Implement review findings

Various improvements. Signed-off-by: Simon Rüegg <simon@rueggs.ch>
vshn · Mar 18, 2020 · ca73198 · ca73198
1 parent daa02f0
commit ca73198
Show file tree

Hide file tree

Showing 3 changed files with 6 additions and 5 deletions.
diff --git a/README.adoc b/README.adoc
@@ -39,7 +39,7 @@ waf-tool tune -k <unique-id>
 
 === Elasticsearch TLS Connection
 
-Elasticsearch runs by default with a TLS certificate signed by a custom CA. You need to get the CA certificate in order to trust it. Either provide it in the `WAF_ES_CUSTOM_CA` env variable or with the `----es-custom-ca` flag.
+Elasticsearch runs by default with a TLS certificate signed by a custom CA. You need to get the CA certificate in order to trust it. Either provide it in the `WAF_ES_CUSTOM_CA` env variable or with the `--es-custom-ca` flag.
 
 To ignore the certificate and don't verify it (possibly insecure), run the `tune` command with the `-k` flag.
 

diff --git a/pkg/elasticsearch/search.go b/pkg/elasticsearch/search.go
@@ -11,7 +11,7 @@ import (
 )
 
 // SearchUniqueID to search for a ModSecurity unique ID
-func (c client) SearchUniqueID(uniqueID string) (model.SearchResult, error) {
+func (c *client) SearchUniqueID(uniqueID string) (model.SearchResult, error) {
 
 	var buf bytes.Buffer
 	type m map[string]interface{}
@@ -46,10 +46,10 @@ func (c client) SearchUniqueID(uniqueID string) (model.SearchResult, error) {
 	if res.IsError() {
 		var e model.ErrorResponse
 		if res.StatusCode == http.StatusUnauthorized {
-			return model.SearchResult{}, errors.New("error unauthorized")
+			return model.SearchResult{}, errors.New("401 unauthorized")
 		}
 		if err := json.NewDecoder(res.Body).Decode(&e); err != nil {
-			return model.SearchResult{}, fmt.Errorf("error parsing the response body %w", err)
+			return model.SearchResult{}, fmt.Errorf("failure at parsing the response body: %w", err)
 		}
 		return model.SearchResult{}, fmt.Errorf("[%s] %s: %s",
 			res.Status(),

diff --git a/pkg/tuner/tuner.go b/pkg/tuner/tuner.go
@@ -14,6 +14,8 @@ import (
 	"github.com/vshn/waf-tool/pkg/rules"
 )
 
+const baseID = 10100
+
 // Tune creates exclusion rules for a given uniqe ID
 func Tune(uniqueID string, config cfg.Configuration) (returnError error) {
 	out, err := exec.Command("oc", "whoami", "--show-token").Output()
@@ -61,7 +63,6 @@ func Tune(uniqueID string, config cfg.Configuration) (returnError error) {
 		return nil
 	}
 
-	baseID := 10100
 	var alerts []model.ModsecAlert
 	var access *model.ApacheAccess
 	for _, result := range result.Hits.Hits {