Merge pull request #1 from sbs2001/report-fix

Cloud check fail fix
crowdsecurity · Mar 21, 2023 · e6a09a0 · e6a09a0
2 parents 8e63f43 + 31dac35
commit e6a09a0
Show file tree

Hide file tree

Showing 34 changed files with 835 additions and 403 deletions.
diff --git a/.github/workflows/appinspect.yaml b/.github/workflows/appinspect.yaml
@@ -0,0 +1,57 @@
+name: App inspect tests
+on:
+  push:
+  pull_request:
+
+jobs:
+  deploy:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+
+      - name: Set up Python
+        uses: actions/setup-python@v2
+        with:
+          python-version: '3.9.16'
+
+      - name: Install Splunk Packaging Toolkit
+        run: |
+          curl https://download.splunk.com/misc/packaging-toolkit/splunk-packaging-toolkit-1.0.1.tar.gz -o /tmp/spl.tar.gz
+          pip install /tmp/spl.tar.gz
+      
+      - name: Create Splunk App Package
+        run: |
+          rm -rf .git .github .gitignore
+          slim package .
+          cp crowdsec-splunk-app-*.tar.gz  /tmp/crowdsec-splunk-app.tar.gz
+      
+      - name: Retrieve App Inspect Report
+        run: |
+          TOKEN=$(curl -u '${{ secrets.SPLUNKBASE_USERNAME }}:${{ secrets.SPLUNKBASE_PASSWORD }}' --url 'https://api.splunk.com/2.0/rest/login/splunk' | jq -r .data.token)
+          echo "::add-mask::$TOKEN"
+          REPORT_HREF=$(curl -X POST \
+          -H "Authorization: bearer $TOKEN" \
+          -H "Cache-Control: no-cache" \
+          -F "app_package=@/tmp/crowdsec-splunk-app.tar.gz" \
+          --url "https://appinspect.splunk.com/v1/app/validate"| jq -r .links[1].href)
+          REPORT_URL="https://appinspect.splunk.com$REPORT_HREF"
+          sleep 10
+          curl -X GET \
+          -H "Authorization: bearer $TOKEN" \
+          --url $REPORT_URL > /tmp/report
+      
+      - name: Upload App Inspect Report
+        uses: actions/upload-artifact@v2
+        with:
+          name: report
+          path: /tmp/report
+
+      - name: Check App Inspect Report Results
+        run: |
+          if grep -q '"result": "failure"' /tmp/report; then
+              echo "::error::App inspect check failed"
+              exit 1
+          else
+              exit 0
+          fi
diff --git a/bin/splunklib/__init__.py b/bin/splunklib/__init__.py
@@ -16,5 +16,20 @@
 
 from __future__ import absolute_import
 from splunklib.six.moves import map
-__version_info__ = (1, 6, 12)
+import logging
+
+DEFAULT_LOG_FORMAT = '%(asctime)s, Level=%(levelname)s, Pid=%(process)s, Logger=%(name)s, File=%(filename)s, ' \
+                 'Line=%(lineno)s, %(message)s'
+DEFAULT_DATE_FORMAT = '%Y-%m-%d %H:%M:%S %Z'
+
+
+# To set the logging level of splunklib
+# ex. To enable debug logs, call this method with parameter 'logging.DEBUG'
+# default logging level is set to 'WARNING'
+def setup_logging(level, log_format=DEFAULT_LOG_FORMAT, date_format=DEFAULT_DATE_FORMAT):
+    logging.basicConfig(level=level,
+                        format=log_format,
+                        datefmt=date_format)
+
+__version_info__ = (1, 7, 3)
 __version__ = ".".join(map(str, __version_info__))