0
       if: ${{ github.ref == 'refs/heads/master' && github.repository_owner == 'crowdsecurity' }}
       with:
         auth: ${{ secrets.GIST_BADGES_SECRET }}
@@ -67,7 +64,7 @@ jobs:
         color: ${{ env.SCENARIO_BADGE_COLOR }}
 
     - name: "Create Scenarios badge"
-      uses: schneegans/dynamic-badges-action@v1.6.0
+      uses: schneegans/dynamic-badges-action@v1.7.0
       if: ${{ github.ref == 'refs/heads/master' && github.repository_owner == 'crowdsecurity' }}
       with:
         auth: ${{ secrets.GIST_BADGES_SECRET }}

diff --git a/.github/workflows/bats-mysql.yml b/.github/workflows/bats-mysql.yml
@@ -7,9 +7,6 @@ on:
         required: true
         type: string
 
-env:
-  PREFIX_TEST_NAMES_WITH_FILE: true
-
 jobs:
   build:
     name: "Functional tests"
@@ -39,7 +36,7 @@ jobs:
     - name: "Set up Go"
       uses: actions/setup-go@v5
       with:
-        go-version: "1.21.6"
+        go-version: "1.23"
 
     - name: "Install bats dependencies"
       env:
@@ -58,7 +55,7 @@ jobs:
         MYSQL_USER: root
 
     - name: "Run tests"
-      run: make bats-test
+      run: ./test/run-tests ./test/bats --formatter $(pwd)/test/lib/color-formatter
       env:
         DB_BACKEND: mysql
         MYSQL_HOST: 127.0.0.1

diff --git a/.github/workflows/bats-postgres.yml b/.github/workflows/bats-postgres.yml
@@ -3,9 +3,6 @@ name: (sub) Bats / Postgres
 on:
   workflow_call:
 
-env:
-  PREFIX_TEST_NAMES_WITH_FILE: true
-
 jobs:
   build:
     name: "Functional tests"
@@ -48,7 +45,7 @@ jobs:
     - name: "Set up Go"
       uses: actions/setup-go@v5
       with:
-        go-version: "1.21.6"
+        go-version: "1.23"
 
     - name: "Install bats dependencies"
       env:
@@ -67,7 +64,7 @@ jobs:
         PGUSER: postgres
 
     - name: "Run tests (DB_BACKEND: pgx)"
-      run: make bats-test
+      run: ./test/run-tests ./test/bats --formatter $(pwd)/test/lib/color-formatter
       env:
         DB_BACKEND: pgx
         PGHOST: 127.0.0.1

diff --git a/.github/workflows/bats-sqlite-coverage.yml b/.github/workflows/bats-sqlite-coverage.yml
@@ -2,9 +2,11 @@ name: (sub) Bats / sqlite + coverage
 
 on:
   workflow_call:
+    secrets:
+      CODECOV_TOKEN:
+        required: true
 
 env:
-  PREFIX_TEST_NAMES_WITH_FILE: true
   TEST_COVERAGE: true
 
 jobs:
@@ -29,7 +31,7 @@ jobs:
     - name: "Set up Go"
       uses: actions/setup-go@v5
       with:
-        go-version: "1.21.6"
+        go-version: "1.23"
 
     - name: "Install bats dependencies"
       env:
@@ -41,8 +43,12 @@ jobs:
       run: |
         make clean bats-build bats-fixture BUILD_STATIC=1
 
+    - name: Generate codecov configuration
+      run: |
+          .github/generate-codecov-yml.sh >> .github/codecov.yml
+
     - name: "Run tests"
-      run: make bats-test
+      run: ./test/run-tests ./test/bats --formatter $(pwd)/test/lib/color-formatter
 
     - name: "Collect coverage data"
       run: |
@@ -77,8 +83,9 @@ jobs:
       run: for file in $(find ./test/local/var/log -type f); do echo ">>>>> $file"; cat $file; echo; done
       if: ${{ always() }}
 
-    - name: Upload crowdsec coverage to codecov
-      uses: codecov/codecov-action@v3
+    - name: Upload bats coverage to codecov
+      uses: codecov/codecov-action@v4
       with:
         files: ./coverage-bats.out
         flags: bats
+        token: ${{ secrets.CODECOV_TOKEN }}
diff --git a/.github/workflows/bats.yml b/.github/workflows/bats.yml
@@ -28,6 +28,8 @@ on:
 jobs:
   sqlite:
     uses: ./.github/workflows/bats-sqlite-coverage.yml
+    secrets:
+      CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
 
   # Jobs for Postgres (and sometimes MySQL) can have failing tests on GitHub
   # CI, but they pass when run on devs' machines or in the release checks. We

diff --git a/.github/workflows/ci-windows-build-msi.yml b/.github/workflows/ci-windows-build-msi.yml
@@ -35,12 +35,12 @@ jobs:
     - name: "Set up Go"
       uses: actions/setup-go@v5
       with:
-        go-version: "1.21.6"
+        go-version: "1.23"
 
     - name: Build
       run: make windows_installer BUILD_RE2_WASM=1
     - name: Upload MSI
-      uses: actions/upload-artifact@v3
+      uses: actions/upload-artifact@v4
       with:
         path: crowdsec*msi
         name: crowdsec.msi