Open laurentgoudet opened 10 months ago
@laurentgoudet: Thanks for opening an issue, it is currently awaiting triage.
In the meantime, you can:
Hi thank you for your report,
We intentionally set those scopes if non is provided
I will ask the team if this should be the same as non stream or if we should not do this.
Thanks. Arguably the inconsistency between getDecisions
& getDecisionsStream
is just a minor annoyance, what I am really trying to achieve here is being able to use https://github.com/crowdsecurity/cs-custom-bouncer with custom scopes, without having to rebuild the whole thing myself just to pass a custom scopes
filter.
Thanks. Arguably the inconsistency between
getDecisions
&getDecisionsStream
is just a minor annoyance, what I am really trying to achieve here is being able to use https://github.com/crowdsecurity/cs-custom-bouncer with custom scopes, without having to rebuild the whole thing myself just to pass a customscopes
filter.
You shouldnt have to rebuild it, our go SDK already has scopes yaml keys.
So within all bouncers you can add the following to the configuration as an example
scopes:
- ip
- range
- useragent
What happened?
Without the
scopes
parameter set,getDecisions
returns Ip, Range, and custom scopes (UserAgent
here) decisions:However, by default (i.e. without
scopes
being set)getDecisionsStream
does not return the custom scopes decisions, acting as in anscopes=Ip,Range
filter was set:This prevents me from using https://github.com/crowdsecurity/cs-custom-bouncer for acting on custom scope decisions, since those are not returned by default by the stream API that the bouncer is using.
Note that manually setting
scopes
toIp,Range,UserAgent
makesgetDecisionsStream
return those decisions:What did you expect to happen?
I would expect all scopes to be returned by default if
scopes
is not set, matching how the non-stream endpoint behaves.How can we reproduce it (as minimally and precisely as possible)?
Add decisions with
cscli decision add -i 1.2.3.4
cscli decision add -r 1.2.3.0/24
cscli decision add --scope UserAgent --value crowdsec
Register an API key
cscli bouncer add MyTestBouncer
Use that API key to cURL the
getDecisionsStream
endpoint:curl -sS -H "X-Api-Key: 9E1uMkxZzSDYQZU/Qbm9Og" -k 'https://127.0.0.1:8080/v1/decisions?origins=cscli%2Ccrowdsec' | jq .
Notice that the custom scope (
UserAgent
) decision is missing from the list returned bygetDecisionsStream
Anything else we need to know?
No response
Crowdsec version
OS version
Enabled collections and parsers
Acquisition config
Config show
Prometheus metrics
Related custom configs versions (if applicable) : notification plugins, custom scenarios, parsers etc.