search

corazawaf / coraza-caddy

OWASP Coraza middleware for Caddy. It provides Web Application Firewall capabilities
https://www.coraza.io/
Apache License 2.0
284 stars 35 forks source link

Attempt to build Caddy with Coraza V2 fails due to dead URL #158

Closed maxemoose closed 2 weeks ago

maxemoose commented 2 weeks ago

I attempted to build Caddy 2.8.4 with Coraza in a Dockerfile using the command from the docs: xcaddy build --with github.com/corazawaf/coraza-caddy/v2

The process fails due to a 404 received for that URL. I assume this is due to the V3 upgrade that appears to be currently happening.

M4tteoP commented 2 weeks ago

I gave a quick go to the command outside of docker and looks okay:

▶ xcaddy build --with github.com/corazawaf/coraza-caddy/v2
2024/06/21 18:01:43 [INFO] Temporary folder: /tmp/buildenv_2024-06-21-1801.1563029557
2024/06/21 18:01:43 [INFO] Writing main module: /tmp/buildenv_2024-06-21-1801.1563029557/main.go
package main

import (
    caddycmd "github.com/caddyserver/caddy/v2/cmd"

    // plug in Caddy modules here
    _ "github.com/caddyserver/caddy/v2/modules/standard"
    _ "github.com/corazawaf/coraza-caddy/v2"
)

func main() {
    caddycmd.Main()
}
2024/06/21 18:01:43 [INFO] Initializing Go module
2024/06/21 18:01:43 [INFO] exec (timeout=10s): /opt/homebrew/bin/go mod init caddy
go: creating new go.mod: module caddy
go: to add module requirements and sums:
    go mod tidy
2024/06/21 18:01:43 [INFO] Pinning versions
2024/06/21 18:01:43 [INFO] exec (timeout=0s): /opt/homebrew/bin/go get -d -v github.com/caddyserver/caddy/v2
go: added github.com/beorn7/perks v1.0.1
go: added github.com/caddyserver/caddy/v2 v2.8.4
go: added github.com/caddyserver/certmagic v0.21.3
go: added github.com/caddyserver/zerossl v0.1.3
go: added github.com/cespare/xxhash/v2 v2.2.0
go: added github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572
go: added github.com/google/pprof v0.0.0-20231212022811-ec68065c825e
go: added github.com/google/uuid v1.6.0
go: added github.com/klauspost/cpuid/v2 v2.2.7
go: added github.com/libdns/libdns v0.2.2
go: added github.com/mholt/acmez/v2 v2.0.1
go: added github.com/miekg/dns v1.1.59
go: added github.com/onsi/ginkgo/v2 v2.13.2
go: added github.com/prometheus/client_golang v1.19.1
go: added github.com/prometheus/client_model v0.5.0
go: added github.com/prometheus/common v0.48.0
go: added github.com/prometheus/procfs v0.12.0
go: added github.com/quic-go/qpack v0.4.0
go: added github.com/quic-go/quic-go v0.44.0
go: added github.com/zeebo/blake3 v0.2.3
go: added go.uber.org/mock v0.4.0
go: added go.uber.org/multierr v1.11.0
go: added go.uber.org/zap v1.27.0
go: added go.uber.org/zap/exp v0.2.0
go: added golang.org/x/crypto v0.23.0
go: added golang.org/x/exp v0.0.0-20240506185415-9bf2ced13842
go: added golang.org/x/mod v0.17.0
go: added golang.org/x/net v0.25.0
go: added golang.org/x/sync v0.7.0
go: added golang.org/x/sys v0.20.0
go: added golang.org/x/term v0.20.0
go: added golang.org/x/text v0.15.0
go: added golang.org/x/time v0.5.0
go: added golang.org/x/tools v0.21.0
go: added google.golang.org/protobuf v1.34.1
2024/06/21 18:01:44 [INFO] exec (timeout=0s): /opt/homebrew/bin/go get -d -v github.com/corazawaf/coraza-caddy/v2 github.com/caddyserver/caddy/v2
go: downloading github.com/corazawaf/coraza-caddy/v2 v2.0.0-rc.3
go: downloading github.com/corazawaf/coraza/v3 v3.0.3
go: downloading github.com/jcchavezs/mergefs v0.0.0-20230405222254-20429875efdd
go: downloading google.golang.org/genproto v0.0.0-20230706204954-ccb25ca9f130
go: downloading github.com/petar-dambovaliev/aho-corasick v0.0.0-20211021192214-5ab2d9280aa9
go: added github.com/corazawaf/coraza-caddy/v2 v2.0.0-rc.3
go: added github.com/corazawaf/coraza-coreruleset v0.0.0-20230723190514-7bdcbcff3d5a
go: added github.com/corazawaf/coraza/v3 v3.0.3
go: added github.com/corazawaf/libinjection-go v0.1.2
go: added github.com/jcchavezs/mergefs v0.0.0-20230405222254-20429875efdd
go: added github.com/magefile/mage v1.15.0
go: added github.com/petar-dambovaliev/aho-corasick v0.0.0-20211021192214-5ab2d9280aa9
go: added github.com/tidwall/gjson v1.14.4
go: added github.com/tidwall/match v1.1.1
go: added github.com/tidwall/pretty v1.2.1
go: added rsc.io/binaryregexp v0.2.0
2024/06/21 18:01:47 [INFO] exec (timeout=0s): /opt/homebrew/bin/go get -d -v
go: downloading github.com/go-chi/chi v4.1.2+incompatible
2024/06/21 18:01:48 [INFO] Build environment ready
2024/06/21 18:01:48 [INFO] Building Caddy
2024/06/21 18:01:48 [INFO] exec (timeout=0s): /opt/homebrew/bin/go mod tidy
2024/06/21 18:01:48 [INFO] exec (timeout=0s): /opt/homebrew/bin/go build -o /tmp/caddy -ldflags -w -s -trimpath
2024/06/21 18:01:53 [INFO] Build complete: ./caddy
2024/06/21 18:01:53 [INFO] Cleaning up temporary folder: /tmp/buildenv_2024-06-21-1801.1563029557

I assume this is due to the V3 upgrade that appears to be currently happening.

It might be a bit misleading but v2 is the version of coraza-caddy, that is the connector. It has as a dependency Coraza v3. We have to update the dependency to latest Coraza v3.2 version and perform checks with the latest Caddy version but as far as I can tell, the xcaddy build command is expected to stick to the one that you tried

maxemoose commented 2 weeks ago

Derp. It was a DNS issue from my side. I should have blamed DNS first like always. Closing this and thanks for the quick response.