From b8b1867e525a6974b0e95644d822e5401e50580f Mon Sep 17 00:00:00 2001 From: William Wernert Date: Thu, 23 Sep 2021 12:43:23 -0400 Subject: [PATCH 1/6] Tell user what soup is doing at end of upgrade --- salt/common/tools/sbin/soup | 3 +++ 1 file changed, 3 insertions(+) diff --git a/salt/common/tools/sbin/soup b/salt/common/tools/sbin/soup index d53dcd73c..828f5c741 100755 --- a/salt/common/tools/sbin/soup +++ b/salt/common/tools/sbin/soup @@ -1016,6 +1016,7 @@ main() { [[ $is_airgap -eq 0 ]] && unmount_update thehive_maint + echo "Checking the number of minions." NUM_MINIONS=$(ls /opt/so/saltstack/local/pillar/minions/*_*.sls | wc -l) if [[ $UPGRADESALT -eq 1 ]] && [[ $NUM_MINIONS -gt 1 ]]; then if [[ $is_airgap -eq 0 ]]; then @@ -1026,8 +1027,10 @@ main() { fi fi + echo "Checking for local modifications." check_local_mods + echo "Checking sudoers file." check_sudoers if [[ -n $lsl_msg ]]; then From a01d49981c5d39fa9bb7334767000f2d889ecb48 Mon Sep 17 00:00:00 2001 From: William Wernert Date: Thu, 23 Sep 2021 12:45:44 -0400 Subject: [PATCH 2/6] Redirect thehive/cortex migrate curl output to soup log --- salt/common/tools/sbin/soup | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/salt/common/tools/sbin/soup b/salt/common/tools/sbin/soup index 828f5c741..6cdeda97f 100755 --- a/salt/common/tools/sbin/soup +++ b/salt/common/tools/sbin/soup @@ -704,8 +704,8 @@ thehive_maint() { done if [ "$THEHIVE_CONNECTED" == "yes" ]; then echo "Migrating thehive databases if needed." - curl -v -k -XPOST -L "https://localhost/thehive/api/maintenance/migrate" - curl -v -k -XPOST -L "https://localhost/cortex/api/maintenance/migrate" + curl -v -k -XPOST -L "https://localhost/thehive/api/maintenance/migrate" &> "$SOUP_LOG" + curl -v -k -XPOST -L "https://localhost/cortex/api/maintenance/migrate" &> "$SOUP_LOG" fi } From 8a9dcb7fdbe4191b53b0c13870994fb46e715ac2 Mon Sep 17 00:00:00 2001 From: William Wernert Date: Thu, 23 Sep 2021 12:47:22 -0400 Subject: [PATCH 3/6] Fix "upgrade to" message Only specify "to" version and change when the upgrade message occurs --- salt/common/tools/sbin/soup | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/salt/common/tools/sbin/soup b/salt/common/tools/sbin/soup index 6cdeda97f..180fa7c38 100755 --- a/salt/common/tools/sbin/soup +++ b/salt/common/tools/sbin/soup @@ -992,8 +992,6 @@ main() { set +e salt-call state.highstate -l info queue=True set -e - echo "" - echo "Upgrade from $INSTALLEDVERSION to $NEWVERSION complete." echo "" echo "Stopping Salt Master to remove ACL" @@ -1016,6 +1014,8 @@ main() { [[ $is_airgap -eq 0 ]] && unmount_update thehive_maint + echo "" + echo "Upgrade to $NEWVERSION complete." echo "Checking the number of minions." NUM_MINIONS=$(ls /opt/so/saltstack/local/pillar/minions/*_*.sls | wc -l) if [[ $UPGRADESALT -eq 1 ]] && [[ $NUM_MINIONS -gt 1 ]]; then From b44358fc26a58099c2d449cd998b09f7b3037309 Mon Sep 17 00:00:00 2001 From: William Wernert Date: Thu, 23 Sep 2021 12:49:42 -0400 Subject: [PATCH 4/6] Add `set +e` after final upgrade steps and before post-upgrade checks --- salt/common/tools/sbin/soup | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/salt/common/tools/sbin/soup b/salt/common/tools/sbin/soup index 180fa7c38..fd325b8a4 100755 --- a/salt/common/tools/sbin/soup +++ b/salt/common/tools/sbin/soup @@ -1016,6 +1016,10 @@ main() { echo "" echo "Upgrade to $NEWVERSION complete." + + # Everything beyond this is post-upgrade checking, don't fail past this point if something here causes an error + set +e + echo "Checking the number of minions." NUM_MINIONS=$(ls /opt/so/saltstack/local/pillar/minions/*_*.sls | wc -l) if [[ $UPGRADESALT -eq 1 ]] && [[ $NUM_MINIONS -gt 1 ]]; then From 8b905b585d654795cc65b12cdda555d605eeadd3 Mon Sep 17 00:00:00 2001 From: William Wernert Date: Thu, 23 Sep 2021 12:55:06 -0400 Subject: [PATCH 5/6] Fix redirect to append --- salt/common/tools/sbin/soup | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/salt/common/tools/sbin/soup b/salt/common/tools/sbin/soup index fd325b8a4..4ef0d9185 100755 --- a/salt/common/tools/sbin/soup +++ b/salt/common/tools/sbin/soup @@ -704,8 +704,8 @@ thehive_maint() { done if [ "$THEHIVE_CONNECTED" == "yes" ]; then echo "Migrating thehive databases if needed." - curl -v -k -XPOST -L "https://localhost/thehive/api/maintenance/migrate" &> "$SOUP_LOG" - curl -v -k -XPOST -L "https://localhost/cortex/api/maintenance/migrate" &> "$SOUP_LOG" + curl -v -k -XPOST -L "https://localhost/thehive/api/maintenance/migrate" &>> "$SOUP_LOG" + curl -v -k -XPOST -L "https://localhost/cortex/api/maintenance/migrate" &>> "$SOUP_LOG" fi } From f8bea824301b0e75c1f64ec58ce05271b85ef27d Mon Sep 17 00:00:00 2001 From: William Wernert Date: Thu, 23 Sep 2021 12:57:08 -0400 Subject: [PATCH 6/6] Make redirect consistent with setup --- salt/common/tools/sbin/soup | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/salt/common/tools/sbin/soup b/salt/common/tools/sbin/soup index 4ef0d9185..caea21866 100755 --- a/salt/common/tools/sbin/soup +++ b/salt/common/tools/sbin/soup @@ -704,8 +704,8 @@ thehive_maint() { done if [ "$THEHIVE_CONNECTED" == "yes" ]; then echo "Migrating thehive databases if needed." - curl -v -k -XPOST -L "https://localhost/thehive/api/maintenance/migrate" &>> "$SOUP_LOG" - curl -v -k -XPOST -L "https://localhost/cortex/api/maintenance/migrate" &>> "$SOUP_LOG" + curl -v -k -XPOST -L "https://localhost/thehive/api/maintenance/migrate" >> "$SOUP_LOG" 2>&1 + curl -v -k -XPOST -L "https://localhost/cortex/api/maintenance/migrate" >> "$SOUP_LOG" 2>&1 fi }