crowdsec icon indicating copy to clipboard operation
crowdsec copied to clipboard
verified publisher icon crowdsecurity

[PARSERS] Escalate an error if two parsers have same name

Open LaurenceJJones opened this issue 1 year ago • 2 comments

This will be aimed for 2.0 roadmap, make it an error if the user has two parser with the same name key. This will cause side effects as pointed out by #3090 and countless examples.

We should throw an error if two parsers have the same name key as the in map memory will take the latter as the final value.

LaurenceJJones avatar Jun 20 '24 09:06 LaurenceJJones

@LaurenceJJones: Thanks for opening an issue, it is currently awaiting triage.

In the meantime, you can:

  1. Check Crowdsec Documentation to see if your issue can be self resolved.
  2. You can also join our Discord.
  3. Check Releases to make sure your agent is on the latest version.
Details

I am a bot created to help the crowdsecurity developers manage community feedback and contributions. You can check out my manifest file to understand my behavior and what I can do. If you want to use this for your project, you can check out the BirthdayResearch/oss-governance-bot repository.

github-actions[bot] avatar Jun 20 '24 09:06 github-actions[bot]

@LaurenceJJones: There are no 'kind' label on this issue. You need a 'kind' label to start the triage process.

  • /kind feature
  • /kind enhancement
  • /kind refactoring
  • /kind bug
  • /kind packaging
Details

I am a bot created to help the crowdsecurity developers manage community feedback and contributions. You can check out my manifest file to understand my behavior and what I can do. If you want to use this for your project, you can check out the BirthdayResearch/oss-governance-bot repository.

github-actions[bot] avatar Jun 20 '24 09:06 github-actions[bot]

What do you mean exactly "two parsers have the same name"?

Installing a local parser to satisfy a collection dependency and override the official parser is a legit and tested use case (at least in branch hubops).

What if we return an error when attempting to install an item, if there is another already installed with same name and different path?

mmetc avatar Dec 23 '24 12:12 mmetc

What do you mean exactly "two parsers have the same name"?

Some users might have the following:

/etc/crowdsec/parsers/s02-enrich/01whitelist.yaml
/etc/crowdsec/parsers/s02-enrich/whitelists.yaml -> /etc/crowdsec/hub/....

both have the same name EG: crowdsecurity/whitelists within the yaml, when crowdsec loads these files it loads them alphabetically meaning your local 01whitelist.yaml will be overidden in memory because it has the same name key as the official crowdsec whitelists.yaml.

We should throw this as a error because you shouldnt have two parser with the same name yaml key.

LaurenceJJones avatar Dec 23 '24 12:12 LaurenceJJones

How about a warning? We can easily tweak the behavior. This issue was useful to simplify the code.

https://github.com/crowdsecurity/crowdsec/pull/3399

mmetc avatar Jan 10 '25 15:01 mmetc

fixed in 1.6.5

mmetc avatar Feb 07 '25 15:02 mmetc