MCPcopy
hub / github.com/crowdsecurity/crowdsec / PullTop

Method PullTop

pkg/apiserver/apic.go:563–688  ·  view source on GitHub ↗

we receive a list of decisions and links for blocklist and we need to create a list of alerts : one alert for "community blocklist" one alert per list we're subscribed to

(ctx context.Context, forcePull bool)

Source from the content-addressed store, hash-verified

561// one alert for "community blocklist"
562// one alert per list we're subscribed to
563func (a *apic) PullTop(ctx context.Context, forcePull bool) error {
564 var err error
565
566 hasPulledAllowlists := false
567
568 // A mutex with TryLock would be a bit simpler
569 // But go does not guarantee that TryLock will be able to acquire the lock even if it is available
570 select {
571 case a.isPulling <- true:
572 defer func() {
573 <-a.isPulling
574 }()
575 default:
576 return errors.New("pull already in progress")
577 }
578
579 if !forcePull {
580 if lastPullIsOld, err := a.CAPIPullIsOld(ctx); err != nil {
581 return err
582 } else if !lastPullIsOld {
583 return nil
584 }
585 }
586
587 log.Debug("Acquiring lock for pullCAPI")
588
589 err = a.dbClient.AcquirePullCAPILock(ctx)
590 if a.dbClient.IsLocked(err) {
591 log.Info("PullCAPI is already running, skipping")
592 return nil
593 }
594
595 /*defer lock release*/
596 defer func() {
597 log.Debug("Releasing lock for pullCAPI")
598
599 if err := a.dbClient.ReleasePullCAPILock(ctx); err != nil {
600 log.Errorf("while releasing lock: %v", err)
601 }
602 }()
603
604 log.Infof("Starting community-blocklist update")
605
606 log.Debugf("Community pull: %t | Blocklist pull: %t", a.pullCommunity, a.pullBlocklists)
607
608 data, _, err := a.apiClient.Decisions.GetStreamV3(ctx, apiclient.DecisionsStreamOpts{Startup: a.startup, CommunityPull: a.pullCommunity, AdditionalPull: a.pullBlocklists})
609 if err != nil {
610 return fmt.Errorf("get stream: %w", err)
611 }
612
613 a.startup = false
614 /*to count additions/deletions across lists*/
615
616 log.Debugf("Received %d new decisions", len(data.New))
617 log.Debugf("Received %d deleted decisions", len(data.Deleted))
618
619 if data.Links != nil {
620 log.Debugf("Received %d blocklists links", len(data.Links.Blocklists))

Callers 6

PullMethod · 0.95
ManagementCmdFunction · 0.80
TestAPICWhitelistsFunction · 0.80
TestAPICPullTopFunction · 0.80

Calls 15

CAPIPullIsOldMethod · 0.95
UpdateAllowlistsMethod · 0.95
ApplyApicWhitelistsMethod · 0.95
SaveAlertsMethod · 0.95
UpdateBlocklistsMethod · 0.95
makeAddAndDeleteCountersFunction · 0.85
createAlertForDecisionFunction · 0.85
fillAlertsWithDecisionsFunction · 0.85
AcquirePullCAPILockMethod · 0.80
IsLockedMethod · 0.80
ReleasePullCAPILockMethod · 0.80

Tested by 4

TestAPICWhitelistsFunction · 0.64
TestAPICPullTopFunction · 0.64