Merge branch 'master' into releases/1.6.x

crowdsecurity · Feb 6, 2025 · eb1defa · eb1defa
2 parents ec4055f + a001e1d
commit eb1defa
Show file tree

Hide file tree

Showing 14 changed files with 115 additions and 131 deletions.
diff --git a/cmd/crowdsec-cli/clihub/hub.go b/cmd/crowdsec-cli/clihub/hub.go
@@ -163,7 +163,7 @@ cscli hub update --with-content`,
 	return cmd
 }
 
-func (cli *cliHub) upgrade(ctx context.Context, yes bool, dryRun bool, force bool) error {
+func (cli *cliHub) upgrade(ctx context.Context, interactive bool, dryRun bool, force bool) error {
 	cfg := cli.cfg()
 
 	hub, err := require.Hub(cfg, log.StandardLogger())
@@ -189,7 +189,7 @@ func (cli *cliHub) upgrade(ctx context.Context, yes bool, dryRun bool, force boo
 
 	verbose := (cfg.Cscli.Output == "raw")
 
-	if err := plan.Execute(ctx, yes, dryRun, verbose); err != nil {
+	if err := plan.Execute(ctx, interactive, dryRun, verbose); err != nil {
 		return err
 	}
 
@@ -202,9 +202,9 @@ func (cli *cliHub) upgrade(ctx context.Context, yes bool, dryRun bool, force boo
 
 func (cli *cliHub) newUpgradeCmd() *cobra.Command {
 	var (
-		yes    bool
-		dryRun bool
-		force  bool
+		interactive bool
+		dryRun      bool
+		force       bool
 	)
 
 	cmd := &cobra.Command{
@@ -217,19 +217,23 @@ Upgrade all configs installed from Crowdsec Hub. Run 'sudo cscli hub update' if
 cscli hub upgrade
 
 # Upgrade tainted items as well; force re-download of data files.
-cscli hub upgrade --force`,
+cscli hub upgrade --force
+
+# Prompt for confirmation if running in an interactive terminal; otherwise, the option is ignored.
+cscli hub upgrade --interactive
+cscli hub upgrade -i`,
 		Args:              cobra.NoArgs,
 		DisableAutoGenTag: true,
 		RunE: func(cmd *cobra.Command, _ []string) error {
-			return cli.upgrade(cmd.Context(), yes, dryRun, force)
+			return cli.upgrade(cmd.Context(), interactive, dryRun, force)
 		},
 	}
 
 	flags := cmd.Flags()
-	flags.BoolVar(&yes, "yes", false, "Confirm execution without prompt")
+	flags.BoolVarP(&interactive, "interactive", "i", false, "Ask for confirmation before proceeding")
 	flags.BoolVar(&dryRun, "dry-run", false, "Don't install or remove anything; print the execution plan")
 	flags.BoolVar(&force, "force", false, "Force upgrade: overwrite tainted and outdated items; always update data files")
-	cmd.MarkFlagsMutuallyExclusive("yes", "dry-run")
+	cmd.MarkFlagsMutuallyExclusive("interactive", "dry-run")
 
 	return cmd
 }

diff --git a/cmd/crowdsec-cli/cliitem/cmdinstall.go b/cmd/crowdsec-cli/cliitem/cmdinstall.go
@@ -42,7 +42,7 @@ func suggestNearestMessage(hub *cwhub.Hub, itemType string, itemName string) str
 	return msg
 }
 
-func (cli cliItem) install(ctx context.Context, args []string, yes bool, dryRun bool, downloadOnly bool, force bool, ignoreError bool) error {
+func (cli cliItem) install(ctx context.Context, args []string, interactive bool, dryRun bool, downloadOnly bool, force bool, ignoreError bool) error {
 	cfg := cli.cfg()
 
 	hub, err := require.Hub(cfg, log.StandardLogger())
@@ -80,7 +80,7 @@ func (cli cliItem) install(ctx context.Context, args []string, yes bool, dryRun
 
 	verbose := (cfg.Cscli.Output == "raw")
 
-	if err := plan.Execute(ctx, yes, dryRun, verbose); err != nil {
+	if err := plan.Execute(ctx, interactive, dryRun, verbose); err != nil {
 		if !ignoreError {
 			return err
 		}
@@ -116,7 +116,7 @@ func compAllItems(itemType string, args []string, toComplete string, cfg configG
 
 func (cli cliItem) newInstallCmd() *cobra.Command {
 	var (
-		yes          bool
+		interactive  bool
 		dryRun       bool
 		downloadOnly bool
 		force        bool
@@ -134,17 +134,17 @@ func (cli cliItem) newInstallCmd() *cobra.Command {
 			return compAllItems(cli.name, args, toComplete, cli.cfg)
 		},
 		RunE: func(cmd *cobra.Command, args []string) error {
-			return cli.install(cmd.Context(), args, yes, dryRun, downloadOnly, force, ignoreError)
+			return cli.install(cmd.Context(), args, interactive, dryRun, downloadOnly, force, ignoreError)
 		},
 	}
 
 	flags := cmd.Flags()
-	flags.BoolVarP(&yes, "yes", "y", false, "Confirm execution without prompt")
+	flags.BoolVarP(&interactive, "interactive", "i", false, "Ask for confirmation before proceeding")
 	flags.BoolVar(&dryRun, "dry-run", false, "Don't install or remove anything; print the execution plan")
 	flags.BoolVarP(&downloadOnly, "download-only", "d", false, "Only download packages, don't enable")
 	flags.BoolVar(&force, "force", false, "Force install: overwrite tainted and outdated files")
 	flags.BoolVar(&ignoreError, "ignore", false, "Ignore errors when installing multiple "+cli.name)
-	cmd.MarkFlagsMutuallyExclusive("yes", "dry-run")
+	cmd.MarkFlagsMutuallyExclusive("interactive", "dry-run")
 
 	return cmd
 }
diff --git a/cmd/crowdsec-cli/cliitem/cmdremove.go b/cmd/crowdsec-cli/cliitem/cmdremove.go
@@ -85,7 +85,7 @@ func installedParentNames(item *cwhub.Item) []string {
 	return ret
 }
 
-func (cli cliItem) remove(ctx context.Context, args []string, yes bool, dryRun bool, purge bool, force bool, all bool) error {
+func (cli cliItem) remove(ctx context.Context, args []string, interactive bool, dryRun bool, purge bool, force bool, all bool) error {
 	cfg := cli.cfg()
 
 	hub, err := require.Hub(cli.cfg(), log.StandardLogger())
@@ -100,7 +100,7 @@ func (cli cliItem) remove(ctx context.Context, args []string, yes bool, dryRun b
 
 	verbose := (cfg.Cscli.Output == "raw")
 
-	if err := plan.Execute(ctx, yes, dryRun, verbose); err != nil {
+	if err := plan.Execute(ctx, interactive, dryRun, verbose); err != nil {
 		return err
 	}
 
@@ -113,11 +113,11 @@ func (cli cliItem) remove(ctx context.Context, args []string, yes bool, dryRun b
 
 func (cli cliItem) newRemoveCmd() *cobra.Command {
 	var (
-		yes    bool
-		dryRun bool
-		purge  bool
-		force  bool
-		all    bool
+		interactive bool
+		dryRun      bool
+		purge       bool
+		force       bool
+		all         bool
 	)
 
 	cmd := &cobra.Command{
@@ -135,17 +135,17 @@ func (cli cliItem) newRemoveCmd() *cobra.Command {
 				return errors.New("can't specify items and '--all' at the same time")
 			}
 
-			return cli.remove(cmd.Context(), args, yes, dryRun, purge, force, all)
+			return cli.remove(cmd.Context(), args, interactive, dryRun, purge, force, all)
 		},
 	}
 
 	flags := cmd.Flags()
-	flags.BoolVarP(&yes, "yes", "y", false, "Confirm execution without prompt")
+	flags.BoolVarP(&interactive, "interactive", "i", false, "Ask for confirmation before proceeding")
 	flags.BoolVar(&dryRun, "dry-run", false, "Don't install or remove anything; print the execution plan")
 	flags.BoolVar(&purge, "purge", false, "Delete source file too")
 	flags.BoolVar(&force, "force", false, "Force remove: remove tainted and outdated files")
 	flags.BoolVar(&all, "all", false, "Remove all the "+cli.name)
-	cmd.MarkFlagsMutuallyExclusive("yes", "dry-run")
+	cmd.MarkFlagsMutuallyExclusive("interactive", "dry-run")
 
 	return cmd
 }
diff --git a/cmd/crowdsec-cli/cliitem/cmdupgrade.go b/cmd/crowdsec-cli/cliitem/cmdupgrade.go
@@ -45,7 +45,7 @@ func (cli cliItem) upgradePlan(hub *cwhub.Hub, contentProvider cwhub.ContentProv
 	return plan, nil
 }
 
-func (cli cliItem) upgrade(ctx context.Context, args []string, yes bool, dryRun bool, force bool, all bool) error {
+func (cli cliItem) upgrade(ctx context.Context, args []string, interactive bool, dryRun bool, force bool, all bool) error {
 	cfg := cli.cfg()
 
 	hub, err := require.Hub(cfg, log.StandardLogger())
@@ -62,7 +62,7 @@ func (cli cliItem) upgrade(ctx context.Context, args []string, yes bool, dryRun
 
 	verbose := (cfg.Cscli.Output == "raw")
 
-	if err := plan.Execute(ctx, yes, dryRun, verbose); err != nil {
+	if err := plan.Execute(ctx, interactive, dryRun, verbose); err != nil {
 		return err
 	}
 
@@ -75,10 +75,10 @@ func (cli cliItem) upgrade(ctx context.Context, args []string, yes bool, dryRun
 
 func (cli cliItem) newUpgradeCmd() *cobra.Command {
 	var (
-		yes    bool
-		dryRun bool
-		all    bool
-		force  bool
+		interactive bool
+		dryRun      bool
+		all         bool
+		force       bool
 	)
 
 	cmd := &cobra.Command{
@@ -91,16 +91,16 @@ func (cli cliItem) newUpgradeCmd() *cobra.Command {
 			return compInstalledItems(cli.name, args, toComplete, cli.cfg)
 		},
 		RunE: func(cmd *cobra.Command, args []string) error {
-			return cli.upgrade(cmd.Context(), args, yes, dryRun, force, all)
+			return cli.upgrade(cmd.Context(), args, interactive, dryRun, force, all)
 		},
 	}
 
 	flags := cmd.Flags()
-	flags.BoolVarP(&yes, "yes", "y", false, "Confirm execution without prompt")
+	flags.BoolVarP(&interactive, "interactive", "i", false, "Ask for confirmation before proceeding")
 	flags.BoolVar(&dryRun, "dry-run", false, "Don't install or remove anything; print the execution plan")
 	flags.BoolVarP(&all, "all", "a", false, "Upgrade all the "+cli.name)
 	flags.BoolVar(&force, "force", false, "Force upgrade: overwrite tainted and outdated files")
-	cmd.MarkFlagsMutuallyExclusive("yes", "dry-run")
+	cmd.MarkFlagsMutuallyExclusive("interactive", "dry-run")
 
 	return cmd
 }
diff --git a/cmd/crowdsec-cli/cliitem/hubappsec.go b/cmd/crowdsec-cli/cliitem/hubappsec.go
@@ -43,10 +43,9 @@ cscli appsec-configs install crowdsecurity/virtual-patching --download-only
 # Install over tainted items. Can be used to restore or repair after local modifications or missing dependencies.
 cscli appsec-configs install crowdsecurity/virtual-patching --force
 
-# Proceed without prompting.
-cscli appsec-configs install crowdsecurity/virtual-patching --yes
-
-# The "--yes" parameter is implied when the command is not connected to a terminal, like pipes or scripts.`,
+# Prompt for confirmation if running in an interactive terminal; otherwise, the option is ignored.
+cscli appsec-configs install crowdsecurity/virtual-patching -i
+cscli appsec-configs install crowdsecurity/virtual-patching --interactive`,
 		},
 		removeHelp: cliHelp{
 			example: `# Uninstall some appsec-configs.
@@ -64,10 +63,9 @@ cscli appsec-configs remove crowdsecurity/virtual-patching --purge
 # Remove tainted items.
 cscli appsec-configs remove crowdsecurity/virtual-patching --force
 
-# Proceed without prompting.
-cscli appsec-configs remove crowdsecurity/virtual-patching --yes
-
-# The "--yes" parameter is implied when the command is not connected to a terminal, like pipes or scripts.`,
+# Prompt for confirmation if running in an interactive terminal; otherwise, the option is ignored.
+cscli appsec-configs remove crowdsecurity/virtual-patching -i
+cscli appsec-configs remove crowdsecurity/virtual-patching --interactive`,
 		},
 		upgradeHelp: cliHelp{
 			example: `# Upgrade some appsec-configs. If they are not currently installed, they are downloaded but not installed.
@@ -82,10 +80,9 @@ cscli appsec-configs upgrade crowdsecurity/virtual-patching --dry-run -o raw
 # Upgrade over tainted items. Can be used to restore or repair after local modifications or missing dependencies.
 cscli appsec-configs upgrade crowdsecurity/virtual-patching --force
 
-# Proceed without prompting.
-cscli appsec-configs upgrade crowdsecurity/virtual-patching --yes
-
-# The "--yes" parameter is implied when the command is not connected to a terminal, like pipes or scripts.`,
+# Prompt for confirmation if running in an interactive terminal; otherwise, the option is ignored.
+cscli appsec-configs upgrade crowdsecurity/virtual-patching -i
+cscli appsec-configs upgrade crowdsecurity/virtual-patching --interactive`,
 		},
 		inspectHelp: cliHelp{
 			example: `# Display metadata, state, metrics and ancestor collections of appsec-configs (installed or not).
@@ -183,10 +180,9 @@ cscli appsec-rules install crowdsecurity/crs --download-only
 # Install over tainted items. Can be used to restore or repair after local modifications or missing dependencies.
 cscli appsec-rules install crowdsecurity/crs --force
 
-# Proceed without prompting.
-cscli appsec-rules install crowdsecurity/crs --yes
-
-# The "--yes" parameter is implied when the command is not connected to a terminal, like pipes or scripts.`,
+# Prompt for confirmation if running in an interactive terminal; otherwise, the option is ignored.
+cscli appsec-rules install crowdsecurity/crs -i
+cscli appsec-rules install crowdsecurity/crs --interactive`,
 		},
 		removeHelp: cliHelp{
 			example: `# Uninstall some appsec-rules.
@@ -204,10 +200,9 @@ cscli appsec-rules remove crowdsecurity/crs --purge
 # Remove tainted items.
 cscli appsec-rules remove crowdsecurity/crs --force
 
-# Proceed without prompting.
-cscli appsec-rules remove crowdsecurity/crs --yes
-
-# The "--yes" parameter is implied when the command is not connected to a terminal, like pipes or scripts.`,
+# Prompt for confirmation if running in an interactive terminal; otherwise, the option is ignored.
+cscli appsec-rules remove crowdsecurity/crs -i
+cscli appsec-rules remove crowdsecurity/crs --interactive`,
 		},
 		upgradeHelp: cliHelp{
 			example: `# Upgrade some appsec-rules. If they are not currently installed, they are downloaded but not installed.
@@ -222,10 +217,9 @@ cscli appsec-rules upgrade crowdsecurity/crs --dry-run -o raw
 # Upgrade over tainted items. Can be used to restore or repair after local modifications or missing dependencies.
 cscli appsec-rules upgrade crowdsecurity/crs --force
 
-# Proceed without prompting.
-cscli appsec-rules upgrade crowdsecurity/crs --yes
-
-# The "--yes" parameter is implied when the command is not connected to a terminal, like pipes or scripts.`,
+# Prompt for confirmation if running in an interactive terminal; otherwise, the option is ignored.
+cscli appsec-rules upgrade crowdsecurity/crs -i
+cscli appsec-rules upgrade crowdsecurity/crs --interactive`,
 		},
 		inspectHelp: cliHelp{
 			example: `# Display metadata, state, metrics and ancestor collections of appsec-rules (installed or not).

diff --git a/cmd/crowdsec-cli/cliitem/hubcollection.go b/cmd/crowdsec-cli/cliitem/hubcollection.go
@@ -34,10 +34,9 @@ cscli collections install crowdsecurity/http-cve crowdsecurity/iptables --downlo
 # Install over tainted items. Can be used to restore or repair after local modifications or missing dependencies.
 cscli collections install crowdsecurity/http-cve crowdsecurity/iptables --force
 
-# Proceed without prompting.
-cscli collections install crowdsecurity/http-cve crowdsecurity/iptables --yes
-
-# The "--yes" parameter is implied when the command is not connected to a terminal, like pipes or scripts.`,
+# Prompt for confirmation if running in an interactive terminal; otherwise, the option is ignored.
+cscli collections install crowdsecurity/http-cve crowdsecurity/iptables -i
+cscli collections install crowdsecurity/http-cve crowdsecurity/iptables --interactive`,
 		},
 		removeHelp: cliHelp{
 			example: `# Uninstall some collections.
@@ -55,10 +54,9 @@ cscli collections remove crowdsecurity/http-cve crowdsecurity/iptables --purge
 # Remove tainted items.
 cscli collections remove crowdsecurity/http-cve crowdsecurity/iptables --force
 
-# Proceed without prompting.
-cscli collections remove crowdsecurity/http-cve crowdsecurity/iptables --yes
-
-# The "--yes" parameter is implied when the command is not connected to a terminal, like pipes or scripts.`,
+# Prompt for confirmation if running in an interactive terminal; otherwise, the option is ignored.
+cscli collections remove crowdsecurity/http-cve crowdsecurity/iptables -i
+cscli collections remove crowdsecurity/http-cve crowdsecurity/iptables --interactive`,
 		},
 		upgradeHelp: cliHelp{
 			example: `# Upgrade some collections. If they are not currently installed, they are downloaded but not installed.
@@ -73,10 +71,9 @@ cscli collections upgrade crowdsecurity/http-cve crowdsecurity/iptables --dry-ru
 # Upgrade over tainted items. Can be used to restore or repair after local modifications or missing dependencies.
 cscli collections upgrade crowdsecurity/http-cve crowdsecurity/iptables --force
 
-# Proceed without prompting.
-cscli collections upgrade crowdsecurity/http-cve crowdsecurity/iptables --yes
-
-# The "--yes" parameter is implied when the command is not connected to a terminal, like pipes or scripts.`,
+# Prompt for confirmation if running in an interactive terminal; otherwise, the option is ignored.
+cscli collections upgrade crowdsecurity/http-cve crowdsecurity/iptables -i
+cscli collections upgrade crowdsecurity/http-cve crowdsecurity/iptables --interactive`,
 		},
 		inspectHelp: cliHelp{
 			example: `# Display metadata, state, metrics and dependencies of collections (installed or not).

diff --git a/cmd/crowdsec-cli/cliitem/hubcontext.go b/cmd/crowdsec-cli/cliitem/hubcontext.go
@@ -34,10 +34,9 @@ cscli contexts install crowdsecurity/bf_base crowdsecurity/fortinet --download-o
 # Install over tainted items. Can be used to restore or repair after local modifications or missing dependencies.
 cscli contexts install crowdsecurity/bf_base crowdsecurity/fortinet --force
 
-# Proceed without prompting.
-cscli contexts install crowdsecurity/bf_base crowdsecurity/fortinet --yes
-
-# The "--yes" parameter is implied when the command is not connected to a terminal, like pipes or scripts.`,
+# Prompt for confirmation if running in an interactive terminal; otherwise, the option is ignored.
+cscli contexts install crowdsecurity/bf_base crowdsecurity/fortinet -i
+cscli contexts install crowdsecurity/bf_base crowdsecurity/fortinet --interactive`,
 		},
 		removeHelp: cliHelp{
 			example: `# Uninstall some contexts.
@@ -55,10 +54,9 @@ cscli contexts remove crowdsecurity/bf_base crowdsecurity/fortinet --purge
 # Remove tainted items.
 cscli contexts remove crowdsecurity/bf_base crowdsecurity/fortinet --force
 
-# Proceed without prompting.
-cscli contexts remove crowdsecurity/bf_base crowdsecurity/fortinet --yes
-
-# The "--yes" parameter is implied when the command is not connected to a terminal, like pipes or scripts.`,
+# Prompt for confirmation if running in an interactive terminal; otherwise, the option is ignored.
+cscli contexts remove crowdsecurity/bf_base crowdsecurity/fortinet -i
+cscli contexts remove crowdsecurity/bf_base crowdsecurity/fortinet --interactive`,
 		},
 		upgradeHelp: cliHelp{
 			example: `# Upgrade some contexts. If they are not currently installed, they are downloaded but not installed.
@@ -73,10 +71,9 @@ cscli contexts upgrade crowdsecurity/bf_base crowdsecurity/fortinet --dry-run -o
 # Upgrade over tainted items. Can be used to restore or repair after local modifications or missing dependencies.
 cscli contexts upgrade crowdsecurity/bf_base crowdsecurity/fortinet --force
 
-# Proceed without prompting.
-cscli contexts upgrade crowdsecurity/bf_base crowdsecurity/fortinet --yes
-
-# The "--yes" parameter is implied when the command is not connected to a terminal, like pipes or scripts.`,
+# Prompt for confirmation if running in an interactive terminal; otherwise, the option is ignored.
+cscli contexts upgrade crowdsecurity/bf_base crowdsecurity/fortinet -i
+cscli contexts upgrade crowdsecurity/bf_base crowdsecurity/fortinet --interactive`,
 		},
 		inspectHelp: cliHelp{
 			example: `# Display metadata, state and ancestor collections of contexts (installed or not).