CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

soup_scripts put so-yaml in salt file system. move soup scripts to manager.soup_scripts

Browse Source
This commit is contained in:
m0duspwnens
2024-05-15 10:07:06 -04:00
parent e76c2c95a9
commit 2dbbe8dec4
2 changed files with 18 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
salt/common/soup_scripts.sls → salt/manager/soup_scripts.sls
View File

@@ -1,3 +1,8 @@
# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one
# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at
# https://securityonion.net/license; you may not use this file except in compliance with the
# Elastic License 2.0.
{% if '2.4' in salt['cp.get_file_str']('/etc/soversion') %} {% if '2.4' in salt['cp.get_file_str']('/etc/soversion') %}
{% import_yaml '/opt/so/saltstack/local/pillar/global/soc_global.sls' as SOC_GLOBAL %} {% import_yaml '/opt/so/saltstack/local/pillar/global/soc_global.sls' as SOC_GLOBAL %}
@@ -15,6 +20,8 @@ remove_common_so-firewall:
file.absent: file.absent:
- name: /opt/so/saltstack/default/salt/common/tools/sbin/so-firewall - name: /opt/so/saltstack/default/salt/common/tools/sbin/so-firewall
# This section is used to put the scripts in place in the Salt file system
# in case a state run tries to overwrite what we do in the next section.
copy_so-common_common_tools_sbin: copy_so-common_common_tools_sbin:
file.copy: file.copy:
- name: /opt/so/saltstack/default/salt/common/tools/sbin/so-common - name: /opt/so/saltstack/default/salt/common/tools/sbin/so-common
@@ -43,6 +50,15 @@ copy_so-firewall_manager_tools_sbin:
- force: True - force: True
- preserve: True - preserve: True
copy_so-yaml_manager_tools_sbin:
file.copy:
- name: /opt/so/saltstack/default/salt/manager/tools/sbin/so-yaml.py
- source: {{UPDATE_DIR}}/salt/manager/tools/sbin/so-yaml.py
- force: True
- preserve: True
# This section is used to put the new script in place so that it can be called during soup.
# It is faster than calling the states that normally manage them to put them in place.
copy_so-common_sbin: copy_so-common_sbin:
file.copy: file.copy:
- name: /usr/sbin/so-common - name: /usr/sbin/so-common

4
salt/manager/tools/sbin/soup
View File

@@ -907,7 +907,7 @@ verify_latest_update_script() {
else else
echo "You are not running the latest soup version. Updating soup and its components. This might take multiple runs to complete." echo "You are not running the latest soup version. Updating soup and its components. This might take multiple runs to complete."
salt-call state.apply common.soup_scripts queue=True -lerror --file-root=$UPDATE_DIR/salt --local --out-file=/dev/null salt-call state.apply manager.soup_scripts queue=True -lerror --file-root=$UPDATE_DIR/salt --local --out-file=/dev/null
# Verify that soup scripts updated as expected # Verify that soup scripts updated as expected
get_soup_script_hashes get_soup_script_hashes
@@ -915,7 +915,7 @@ verify_latest_update_script() {
echo "Succesfully updated soup scripts." echo "Succesfully updated soup scripts."
else else
echo "There was a problem updating soup scripts. Trying to rerun script update." echo "There was a problem updating soup scripts. Trying to rerun script update."
salt-call state.apply common.soup_scripts queue=True -linfo --file-root=$UPDATE_DIR/salt --local salt-call state.apply manager.soup_scripts queue=True -linfo --file-root=$UPDATE_DIR/salt --local
fi fi
echo "" echo ""