move to so-image-common

salt/common/tools/sbin/so-common

@@ -51,115 +51,3 @@ check_password() {
     echo "$password" | egrep -v "'|\"|\\$|\\\\" > /dev/null 2>&1
     return $?
 }
-
-container_list() {
-    MANAGERCHECK=$(cat /etc/salt/grains | grep role | awk '{print $2}')
-    if [ $MANAGERCHECK == 'so-import' ]; then
-        TRUSTED_CONTAINERS=( \
-        "so-idstools" \
-        "so-nginx" \
-        "so-filebeat" \
-        "so-suricata" \
-        "so-soc" \
-        "so-elasticsearch" \
-        "so-kibana" \
-        "so-kratos" \
-        "so-suricata" \
-        "so-registry" \
-        "so-pcaptools" \
-        "so-zeek" )
-    elif [ $MANAGERCHECK != 'so-helix' ]; then
-        TRUSTED_CONTAINERS=( \
-        "so-acng" \
-        "so-thehive-cortex" \
-        "so-curator" \
-        "so-domainstats" \
-        "so-elastalert" \
-        "so-elasticsearch" \
-        "so-filebeat" \
-        "so-fleet" \
-        "so-fleet-launcher" \
-        "so-freqserver" \
-        "so-grafana" \
-        "so-idstools" \
-        "so-influxdb" \
-        "so-kibana" \
-        "so-kratos" \
-        "so-logstash" \
-        "so-minio" \
-        "so-mysql" \
-        "so-nginx" \
-        "so-pcaptools" \
-        "so-playbook" \
-        "so-redis" \
-        "so-soc" \
-        "so-soctopus" \
-        "so-steno" \
-        "so-strelka-frontend" \
-        "so-strelka-manager" \
-        "so-strelka-backend" \
-        "so-strelka-filestream" \
-        "so-suricata" \
-        "so-telegraf" \
-        "so-thehive" \
-        "so-thehive-es" \
-        "so-wazuh" \
-        "so-zeek" )
-    else
-        TRUSTED_CONTAINERS=( \
-        "so-filebeat" \
-        "so-idstools" \
-        "so-logstash" \
-        "so-nginx" \
-        "so-redis" \
-        "so-steno" \
-        "so-suricata" \
-        "so-telegraf" \
-        "so-zeek" )
-    fi
-}
-
-update_docker_containers() {
-  # Let's make sure we have the public key
-  curl -sSL https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/master/KEYS | gpg --import -
-  
-  CONTAINER_REGISTRY=quay.io
-  SIGNPATH=/root/sosigs
-  rm -rf $SIGNPATH
-  mkdir -p $SIGNPATH
-  if [ -z "$BRANCH" ]; then
-    BRANCH="master"
-  fi
-  # Download the containers from the interwebs
-  for i in "${TRUSTED_CONTAINERS[@]}"
-  do
-    # Pull down the trusted docker image
-    echo "Downloading $i"
-    docker pull $CONTAINER_REGISTRY/$IMAGEREPO/$i
-    
-    # Get signature
-    curl https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/$BRANCH/sigs/images/$i.gpg --output $SIGNPATH/$i.gpg
-    if [[ $? -ne 0 ]]; then
-      echo "Unable to pull signature file for $i"
-      exit 1
-    fi
-    # Dump our hash values
-    docker inspect $CONTAINER_REGISTRY/$IMAGEREPO/$i | jq '.[0].Created, .[0].Id, .[0].Size, .[0].RootFS.Layers' > $SIGNPATH/$i.txt
-    if [[ $? -ne 0 ]]; then
-      echo "Unable to inspect $i"
-      exit 1
-    fi
-    GPGTEST=$(gpg --verify $SIGNPATH/$i.gpg $SIGNPATH/$i.txt 2>&1)
-    if [[ $? -eq 0 ]]; then
-      # Tag it with the new registry destination
-      docker tag $CONTAINER_REGISTRY/$IMAGEREPO/$i $HOSTNAME:5000/$IMAGEREPO/$i
-      docker push $HOSTNAME:5000/$IMAGEREPO/$i
-    else
-      echo "There is a problem downloading the $i image. Details: "
-      echo ""
-      echo $GPGTEST
-      exit 1
-    fi
-  done
-  
-}

salt/common/tools/sbin/so-docker-refresh

@@ -16,6 +16,7 @@
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
 . /usr/sbin/so-common
+. /usr/sbin/so-image-common
 
 manager_check() {
   # Check to see if this is a manager

salt/common/tools/sbin/so-image-common

@@ -0,0 +1,128 @@
+#!/bin/bash
+#
+# Copyright 2014,2015,2016,2017,2018,2019,2020 Security Onion Solutions, LLC
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+container_list() {
+    MANAGERCHECK=$(cat /etc/salt/grains | grep role | awk '{print $2}')
+    if [ $MANAGERCHECK == 'so-import' ]; then
+        TRUSTED_CONTAINERS=( \
+        "so-idstools" \
+        "so-nginx" \
+        "so-filebeat" \
+        "so-suricata" \
+        "so-soc" \
+        "so-elasticsearch" \
+        "so-kibana" \
+        "so-kratos" \
+        "so-suricata" \
+        "so-registry" \
+        "so-pcaptools" \
+        "so-zeek" )
+    elif [ $MANAGERCHECK != 'so-helix' ]; then
+        TRUSTED_CONTAINERS=( \
+        "so-acng" \
+        "so-thehive-cortex" \
+        "so-curator" \
+        "so-domainstats" \
+        "so-elastalert" \
+        "so-elasticsearch" \
+        "so-filebeat" \
+        "so-fleet" \
+        "so-fleet-launcher" \
+        "so-freqserver" \
+        "so-grafana" \
+        "so-idstools" \
+        "so-influxdb" \
+        "so-kibana" \
+        "so-kratos" \
+        "so-logstash" \
+        "so-minio" \
+        "so-mysql" \
+        "so-nginx" \
+        "so-pcaptools" \
+        "so-playbook" \
+        "so-redis" \
+        "so-soc" \
+        "so-soctopus" \
+        "so-steno" \
+        "so-strelka-frontend" \
+        "so-strelka-manager" \
+        "so-strelka-backend" \
+        "so-strelka-filestream" \
+        "so-suricata" \
+        "so-telegraf" \
+        "so-thehive" \
+        "so-thehive-es" \
+        "so-wazuh" \
+        "so-zeek" )
+    else
+        TRUSTED_CONTAINERS=( \
+        "so-filebeat" \
+        "so-idstools" \
+        "so-logstash" \
+        "so-nginx" \
+        "so-redis" \
+        "so-steno" \
+        "so-suricata" \
+        "so-telegraf" \
+        "so-zeek" )
+    fi
+}
+
+update_docker_containers() {
+  # Let's make sure we have the public key
+  curl -sSL https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/master/KEYS | gpg --import -
+  
+  CONTAINER_REGISTRY=quay.io
+  SIGNPATH=/root/sosigs
+  rm -rf $SIGNPATH
+  mkdir -p $SIGNPATH
+  if [ -z "$BRANCH" ]; then
+    BRANCH="master"
+  fi
+  # Download the containers from the interwebs
+  for i in "${TRUSTED_CONTAINERS[@]}"
+  do
+    # Pull down the trusted docker image
+    echo "Downloading $i"
+    docker pull $CONTAINER_REGISTRY/$IMAGEREPO/$i
+    
+    # Get signature
+    curl https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/$BRANCH/sigs/images/$i.gpg --output $SIGNPATH/$i.gpg
+    if [[ $? -ne 0 ]]; then
+      echo "Unable to pull signature file for $i"
+      exit 1
+    fi
+    # Dump our hash values
+    docker inspect $CONTAINER_REGISTRY/$IMAGEREPO/$i | jq '.[0].Created, .[0].Id, .[0].Size, .[0].RootFS.Layers' > $SIGNPATH/$i.txt
+    if [[ $? -ne 0 ]]; then
+      echo "Unable to inspect $i"
+      exit 1
+    fi
+    GPGTEST=$(gpg --verify $SIGNPATH/$i.gpg $SIGNPATH/$i.txt 2>&1)
+    if [[ $? -eq 0 ]]; then
+      # Tag it with the new registry destination
+      docker tag $CONTAINER_REGISTRY/$IMAGEREPO/$i $HOSTNAME:5000/$IMAGEREPO/$i
+      docker push $HOSTNAME:5000/$IMAGEREPO/$i
+    else
+      echo "There is a problem downloading the $i image. Details: "
+      echo ""
+      echo $GPGTEST
+      exit 1
+    fi
+  done
+  
+}

salt/common/tools/sbin/soup

@@ -16,6 +16,7 @@
 #    along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
 . /usr/sbin/so-common
+. /usr/sbin/so-image-common
 UPDATE_DIR=/tmp/sogh/securityonion
 INSTALLEDVERSION=$(cat /etc/soversion)
 INSTALLEDSALTVERSION=$(salt --versions-report | grep Salt: | awk {'print $2'})