MCPcopy Index your code
hub / github.com/crowdsecurity/crowdsec / BuildSetup

Function BuildSetup

cmd/crowdsec-cli/clisetup/setup/builder.go:25–113  ·  view source on GitHub ↗

BuildSetup creates a Setup. The actual detection of services is done here.

(ctx context.Context, detectConfig *DetectConfig, opts DetectOptions, exprPath ExprPath, installedUnits UnitMap, runningProcesses ProcessMap, logger logrus.FieldLogger)

Source from the content-addressed store, hash-verified

23
24// BuildSetup creates a Setup. The actual detection of services is done here.
25func BuildSetup(ctx context.Context, detectConfig *DetectConfig, opts DetectOptions, exprPath ExprPath, installedUnits UnitMap, runningProcesses ProcessMap, logger logrus.FieldLogger) (*Setup, error) {
26 s := Setup{}
27
28 // explicitly initialize to avoid json marshaling an empty slice as "null"
29 s.Plans = make([]ServicePlan, 0)
30
31 hostInfo, err := host.InfoWithContext(ctx)
32 if err != nil {
33 return nil, err
34 }
35
36 logger.Debugf("Detected host info: %s", hostInfo)
37
38 exprSystemd := NewExprSystemd(installedUnits, logger)
39 exprSystem := NewExprSystem(runningProcesses)
40
41 exprWindows, err := NewExprWindows()
42 if err != nil {
43 return nil, err
44 }
45
46 env := &ExprEnvironment{
47 Host: *hostInfo,
48 Path: exprPath,
49 System: exprSystem,
50 Systemd: exprSystemd,
51 Version: ExprVersion{},
52 Windows: exprWindows,
53 Ctx: ctx,
54 }
55
56 detected := make(map[string]ServicePlan)
57
58 want := toSet(opts.WantServices)
59 skip := toSet(opts.SkipServices)
60
61 for name, svc := range detectConfig.Detect {
62 match, err := svc.Evaluate(env, logger)
63 if err != nil {
64 return nil, fmt.Errorf("while looking for service %s: %w", name, err)
65 }
66
67 _, forced := want[name]
68 if forced {
69 delete(want, name)
70 }
71
72 if !match && !forced {
73 continue
74 }
75
76 // User asked to ignore this service
77 if _, skipIt := skip[name]; skipIt {
78 continue
79 }
80
81 detected[name] = ServicePlan{
82 Name: name,

Callers 7

newDetectCmdMethod · 0.92
wizardMethod · 0.92
TestDetectSimpleRuleFunction · 0.85
TestDetectUnitFunction · 0.85
TestDetectSkipServiceFunction · 0.85
TestDetectForceServiceFunction · 0.85

Calls 6

NewExprSystemdFunction · 0.85
NewExprSystemFunction · 0.85
toSetFunction · 0.85
StringsMethod · 0.80
NewExprWindowsFunction · 0.70
EvaluateMethod · 0.45

Tested by 5

TestDetectSimpleRuleFunction · 0.68
TestDetectUnitFunction · 0.68
TestDetectSkipServiceFunction · 0.68
TestDetectForceServiceFunction · 0.68

Used in the wild real call sites across dependent graphs

searching dependent graphs…