Refactor image repository to a single variable

2025-12-08 18:22:47 +01:00 · 2020-07-13 18:26:43 -04:00
parent f67f0679ae
commit 8f66a27f07
55 changed files with 103 additions and 4007 deletions
--- a/salt/common/tools/sbin/so-common
+++ b/salt/common/tools/sbin/so-common
@@ -15,6 +15,8 @@
 # You should have received a copy of the GNU General Public License
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.

+IMAGEREPO=soshybridhunter
+
 # Check for prerequisites
 if [ "$(id -u)" -ne 0 ]; then
        echo "This script must be run using sudo!"
--- a/salt/common/tools/sbin/so-docker-refresh
+++ b/salt/common/tools/sbin/so-docker-refresh
@@ -14,12 +14,8 @@
 #
 # You should have received a copy of the GNU General Public License
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
-got_root(){
-    if [ "$(id -u)" -ne 0 ]; then
-        echo "This script must be run using sudo!"
-        exit 1
-    fi
-}
+
+. /usr/sbin/so-common

 manager_check() {
  # Check to see if this is a manager
@@ -39,10 +35,10 @@ update_docker_containers() {
  do
    # Pull down the trusted docker image
    echo "Downloading $i"
-    docker pull --disable-content-trust=false docker.io/soshybridhunter/$i
+    docker pull --disable-content-trust=false docker.io/$IMAGEREPO/$i
    # Tag it with the new registry destination
-    docker tag soshybridhunter/$i $HOSTNAME:5000/soshybridhunter/$i
-    docker push $HOSTNAME:5000/soshybridhunter/$i
+    docker tag $IMAGEREPO/$i $HOSTNAME:5000/$IMAGEREPO/$i
+    docker push $HOSTNAME:5000/$IMAGEREPO/$i
  done
  
 }
@@ -55,7 +51,7 @@ version_check() {
    exit 1
  fi
 }
-got_root
+
 manager_check
 version_check

--- a/salt/common/tools/sbin/so-elastic-download
+++ b/salt/common/tools/sbin/so-elastic-download
@@ -1,43 +0,0 @@
-#!/bin/bash
-MANAGER=MANAGER
-VERSION="HH1.1.4"
-TRUSTED_CONTAINERS=( \
-"so-nginx:$VERSION" \
-"so-thehive-cortex:$VERSION" \
-"so-curator:$VERSION" \
-"so-domainstats:$VERSION" \
-"so-elastalert:$VERSION" \
-"so-elasticsearch:$VERSION" \
-"so-filebeat:$VERSION" \
-"so-fleet:$VERSION" \
-"so-fleet-launcher:$VERSION" \
-"so-freqserver:$VERSION" \
-"so-grafana:$VERSION" \
-"so-idstools:$VERSION" \
-"so-influxdb:$VERSION" \
-"so-kibana:$VERSION" \
-"so-logstash:$VERSION" \
-"so-mysql:$VERSION" \
-"so-playbook:$VERSION" \
-"so-redis:$VERSION" \
-"so-sensoroni:$VERSION" \
-"so-soctopus:$VERSION" \
-"so-steno:$VERSION" \
-#"so-strelka:$VERSION" \
-"so-suricata:$VERSION" \
-"so-telegraf:$VERSION" \
-"so-thehive:$VERSION" \
-"so-thehive-es:$VERSION" \
-"so-wazuh:$VERSION" \
-"so-zeek:$VERSION" )
-
-for i in "${TRUSTED_CONTAINERS[@]}"
-do
-  # Pull down the trusted docker image
-  echo "Downloading $i"
-  docker pull --disable-content-trust=false docker.io/soshybridhunter/$i
-  # Tag it with the new registry destination
-  docker tag soshybridhunter/$i $MANAGER:5000/soshybridhunter/$i
-  docker push $MANAGER:5000/soshybridhunter/$i
-  docker rmi soshybridhunter/$i
-done
--- a/salt/common/tools/sbin/so-features-enable
+++ b/salt/common/tools/sbin/so-features-enable
@@ -31,13 +31,13 @@ for i in "${TRUSTED_CONTAINERS[@]}"
 do
    # Pull down the trusted docker image
    echo "Downloading $i"
-    docker pull --disable-content-trust=false docker.io/soshybridhunter/$i
+    docker pull --disable-content-trust=false docker.io/$IMAGEREPO/$i
    # Tag it with the new registry destination
-    docker tag soshybridhunter/$i $HOSTNAME:5000/soshybridhunter/$i
-    docker push $HOSTNAME:5000/soshybridhunter/$i
+    docker tag $IMAGEREPO/$i $HOSTNAME:5000/$IMAGEREPO/$i
+    docker push $HOSTNAME:5000/$IMAGEREPO/$i
 done
 for i in "${TRUSTED_CONTAINERS[@]}"
 do
    echo "Removing $i locally"
-    docker rmi soshybridhunter/$i
+    docker rmi $IMAGEREPO/$i
 done
--- a/salt/common/tools/sbin/so-import-pcap
+++ b/salt/common/tools/sbin/so-import-pcap
@@ -17,6 +17,7 @@

 {% set MANAGER = salt['grains.get']('master') %}
 {% set VERSION = salt['pillar.get']('static:soversion') %}
+{% set IMAGEREPO = salt['pillar.get']('static:imagerepo') %}
 {%- set MANAGERIP = salt['pillar.get']('static:managerip') -%}

 function usage {
@@ -31,13 +32,13 @@ EOF
 function pcapinfo() {
  PCAP=$1
  ARGS=$2
-  docker run --rm -v $PCAP:/input.pcap --entrypoint capinfos {{ MANAGER }}:5000/soshybridhunter/so-pcaptools:{{ VERSION }} /input.pcap $ARGS
+  docker run --rm -v $PCAP:/input.pcap --entrypoint capinfos {{ MANAGER }}:5000/{{ IMAGEREPO }}/so-pcaptools:{{ VERSION }} /input.pcap $ARGS
 }

 function pcapfix() {
  PCAP=$1
  PCAP_OUT=$2
-  docker run --rm -v $PCAP:/input.pcap -v $PCAP_OUT:$PCAP_OUT --entrypoint pcapfix {{ MANAGER }}:5000/soshybridhunter/so-pcaptools:{{ VERSION }} /input.pcap -o $PCAP_OUT > /dev/null 2>&1
+  docker run --rm -v $PCAP:/input.pcap -v $PCAP_OUT:$PCAP_OUT --entrypoint pcapfix {{ MANAGER }}:5000/{{ IMAGEREPO }}/so-pcaptools:{{ VERSION }} /input.pcap -o $PCAP_OUT > /dev/null 2>&1
 }

 function suricata() {
@@ -58,7 +59,7 @@ function suricata() {
    -v ${NSM_PATH}/:/nsm/:rw \
    -v $PCAP:/input.pcap:ro \
    -v /opt/so/conf/suricata/bpf:/etc/suricata/bpf:ro \
-    {{ MANAGER }}:5000/soshybridhunter/so-suricata:{{ VERSION }} \
+    {{ MANAGER }}:5000/{{ IMAGEREPO }}/so-suricata:{{ VERSION }} \
    --runmode single -k none -r /input.pcap > $LOG_PATH/console.log 2>&1
 }

@@ -86,7 +87,7 @@ function zeek() {
    -v /opt/so/conf/zeek/bpf:/opt/zeek/etc/bpf:ro \
    --entrypoint /opt/zeek/bin/zeek \
    -w /nsm/zeek/logs \
-    {{ MANAGER }}:5000/soshybridhunter/so-zeek:{{ VERSION }} \
+    {{ MANAGER }}:5000/{{ IMAGEREPO }}/so-zeek:{{ VERSION }} \
    -C -r /input.pcap local > $NSM_PATH/logs/console.log 2>&1
 }