diff --git a/salt/common/tools/sbin/soup b/salt/common/tools/sbin/soup index 3859ab3cd..e4582a524 100755 --- a/salt/common/tools/sbin/soup +++ b/salt/common/tools/sbin/soup @@ -124,6 +124,8 @@ pillar_changes() { [[ "$INSTALLEDVERSION" =~ rc.1 ]] && rc1_to_rc2 [[ "$INSTALLEDVERSION" =~ rc.2 ]] && rc2_to_rc3 + [[ "$INSTALLEDVERSION" =~ rc.3 ]] && rc3_to_2.3.0 + } @@ -184,8 +186,14 @@ rc2_to_rc3() { # Enable Strelka Rules sed -i "/ rules:/c\ rules: 1" /opt/so/saltstack/local/pillar/global.sls + INSTALLEDVERSION=rc.3 + } +rc3_to_2.3.0() [ + echo "" +] + space_check() { # Check to see if there is enough space CURRENTSPACE=$(df -BG / | grep -v Avail | awk '{print $4}' | sed 's/.$//') @@ -263,7 +271,7 @@ update_dockers() { "so-telegraf" \ "so-zeek" ) fi - + # Download the containers from the interwebs for i in "${TRUSTED_CONTAINERS[@]}" do @@ -275,6 +283,9 @@ update_dockers() { docker push $HOSTNAME:5000/$IMAGEREPO/$i:$NEWVERSION done + # Cleanup on Aisle 4 + clean_dockers + } update_version() { diff --git a/salt/docker_clean/init.sls b/salt/docker_clean/init.sls new file mode 100644 index 000000000..1a73fae7e --- /dev/null +++ b/salt/docker_clean/init.sls @@ -0,0 +1,45 @@ +{% set IMAGEREPO = salt['pillar.get']('global:imagerepo') %} +{% set MANAGER = salt['grains.get']('master') %} +{% set OLDVERSIONS = ['2.0.0-rc.1','2.0.1-rc.1','2.0.2-rc.1','2.0.3-rc.1','2.1.0-rc.2','2.2.0-rc.3']%} + +{% for VERSION in OLDVERSIONS %} +remove_images_{{ VERSION }}: + docker_image.absent: + - force: True + - images: + - '{{ MANAGER }}:5000/{{ IMAGEREPO }}/so-acng:{{ VERSION }}' + - '{{ MANAGER }}:5000/{{ IMAGEREPO }}/so-thehive-cortex:{{ VERSION }}' + - '{{ MANAGER }}:5000/{{ IMAGEREPO }}/so-curator:{{ VERSION }}' + - '{{ MANAGER }}:5000/{{ IMAGEREPO }}/so-domainstats:{{ VERSION }}' + - '{{ MANAGER }}:5000/{{ IMAGEREPO }}/so-elastalert:{{ VERSION }}' + - '{{ MANAGER }}:5000/{{ IMAGEREPO }}/so-elasticsearch:{{ VERSION }}' + - '{{ MANAGER }}:5000/{{ IMAGEREPO }}/so-filebeat:{{ VERSION }}' + - '{{ MANAGER }}:5000/{{ IMAGEREPO }}/so-fleet:{{ VERSION }}' + - '{{ MANAGER }}:5000/{{ IMAGEREPO }}/so-fleet-launcher:{{ VERSION }}' + - '{{ MANAGER }}:5000/{{ IMAGEREPO }}/so-freqserver:{{ VERSION }}' + - '{{ MANAGER }}:5000/{{ IMAGEREPO }}/so-grafana:{{ VERSION }}' + - '{{ MANAGER }}:5000/{{ IMAGEREPO }}/so-idstools:{{ VERSION }}' + - '{{ MANAGER }}:5000/{{ IMAGEREPO }}/so-influxdb:{{ VERSION }}' + - '{{ MANAGER }}:5000/{{ IMAGEREPO }}/so-kibana:{{ VERSION }}' + - '{{ MANAGER }}:5000/{{ IMAGEREPO }}/so-kratos:{{ VERSION }}' + - '{{ MANAGER }}:5000/{{ IMAGEREPO }}/so-logstash:{{ VERSION }}' + - '{{ MANAGER }}:5000/{{ IMAGEREPO }}/so-minio:{{ VERSION }}' + - '{{ MANAGER }}:5000/{{ IMAGEREPO }}/so-mysql:{{ VERSION }}' + - '{{ MANAGER }}:5000/{{ IMAGEREPO }}/so-nginx:{{ VERSION }}' + - '{{ MANAGER }}:5000/{{ IMAGEREPO }}/so-pcaptools:{{ VERSION }}' + - '{{ MANAGER }}:5000/{{ IMAGEREPO }}/so-playbook:{{ VERSION }}' + - '{{ MANAGER }}:5000/{{ IMAGEREPO }}/so-redis:{{ VERSION }}' + - '{{ MANAGER }}:5000/{{ IMAGEREPO }}/so-soc:{{ VERSION }}' + - '{{ MANAGER }}:5000/{{ IMAGEREPO }}/so-soctopus:{{ VERSION }}' + - '{{ MANAGER }}:5000/{{ IMAGEREPO }}/so-steno:{{ VERSION }}' + - '{{ MANAGER }}:5000/{{ IMAGEREPO }}/so-strelka-frontend:{{ VERSION }}' + - '{{ MANAGER }}:5000/{{ IMAGEREPO }}/so-strelka-manager:{{ VERSION }}' + - '{{ MANAGER }}:5000/{{ IMAGEREPO }}/so-strelka-backend:{{ VERSION }}' + - '{{ MANAGER }}:5000/{{ IMAGEREPO }}/so-strelka-filestream:{{ VERSION }}' + - '{{ MANAGER }}:5000/{{ IMAGEREPO }}/so-suricata:{{ VERSION }}' + - '{{ MANAGER }}:5000/{{ IMAGEREPO }}/so-telegraf:{{ VERSION }}' + - '{{ MANAGER }}:5000/{{ IMAGEREPO }}/so-thehive:{{ VERSION }}' + - '{{ MANAGER }}:5000/{{ IMAGEREPO }}/so-thehive-es:{{ VERSION }}' + - '{{ MANAGER }}:5000/{{ IMAGEREPO }}/so-wazuh:{{ VERSION }}' + - '{{ MANAGER }}:5000/{{ IMAGEREPO }}/so-zeek:{{ VERSION }}' +{% endfor %} \ No newline at end of file diff --git a/salt/top.sls b/salt/top.sls index 0c636c6e4..a11b9ead2 100644 --- a/salt/top.sls +++ b/salt/top.sls @@ -136,7 +136,7 @@ base: {%- if DOMAINSTATS != 0 %} - domainstats {%- endif %} - + docker_clean '*_manager and G@saltversion:{{saltversion}}': - match: compound @@ -185,6 +185,7 @@ base: {%- if DOMAINSTATS != 0 %} - domainstats {%- endif %} + docker_clean '*_standalone and G@saltversion:{{saltversion}}': - match: compound @@ -243,6 +244,7 @@ base: {%- if DOMAINSTATS != 0 %} - domainstats {%- endif %} + docker_clean # Search node logic @@ -255,6 +257,7 @@ base: - fleet.install_package {%- endif %} - schedule + - docker_clean '*_node and I@node:node_type:hot and G@saltversion:{{saltversion}}': - match: compound @@ -266,6 +269,7 @@ base: - fleet.install_package {%- endif %} - schedule + - docker_clean '*_node and I@node:node_type:warm and G@saltversion:{{saltversion}}': - match: compound @@ -276,6 +280,7 @@ base: - fleet.install_package {%- endif %} - schedule + - docker_clean '*_searchnode and G@saltversion:{{saltversion}}': - match: compound @@ -296,6 +301,7 @@ base: - fleet.install_package {%- endif %} - schedule + - docker_clean '*_managersensor and G@saltversion:{{saltversion}}': - match: compound @@ -311,6 +317,7 @@ base: - fleet.install_package {%- endif %} - schedule + - docker_clean '*_managersearch and G@saltversion:{{saltversion}}': - match: compound @@ -360,6 +367,7 @@ base: {%- if DOMAINSTATS != 0 %} - domainstats {%- endif %} + docker_clean '*_heavynode and G@saltversion:{{saltversion}}': - match: compound @@ -390,6 +398,7 @@ base: {%- endif %} - filebeat - schedule + - docker_clean '*_fleet and G@saltversion:{{saltversion}}': - match: compound @@ -404,6 +413,7 @@ base: - fleet - fleet.install_package - filebeat + - docker_clean '*_import and G@saltversion:{{saltversion}}': - match: compound @@ -426,3 +436,4 @@ base: - suricata - zeek - schedule + - docker_clean