fix(coraza-spoe): collapse args to one line + ensure trailing LF on spoe cfg
All checks were successful
HAProxy Manager Build and Push / Build-and-Push (push) Successful in 2m11s
All checks were successful
HAProxy Manager Build and Push / Build-and-Push (push) Successful in 2m11s
Two HAProxy parse errors caught in staging functional test: 1. coraza-spoe.cfg:39 'args': missing fetch method The args directive had backslash line continuations. HAProxy doesn't support those in SPOE configs — args must be one physical line. Collapsed to a single line. 2. coraza-spoe.cfg:50 Missing LF on last line Same trailing-LF issue we hit on haproxy.cfg one commit ago. The Jinja2 template ends with content rather than a newline, and write() doesn't add one. Belt-and-suspenders: explicitly append '\n' before writing if not already there. After this commit HAProxy validates the generated config cleanly. Will verify on staging now (combined SPOE injection + fail-open + active attack-detection tests). Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
@@ -1863,6 +1863,12 @@ backend default-backend
|
||||
coraza_spoe_cfg = template_env.get_template(
|
||||
'hap_coraza_spoe_engine.tpl'
|
||||
).render()
|
||||
# HAProxy also rejects this file without a trailing LF
|
||||
# ("Missing LF on last line"). Belt-and-suspenders — even if the
|
||||
# template ends with a newline, Jinja2 can trim it depending on
|
||||
# how the file was authored.
|
||||
if not coraza_spoe_cfg.endswith('\n'):
|
||||
coraza_spoe_cfg += '\n'
|
||||
coraza_spoe_path = '/etc/haproxy/coraza-spoe.cfg'
|
||||
with open(coraza_spoe_path, 'w') as f:
|
||||
f.write(coraza_spoe_cfg)
|
||||
|
||||
Reference in New Issue
Block a user