Refactor hive and cortex init to use wait loops instead of hardcoded sleeps

salt/thehive/scripts/cortex_init

@@ -8,6 +8,8 @@
 # {%- set CORTEXORGUSER = salt['pillar.get']('global:cortexorguser', 'soadmin') %}
 # {%- set CORTEXORGUSERKEY = salt['pillar.get']('global:cortexorguserkey', '') %}
 
+. /usr/sbin/so-common
+
 default_salt_dir=/opt/so/saltstack/default
 
 cortex_clean(){
@@ -17,7 +19,8 @@ cortex_clean(){
 }
 
 cortex_init(){
-    CORTEX_API_URL="{{URLBASE}}/cortex/api"
+    CORTEX_URL="{{URLBASE}}/cortex"
+    CORTEX_API_URL="{{CORTEX_URL}}/api"
     CORTEX_USER="{{CORTEXUSER}}"
     CORTEX_PASSWORD="{{CORTEXPASSWORD}}"
     CORTEX_KEY="{{CORTEXKEY}}"    
@@ -27,47 +30,45 @@ cortex_init(){
     CORTEX_ORG_USER_KEY="{{CORTEXORGUSERKEY}}"
     SOCTOPUS_CONFIG="$default_salt_dir/salt/soctopus/files/SOCtopus.conf"
 
+    if wait_for_web_response https://$CORTEX_URL "Cortex"; then
+        # Migrate DB
+        curl -v -k -XPOST -L "https://$CORTEX_API_URL/maintenance/migrate"
 
-    # Migrate DB
-    curl -v -k -XPOST -L "https://$CORTEX_API_URL/maintenance/migrate"
+        # Create intial Cortex superadmin
+        curl -v -k -L "https://$CORTEX_API_URL/user" -H "Content-Type: application/json" -d "{\"login\" : \"$CORTEX_USER\",\"name\" : \"$CORTEX_USER\",\"roles\" : [\"superadmin\"],\"preferences\" : \"{}\",\"password\" : \"$CORTEX_PASSWORD\", \"key\": \"$CORTEX_KEY\"}"
 
-    # Create intial Cortex superadmin
-    curl -v -k -L "https://$CORTEX_API_URL/user" -H "Content-Type: application/json" -d "{\"login\" : \"$CORTEX_USER\",\"name\" : \"$CORTEX_USER\",\"roles\" : [\"superadmin\"],\"preferences\" : \"{}\",\"password\" : \"$CORTEX_PASSWORD\", \"key\": \"$CORTEX_KEY\"}"
+        # Create user-supplied org
+        curl -k -XPOST -H "Authorization: Bearer $CORTEX_KEY" -H "Content-Type: application/json" -L "https://$CORTEX_API_URL/organization" -d "{  \"name\": \"$CORTEX_ORG_NAME\",\"description\": \"$CORTEX_ORG_DESC\",\"status\": \"Active\"}"
+        
+        # Create user-supplied org user
+        curl -k -XPOST -H "Authorization: Bearer $CORTEX_KEY" -H "Content-Type: application/json" -L "https://$CORTEX_API_URL/user" -d "{\"name\": \"$CORTEX_ORG_USER\",\"roles\": [\"read\",\"analyze\",\"orgadmin\"],\"organization\": \"$CORTEX_ORG_NAME\",\"login\": \"$CORTEX_ORG_USER\",\"key\": \"$CORTEX_ORG_USER_KEY\" }"
 
-    # Create user-supplied org
-    curl -k -XPOST -H "Authorization: Bearer $CORTEX_KEY" -H "Content-Type: application/json" -L "https://$CORTEX_API_URL/organization" -d "{  \"name\": \"$CORTEX_ORG_NAME\",\"description\": \"$CORTEX_ORG_DESC\",\"status\": \"Active\"}"
-    
-    # Create user-supplied org user
-    curl -k -XPOST -H "Authorization: Bearer $CORTEX_KEY" -H "Content-Type: application/json" -L "https://$CORTEX_API_URL/user" -d "{\"name\": \"$CORTEX_ORG_USER\",\"roles\": [\"read\",\"analyze\",\"orgadmin\"],\"organization\": \"$CORTEX_ORG_NAME\",\"login\": \"$CORTEX_ORG_USER\",\"key\": \"$CORTEX_ORG_USER_KEY\" }"
+        # Enable URLScan.io Analyzer
+        curl -v -k -XPOST -H "Authorization: Bearer $CORTEX_ORG_USER_KEY" -H "Content-Type: application/json" -L "https://$CORTEX_API_URL/organization/analyzer/Urlscan_io_Search_0_1_0" -d '{"name":"Urlscan_io_Search_0_1_0","configuration":{"auto_extract_artifacts":false,"check_tlp":true,"max_tlp":2}}'
 
-    # Enable URLScan.io Analyzer
-    curl -v -k -XPOST -H "Authorization: Bearer $CORTEX_ORG_USER_KEY" -H "Content-Type: application/json" -L "https://$CORTEX_API_URL/organization/analyzer/Urlscan_io_Search_0_1_0" -d '{"name":"Urlscan_io_Search_0_1_0","configuration":{"auto_extract_artifacts":false,"check_tlp":true,"max_tlp":2}}'
+        # Enable Cert PassiveDNS Analyzer
+        curl -v -k -XPOST -H "Authorization: Bearer $CORTEX_ORG_USER_KEY" -H "Content-Type: application/json" -L "https://$CORTEX_API_URL/organization/analyzer/CERTatPassiveDNS_2_0" -d '{"name":"CERTatPassiveDNS_2_0","configuration":{"auto_extract_artifacts":false,"check_tlp":true,"max_tlp":2, "limit": 100}}'
+    	
+        # Revoke $CORTEX_USER key
+        curl -k -XDELETE -H "Authorization: Bearer $CORTEX_KEY" -L "https://$CORTEX_API_URL/user/$CORTEX_USER/key" 
 
-    # Enable Cert PassiveDNS Analyzer
-    curl -v -k -XPOST -H "Authorization: Bearer $CORTEX_ORG_USER_KEY" -H "Content-Type: application/json" -L "https://$CORTEX_API_URL/organization/analyzer/CERTatPassiveDNS_2_0" -d '{"name":"CERTatPassiveDNS_2_0","configuration":{"auto_extract_artifacts":false,"check_tlp":true,"max_tlp":2, "limit": 100}}'
-	
-    # Revoke $CORTEX_USER key
-    curl -k -XDELETE -H "Authorization: Bearer $CORTEX_KEY" -L "https://$CORTEX_API_URL/user/$CORTEX_USER/key" 
+        # Update SOCtopus config with apikey value
+        #sed -i "s/cortex_key = .*/cortex_key = $CORTEX_KEY/" $SOCTOPUS_CONFIG
 
-    # Update SOCtopus config with apikey value
-    #sed -i "s/cortex_key = .*/cortex_key = $CORTEX_KEY/" $SOCTOPUS_CONFIG
-
-    touch /opt/so/state/cortex.txt
+        touch /opt/so/state/cortex.txt
+    else
+        echo "We experienced an issue connecting to Cortex!"
+    fi
 }
 
 if [ -f /opt/so/state/cortex.txt ]; then
     cortex_clean
     exit 0
 else
-    rm -f garbage_file
-    while ! wget -O garbage_file {{MANAGERIP}}:9500 2>/dev/null
-    do
-      echo "Waiting for Elasticsearch..."
-      rm -f garbage_file
-      sleep 1
-    done
-    rm -f garbage_file
-    sleep 5
-    cortex_init
-    cortex_clean
+    if wait_for_web_response http://{{MANAGERIP}}:9400 '"status":"green"'; then
+        cortex_init
+        cortex_clean
+    else
+        echo "TheHive Elasticsearch server is not ready; unable to proceed with cortex init."
+    fi
 fi