ab50721f69
. We are now leveraging nix for portable dependency handling. . There are now three types of tests: client, server and end-to-end. . server tests exercise the actual kapow server being tested, while the requests are performed using the test steps. . client tests exercise the actual kapow client being tested, while the requests are served using the test steps. . e2e test exercise the actual kapow program in its dual role of client and server (¡como tiene que ser!). Co-authored-by: Roberto Abdelkader Martínez Pérez <robertomartinezp@gmail.com>
If you can script it, you can HTTP it.
What's Kapow!
Say we have a nice cozy shell command that solves our problem. Kapow! lets us easily turn that into an HTTP API.
Let's see this with an example
We want to expose log entries for files not found on our Apache Web Server, as an HTTP API. With Kapow! we just need to write this executable script:
[apache-host]$ cat search-apache-errors
#!/usr/bin/env sh
kapow route add /apache-errors - <<-'EOF'
cat /var/log/apache2/access.log | grep 'File does not exist' | kapow set /response/body
EOF
[apache-host]$ chmod +x search-apache-errors
and then, run it using Kapow!
[apache-host]$ kapow server search-apache-errors
finally, we can read from the just-defined endpoint:
[another-host]$ curl http://apache-host:8080/apache-errors
[Fri Feb 01 22:07:57.154391 2019] [core:info] [pid 7:tid 140284200093440] [client 172.17.0.1:50756] AH00128: File does not exist: /usr/var/www/mysite/favicon.ico
[Fri Feb 01 22:07:57.808291 2019] [core:info] [pid 8:tid 140284216878848] [client 172.17.0.1:50758] AH00128: File does not exist: /usr/var/www/mysite/favicon.ico
[Fri Feb 01 22:07:57.878149 2019] [core:info] [pid 8:tid 140284208486144] [client 172.17.0.1:50758] AH00128: File does not exist: /usr/var/www/mysite/favicon.ico
...
Why Kapow! shines in these cases
- We can share information without having to grant SSH access to anybody.
- We can share information easily over HTTP.
- We can effectively limit what gets executed.
Documentation
You can find the complete documentation and examples here.
Security
Please consider the following security caveats before using Kapow!
If you are not 100% sure about what you are doing we recommend not using Kapow!
Authors
Kapow! is being developed by BBVA-Labs Security team members.
Kapow! is Open Source Software and available under the Apache 2 license.
Contributions
Contributions are of course welcome. See CONTRIBUTING or skim existing tickets to see where you could help out.
- Did you spot the UUoC? Congrats! We are hoping to win this year :)