From 41f00c0aa1c1f657161ec7f0e8f42d73fd286946 Mon Sep 17 00:00:00 2001 From: Wes Date: Thu, 13 Jul 2023 14:32:22 +0000 Subject: [PATCH 1/7] Add agent scripts --- .../tools/sbin_jinja/so-elastic-agent-inspect | 16 ++++++++++++++++ .../tools/sbin_jinja/so-elastic-agent-restart | 16 ++++++++++++++++ .../tools/sbin_jinja/so-elastic-agent-start | 17 +++++++++++++++++ .../tools/sbin_jinja/so-elastic-agent-status | 17 +++++++++++++++++ .../tools/sbin_jinja/so-elastic-agent-stop | 17 +++++++++++++++++ .../tools/sbin_jinja/so-elastic-agent-version | 17 +++++++++++++++++ 6 files changed, 100 insertions(+) create mode 100755 salt/elasticfleet/tools/sbin_jinja/so-elastic-agent-inspect create mode 100755 salt/elasticfleet/tools/sbin_jinja/so-elastic-agent-restart create mode 100755 salt/elasticfleet/tools/sbin_jinja/so-elastic-agent-start create mode 100755 salt/elasticfleet/tools/sbin_jinja/so-elastic-agent-status create mode 100755 salt/elasticfleet/tools/sbin_jinja/so-elastic-agent-stop create mode 100755 salt/elasticfleet/tools/sbin_jinja/so-elastic-agent-version diff --git a/salt/elasticfleet/tools/sbin_jinja/so-elastic-agent-inspect b/salt/elasticfleet/tools/sbin_jinja/so-elastic-agent-inspect new file mode 100755 index 000000000..370b70a69 --- /dev/null +++ b/salt/elasticfleet/tools/sbin_jinja/so-elastic-agent-inspect @@ -0,0 +1,16 @@ +#!/bin/bash + +# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one +# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at +# https://securityonion.net/license; you may not use this file except in compliance with the +# Elastic License 2.0. + + + +. /usr/sbin/so-elastic-fleet-common + +{% if grains.role == 'so-heavynode' %} +docker exec so-elastic-agent /bin/elastic-agent inspect +{% else %} +/bin/elastic-agent inspect +{% endif %} diff --git a/salt/elasticfleet/tools/sbin_jinja/so-elastic-agent-restart b/salt/elasticfleet/tools/sbin_jinja/so-elastic-agent-restart new file mode 100755 index 000000000..717df6fbd --- /dev/null +++ b/salt/elasticfleet/tools/sbin_jinja/so-elastic-agent-restart @@ -0,0 +1,16 @@ +#!/bin/bash + +# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one +# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at +# https://securityonion.net/license; you may not use this file except in compliance with the +# Elastic License 2.0. + + + +. /usr/sbin/so-elastic-fleet-common + +{% if grains.role == 'so-heavynode' %} +docker exec so-elastic-agent service elastic-agent restart +{% else %} +service elastic-agent restart +{% endif %} diff --git a/salt/elasticfleet/tools/sbin_jinja/so-elastic-agent-start b/salt/elasticfleet/tools/sbin_jinja/so-elastic-agent-start new file mode 100755 index 000000000..bd4829332 --- /dev/null +++ b/salt/elasticfleet/tools/sbin_jinja/so-elastic-agent-start @@ -0,0 +1,17 @@ +#!/bin/bash + +# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one +# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at +# https://securityonion.net/license; you may not use this file except in compliance with the +# Elastic License 2.0. + + + +. /usr/sbin/so-elastic-fleet-common + +{% if grains.role == 'so-heavynode' %} +docker exec so-elastic-agent service elastic-agent start +{% else %} +service elastic-agent start +{% endif %} + diff --git a/salt/elasticfleet/tools/sbin_jinja/so-elastic-agent-status b/salt/elasticfleet/tools/sbin_jinja/so-elastic-agent-status new file mode 100755 index 000000000..f27c63b9f --- /dev/null +++ b/salt/elasticfleet/tools/sbin_jinja/so-elastic-agent-status @@ -0,0 +1,17 @@ +#!/bin/bash + +# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one +# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at +# https://securityonion.net/license; you may not use this file except in compliance with the +# Elastic License 2.0. + + + +. /usr/sbin/so-elastic-fleet-common + +{% if grains.role == 'so-heavynode' %} +docker exec so-elastic-agent /bin/elastic-agent status +{% else %} +/bin/elastic-agent status +{% endif %} + diff --git a/salt/elasticfleet/tools/sbin_jinja/so-elastic-agent-stop b/salt/elasticfleet/tools/sbin_jinja/so-elastic-agent-stop new file mode 100755 index 000000000..c974d3e06 --- /dev/null +++ b/salt/elasticfleet/tools/sbin_jinja/so-elastic-agent-stop @@ -0,0 +1,17 @@ +#!/bin/bash + +# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one +# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at +# https://securityonion.net/license; you may not use this file except in compliance with the +# Elastic License 2.0. + + + +. /usr/sbin/so-elastic-fleet-common + +{% if grains.role == 'so-heavynode' %} +docker exec so-elastic-agent service elastic-agent stop +{% else %} +service elastic-agent stop +{% endif %} + diff --git a/salt/elasticfleet/tools/sbin_jinja/so-elastic-agent-version b/salt/elasticfleet/tools/sbin_jinja/so-elastic-agent-version new file mode 100755 index 000000000..781250a30 --- /dev/null +++ b/salt/elasticfleet/tools/sbin_jinja/so-elastic-agent-version @@ -0,0 +1,17 @@ +#!/bin/bash + +# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one +# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at +# https://securityonion.net/license; you may not use this file except in compliance with the +# Elastic License 2.0. + + + +. /usr/sbin/so-elastic-fleet-common + +{% if grains.role == 'so-heavynode' %} +docker exec so-elastic-agent /bin/elastic-agent version +{% else %} +/bin/elastic-agent version +{% endif %} + From 8cf3ceeb715d2dd9a6df2f1881d2b45461514772 Mon Sep 17 00:00:00 2001 From: Wes Date: Fri, 14 Jul 2023 21:43:03 +0000 Subject: [PATCH 2/7] Update agent scripts --- salt/elasticagent/config.sls | 18 ++++- .../so-elastic-agent-gen-installers | 70 +++++++++++++++++++ .../tools/sbin_jinja/so-elastic-agent-inspect | 16 +++++ .../so-elastic-agent-restart | 6 ++ .../so-elastic-agent-start | 5 ++ .../tools/sbin_jinja/so-elastic-agent-status | 17 +++++ .../so-elastic-agent-stop | 5 ++ .../tools/sbin_jinja/so-elastic-agent-version | 17 +++++ .../tools/sbin_jinja/so-elastic-agent-inspect | 2 +- .../tools/sbin_jinja/so-elastic-agent-status | 2 +- .../tools/sbin_jinja/so-elastic-agent-version | 2 +- 11 files changed, 156 insertions(+), 4 deletions(-) create mode 100755 salt/elasticagent/tools/sbin_jinja/so-elastic-agent-gen-installers create mode 100755 salt/elasticagent/tools/sbin_jinja/so-elastic-agent-inspect rename salt/elasticagent/tools/{sbin => sbin_jinja}/so-elastic-agent-restart (80%) rename salt/elasticagent/tools/{sbin => sbin_jinja}/so-elastic-agent-start (80%) create mode 100755 salt/elasticagent/tools/sbin_jinja/so-elastic-agent-status rename salt/elasticagent/tools/{sbin => sbin_jinja}/so-elastic-agent-stop (80%) create mode 100755 salt/elasticagent/tools/sbin_jinja/so-elastic-agent-version diff --git a/salt/elasticagent/config.sls b/salt/elasticagent/config.sls index 18d0e482e..d681f1c81 100644 --- a/salt/elasticagent/config.sls +++ b/salt/elasticagent/config.sls @@ -28,6 +28,23 @@ elasticagentconfdir: - group: 939 - makedirs: True +elasticagent_sbin: + file.recurse: + - name: /usr/sbin + - source: salt://elasticagent/tools/sbin + - user: 949 + - group: 939 + - file_mode: 755 + +elasticagent_sbin_jinja: + file.recurse: + - name: /usr/sbin + - source: salt://elasticagent/tools/sbin_jinja + - user: 949 + - group: 939 + - file_mode: 755 + - template: jinja + # Create config create-elastic-agent-config: file.managed: @@ -37,7 +54,6 @@ create-elastic-agent-config: - group: 939 - template: jinja - {% else %} {{sls}}_state_not_allowed: diff --git a/salt/elasticagent/tools/sbin_jinja/so-elastic-agent-gen-installers b/salt/elasticagent/tools/sbin_jinja/so-elastic-agent-gen-installers new file mode 100755 index 000000000..2a19dcbd9 --- /dev/null +++ b/salt/elasticagent/tools/sbin_jinja/so-elastic-agent-gen-installers @@ -0,0 +1,70 @@ +#!/bin/bash + +# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one +# or more contributor license agreements. Licensed under the Elastic License 2.0; you may not use +# this file except in compliance with the Elastic License 2.0. + +#so-elastic-agent-gen-installers $FleetHostURLs $EnrollmentToken + +{% from 'vars/globals.map.jinja' import GLOBALS %} + +. /usr/sbin/so-common +. /usr/sbin/so-elastic-fleet-common + +for i in {1..30} +do + ENROLLMENTOKEN=$(curl -K /opt/so/conf/elasticsearch/curl.config -L "localhost:5601/api/fleet/enrollment_api_keys" -H 'kbn-xsrf: true' -H 'Content-Type: application/json' | jq .list | jq -r -c '.[] | select(.policy_id | contains("endpoints-initial")) | .api_key') + FLEETHOST=$(curl -K /opt/so/conf/elasticsearch/curl.config 'http://localhost:5601/api/fleet/fleet_server_hosts/grid-default' | jq -r '.item.host_urls[]' | paste -sd ',') +if [[ $FLEETHOST ]] && [[ $ENROLLMENTOKEN ]]; then break; else sleep 10; fi +done + +if [[ -z $FLEETHOST ]] || [[ -z $ENROLLMENTOKEN ]]; then + printf "\nFleet Host URL, Enrollment Token or Elastic Version empty - exiting..." + printf "\nFleet Host: $FLEETHOST, Enrollment Token: $ENROLLMENTOKEN\n" + exit +fi + +OSARCH=( "linux-x86_64" "windows-x86_64" "darwin-x86_64" "darwin-aarch64" ) + +printf "\n### Creating a temp directory at /nsm/elastic-agent-workspace\n" +rm -rf /nsm/elastic-agent-workspace +mkdir -p /nsm/elastic-agent-workspace + +printf "\n### Extracting outer tarball and then each individual tarball/zip\n" +tar -xf /nsm/elastic-fleet/artifacts/elastic-agent_SO-$ELASTIC_AGENT_TARBALL_VERSION.tar.gz -C /nsm/elastic-agent-workspace/ +unzip -q /nsm/elastic-agent-workspace/elastic-agent-*.zip -d /nsm/elastic-agent-workspace/ +for archive in /nsm/elastic-agent-workspace/*.tar.gz +do + printf "\nExtracting $archive..." + tar xf "$archive" -C /nsm/elastic-agent-workspace/ +done + +printf "\n### Stripping out unused components" +find /nsm/elastic-agent-workspace/elastic-agent-*/data/elastic-agent-*/components -regex '.*fleet.*\|.*packet.*\|.*apm*.*\|.*audit.*\|.*heart.*\|.*cloud.*' -delete + +printf "\n### Tarring everything up again" +for OS in "${OSARCH[@]}" +do + printf "\nCreating tarball for $OS..." + rm -rf /nsm/elastic-agent-workspace/elastic-agent + mv /nsm/elastic-agent-workspace/elastic-agent-*-$OS /nsm/elastic-agent-workspace/elastic-agent + tar -czf /nsm/elastic-agent-workspace/$OS.tar.gz -C /nsm/elastic-agent-workspace elastic-agent +done + +GOTARGETOS=( "linux" "windows" "darwin" "darwin/arm64" ) +GOARCH="amd64" +printf "\n### Generating OS packages using the cleaned up tarballs" +for GOOS in "${GOTARGETOS[@]}" +do + if [[ $GOOS == 'darwin/arm64' ]]; then GOOS="darwin" && GOARCH="arm64"; fi + printf "\n\n### Generating $GOOS/$GOARCH Installer...\n" + docker run -e CGO_ENABLED=0 -e GOOS=$GOOS -e GOARCH=$GOARCH \ + --mount type=bind,source=/etc/ssl/certs/,target=/workspace/files/cert/ \ + --mount type=bind,source=/nsm/elastic-agent-workspace/,target=/workspace/files/elastic-agent/ \ + --mount type=bind,source=/opt/so/saltstack/local/salt/elasticfleet/files/so_agent-installers/,target=/output/ \ + {{ GLOBALS.registry_host }}:5000/{{ GLOBALS.image_repo }}/so-elastic-agent-builder:{{ GLOBALS.so_version }} go build -ldflags "-X main.fleetHostURLsList=$FLEETHOST -X main.enrollmentToken=$ENROLLMENTOKEN" -o /output/so-elastic-agent_${GOOS}_${GOARCH} + printf "\n### $GOOS/$GOARCH Installer Generated...\n" +done + +printf "\n### Cleaning up temp files in /nsm/elastic-agent-workspace" +rm -rf /nsm/elastic-agent-workspace diff --git a/salt/elasticagent/tools/sbin_jinja/so-elastic-agent-inspect b/salt/elasticagent/tools/sbin_jinja/so-elastic-agent-inspect new file mode 100755 index 000000000..27b4cbbeb --- /dev/null +++ b/salt/elasticagent/tools/sbin_jinja/so-elastic-agent-inspect @@ -0,0 +1,16 @@ +#!/bin/bash + +# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one +# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at +# https://securityonion.net/license; you may not use this file except in compliance with the +# Elastic License 2.0. + + + +. /usr/sbin/so-common + +{% if grains.role == 'so-heavynode' %} +docker exec so-elastic-agent /usr/share/elastic-agent/elastic-agent inspect +{% else %} +/bin/elastic-agent inspect +{% endif %} diff --git a/salt/elasticagent/tools/sbin/so-elastic-agent-restart b/salt/elasticagent/tools/sbin_jinja/so-elastic-agent-restart similarity index 80% rename from salt/elasticagent/tools/sbin/so-elastic-agent-restart rename to salt/elasticagent/tools/sbin_jinja/so-elastic-agent-restart index cb125ce10..00d5421ef 100755 --- a/salt/elasticagent/tools/sbin/so-elastic-agent-restart +++ b/salt/elasticagent/tools/sbin_jinja/so-elastic-agent-restart @@ -5,6 +5,12 @@ # https://securityonion.net/license; you may not use this file except in compliance with the # Elastic License 2.0. + + . /usr/sbin/so-common +{% if grains.role == 'so-heavynode' %} /usr/sbin/so-restart elastic-agent $1 +{% else %} +service elastic-agent restart +{% endif %} diff --git a/salt/elasticagent/tools/sbin/so-elastic-agent-start b/salt/elasticagent/tools/sbin_jinja/so-elastic-agent-start similarity index 80% rename from salt/elasticagent/tools/sbin/so-elastic-agent-start rename to salt/elasticagent/tools/sbin_jinja/so-elastic-agent-start index 294b9ba7a..fc9c50cb6 100755 --- a/salt/elasticagent/tools/sbin/so-elastic-agent-start +++ b/salt/elasticagent/tools/sbin_jinja/so-elastic-agent-start @@ -9,4 +9,9 @@ . /usr/sbin/so-common +{% if grains.role == 'so-heavynode' %} /usr/sbin/so-start elastic-agent $1 +{% else %} +service elastic-agent start +{% endif %} + diff --git a/salt/elasticagent/tools/sbin_jinja/so-elastic-agent-status b/salt/elasticagent/tools/sbin_jinja/so-elastic-agent-status new file mode 100755 index 000000000..2c617c8a8 --- /dev/null +++ b/salt/elasticagent/tools/sbin_jinja/so-elastic-agent-status @@ -0,0 +1,17 @@ +#!/bin/bash + +# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one +# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at +# https://securityonion.net/license; you may not use this file except in compliance with the +# Elastic License 2.0. + + + +. /usr/sbin/so-common + +{% if grains.role == 'so-heavynode' %} +docker exec so-elastic-agent /usr/share/elastic-agent/elastic-agent status +{% else %} +/bin/elastic-agent status +{% endif %} + diff --git a/salt/elasticagent/tools/sbin/so-elastic-agent-stop b/salt/elasticagent/tools/sbin_jinja/so-elastic-agent-stop similarity index 80% rename from salt/elasticagent/tools/sbin/so-elastic-agent-stop rename to salt/elasticagent/tools/sbin_jinja/so-elastic-agent-stop index cbfdcd380..863cb5194 100755 --- a/salt/elasticagent/tools/sbin/so-elastic-agent-stop +++ b/salt/elasticagent/tools/sbin_jinja/so-elastic-agent-stop @@ -9,4 +9,9 @@ . /usr/sbin/so-common +{% if grains.role == 'so-heavynode' %} /usr/sbin/so-stop elastic-agent $1 +{% else %} +service elastic-agent stop +{% endif %} + diff --git a/salt/elasticagent/tools/sbin_jinja/so-elastic-agent-version b/salt/elasticagent/tools/sbin_jinja/so-elastic-agent-version new file mode 100755 index 000000000..6e2cc537e --- /dev/null +++ b/salt/elasticagent/tools/sbin_jinja/so-elastic-agent-version @@ -0,0 +1,17 @@ +#!/bin/bash + +# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one +# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at +# https://securityonion.net/license; you may not use this file except in compliance with the +# Elastic License 2.0. + + + +. /usr/sbin/so-common + +{% if grains.role == 'so-heavynode' %} +docker exec so-elastic-agent /usr/share/elastic-agent/elastic-agent version +{% else %} +/bin/elastic-agent version +{% endif %} + diff --git a/salt/elasticfleet/tools/sbin_jinja/so-elastic-agent-inspect b/salt/elasticfleet/tools/sbin_jinja/so-elastic-agent-inspect index 370b70a69..2ad0a3379 100755 --- a/salt/elasticfleet/tools/sbin_jinja/so-elastic-agent-inspect +++ b/salt/elasticfleet/tools/sbin_jinja/so-elastic-agent-inspect @@ -10,7 +10,7 @@ . /usr/sbin/so-elastic-fleet-common {% if grains.role == 'so-heavynode' %} -docker exec so-elastic-agent /bin/elastic-agent inspect +docker exec so-elastic-agent /usr/share/elastic-agent/elastic-agent inspect {% else %} /bin/elastic-agent inspect {% endif %} diff --git a/salt/elasticfleet/tools/sbin_jinja/so-elastic-agent-status b/salt/elasticfleet/tools/sbin_jinja/so-elastic-agent-status index f27c63b9f..52a155ab2 100755 --- a/salt/elasticfleet/tools/sbin_jinja/so-elastic-agent-status +++ b/salt/elasticfleet/tools/sbin_jinja/so-elastic-agent-status @@ -10,7 +10,7 @@ . /usr/sbin/so-elastic-fleet-common {% if grains.role == 'so-heavynode' %} -docker exec so-elastic-agent /bin/elastic-agent status +docker exec so-elastic-agent /usr/share/elastic-agent/elastic-agent status {% else %} /bin/elastic-agent status {% endif %} diff --git a/salt/elasticfleet/tools/sbin_jinja/so-elastic-agent-version b/salt/elasticfleet/tools/sbin_jinja/so-elastic-agent-version index 781250a30..1b152048e 100755 --- a/salt/elasticfleet/tools/sbin_jinja/so-elastic-agent-version +++ b/salt/elasticfleet/tools/sbin_jinja/so-elastic-agent-version @@ -10,7 +10,7 @@ . /usr/sbin/so-elastic-fleet-common {% if grains.role == 'so-heavynode' %} -docker exec so-elastic-agent /bin/elastic-agent version +docker exec so-elastic-agent /usr/share/elastic-agent/elastic-agent version {% else %} /bin/elastic-agent version {% endif %} From c723a091073ae3c236548b5f6e4e2d9de420e252 Mon Sep 17 00:00:00 2001 From: Wes Date: Fri, 14 Jul 2023 21:45:25 +0000 Subject: [PATCH 3/7] Remove agent installer generation script --- .../so-elastic-agent-gen-installers | 70 ------------------- 1 file changed, 70 deletions(-) delete mode 100755 salt/elasticagent/tools/sbin_jinja/so-elastic-agent-gen-installers diff --git a/salt/elasticagent/tools/sbin_jinja/so-elastic-agent-gen-installers b/salt/elasticagent/tools/sbin_jinja/so-elastic-agent-gen-installers deleted file mode 100755 index 2a19dcbd9..000000000 --- a/salt/elasticagent/tools/sbin_jinja/so-elastic-agent-gen-installers +++ /dev/null @@ -1,70 +0,0 @@ -#!/bin/bash - -# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one -# or more contributor license agreements. Licensed under the Elastic License 2.0; you may not use -# this file except in compliance with the Elastic License 2.0. - -#so-elastic-agent-gen-installers $FleetHostURLs $EnrollmentToken - -{% from 'vars/globals.map.jinja' import GLOBALS %} - -. /usr/sbin/so-common -. /usr/sbin/so-elastic-fleet-common - -for i in {1..30} -do - ENROLLMENTOKEN=$(curl -K /opt/so/conf/elasticsearch/curl.config -L "localhost:5601/api/fleet/enrollment_api_keys" -H 'kbn-xsrf: true' -H 'Content-Type: application/json' | jq .list | jq -r -c '.[] | select(.policy_id | contains("endpoints-initial")) | .api_key') - FLEETHOST=$(curl -K /opt/so/conf/elasticsearch/curl.config 'http://localhost:5601/api/fleet/fleet_server_hosts/grid-default' | jq -r '.item.host_urls[]' | paste -sd ',') -if [[ $FLEETHOST ]] && [[ $ENROLLMENTOKEN ]]; then break; else sleep 10; fi -done - -if [[ -z $FLEETHOST ]] || [[ -z $ENROLLMENTOKEN ]]; then - printf "\nFleet Host URL, Enrollment Token or Elastic Version empty - exiting..." - printf "\nFleet Host: $FLEETHOST, Enrollment Token: $ENROLLMENTOKEN\n" - exit -fi - -OSARCH=( "linux-x86_64" "windows-x86_64" "darwin-x86_64" "darwin-aarch64" ) - -printf "\n### Creating a temp directory at /nsm/elastic-agent-workspace\n" -rm -rf /nsm/elastic-agent-workspace -mkdir -p /nsm/elastic-agent-workspace - -printf "\n### Extracting outer tarball and then each individual tarball/zip\n" -tar -xf /nsm/elastic-fleet/artifacts/elastic-agent_SO-$ELASTIC_AGENT_TARBALL_VERSION.tar.gz -C /nsm/elastic-agent-workspace/ -unzip -q /nsm/elastic-agent-workspace/elastic-agent-*.zip -d /nsm/elastic-agent-workspace/ -for archive in /nsm/elastic-agent-workspace/*.tar.gz -do - printf "\nExtracting $archive..." - tar xf "$archive" -C /nsm/elastic-agent-workspace/ -done - -printf "\n### Stripping out unused components" -find /nsm/elastic-agent-workspace/elastic-agent-*/data/elastic-agent-*/components -regex '.*fleet.*\|.*packet.*\|.*apm*.*\|.*audit.*\|.*heart.*\|.*cloud.*' -delete - -printf "\n### Tarring everything up again" -for OS in "${OSARCH[@]}" -do - printf "\nCreating tarball for $OS..." - rm -rf /nsm/elastic-agent-workspace/elastic-agent - mv /nsm/elastic-agent-workspace/elastic-agent-*-$OS /nsm/elastic-agent-workspace/elastic-agent - tar -czf /nsm/elastic-agent-workspace/$OS.tar.gz -C /nsm/elastic-agent-workspace elastic-agent -done - -GOTARGETOS=( "linux" "windows" "darwin" "darwin/arm64" ) -GOARCH="amd64" -printf "\n### Generating OS packages using the cleaned up tarballs" -for GOOS in "${GOTARGETOS[@]}" -do - if [[ $GOOS == 'darwin/arm64' ]]; then GOOS="darwin" && GOARCH="arm64"; fi - printf "\n\n### Generating $GOOS/$GOARCH Installer...\n" - docker run -e CGO_ENABLED=0 -e GOOS=$GOOS -e GOARCH=$GOARCH \ - --mount type=bind,source=/etc/ssl/certs/,target=/workspace/files/cert/ \ - --mount type=bind,source=/nsm/elastic-agent-workspace/,target=/workspace/files/elastic-agent/ \ - --mount type=bind,source=/opt/so/saltstack/local/salt/elasticfleet/files/so_agent-installers/,target=/output/ \ - {{ GLOBALS.registry_host }}:5000/{{ GLOBALS.image_repo }}/so-elastic-agent-builder:{{ GLOBALS.so_version }} go build -ldflags "-X main.fleetHostURLsList=$FLEETHOST -X main.enrollmentToken=$ENROLLMENTOKEN" -o /output/so-elastic-agent_${GOOS}_${GOARCH} - printf "\n### $GOOS/$GOARCH Installer Generated...\n" -done - -printf "\n### Cleaning up temp files in /nsm/elastic-agent-workspace" -rm -rf /nsm/elastic-agent-workspace From e715dfa3548b37b13b69b8dd96aff2d436cb1917 Mon Sep 17 00:00:00 2001 From: Wes Date: Mon, 17 Jul 2023 14:27:39 +0000 Subject: [PATCH 4/7] Remove sbin --- salt/elasticagent/config.sls | 8 -------- 1 file changed, 8 deletions(-) diff --git a/salt/elasticagent/config.sls b/salt/elasticagent/config.sls index d681f1c81..8b24f3b22 100644 --- a/salt/elasticagent/config.sls +++ b/salt/elasticagent/config.sls @@ -28,14 +28,6 @@ elasticagentconfdir: - group: 939 - makedirs: True -elasticagent_sbin: - file.recurse: - - name: /usr/sbin - - source: salt://elasticagent/tools/sbin - - user: 949 - - group: 939 - - file_mode: 755 - elasticagent_sbin_jinja: file.recurse: - name: /usr/sbin From 31696803e1d9becdfda503de21656d1236cc8713 Mon Sep 17 00:00:00 2001 From: Wes Date: Mon, 17 Jul 2023 14:28:12 +0000 Subject: [PATCH 5/7] Use correct name --- salt/elasticagent/tools/sbin_jinja/so-elastic-agent-start | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/salt/elasticagent/tools/sbin_jinja/so-elastic-agent-start b/salt/elasticagent/tools/sbin_jinja/so-elastic-agent-start index fc9c50cb6..47ee83691 100755 --- a/salt/elasticagent/tools/sbin_jinja/so-elastic-agent-start +++ b/salt/elasticagent/tools/sbin_jinja/so-elastic-agent-start @@ -10,7 +10,7 @@ . /usr/sbin/so-common {% if grains.role == 'so-heavynode' %} -/usr/sbin/so-start elastic-agent $1 +/usr/sbin/so-start elasticagent $1 {% else %} service elastic-agent start {% endif %} From 1a4515fc8a1b4fdbcaccce50590bbca75388b73f Mon Sep 17 00:00:00 2001 From: Wes Date: Mon, 17 Jul 2023 14:30:51 +0000 Subject: [PATCH 6/7] Split restart into stop and start --- salt/elasticagent/tools/sbin_jinja/so-elastic-agent-restart | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/salt/elasticagent/tools/sbin_jinja/so-elastic-agent-restart b/salt/elasticagent/tools/sbin_jinja/so-elastic-agent-restart index 00d5421ef..825f3b0fa 100755 --- a/salt/elasticagent/tools/sbin_jinja/so-elastic-agent-restart +++ b/salt/elasticagent/tools/sbin_jinja/so-elastic-agent-restart @@ -10,7 +10,8 @@ . /usr/sbin/so-common {% if grains.role == 'so-heavynode' %} -/usr/sbin/so-restart elastic-agent $1 +/usr/sbin/so-stop elastic-agent $1 +/usr/sbin/so-start elastic-agent $1 {% else %} service elastic-agent restart {% endif %} From d19615f74387b6aded127cea9995b0e7f601c9c5 Mon Sep 17 00:00:00 2001 From: Wes Date: Mon, 17 Jul 2023 14:42:27 +0000 Subject: [PATCH 7/7] Fix typo --- salt/elasticagent/tools/sbin_jinja/so-elastic-agent-restart | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/salt/elasticagent/tools/sbin_jinja/so-elastic-agent-restart b/salt/elasticagent/tools/sbin_jinja/so-elastic-agent-restart index 825f3b0fa..ea6724e69 100755 --- a/salt/elasticagent/tools/sbin_jinja/so-elastic-agent-restart +++ b/salt/elasticagent/tools/sbin_jinja/so-elastic-agent-restart @@ -11,7 +11,7 @@ {% if grains.role == 'so-heavynode' %} /usr/sbin/so-stop elastic-agent $1 -/usr/sbin/so-start elastic-agent $1 +/usr/sbin/so-start elasticagent $1 {% else %} service elastic-agent restart {% endif %}