CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity

so-elastic-agent-gen-installers should use /nsm to avoid filling /tmp

Browse Source
This commit is contained in:
Doug Burks
2023-05-15 07:31:32 -04:00
parent 3db34a3346
commit d8e0e320f4
1 changed files with 11 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
salt/elasticfleet/tools/sbin_jinja/so-elastic-agent-gen-installers
View File

@@ -20,26 +20,26 @@ FLEETHOST="{{ GLOBALS.manager_ip }}"
TARGETOS=( "linux" "darwin" "windows" )
printf "\n### Get rid of any previous runs\n"
rm -rf /tmp/elastic-agent-workspace
mkdir -p /tmp/elastic-agent-workspace
rm -rf /nsm/elastic-agent-workspace
mkdir -p /nsm/elastic-agent-workspace
printf "\n### Extract outer tarball and then each individual tarball/zip\n"
tar -xf /nsm/elastic-fleet/artifacts/elastic-agent_SO-{{ GLOBALS.so_version }}.tar.gz -C /tmp/elastic-agent-workspace/
unzip /tmp/elastic-agent-workspace/elastic-agent-*.zip -d /tmp/elastic-agent-workspace/
for archive in /tmp/elastic-agent-workspace/*.tar.gz
tar -xf /nsm/elastic-fleet/artifacts/elastic-agent_SO-{{ GLOBALS.so_version }}.tar.gz -C /nsm/elastic-agent-workspace/
unzip /nsm/elastic-agent-workspace/elastic-agent-*.zip -d /nsm/elastic-agent-workspace/
for archive in /nsm/elastic-agent-workspace/*.tar.gz
do
tar xf "$archive" -C /tmp/elastic-agent-workspace/
tar xf "$archive" -C /nsm/elastic-agent-workspace/
done
printf "\n### Strip out unused components"
find /tmp/elastic-agent-workspace/elastic-agent-*/data/elastic-agent-*/components -regex '.*fleet.*\|.*packet.*\|.*apm*.*\|.*audit.*\|.*heart.*\|.*cloud.*' -delete
find /nsm/elastic-agent-workspace/elastic-agent-*/data/elastic-agent-*/components -regex '.*fleet.*\|.*packet.*\|.*apm*.*\|.*audit.*\|.*heart.*\|.*cloud.*' -delete
printf "\n### Tar everything up again"
for OS in "${TARGETOS[@]}"
do
rm -rf /tmp/elastic-agent-workspace/elastic-agent
mv /tmp/elastic-agent-workspace/elastic-agent-*-$OS-x86_64 /tmp/elastic-agent-workspace/elastic-agent
tar -czvf /tmp/elastic-agent-workspace/$OS.tar.gz -C /tmp/elastic-agent-workspace elastic-agent
rm -rf /nsm/elastic-agent-workspace/elastic-agent
mv /nsm/elastic-agent-workspace/elastic-agent-*-$OS-x86_64 /nsm/elastic-agent-workspace/elastic-agent
tar -czvf /nsm/elastic-agent-workspace/$OS.tar.gz -C /nsm/elastic-agent-workspace elastic-agent
done
printf "\n### Generate OS packages using the cleaned up tarballs"
@@ -48,7 +48,7 @@ do
printf "\n\n### Generating $OS Installer...\n"
docker run -e CGO_ENABLED=0 -e GOOS=$OS \
--mount type=bind,source=/etc/ssl/certs/,target=/workspace/files/cert/ \
--mount type=bind,source=/tmp/elastic-agent-workspace/,target=/workspace/files/elastic-agent/ \
--mount type=bind,source=/nsm/elastic-agent-workspace/,target=/workspace/files/elastic-agent/ \
--mount type=bind,source=/opt/so/saltstack/local/salt/elasticfleet/files/so_agent-installers/,target=/output/ \
{{ GLOBALS.registry_host }}:5000/{{ GLOBALS.image_repo }}/so-elastic-agent-builder:{{ GLOBALS.so_version }} go build -ldflags "-X main.fleetHost=$FLEETHOST -X main.enrollmentToken=$ENROLLMENTOKEN" -o /output/so-elastic-agent_$OS
printf "\n### $OS Installer Generated...\n"