From 65d994a2f8ec2a0f784ef198855978d58c14dc65 Mon Sep 17 00:00:00 2001
From: William Wernert <william.wernert@securityonionsolutions.com>
Date: Tue, 8 Dec 2020 14:02:45 -0500
Subject: [PATCH] [feat] Generate gzipped tarball of repo during setup and soup

---
 salt/common/tools/sbin/soup | 9 +++++++++
 setup/so-functions          | 4 ++++
 setup/so-setup              | 7 ++++++-
 3 files changed, 19 insertions(+), 1 deletion(-)

diff --git a/salt/common/tools/sbin/soup b/salt/common/tools/sbin/soup
index 27439a137..da534281e 100755
--- a/salt/common/tools/sbin/soup
+++ b/salt/common/tools/sbin/soup
@@ -155,6 +155,13 @@ copy_new_files() {
   cd /tmp
 }
 
+generate_and_clean_tarballs() {
+  local new_version
+  new_version=$(cat $UPDATE_DIR/VERSION)
+  tar -cxf "/opt/so/repo/$new_version.tar.gz" "$UPDATE_DIR"
+  find "/opt/so/repo" -type f -not -name "$new_version.tar.gz" -exec rm -rf {} \;
+}
+
 highstate() {
   # Run a highstate.
   salt-call state.highstate -l info queue=True
@@ -417,6 +424,8 @@ else
   echo "Cloning Security Onion github repo into $UPDATE_DIR."
   clone_to_tmp
 fi
+echo "Generating new repo archive"
+generate_and_clean_tarballs
 if [ -f /usr/sbin/so-image-common ]; then
   . /usr/sbin/so-image-common
 else 
diff --git a/setup/so-functions b/setup/so-functions
index dffc52b4f..a95fe55b1 100755
--- a/setup/so-functions
+++ b/setup/so-functions
@@ -972,6 +972,10 @@ generate_passwords(){
   KRATOSKEY=$(tr -dc 'a-zA-Z0-9' < /dev/urandom  | fold -w 20 | head -n 1)
 }
 
+generate_repo_tarball() {
+	tar -czf /opt/so/repo/"$SOVERSION".tar.gz ../.
+}
+
 get_redirect() {
 	whiptail_set_redirect
 	if [ "$REDIRECTINFO" = "OTHER" ]; then
diff --git a/setup/so-setup b/setup/so-setup
index 4260f813e..b60b99eca 100755
--- a/setup/so-setup
+++ b/setup/so-setup
@@ -791,10 +791,15 @@ else
 	{
 		export percentage=95 # set to last percentage used in previous subshell
 		if [[ -n $ALLOW_ROLE && -n $ALLOW_CIDR ]]; then 
-			set_progress_str 98 "Running so-allow -${ALLOW_ROLE} for ${ALLOW_CIDR}"
+			set_progress_str 97 "Running so-allow -${ALLOW_ROLE} for ${ALLOW_CIDR}"
 			IP=$ALLOW_CIDR so-allow -$ALLOW_ROLE >> $setup_log 2>&1
 		fi
 
+		if [[ $is_manager ]]; then
+			set_progress_str 98 "Generating archive for setup directory"
+			generate_repo_tarball
+		fi
+
 		if [[ $THEHIVE == 1 ]]; then 
 			set_progress_str 99 'Waiting for TheHive to start up'
 			check_hive_init >> $setup_log 2>&1