Handle challenge deletion and/or name changes

Question

Handle challenge deletion and/or name changes

pl4nty opened this issue 2 years ago · 7 comments

I currently use ctfcli like an infrastructure-as-code provider in CI/CD pipelines. However, the following resource changes (challenges/containers/services) must be reconciled manually:

Name changes, as it's the sync anchor
Resource deleted from repo

Other providers like Azure offer a "complete" mode, where resources that aren't defined in the repo are deleted. This would support the change types listed above.

Not sure whether this aligns to ctfcli's design though - maybe a Terraform provider would be a better fit, since it's common for CTF infrastructure anyway.

Answer 1 · 2023-03-13T00:53:56.000Z

Looks like there's a Terraform version here, not sure how stable it is though: https://github.com/PsypherPunk/terraform-provider-ctfd

Answer 2 · 2024-09-11T04:05:35.000Z

Would be fixed by #159

Answer 3 · 2024-09-11T05:10:36.000Z

in my case, my CI is stateless, so #159 wouldn't work for me

Answer 4 · 2024-09-11T05:13:36.000Z

I don't think you could reconcile renames with a stateless system unless you diff commit history (which in itself, is state).

This issue makes ctfcli unusable for us, as we have infrastructure changes after people solve challenges. Thus, deleting a renamed challenge and recreating it deletes solves, which we cannot do.

Answer 5 · 2024-09-11T05:15:08.000Z

I am sortof suggesting a new paradigm:

You use your CI pipeline to commit the .ctf/config file to git
The CI is no longer stateless

Answer 6 · 2024-09-11T05:15:30.000Z

Would you be able to provide more details about your usecase?

Answer 7 · 2024-09-11T05:52:37.000Z

I suggested delete/recreate because I don't run ctfcli during competitions, to avoid any unexpected changes. but I understand that this approach might not align to ctfcli's design

I generate .ctf/config at runtime to avoid storing credentials in git, and allow challenge creation without authors needing ctfcli