From 48bcccb38a3d8c6ff423ec54e19a07bb59ce0892 Mon Sep 17 00:00:00 2001
From: Sebastien Blot <sebastien@crowdsec.net>
Date: Fri, 18 Oct 2024 10:46:21 +0200
Subject: [PATCH 1/2] also run waf-check on generic rules

---
 .github/workflows/waf-check.yaml | 3 ++-
 waf-check/config/acquis.yaml     | 2 +-
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/waf-check.yaml b/.github/workflows/waf-check.yaml
index fb8d7e3cff7..438e234f100 100644
--- a/.github/workflows/waf-check.yaml
+++ b/.github/workflows/waf-check.yaml
@@ -77,8 +77,9 @@ jobs:
       run: |
         sudo cp waf-check/config/acquis.yaml /etc/crowdsec/acquis.yaml
         sudo cp appsec-rules/*/vpatch-*.yaml /etc/crowdsec/appsec-rules/
+        sudo cp appsec-rules/*/generic-*.yaml /etc/crowdsec/appsec-rules/
         sudo cp appsec-rules/crowdsecurity/base-config.yaml /etc/crowdsec/appsec-rules/
-        sudo cp appsec-configs/crowdsecurity/virtual-patching.yaml /etc/crowdsec/appsec-configs/
+        sudo cp appsec-configs/crowdsecurity/appsec-default.yaml /etc/crowdsec/appsec-configs/
         sudo systemctl restart crowdsec
     - name: Register Remediation Component API Key
       run: |
diff --git a/waf-check/config/acquis.yaml b/waf-check/config/acquis.yaml
index a7efd0c43a1..ba34487f332 100644
--- a/waf-check/config/acquis.yaml
+++ b/waf-check/config/acquis.yaml
@@ -1,5 +1,5 @@
 source: appsec
-appsec_config: crowdsecurity/virtual-patching
+appsec_config: crowdsecurity/appsec-default
 listen_addr: 127.0.0.1:4241
 labels:
   type: appsec
\ No newline at end of file

From 30d5bc6d7bfa7b1455f650a66eb9028e07f7d2cb Mon Sep 17 00:00:00 2001
From: Sebastien Blot <sebastien@crowdsec.net>
Date: Fri, 18 Oct 2024 10:52:22 +0200
Subject: [PATCH 2/2] show crowdsec logs on start failure

---
 .github/workflows/waf-check.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/waf-check.yaml b/.github/workflows/waf-check.yaml
index 438e234f100..25c123ef87f 100644
--- a/.github/workflows/waf-check.yaml
+++ b/.github/workflows/waf-check.yaml
@@ -80,7 +80,7 @@ jobs:
         sudo cp appsec-rules/*/generic-*.yaml /etc/crowdsec/appsec-rules/
         sudo cp appsec-rules/crowdsecurity/base-config.yaml /etc/crowdsec/appsec-rules/
         sudo cp appsec-configs/crowdsecurity/appsec-default.yaml /etc/crowdsec/appsec-configs/
-        sudo systemctl restart crowdsec
+        sudo systemctl restart crowdsec || sudo cat /var/log/crowdsec.log
     - name: Register Remediation Component API Key
       run: |
         sudo cscli bouncers add hubtestAppsec -k "this_is_a_bad_password"