From 8f49b5453859dfd6cbe52cf3eb741b69890bee0c Mon Sep 17 00:00:00 2001 From: Maurice Faber Date: Wed, 6 Mar 2024 12:03:18 +0100 Subject: [PATCH] fix: crowdsec issues --- api/main.py | 12 ++--- openapi.yaml | 79 +++++++++++++++++++++++++++++---- proxy/tpl/docker-compose.yml.j2 | 7 ++- 3 files changed, 84 insertions(+), 14 deletions(-) diff --git a/api/main.py b/api/main.py index d2e6c93..1605b86 100755 --- a/api/main.py +++ b/api/main.py @@ -121,7 +121,8 @@ def get_env_handler(project: str, service: str, _: None = Depends(verify_apikey) @app.post("/projects", tags=["Project"]) -def post_project_handler( +@app.put("/projects", tags=["Project"]) +def upsert_project_handler( project: Project, background_tasks: BackgroundTasks, _: None = Depends(verify_apikey), @@ -138,7 +139,8 @@ def get_services_handler(_: None = Depends(verify_apikey)) -> List[Service]: @app.post("/services", tags=["Service"]) -def post_service_handler( +@app.put("/services", tags=["Service"]) +def upsert_service_handler( project: str, service: Service, background_tasks: BackgroundTasks, @@ -149,18 +151,18 @@ def post_service_handler( background_tasks.add_task(_after_config_change, project, service.name) -@app.post( +@app.patch( "/projects/{project}/services/{service}/env", tags=["Env"], ) -def post_env_handler( +def patch_env_handler( project: str, service: str, env: Env, background_tasks: BackgroundTasks, _: None = Depends(verify_apikey), ) -> None: - """Create or update env for a project service""" + """Update env for a project service""" upsert_env(project, service, env) background_tasks.add_task(_after_config_change, project, service) diff --git a/openapi.yaml b/openapi.yaml index 7d6383f..42d4b93 100644 --- a/openapi.yaml +++ b/openapi.yaml @@ -144,12 +144,40 @@ paths: application/json: schema: $ref: '#/components/schemas/HTTPValidationError' + put: + tags: + - Project + summary: Upsert Project Handler + description: Create or update a project + operationId: upsert_project_handler_projects_put + security: + - APIKeyQuery: [] + - APIKeyHeader: [] + - HTTPBearer: [] + requestBody: + required: true + content: + application/json: + schema: + $ref: '#/components/schemas/Project-Input' + responses: + '200': + description: Successful Response + content: + application/json: + schema: {} + '422': + description: Validation Error + content: + application/json: + schema: + $ref: '#/components/schemas/HTTPValidationError' post: tags: - Project - summary: Post Project Handler + summary: Upsert Project Handler description: Create or update a project - operationId: post_project_handler_projects_post + operationId: upsert_project_handler_projects_post security: - APIKeyQuery: [] - APIKeyHeader: [] @@ -281,12 +309,12 @@ paths: application/json: schema: $ref: '#/components/schemas/HTTPValidationError' - post: + patch: tags: - Env - summary: Post Env Handler - description: Create or update env for a project service - operationId: post_env_handler_projects__project__services__service__env_post + summary: Patch Env Handler + description: Update env for a project service + operationId: patch_env_handler_projects__project__services__service__env_patch security: - APIKeyQuery: [] - APIKeyHeader: [] @@ -341,12 +369,47 @@ paths: items: $ref: '#/components/schemas/Service' title: Response Get Services Handler Services Get + put: + tags: + - Service + summary: Upsert Service Handler + description: Create or update a service + operationId: upsert_service_handler_services_put + security: + - APIKeyQuery: [] + - APIKeyHeader: [] + - HTTPBearer: [] + parameters: + - name: project + in: query + required: true + schema: + type: string + title: Project + requestBody: + required: true + content: + application/json: + schema: + $ref: '#/components/schemas/Service' + responses: + '200': + description: Successful Response + content: + application/json: + schema: {} + '422': + description: Validation Error + content: + application/json: + schema: + $ref: '#/components/schemas/HTTPValidationError' post: tags: - Service - summary: Post Service Handler + summary: Upsert Service Handler description: Create or update a service - operationId: post_service_handler_services_post + operationId: upsert_service_handler_services_post security: - APIKeyQuery: [] - APIKeyHeader: [] diff --git a/proxy/tpl/docker-compose.yml.j2 b/proxy/tpl/docker-compose.yml.j2 index 94145df..69fed69 100755 --- a/proxy/tpl/docker-compose.yml.j2 +++ b/proxy/tpl/docker-compose.yml.j2 @@ -87,9 +87,14 @@ services: image: crowdsecurity/crowdsec:v1.6.0 container_name: crowdsec restart: unless-stopped + networks: + - default + expose: + - '8080' + - '7422' environment: GID: ${GID-1000} - COLLECTIONS: crowdsecurity/linux crowdsecurity/traefik crowdsecurity/http-cve crowdsecurity/sshd crowdsecurity/whitelist-good-actors + COLLECTIONS: crowdsecurity/linux crowdsecurity/traefik crowdsecurity/http-cve crowdsecurity/sshd crowdsecurity/whitelist-good-actors crowdsecurity/appsec-virtual-patching CUSTOM_HOSTNAME: crowdsec {%- if plugin_registry.crowdsec.apikey %} BOUNCER_KEY_TRAEFIK: {{ plugin_registry.crowdsec.apikey }}