Merge pull request #243 from Security-Onion-Solutions/feature/isoregistry

Feature/isoregistry
2025-12-06 09:12:45 +01:00 · 2020-01-23 13:25:26 -05:00
parent 005aa35918 bf6c309f16
commit dc0c92fb92
3 changed files with 45 additions and 15 deletions
--- a/salt/registry/bin/so-buildregistry
+++ b/salt/registry/bin/so-buildregistry
@@ -0,0 +1,12 @@
+#!/bin/bash
+
+VERSION=HH1.1.4
+TARBALL=/nsm/docker-registry/docker/so-dockers-$VERSION.tar
+
+# See if the tarball is there. If so do soemthing otherwise peace out.
+if [ -f "$TARBALL" ]; then
+  cd /nsm/docker-registry/docker
+  tar xvf so-dockers-$VERSION.tar
+else
+  exit
+fi
--- a/salt/registry/init.sls
+++ b/salt/registry/init.sls
@@ -26,6 +26,17 @@ dockerregistryconf:
    - name: /opt/so/conf/docker-registry/etc/config.yml
    - source: salt://registry/etc/config.yml

+# Copy the registry script
+dockerregistrybuild:
+  file.managed:
+    - name: /opt/so/conf/docker-registry/so-buildregistry
+    - source: salt://registry/bin/so-buildregistry
+    - mode: 755
+
+dockerexpandregistry:
+ cmd.run:
+   - name: /opt/so/conf/docker-registry/so-buildregistry
+
 # Install the registry container
 so-dockerregistry:
  docker_container.running:
--- a/setup/functions.sh
+++ b/setup/functions.sh
@@ -457,6 +457,7 @@ docker_registry() {
 docker_seed_registry() {
  VERSION="HH1.1.4"
  TRUSTED_CONTAINERS=( \
+  "so-acng:$VERSION" \
  "so-auth-api:$VERSION" \
  "so-auth-ui:$VERSION" \
  "so-core:$VERSION" \
@@ -489,21 +490,27 @@ docker_seed_registry() {
  "so-wazuh:$VERSION" \
  "so-zeek:$VERSION" )

-  for i in "${TRUSTED_CONTAINERS[@]}"
-  do
-    # Pull down the trusted docker image
-    echo "Downloading $i"
-    docker pull --disable-content-trust=false docker.io/soshybridhunter/$i
-    # Tag it with the new registry destination
-    docker tag soshybridhunter/$i $HOSTNAME:5000/soshybridhunter/$i
-    docker push $HOSTNAME:5000/soshybridhunter/$i
-  done
+  if [ ! -f /nsm/docker-registry/docker/so-dockers-$VERSION.tar ]; then
+    # Download the container from the interwebs
+    for i in "${TRUSTED_CONTAINERS[@]}"
+    do
+      # Pull down the trusted docker image
+      echo "Downloading $i"
+      docker pull --disable-content-trust=false docker.io/soshybridhunter/$i
+      # Tag it with the new registry destination
+      docker tag soshybridhunter/$i $HOSTNAME:5000/soshybridhunter/$i
+      docker push $HOSTNAME:5000/soshybridhunter/$i
+    done

-  for i in "${TRUSTED_CONTAINERS[@]}"
-  do
-    echo "Removing $i locally"
-    docker rmi soshybridhunter/$i
-  done
+    for i in "${TRUSTED_CONTAINERS[@]}"
+    do
+      echo "Removing $i locally"
+      docker rmi soshybridhunter/$i
+    done
+  else
+    # We already have the goods son
+    rm /nsm/docker-registry/docker/so-dockers-$VERSION.tar
+  fi

 }