UNCLASSIFIED

Skip to content

GitLab

Commit 4acddfea authored by sean.melissari's avatar sean.melissari
Browse files

initial commit

parent 14620d7b
Pipeline #316881 failed with stages
in 18 minutes and 46 seconds
Expand all Hide whitespace changes
Inline Side-by-side
Showing with 2067 additions and 2 deletions
.gitlab/CODEOWNERS
View file @ 4acddfea
......@@ -4,3 +4,6 @@
[Gitlab Configuration Files]
.gitlab/* @ironbank-notifications/cht
[ClamAV Whitelist File]
clamav-whitelist @ironbank-security-team
Dockerfile 0 → 100644
View file @ 4acddfea
# Copyright 2021 Splunk
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#base setup
ARG BASE_REGISTRY=registry1.dso.mil
ARG BASE_IMAGE=ironbank/redhat/ubi/ubi8-minimal
ARG BASE_TAG=8.4
FROM ${BASE_REGISTRY}/${BASE_IMAGE}:${BASE_TAG} as base
#FROM registry.access.redhat.com/ubi8/ubi-minimal:8.3-291 as base
#remove if there is no need to have scloud in this build
ARG SCLOUD_URL
ENV SCLOUD_URL=https://github.com/splunk/splunk-cloud-sdk-go/releases/download/v1.7.0/scloud_v4.0.0_linux_amd64.tar.gz
ENV PYTHON_VERSION=3.7.10 \
PYTHON_GPG_KEY_ID=0D96DF4D4110E5C43FBFB17F2D347EA6AA65421D
COPY scripts/install.sh /install.sh
RUN mkdir /licenses
COPY apache-2.0.txt /licenses/apache-2.0.txt
COPY EULA_Red_Hat_Universal_Base_Image_English_20190422.pdf /licenses/EULA_Red_Hat_Universal_Base_Image_English_20190422.pdf
COPY requests-2.25.1.tar.gz requests-2.25.1.tar.gz
COPY Jinja2-3.0.0.tar.gz Jinja2-3.0.0.tar.gz
COPY urllib3-1.26.4.tar.gz urllib3-1.26.4.tar.gz
COPY chardet-4.0.0.tar.gz chardet-4.0.0.tar.gz
COPY certifi-2020.12.5.tar.gz certifi-2020.12.5.tar.gz
COPY idna-3.1.tar.gz idna-3.1.tar.gz
COPY PyYAML-5.4.1.tar.gz PyYAML-5.4.1.tar.gz
COPY cryptography-3.4.7-cp36-abi3-manylinux2014_x86_64.whl cryptography-3.4.7-cp36-abi3-manylinux2014_x86_64.whl
COPY MarkupSafe-2.0.1.tar.gz MarkupSafe-2.0.1.tar.gz
COPY six-1.16.0.tar.gz six-1.16.0.tar.gz
COPY cffi-1.14.5.tar.gz cffi-1.14.5.tar.gz
COPY pycparser-2.20.tar.gz pycparser-2.20.tar.gz
COPY Python-3.7.10.tgz /tmp/python.tgz
COPY wheel-0.36.2.tar.gz wheel-0.36.2.tar.gz
COPY jmespath-0.10.0.tar.gz jmespath-0.10.0.tar.gz
COPY PyYAML-5.4.1-cp37-cp37m-manylinux1_x86_64.whl PyYAML-5.4.1-cp37-cp37m-manylinux1_x86_64.whl
COPY ansible-4.0.0.tar.gz ansible-4.0.0.tar.gz
COPY ansible-core-2.11.1.tar.gz ansible-core-2.11.1.tar.gz
COPY packaging-20.9-py2.py3-none-any.whl packaging-20.9-py2.py3-none-any.whl
COPY resolvelib-0.5.4-py2.py3-none-any.whl resolvelib-0.5.4-py2.py3-none-any.whl
COPY pyparsing-2.4.7.tar.gz pyparsing-2.4.7.tar.gz
RUN /install.sh && rm -rf /install.sh
#Install scloud
COPY scloud_v7.1.0_linux_amd64.tar.gz /usr/bin/scloud.tar.gz
RUN tar -zxf /usr/bin/scloud.tar.gz -C /usr/bin/ && rm /usr/bin/scloud.tar.gz
#end base setup
ARG SPLUNK_PRODUCT=splunk
ARG SPLUNK_VERSION=8.2.0
ARG SPLUNK_BUILD=e053ef3c985f
ARG SPLUNK_ARCH=x86_64
ARG SPLUNK_LINUX_FILENAME=splunk-${SPLUNK_VERSION}-${SPLUNK_BUILD}-Linux-${SPLUNK_ARCH}.tgz
# Get and unpack Splunk Enterprise
#
FROM base as package
COPY scripts/make-minimal-exclude.py /tmp
ENV SPLUNK_BUILD_URL=https://download.splunk.com/products/${SPLUNK_PRODUCT}/releases/${SPLUNK_VERSION}/linux/${SPLUNK_LINUX_FILENAME}
RUN python /tmp/make-minimal-exclude.py $SPLUNK_BUILD_URL > /tmp/splunk-minimal-exclude.list
COPY splunk-8.2.0-e053ef3c985f-Linux-x86_64.tgz /tmp/splunk.tgz
RUN mkdir -p /minimal/splunk/var /extras/splunk/var
RUN tar -C /minimal/splunk --strip 1 --exclude-from=/tmp/splunk-minimal-exclude.list -zxf /tmp/splunk.tgz
RUN tar -C /extras/splunk --strip 1 --wildcards --files-from=/tmp/splunk-minimal-exclude.list -zxf /tmp/splunk.tgz
RUN mv /minimal/splunk/etc /minimal/splunk-etc
RUN mv /extras/splunk/etc /extras/splunk-etc
RUN mkdir -p /minimal/splunk/etc /minimal/splunk/share/splunk/search_mrsparkle/modules.new
COPY splunk-ansible.tar.gz splunk-ansible.tar.gz
RUN tar -zxf splunk-ansible.tar.gz && mv splunk-ansible-8.2.0 splunk-ansible-develop && rm splunk-ansible.tar.gz
#
# Minimal Splunk base image with many files excluded, intended for internal and experimental use
#
FROM base as minimal
ENV SPLUNK_HOME=/opt/splunk \
SPLUNK_GROUP=splunk \
SPLUNK_USER=splunk
ENV TMPSPLUNKDIR=${SPLUNK_HOME}/tmp
ENV TMPETCDIR=${TMPSPLUNKDIR}/etc
# Currently kubernetes only accepts UID and not USER field to
# start a container as a particular user. So we create Splunk
# user with pre-determined UID.
ARG UID=41812
ARG GID=41812
# Simple script used to populate/upgrade splunk/etc directory
COPY scripts/updateetc.sh /sbin/updateetc.sh
# Setup users and groups
RUN groupadd -r -g ${GID} ${SPLUNK_GROUP} \
&& useradd -r -m -u ${UID} -g ${GID} ${SPLUNK_USER} \
&& chmod 755 /sbin/updateetc.sh
COPY --from=package --chown=splunk:splunk /minimal /opt
USER ${SPLUNK_USER}
WORKDIR ${SPLUNK_HOME}
EXPOSE 8000/tcp 8089/tcp
#
# Bare Splunk Enterprise Image without Ansible (BYO entrypoint)
#
FROM minimal as bare
COPY --from=package --chown=splunk:splunk /extras /opt
#remove unneeded packages that were vulnerable
#RUN rm -fdr /opt/splunk/etc/apps/splunk_archiver /opt/splunk/bin/jars/thirdparty/hive /opt/splunk/bin/jars/thirdparty/hive_1_2 /opt/splunk/bin/jars/thirdparty/hive_3_1 /opt/splunk/bin/jars/vendors/spark /opt/splunk/bin/jars/thirdparty/common/commons-io-2.4.jar /opt/splunk/bin/jars/thirdparty/aws/commons-codec-1.7.jar
COPY scripts/delete_jquery.py /delete_jquery.py
RUN python /delete_jquery.py
EXPOSE 8000 8065 8088 8089 8191 9887 9997
VOLUME [ "/opt/splunk/etc", "/opt/splunk/var" ]
#
# Full Splunk Enterprise Image with Ansible
#
FROM bare
ARG SPLUNK_DEFAULTS_URL
ENV SPLUNK_ROLE=splunk_standalone \
SPLUNK_DEFAULTS_URL=${SPLUNK_DEFAULTS_URL} \
SPLUNK_ANSIBLE_HOME=/opt/ansible \
ANSIBLE_USER=ansible \
ANSIBLE_GROUP=ansible \
CONTAINER_ARTIFACT_DIR=/opt/container_artifact
USER root
COPY [ "scripts/entrypoint.sh", "scripts/createdefaults.py", "scripts/checkstate.sh", "/sbin/" ]
COPY --from=package /splunk-ansible-develop ./splunk-ansible-develop
# Set sudo rights
RUN echo 'Create the ansible user/group' \
&& groupadd -r ${ANSIBLE_GROUP} \
&& useradd -r -m -g ${ANSIBLE_GROUP} ${ANSIBLE_USER} \
&& usermod -aG sudo ${ANSIBLE_USER} \
&& usermod -aG ${ANSIBLE_GROUP} ${SPLUNK_USER} \
&& echo 'Container Artifact Directory is a place for all artifacts and logs that are generated by the provisioning process. The directory is owned by the user "ansible".' \
&& mkdir ${CONTAINER_ARTIFACT_DIR} \
&& chown -R ${ANSIBLE_USER}:${ANSIBLE_GROUP} ${CONTAINER_ARTIFACT_DIR} \
&& chmod -R 775 ${CONTAINER_ARTIFACT_DIR} \
&& mv splunk-ansible-develop ${SPLUNK_ANSIBLE_HOME} \
&& chmod -R 555 ${SPLUNK_ANSIBLE_HOME} \
&& chgrp ${ANSIBLE_GROUP} ${SPLUNK_ANSIBLE_HOME} ${SPLUNK_ANSIBLE_HOME}/ansible.cfg \
&& chmod 775 ${SPLUNK_ANSIBLE_HOME} \
&& chmod 664 ${SPLUNK_ANSIBLE_HOME}/ansible.cfg \
&& chmod 755 /sbin/entrypoint.sh /sbin/createdefaults.py /sbin/checkstate.sh
USER ${SPLUNK_USER}
HEALTHCHECK --interval=30s --timeout=30s --start-period=3m --retries=5 CMD /sbin/checkstate.sh || exit 1
ENTRYPOINT [ "/sbin/entrypoint.sh" ]
CMD [ "start-service" ]
LICENSE 0 → 100644
View file @ 4acddfea
This diff is collapsed.
README.md
View file @ 4acddfea
# <application name>
# Splunk Enterprise
Project template for all Iron Bank container repositories.
\ No newline at end of file
#### Adapted from [docker-splunk](https://github.com/splunk/docker-splunk) to fit the Air Force's requirements.
----
## Purpose
### What is Splunk Enterprise?
[Splunk Enterprise](https://www.splunk.com/en_us/software/splunk-enterprise.html) is a platform for operational intelligence. Our software lets you collect, analyze, and act upon the untapped value of big data that your technology infrastructure, security systems, and business applications generate. It gives you insights to drive operational performance and business results.
See [Splunk Products](https://www.splunk.com/en_us/software.html) for more information about the features and capabilities of Splunk products and how you can [bring them into your organization](https://www.splunk.com/en_us/enterprise-data-platform.html).
The provisioning of these containers is handled by the [Splunk-Ansible](https://github.com/splunk/splunk-ansible) project. Refer to the [Splunk-Ansible documentation](https://splunk.github.io/splunk-ansible/) and the [Ansible User Guide](https://docs.ansible.com/ansible/latest/user_guide/index.html) for more details.
To assist with running Splunk in a Kubernetes environment, there is the [Splink Operator for Kubernetes](https://github.com/splunk/splunk-operator) project. Please see the [Getting Started](https://github.com/splunk/splunk-operator/blob/master/docs/README.md) documentation for using the Splunk Operator.
---
## Quickstart
Start a single containerized instance of Splunk Enterprise with the command below, replacing `<password>` with a password string that conforms to the [Splunk Enterprise password requirements](https://docs.splunk.com/Documentation/Splunk/latest/Security/Configurepasswordsinspecfile).
```bash
$ docker run -p 8000:8000 -e "SPLUNK_PASSWORD=<password>" \
-e "SPLUNK_START_ARGS=--accept-license" \
-e "SPLUNK_HOME_OWNERSHIP_ENFORCEMENT=false" \
-it --name so1 splunk:latest
```
This command does the following:
1. Starts a Docker container using the `splunk:latest` image.
1. Names the container as `so1`.
1. Exposes a port mapping from the host's `8000` port to the container's `8000` port
1. Specifies a custom `SPLUNK_PASSWORD`.
1. Accepts the license agreement with `SPLUNK_START_ARGS=--accept-license`. This agreement must be explicitly accepted on every container or Splunk Enterprise doesn't start.
1. Set the Splunk Home Ownership to false with `SPLUNK_HOME_OWNERSHIP_ENFORCEMENT=false` as we are required to start the container as the splunk user for security reasons.
After the container starts up, you can access Splunk Web at <http://localhost:8000> with `admin:<password>`.
To view the logs from the container created above, run:
```bash
$ docker logs -f so1
```
To enter the container and run Splunk CLI commands, run:
```bash
# Defaults to the user "ansible"
docker exec -it so1 /bin/bash
# Run shell as the user "splunk"
docker exec -u splunk -it so1 bash
```
To enable TCP 10514 for listening, run:
```bash
docker exec -u splunk so1 /opt/splunk/bin/splunk add tcp 10514 \
-sourcetype syslog -resolvehost true \
-auth "admin:${SPLUNK_PASSWORD}"
```
To install an app, run:
```bash
docker exec -u splunk so1 /opt/splunk/bin/splunk install \
/path/to/app.tar -auth "admin:${SPLUNK_PASSWORD}"
```
---
## Documentation
Visit the [Docker-Splunk documentation](https://splunk.github.io/docker-splunk/) page for full usage instructions, including installation, examples, and advanced deployment scenarios.
Not all Documentation at this link will be applicable to this specific image as it has specific build dependencies for the Air Force.
### Python Support
Python 2 has been removed from the image based on it being end of life. Any Splunk apps or scripts that rely on Python 2 will not work and will need to be re-written for Python 3. Python 3 is included in the image.
### Data Fabric Search
With DFS being [end of support](https://docs.splunk.com/Documentation/DFS/1.1.2/DFS/Overview) in Oct of 2021, we have started to remove packages required for DFS to function. As such, DFS cannot function in this image of Splunk.
apache-2.0.txt 0 → 100644
View file @ 4acddfea
Apache License
Version 2.0, January 2004
http://www.apache.org/licenses/
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
1. Definitions.
"License" shall mean the terms and conditions for use, reproduction,
and distribution as defined by Sections 1 through 9 of this document.
"Licensor" shall mean the copyright owner or entity authorized by
the copyright owner that is granting the License.
"Legal Entity" shall mean the union of the acting entity and all
other entities that control, are controlled by, or are under common
control with that entity. For the purposes of this definition,
"control" means (i) the power, direct or indirect, to cause the
direction or management of such entity, whether by contract or
otherwise, or (ii) ownership of fifty percent (50%) or more of the
outstanding shares, or (iii) beneficial ownership of such entity.
"You" (or "Your") shall mean an individual or Legal Entity
exercising permissions granted by this License.
"Source" form shall mean the preferred form for making modifications,
including but not limited to software source code, documentation
source, and configuration files.
"Object" form shall mean any form resulting from mechanical
transformation or translation of a Source form, including but
not limited to compiled object code, generated documentation,
and conversions to other media types.
"Work" shall mean the work of authorship, whether in Source or
Object form, made available under the License, as indicated by a
copyright notice that is included in or attached to the work
(an example is provided in the Appendix below).
"Derivative Works" shall mean any work, whether in Source or Object
form, that is based on (or derived from) the Work and for which the
editorial revisions, annotations, elaborations, or other modifications
represent, as a whole, an original work of authorship. For the purposes
of this License, Derivative Works shall not include works that remain
separable from, or merely link (or bind by name) to the interfaces of,
the Work and Derivative Works thereof.
"Contribution" shall mean any work of authorship, including
the original version of the Work and any modifications or additions
to that Work or Derivative Works thereof, that is intentionally
submitted to Licensor for inclusion in the Work by the copyright owner
or by an individual or Legal Entity authorized to submit on behalf of
the copyright owner. For the purposes of this definition, "submitted"
means any form of electronic, verbal, or written communication sent
to the Licensor or its representatives, including but not limited to
communication on electronic mailing lists, source code control systems,
and issue tracking systems that are managed by, or on behalf of, the
Licensor for the purpose of discussing and improving the Work, but
excluding communication that is conspicuously marked or otherwise
designated in writing by the copyright owner as "Not a Contribution."
"Contributor" shall mean Licensor and any individual or Legal Entity
on behalf of whom a Contribution has been received by Licensor and
subsequently incorporated within the Work.
2. Grant of Copyright License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
copyright license to reproduce, prepare Derivative Works of,
publicly display, publicly perform, sublicense, and distribute the
Work and such Derivative Works in Source or Object form.
3. Grant of Patent License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
(except as stated in this section) patent license to make, have made,
use, offer to sell, sell, import, and otherwise transfer the Work,
where such license applies only to those patent claims licensable
by such Contributor that are necessarily infringed by their
Contribution(s) alone or by combination of their Contribution(s)
with the Work to which such Contribution(s) was submitted. If You
institute patent litigation against any entity (including a
cross-claim or counterclaim in a lawsuit) alleging that the Work
or a Contribution incorporated within the Work constitutes direct
or contributory patent infringement, then any patent licenses
granted to You under this License for that Work shall terminate
as of the date such litigation is filed.
4. Redistribution. You may reproduce and distribute copies of the
Work or Derivative Works thereof in any medium, with or without
modifications, and in Source or Object form, provided that You
meet the following conditions:
(a) You must give any other recipients of the Work or
Derivative Works a copy of this License; and
(b) You must cause any modified files to carry prominent notices
stating that You changed the files; and
(c) You must retain, in the Source form of any Derivative Works
that You distribute, all copyright, patent, trademark, and
attribution notices from the Source form of the Work,
excluding those notices that do not pertain to any part of
the Derivative Works; and
(d) If the Work includes a "NOTICE" text file as part of its
distribution, then any Derivative Works that You distribute must
include a readable copy of the attribution notices contained
within such NOTICE file, excluding those notices that do not
pertain to any part of the Derivative Works, in at least one
of the following places: within a NOTICE text file distributed
as part of the Derivative Works; within the Source form or
documentation, if provided along with the Derivative Works; or,
within a display generated by the Derivative Works, if and
wherever such third-party notices normally appear. The contents
of the NOTICE file are for informational purposes only and
do not modify the License. You may add Your own attribution
notices within Derivative Works that You distribute, alongside
or as an addendum to the NOTICE text from the Work, provided
that such additional attribution notices cannot be construed
as modifying the License.
You may add Your own copyright statement to Your modifications and
may provide additional or different license terms and conditions
for use, reproduction, or distribution of Your modifications, or
for any such Derivative Works as a whole, provided Your use,
reproduction, and distribution of the Work otherwise complies with
the conditions stated in this License.
5. Submission of Contributions. Unless You explicitly state otherwise,
any Contribution intentionally submitted for inclusion in the Work
by You to the Licensor shall be under the terms and conditions of
this License, without any additional terms or conditions.
Notwithstanding the above, nothing herein shall supersede or modify
the terms of any separate license agreement you may have executed
with Licensor regarding such Contributions.
6. Trademarks. This License does not grant permission to use the trade
names, trademarks, service marks, or product names of the Licensor,
except as required for reasonable and customary use in describing the
origin of the Work and reproducing the content of the NOTICE file.
7. Disclaimer of Warranty. Unless required by applicable law or
agreed to in writing, Licensor provides the Work (and each
Contributor provides its Contributions) on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
implied, including, without limitation, any warranties or conditions
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
PARTICULAR PURPOSE. You are solely responsible for determining the
appropriateness of using or redistributing the Work and assume any
risks associated with Your exercise of permissions under this License.
8. Limitation of Liability. In no event and under no legal theory,
whether in tort (including negligence), contract, or otherwise,
unless required by applicable law (such as deliberate and grossly
negligent acts) or agreed to in writing, shall any Contributor be
liable to You for damages, including any direct, indirect, special,
incidental, or consequential damages of any character arising as a
result of this License or out of the use or inability to use the
Work (including but not limited to damages for loss of goodwill,
work stoppage, computer failure or malfunction, or any and all
other commercial damages or losses), even if such Contributor
has been advised of the possibility of such damages.
9. Accepting Warranty or Additional Liability. While redistributing
the Work or Derivative Works thereof, You may choose to offer,
and charge a fee for, acceptance of support, warranty, indemnity,
or other liability obligations and/or rights consistent with this
License. However, in accepting such obligations, You may act only
on Your own behalf and on Your sole responsibility, not on behalf
of any other Contributor, and only if You agree to indemnify,
defend, and hold each Contributor harmless for any liability
incurred by, or claims asserted against, such Contributor by reason
of your accepting any such warranty or additional liability.
END OF TERMS AND CONDITIONS
APPENDIX: How to apply the Apache License to your work.
To apply the Apache License to your work, attach the following
boilerplate notice, with the fields enclosed by brackets "[]"
replaced with your own identifying information. (Don't include
the brackets!) The text should be enclosed in the appropriate
comment syntax for the file format. We also recommend that a
file or class name and description of purpose be included on the
same "printed page" as the copyright notice for easier
identification within third-party archives.
Copyright [yyyy] [name of copyright owner]
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
clamav-whitelist 0 → 100644
View file @ 4acddfea
Multios.Trojan.ElectroRAT-9823393-0
hardening_manifest.yaml 0 → 100644
View file @ 4acddfea
---
apiVersion: v1
name: "splunk/splunk/splunk"
tags:
- "8.2.0"
- "latest"
args:
BASE_IMAGE: "redhat/ubi/ubi8-minimal"
BASE_TAG: "8.4"
labels:
org.opencontainers.image.title: "splunk"
org.opencontainers.image.description: "Splunk Enterprise is a platform for operational intelligence. Our software lets you collect, analyze, and act upon the untapped value of big data that your technology infrastructure, security systems, and business applications generate. It gives you insights to drive operational performance and business results."
org.opencontainers.image.licenses: "Commercial"
org.opencontainers.image.url: "https://www.splunk.com/en_us/legal/splunk-terms-overview.html"
org.opencontainers.image.vendor: "Splunk"
org.opencontainers.image.version: "8.2.0"
mil.dso.ironbank.image.keywords: "security,data,itops"
mil.dso.ironbank.image.type: "commercial"
mil.dso.ironbank.product.name: "Splunk Enterprise"
resources:
- url: https://github.com/splunk/splunk-ansible/archive/8.2.0.tar.gz
filename: splunk-ansible.tar.gz
validation:
type: sha256
value: 7e5b254a4db208d8dee261ec56edbdbbcedf54f42c7d02031f8f523892ed0a36
- url: https://download.splunk.com/products/splunk/releases/8.2.0/linux/splunk-8.2.0-e053ef3c985f-Linux-x86_64.tgz
filename: splunk-8.2.0-e053ef3c985f-Linux-x86_64.tgz
validation:
type: sha256
value: 868ac331aee0a3437a85cd57604bace201c4ad77c68ee1bbde0cc90fe3f0b717
- url: https://github.com/splunk/splunk-cloud-sdk-go/releases/download/v1.11.1/scloud_v7.1.0_linux_amd64.tar.gz
filename: scloud_v7.1.0_linux_amd64.tar.gz
validation:
type: sha256
value: b1f47cb2ffd17fe87f07599c88da42a07e4c51e3c37986e4bb0509000e1344a9
- url: https://files.pythonhosted.org/packages/6b/47/c14abc08432ab22dc18b9892252efaf005ab44066de871e72a38d6af464b/requests-2.25.1.tar.gz
filename: requests-2.25.1.tar.gz
validation:
type: sha256
value: 27973dd4a904a4f13b263a19c866c13b92a39ed1c964655f025f3f8d3d75b804
- url: https://www.python.org/ftp/python/3.7.10/Python-3.7.10.tgz
filename: Python-3.7.10.tgz
validation:
type: sha256
value: c9649ad84dc3a434c8637df6963100b2e5608697f9ba56d82e3809e4148e0975
- url: https://files.pythonhosted.org/packages/be/27/a4ee8ec50cdfa87385e1181da8bb4b3205d8e669d13393b747baaa01f45a/ansible-core-2.11.1.tar.gz
filename: ansible-core-2.11.1.tar.gz
validation:
type: sha256
value: 7e75827a94d47d1c3e1930d708f0ef637a3ab9a21f757aaf55deab6e9f47c682
- url: https://files.pythonhosted.org/packages/ff/ea/b82dfb8f0d7ddaed50c2dbfe05af9cde3230687c32ceae6ee1bd5ae048c5/ansible-4.0.0.tar.gz
filename: ansible-4.0.0.tar.gz
validation:
type: sha256
value: 6f67ca5c634e4721d1f8e206dc71d60d1a114d147945355bfc902bd37eb07080
- url: https://files.pythonhosted.org/packages/3e/89/7ea760b4daa42653ece2380531c90f64788d979110a2ab51049d92f408af/packaging-20.9-py2.py3-none-any.whl
filename: packaging-20.9-py2.py3-none-any.whl
validation:
type: sha256
value: 67714da7f7bc052e064859c05c595155bd1ee9f69f76557e21f051443c20947a
- url: https://files.pythonhosted.org/packages/eb/11/bda2b7dee2c84d1f1923ae273023bb94d3e5ab3d1a46b4bd8cf5eb81a241/resolvelib-0.5.4-py2.py3-none-any.whl
filename: resolvelib-0.5.4-py2.py3-none-any.whl
validation:
type: sha256
value: 8113ae3ed6d33c6be0bcbf03ffeb06c0995c099b7b8aaa5ddf2e9b3b3df4e915
- url: https://files.pythonhosted.org/packages/ed/46/e298a50dde405e1c202e316fa6a3015ff9288423661d7ea5e8f22f589071/wheel-0.36.2.tar.gz
filename: wheel-0.36.2.tar.gz
validation:
type: sha256
value: e11eefd162658ea59a60a0f6c7d493a7190ea4b9a85e335b33489d9f17e0245e
- url: https://files.pythonhosted.org/packages/3c/56/3f325b1eef9791759784aa5046a8f6a1aff8f7c898a2e34506771d3b99d8/jmespath-0.10.0.tar.gz
filename: jmespath-0.10.0.tar.gz
validation:
type: sha256
value: b85d0567b8666149a93172712e68920734333c0ce7e89b78b3e987f71e5ed4f9
- url: https://files.pythonhosted.org/packages/bf/10/ff66fea6d1788c458663a84d88787bae15d45daa16f6b3ef33322a51fc7e/MarkupSafe-2.0.1.tar.gz
filename: MarkupSafe-2.0.1.tar.gz
validation:
type: sha256
value: 594c67807fb16238b30c44bdf74f36c02cdf22d1c8cda91ef8a0ed8dabf5620a
- url: https://files.pythonhosted.org/packages/7a/a5/393c087efdc78091afa2af9f1378762f9821c9c1d7a22c5753fb5ac5f97a/PyYAML-5.4.1-cp37-cp37m-manylinux1_x86_64.whl
filename: PyYAML-5.4.1-cp37-cp37m-manylinux1_x86_64.whl
validation:
type: sha256
value: e1d4970ea66be07ae37a3c2e48b5ec63f7ba6804bdddfdbd3cfd954d25a82e63
- url: https://files.pythonhosted.org/packages/7a/0c/23cbcf515b5394e9f59a3e6629f26e1142b92d474ee0725a26aa5a3bcf76/Jinja2-3.0.0.tar.gz
filename: Jinja2-3.0.0.tar.gz
validation:
type: sha256
value: ea8d7dd814ce9df6de6a761ec7f1cac98afe305b8cdc4aaae4e114b8d8ce24c5
- url: https://files.pythonhosted.org/packages/c1/47/dfc9c342c9842bbe0036c7f763d2d6686bcf5eb1808ba3e170afdb282210/pyparsing-2.4.7.tar.gz
filename: pyparsing-2.4.7.tar.gz
validation:
type: sha256
value: c203ec8783bf771a155b207279b9bccb8dea02d8f0c9e5f8ead507bc3246ecc1
- url: https://files.pythonhosted.org/packages/cb/cf/871177f1fc795c6c10787bc0e1f27bb6cf7b81dbde399fd35860472cecbc/urllib3-1.26.4.tar.gz
filename: urllib3-1.26.4.tar.gz
validation:
type: sha256
value: e7b021f7241115872f92f43c6508082facffbd1c048e3c6e2bb9c2a157e28937
- url: https://files.pythonhosted.org/packages/ee/2d/9cdc2b527e127b4c9db64b86647d567985940ac3698eeabc7ffaccb4ea61/chardet-4.0.0.tar.gz
filename: chardet-4.0.0.tar.gz
validation:
type: sha256
value: 0d6f53a15db4120f2b08c94f11e7d93d2c911ee118b6b30a04ec3ee8310179fa
- url: https://files.pythonhosted.org/packages/06/a9/cd1fd8ee13f73a4d4f491ee219deeeae20afefa914dfb4c130cfc9dc397a/certifi-2020.12.5.tar.gz
filename: certifi-2020.12.5.tar.gz
validation:
type: sha256
value: 1a4995114262bffbc2413b159f2a1a480c969de6e6eb13ee966d470af86af59c
- url: https://files.pythonhosted.org/packages/9f/24/1444ee2c9aee531783c031072a273182109c6800320868ab87675d147a05/idna-3.1.tar.gz
filename: idna-3.1.tar.gz
validation:
type: sha256
value: c5b02147e01ea9920e6b0a3f1f7bb833612d507592c837a6c49552768f4054e1
- url: https://files.pythonhosted.org/packages/b2/26/7af637e6a7e87258b963f1731c5982fb31cd507f0d90d91836e446955d02/cryptography-3.4.7-cp36-abi3-manylinux2014_x86_64.whl
filename: cryptography-3.4.7-cp36-abi3-manylinux2014_x86_64.whl
validation:
type: sha256
value: 1e056c28420c072c5e3cb36e2b23ee55e260cb04eee08f702e0edfec3fb51959
- url: https://files.pythonhosted.org/packages/71/39/171f1c67cd00715f190ba0b100d606d440a28c93c7714febeca8b79af85e/six-1.16.0.tar.gz
filename: six-1.16.0.tar.gz
validation:
type: sha256
value: 1e61c37477a1626458e36f7b1d82aa5c9b094fa4802892072e49de9c60c4c926
- url: https://files.pythonhosted.org/packages/a8/20/025f59f929bbcaa579704f443a438135918484fffaacfaddba776b374563/cffi-1.14.5.tar.gz
filename: cffi-1.14.5.tar.gz
validation:
type: sha256
value: fd78e5fee591709f32ef6edb9a015b4aa1a5022598e36227500c8f4e02328d9c
- url: https://files.pythonhosted.org/packages/0f/86/e19659527668d70be91d0369aeaa055b4eb396b0f387a4f92293a20035bd/pycparser-2.20.tar.gz
filename: pycparser-2.20.tar.gz
validation:
type: sha256
value: 2d475327684562c3a96cc71adf7dc8c4f0565175cf86b6d7a404ff4c771f15f0
maintainers:
- name: "Bryan Pluta"
username: "bpluta"
email: "bpluta@splunk.com"
scripts/checkstate.sh 0 → 100755
View file @ 4acddfea
#!/bin/bash
# Copyright 2018 Splunk
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
#This script is used to retrieve and report the state of the container
#Although not actively in the container, it can be used to check the health
#of the splunk instance
#NOTE: If you plan on running the splunk container while keeping Splunk
# inactive for long periods of time, this script may give misleading
# health results
if [[ "" == "$NO_HEALTHCHECK" ]]; then
if [[ "false" == "$SPLUNKD_SSL_ENABLE" ]]; then
SCHEME="http"
else
SCHEME="https"
fi
#If NO_HEALTHCHECK is NOT defined, then we want the healthcheck
state="$(< $CONTAINER_ARTIFACT_DIR/splunk-container.state)"
case "$state" in
running|started)
curl -m 30 -f -k $SCHEME://localhost:8089/
exit $?
;;
*)
exit 1
esac
else
#If NO_HEALTHCHECK is defined, ignore the healthcheck
exit 0
fi
scripts/createdefaults.py 0 → 100755
View file @ 4acddfea
#! /usr/bin/python
# Copyright 2018-2021 Splunk
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
import os
import six
import sys
import uuid
import random
import base64
splunk_ansible_home = os.environ.get('SPLUNK_ANSIBLE_HOME')
splunk_ansible_inventory = os.path.join(splunk_ansible_home, "inventory")
sys.path.append(os.path.abspath(splunk_ansible_inventory))
splunk_hec_token = os.environ.get("SPLUNK_HEC_TOKEN", None)
splunk_password = os.environ.get("SPLUNK_PASSWORD", None)
splunk_idxc_secret = os.environ.get("SPLUNK_IDXC_SECRET", None)
splunk_idxc_pass4SymmKey = os.environ.get("SPLUNK_IDXC_PASS4SYMMKEY", None)
splunk_shc_secret = os.environ.get("SPLUNK_SHC_SECRET", None)
splunk_shc_pass4SymmKey = os.environ.get("SPLUNK_SHC_PASS4SYMMKEY", None)
def random_generator(size=24):
# Use System Random for
rng = random.SystemRandom()
b = [chr(rng.randrange(256)) for i in range(size)]
s = ''.join(b)
if six.PY2:
s = base64.b64encode(s)
else:
s = base64.b64encode(s.encode()).decode()
return s
# if there are no environment vars set, lets make some safe defaults
if not splunk_hec_token:
tempuuid=uuid.uuid4()
os.environ["SPLUNK_HEC_TOKEN"] = str(tempuuid)
if not splunk_password:
os.environ["SPLUNK_PASSWORD"] = random_generator()
if splunk_idxc_pass4SymmKey:
os.environ["SPLUNK_IDXC_PASS4SYMMKEY"] = os.environ["SPLUNK_IDXC_SECRET"] = splunk_idxc_pass4SymmKey
elif splunk_idxc_secret:
os.environ["SPLUNK_IDXC_PASS4SYMMKEY"] = os.environ["SPLUNK_IDXC_SECRET"] = splunk_idxc_secret
else:
os.environ["SPLUNK_IDXC_PASS4SYMMKEY"] = os.environ["SPLUNK_IDXC_SECRET"] = random_generator()
if splunk_shc_secret:
os.environ["SPLUNK_SHC_PASS4SYMMKEY"] = os.environ["SPLUNK_SHC_SECRET"] = splunk_shc_pass4SymmKey
elif splunk_shc_pass4SymmKey:
os.environ["SPLUNK_SHC_PASS4SYMMKEY"] = os.environ["SPLUNK_SHC_SECRET"] = splunk_shc_secret
else:
os.environ["SPLUNK_SHC_PASS4SYMMKEY"] = os.environ["SPLUNK_SHC_SECRET"] = random_generator()
sys.argv.append("--write-to-stdout")
import environ
environ.main()
scripts/delete_jquery.py 0 → 100644
View file @ 4acddfea
import os
# Check if $SPLUNK_HOME is set. None of this script will work if it's not.
try:
splunk_home = os.environ['SPLUNK_HOME']
except Exception as exception:
print('$SPLUNK_HOME is not set. Please set it and try again. Exception {}'.format(exception))
exit()
root_directory = splunk_home + '/share/splunk/search_mrsparkle/' # root directory should be an absolute path starting from '/'
files_to_delete = [
'exposed/js/build/simplexml/config.js',
'exposed/js/build/simplexml.min/config.js',
'exposed/js/contrib/jquery/jquery.js',
'exposed/js/contrib/jquery-1.8.2.js',
'exposed/js/contrib/jquery-1.8.2.min.js',
'exposed/js/contrib/jquery-2.1.0.js',
'exposed/js/contrib/jquery-2.1.0.min.js',
'exposed/build/single_value/index.js',
'exposed/build/pages/enterprise/dashboard.js',
'exposed/build/pages/lite/dashboard.js',
'exposed/build/pages/dark/dashboard.js',
'exposed/build/pdf_mapping/index.js',
'exposed/build/simplexml/index.js',
'exposed/build/jscharting/index.js',
'templates/pages/dashboard.html'
]
for filename in files_to_delete:
file_path = os.path.join(root_directory, filename)
try:
if os.path.isfile(file_path) or os.path.islink(file_path):
if not os.access(file_path, os.W_OK): # if there is no sufficient permissions, set it.
os.chmod(file_path, 0o777) # python 3.7 syntax
else:
print('Could not set permissions for file {}'.format(file_path))
continue
os.remove(file_path)
print('Successfully removed file {}'.format(file_path))
else:
print('File {} not found. Unable to delete.'.format(file_path))
except Exception as e:
print('Failed to delete {}. Reason: {}'.format(file_path, e))
scripts/entrypoint.sh 0 → 100755
View file @ 4acddfea
#!/bin/bash
# Copyright 2018-2021 Splunk
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
set -e
setup() {
# Check if the user accepted the license
if [[ "$SPLUNK_START_ARGS" != *"--accept-license"* ]]; then
printf "License not accepted, please ensure the environment variable SPLUNK_START_ARGS contains the '--accept-license' flag\n"
printf "For example: docker run -e SPLUNK_START_ARGS=--accept-license -e SPLUNK_PASSWORD splunk/splunk\n\n"
printf "For additional information and examples, see the help: docker run -it splunk/splunk help\n"
exit 1
fi
}
teardown() {
# Always run the stop command on termination
${SPLUNK_HOME}/bin/splunk stop 2>/dev/null || true
}
trap teardown SIGINT SIGTERM
prep_ansible() {
cd ${SPLUNK_ANSIBLE_HOME}
if [ `whoami` == "${SPLUNK_USER}" ]; then
sed -i -e "s,^become\\s*=.*,become = false," ansible.cfg
fi
if [[ "$DEBUG" == "true" ]]; then
ansible-playbook --version
python inventory/environ.py --write-to-file
cat /opt/container_artifact/ansible_inventory.json 2>/dev/null
cat /opt/ansible/inventory/messages.txt 2>/dev/null || true
echo
fi
}
watch_for_failure(){
if [[ $? -eq 0 ]]; then
sh -c "echo 'started' > ${CONTAINER_ARTIFACT_DIR}/splunk-container.state"
fi
echo ===============================================================================
echo
user_permission_change
if [ `whoami` != "${SPLUNK_USER}" ]; then
RUN_AS_SPLUNK="sudo -u ${SPLUNK_USER}"
fi
# Any crashes/errors while Splunk is running should get logged to splunkd_stderr.log and sent to the container's stdout
if [ -z "$SPLUNK_TAIL_FILE" ]; then
echo Ansible playbook complete, will begin streaming splunkd_stderr.log
${RUN_AS_SPLUNK} tail -n 0 -f ${SPLUNK_HOME}/var/log/splunk/splunkd_stderr.log &
else
echo Ansible playbook complete, will begin streaming ${SPLUNK_TAIL_FILE}
${RUN_AS_SPLUNK} tail -n 0 -f ${SPLUNK_TAIL_FILE} &
fi
wait
}
create_defaults() {
createdefaults.py
}
start_and_exit() {
if [ -z "$SPLUNK_PASSWORD" ]
then
echo "WARNING: No password ENV var. Stack may fail to provision if splunk.password is not set in ENV or a default.yml"
fi
sh -c "echo 'starting' > ${CONTAINER_ARTIFACT_DIR}/splunk-container.state"
setup
prep_ansible
ansible-playbook $ANSIBLE_EXTRA_FLAGS -i inventory/environ.py -l localhost site.yml
}
start() {
trap teardown EXIT
start_and_exit
watch_for_failure
}
configure_multisite() {
prep_ansible
ansible-playbook $ANSIBLE_EXTRA_FLAGS -i inventory/environ.py -l localhost multisite.yml
}
restart(){
trap teardown EXIT
sh -c "echo 'restarting' > ${CONTAINER_ARTIFACT_DIR}/splunk-container.state"
prep_ansible
${SPLUNK_HOME}/bin/splunk stop 2>/dev/null || true
ansible-playbook -i inventory/environ.py -l localhost start.yml
watch_for_failure
}
user_permission_change(){
if [[ "$STEPDOWN_ANSIBLE_USER" == "true" ]]; then
bash -c "sudo deluser -q ansible sudo"
fi
}
help() {
cat << EOF
____ _ _ __
/ ___| _ __ | |_ _ _ __ | | __ \ \\
\___ \| '_ \| | | | | '_ \| |/ / \ \\
___) | |_) | | |_| | | | | < / /
|____/| .__/|_|\__,_|_| |_|_|\_\ /_/
|_|
========================================
Environment Variables:
* SPLUNK_USER - user under which to run Splunk (default: splunk)
* SPLUNK_GROUP - group under which to run Splunk (default: splunk)
* SPLUNK_HOME - home directory where Splunk gets installed (default: /opt/splunk)
* SPLUNK_START_ARGS - arguments to pass into the Splunk start command; you must include '--accept-license' to start Splunk (default: none)
* SPLUNK_PASSWORD - password to log into this Splunk instance, you must include a password (default: none)
* SPLUNK_ROLE - the role of this Splunk instance (default: splunk_standalone)
Acceptable values:
- splunk_standalone
- splunk_search_head
- splunk_indexer
- splunk_deployer
- splunk_license_master
- splunk_cluster_master
- splunk_heavy_forwarder
* SPLUNK_LICENSE_URI - URI or local file path (absolute path in the container) to a Splunk license
* SPLUNK_STANDALONE_URL, SPLUNK_INDEXER_URL, ... - comma-separated list of resolvable aliases to properly bring-up a distributed environment.
This is optional for standalones, but required for multi-node Splunk deployments.
* SPLUNK_BUILD_URL - URL to a Splunk build which will be installed (instead of the image's default build)
* SPLUNK_APPS_URL - comma-separated list of URLs to Splunk apps which will be downloaded and installed
Examples:
* docker run -it -e SPLUNK_PASSWORD=helloworld -p 8000:8000 splunk/splunk start
* docker run -it -e SPLUNK_START_ARGS=--accept-license -e SPLUNK_PASSWORD=helloworld -p 8000:8000 -p 8089:8089 splunk/splunk start
* docker run -it -e SPLUNK_START_ARGS=--accept-license -e SPLUNK_LICENSE_URI=http://example.com/splunk.lic -e SPLUNK_PASSWORD=helloworld -p 8000:8000 splunk/splunk start
* docker run -it -e SPLUNK_START_ARGS=--accept-license -e SPLUNK_INDEXER_URL=idx1,idx2 -e SPLUNK_SEARCH_HEAD_URL=sh1,sh2 -e SPLUNK_ROLE=splunk_search_head --hostname sh1 --network splunknet --network-alias sh1 -e SPLUNK_PASSWORD=helloworld -e SPLUNK_LICENSE_URI=http://example.com/splunk.lic splunk/splunk start
EOF
exit 1
}
case "$1" in
start|start-service)
shift
start $@
;;
start-and-exit)
shift
start_and_exit $@
;;
configure-multisite)
shift
configure_multisite $0
;;
create-defaults)
create_defaults
;;
restart)
shift
restart $@
;;
no-provision)
user_permission_change
tail -n 0 -f /etc/hosts &
wait
;;
bash|splunk-bash)
/bin/bash --init-file ${SPLUNK_HOME}/bin/setSplunkEnv
;;
help)
shift
help $@
;;
*)
shift
help $@
;;
esac
scripts/install.sh 0 → 100755
View file @ 4acddfea
#!/bin/bash
# Copyright 2021 Splunk
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
set -e
# reinstalling local en def for now, removed in minimal image https://bugzilla.redhat.com/show_bug.cgi?id=1665251
microdnf -y --nodocs install glibc-langpack-en
#Currently there is no access to the UTF-8 char map, the following command is commented out until
#the base container can generate the locale
#localedef -i en_US -c -f UTF-8 -A /usr/share/locale/locale.alias en_US.UTF-8
#We get around the gen above by forcing the language install, and then point to it.
export LANG=en_US.utf8
#update all packages to reduce vulnerabilites
microdnf -y --nodocs install sudo shadow-utils procps tar tzdata make gcc \
openssl-devel bzip2-devel libffi-devel findutils
microdnf -y --nodocs update gnutls kernel-headers librepo libnghttp2 tzdata nettle
#to account for not using BusyBox
microdnf -y --nodocs install iputils hostname psmisc net-tools bind-utils ncurses findutils
#Install Python and necessary packages
PY_SHORT=${PYTHON_VERSION%.*}
mkdir -p /tmp/pyinstall
tar -xzC /tmp/pyinstall/ --strip-components=1 -f /tmp/python.tgz
rm /tmp/python.tgz
cd /tmp/pyinstall
./configure --enable-optimizations --prefix=/usr --with-ensurepip=install
make altinstall LDFLAGS="-Wl,--strip-all"
rm -rf /tmp/pyinstall
ln -sf /usr/bin/python${PY_SHORT} /usr/bin/python
ln -sf /usr/bin/pip${PY_SHORT} /usr/bin/pip
# Install splunk-ansible dependencies
cd /
pip --no-cache-dir install --no-deps --no-index cffi-1.14.5.tar.gz six-1.16.0.tar.gz wheel-0.36.2.tar.gz \
requests-2.25.1.tar.gz cryptography-3.4.7-cp36-abi3-manylinux2014_x86_64.whl \
jmespath-0.10.0.tar.gz Jinja2-3.0.0.tar.gz MarkupSafe-2.0.1.tar.gz PyYAML-5.4.1-cp37-cp37m-manylinux1_x86_64.whl \
pycparser-2.20.tar.gz urllib3-1.26.4.tar.gz chardet-4.0.0.tar.gz certifi-2020.12.5.tar.gz \
idna-3.1.tar.gz pyparsing-2.4.7.tar.gz packaging-20.9-py2.py3-none-any.whl resolvelib-0.5.4-py2.py3-none-any.whl ansible-core-2.11.1.tar.gz \
ansible-4.0.0.tar.gz --upgrade
# Remove tests packaged in python libs
find /usr/lib/ -depth \( -type d -a -not -wholename '*/ansible/plugins/test' -a \( -name test -o -name tests -o -name idle_test \) \) -exec rm -rf '{}' \;
find /usr/lib/ -depth \( -type f -a -name '*.pyc' -o -name '*.pyo' -o -name '*.a' \) -exec rm -rf '{}' \;
find /usr/lib/ -depth \( -type f -a -name 'wininst-*.exe' \) -exec rm -rf '{}' \;
ldconfig
microdnf remove -y make gcc openssl-devel bzip2-devel libffi-devel findutils cpp binutils \
glibc-devel keyutils-libs-devel krb5-devel libcom_err-devel libselinux-devel \
libsepol-devel libverto-devel libxcrypt-devel pcre2-devel zlib-devel
microdnf clean all
cd /bin
chmod u+s /usr/sbin/ping
groupadd sudo
#Clean
microdnf clean all
rm -rf /install.sh /anaconda-post.log /var/log/anaconda/*
scripts/make-minimal-exclude.py 0 → 100755
View file @ 4acddfea
#!/usr/bin/python
import re, sys
EXCLUDE_V7 = """*-manifest
*/bin/installit.py
*/bin/jars/*
*/bin/jsmin*
*/bin/*mongo*
*/3rdparty/Copyright-for-mongo*
*/bin/node*
*/bin/pcregextest*
*/etc/*.lic*
*/etc/anonymizer*
*/etc/apps/SplunkForwarder*
*/etc/apps/SplunkLightForwarder*
*/etc/apps/launcher*
*/etc/apps/legacy*
*/etc/apps/sample_app*
*/etc/apps/appsbrowser*
*/etc/apps/alert_webhook*
*/etc/apps/splunk_archiver*
*/etc/apps/splunk_monitoring_console*
*/lib/node_modules*
*/share/splunk/app_templates*
*/share/splunk/authScriptSamples*
*/share/splunk/diag
*/share/splunk/mbtiles*
*/share/splunk/migration*
*/share/splunk/pdf*
*mrsparkle*"""
m = re.match(".*splunk-([0-9]+)\.([0-9]+)\.[0-9]+\.?[0-9]?-[0-9a-z]+-Linux-[0-9a-z_-]+.tgz", sys.argv[1])
if m and m.group(1):
print(EXCLUDE_V7)
if int(m.group(1)) == 7:
print("*/bin/parsetest*")
if int(m.group(2)) < 3:
print("*/etc/apps/framework*")
print("*/etc/apps/gettingstarted*")
else:
print("*/etc/apps/splunk_metrics_workspace*")
elif int(m.group(1)) > 7:
print("*/etc/apps/splunk_metrics_workspace*")
if int(m.group(2)) < 1:
print("*/bin/parsetest*")
scripts/updateetc.sh 0 → 100755
View file @ 4acddfea
#!/bin/bash
# Copyright 2018-2020 Splunk
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
SPLUNK_ETC_BAK="${SPLUNK_ETC_BAK:-/opt/splunk-etc}"
if [[ -f "${SPLUNK_ETC_BAK}/splunk.version" ]]; then
IMAGE_VERSION_SHA=`cat ${SPLUNK_ETC_BAK}/splunk.version | sha512sum`
if [[ -f "${SPLUNK_HOME}/etc/splunk.version" ]]; then
ETC_VERSION_SHA=`cat ${SPLUNK_HOME}/etc/splunk.version | sha512sum`
fi
if [[ "x${IMAGE_VERSION_SHA}" != "x${ETC_VERSION_SHA}" ]]; then
echo Updating ${SPLUNK_HOME}/etc
(cd ${SPLUNK_ETC_BAK}; tar cf - *) | (cd ${SPLUNK_HOME}/etc; tar xf -)
fi
fi
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment

UNCLASSIFIED