2017-10-13 09:57:37 +02:00
#!/usr/bin/env bash
2018-03-28 16:10:57 +02:00
# Timing creation
TIME_START = $( date +%s)
2019-05-01 03:46:25 +02:00
# Place holder
function checkBin( )
{
echo "NOOP"
}
2017-10-13 09:57:37 +02:00
# Latest version of misp
VER = $( curl -s https://api.github.com/repos/MISP/MISP/tags | jq -r '.[0] | .name' )
# Latest commit hash of misp
LATEST_COMMIT = $( curl -s https://api.github.com/repos/MISP/MISP/commits | jq -r '.[0] | .sha' )
2019-04-11 08:42:00 +02:00
LATEST_COMMIT_SHORT = $( echo $LATEST_COMMIT | cut -c1-7)
2018-12-10 17:35:26 +01:00
2019-01-21 14:15:50 +01:00
if [ " ${ VER } " = = "" ] || [ " ${ LATEST_COMMIT } " = = "" ] ; then
2018-12-10 17:35:26 +01:00
echo "Somehow, could not 'curl' either a version or a commit tag, exiting -1..."
exit -1
fi
2017-10-13 09:57:37 +02:00
# SHAsums to be computed
SHA_SUMS = "1 256 384 512"
2018-12-10 17:35:26 +01:00
PACKER_NAME = "misp"
PACKER_VM = "MISP"
NAME = "misp-packer"
# Update time-stamp and make sure file exists
touch /tmp/${ PACKER_NAME } -latest.sha
2017-10-13 09:57:37 +02:00
# Configure your user and remote server
2018-12-10 17:35:26 +01:00
REMOTE = 1
REL_USER = " ${ PACKER_NAME } -release "
2017-10-13 09:57:37 +02:00
REL_SERVER = "cpab"
2018-12-10 17:35:26 +01:00
# GPG Sign
GPG_ENABLED = 0
GPG_KEY = "0x9BE4AEE9"
# Enable debug for packer, omit -debug to disable
##PACKER_DEBUG="-debug"
2018-02-14 12:04:44 +01:00
# Enable logging for packer
2019-04-25 05:50:39 +02:00
export PACKER_LOG = 0
2018-02-14 12:04:44 +01:00
# Make sure we have a current work directory
PWD = ` pwd `
2018-12-10 17:35:26 +01:00
# Make sure log dir exists (-p quiets if exists)
mkdir -p ${ PWD } /log
vm_description = 'MISP, is an open source software solution for collecting, storing, distributing and sharing cyber security indicators and threat about cyber security incidents analysis and malware analysis. MISP is designed by and for incident analysts, security and ICT professionals or malware reverser to support their day-to-day operations to share structured informations efficiently.'
vm_version = '2.4'
2017-10-13 09:57:37 +02:00
# Place holder, this fn() should be used to anything signing related
function signify( )
{
if [ -z " $1 " ] ; then
2019-01-21 14:15:50 +01:00
echo "This function needs an argument"
2017-10-13 09:57:37 +02:00
exit 1
fi
}
2019-04-11 08:42:00 +02:00
# Check if ponysay is installed. (https://github.com/erkin/ponysay)
say ( ) {
if [ [ $( command -v ponysay) ] ] ; then
2019-04-25 05:50:39 +02:00
printf "\n\n\n\n\n"
2019-04-11 08:42:00 +02:00
ponysay -c $1
else
echo $1
fi
}
think ( ) {
if [ [ $( command -v ponythink) ] ] ; then
2019-04-25 05:50:39 +02:00
printf "\n\n\n\n\n"
2019-04-11 08:42:00 +02:00
ponythink -c $1
else
echo $1
fi
}
2018-12-10 17:35:26 +01:00
function removeAll( )
{
# Remove files for next run
rm -r output-virtualbox-iso
rm -r output-vmware-iso
rm *.checksum *.zip *.sha*
rm ${ PACKER_NAME } -deploy.json
rm packer_virtualbox-iso_virtualbox-iso_sha1.checksum.asc
rm packer_virtualbox-iso_virtualbox-iso_sha256.checksum.asc
rm packer_virtualbox-iso_virtualbox-iso_sha384.checksum.asc
rm packer_virtualbox-iso_virtualbox-iso_sha512.checksum.asc
2019-01-21 14:15:50 +01:00
rm ${ PACKER_VM } _${ VER } @${ LATEST_COMMIT } -vmware.zip.asc
2018-12-10 17:35:26 +01:00
rm /tmp/LICENSE-${ PACKER_NAME }
}
# TODO: Make it more graceful if files do not exist
2019-01-21 14:15:50 +01:00
removeAll 2> /dev/null
# Fetching latest MISP LICENSE
/usr/bin/wget -q -O /tmp/LICENSE-${ PACKER_NAME } https://raw.githubusercontent.com/MISP/MISP/2.4/LICENSE
2018-12-10 17:35:26 +01:00
2019-05-01 03:46:25 +02:00
# Fetch the latest MISP Installer
/usr/bin/wget -q -O scripts/INSTALL.sh https://raw.githubusercontent.com/MISP/MISP/2.4/INSTALL/INSTALL.sh
2017-10-13 09:57:37 +02:00
# Check if latest build is still up to date, if not, roll and deploy new
if [ " ${ LATEST_COMMIT } " != " $( cat /tmp/misp-latest.sha) " ] ; then
2019-01-21 14:15:50 +01:00
echo " Current ${ PACKER_VM } version is: ${ VER } @ ${ LATEST_COMMIT } "
2017-10-13 09:57:37 +02:00
# Search and replace for vm_name and make sure we can easily identify the generated VMs
2019-01-21 14:15:50 +01:00
cat misp.json| sed " s|\"vm_name\": \"MISP_demo\",|\"vm_name\": \" ${ PACKER_VM } _ ${ VER } @ ${ LATEST_COMMIT } \",| " > misp-deploy.json
2017-10-13 09:57:37 +02:00
# Build vmware VM set
2018-02-14 12:04:44 +01:00
PACKER_LOG_PATH = " ${ PWD } /packerlog-vmware.txt "
2019-04-25 05:55:22 +02:00
/usr/local/bin/packer build --on-error= ask -only= vmware-iso misp-deploy.json ; VMWARE_BUILD = $?
2017-10-13 09:57:37 +02:00
# Build virtualbox VM set
2018-12-10 17:35:26 +01:00
PACKER_LOG_PATH = " ${ PWD } /packerlog-vbox.txt "
2019-04-25 05:55:22 +02:00
/usr/local/bin/packer build --on-error= ask -only= virtualbox-iso misp-deploy.json ; VIRTUALBOX_BUILD = $?
2019-04-25 05:50:39 +02:00
# Prevent uploading only half a build
if [ [ " $VMWARE_BUILD " = = "0" ] ] && [ [ "VIRTUALBOX_BUILD" = = "0" ] ] ; then
# ZIPup all the vmware stuff
zip -r ${ PACKER_VM } _${ VER } @${ LATEST_COMMIT } -vmware.zip packer_vmware-iso_vmware-iso_sha1.checksum packer_vmware-iso_vmware-iso_sha512.checksum output-vmware-iso
# Create a hashfile for the zip
for SUMsize in ` echo ${ SHA_SUMS } ` ; do
shasum -a ${ SUMsize } *.zip > ${ PACKER_VM } _${ VER } @${ LATEST_COMMIT } -vmware.zip.sha${ SUMsize }
done
# Current file list of everything to gpg sign and transfer
FILE_LIST = " ${ PACKER_VM } _ ${ VER } @ ${ LATEST_COMMIT } -vmware.zip output-virtualbox-iso/ ${ PACKER_VM } _ ${ VER } @ ${ LATEST_COMMIT } .ova packer_virtualbox-iso_virtualbox-iso_sha1.checksum packer_virtualbox-iso_virtualbox-iso_sha256.checksum packer_virtualbox-iso_virtualbox-iso_sha384.checksum packer_virtualbox-iso_virtualbox-iso_sha512.checksum ${ PACKER_VM } _ ${ VER } @ ${ LATEST_COMMIT } -vmware.zip.sha1 ${ PACKER_VM } _ ${ VER } @ ${ LATEST_COMMIT } -vmware.zip.sha256 ${ PACKER_VM } _ ${ VER } @ ${ LATEST_COMMIT } -vmware.zip.sha384 ${ PACKER_VM } _ ${ VER } @ ${ LATEST_COMMIT } -vmware.zip.sha512 "
# Create the latest MISP export directory
ssh ${ REL_USER } @${ REL_SERVER } mkdir -p export/${ PACKER_VM } _${ VER } @${ LATEST_COMMIT }
ssh ${ REL_USER } @${ REL_SERVER } mkdir -p export/${ PACKER_VM } _${ VER } @${ LATEST_COMMIT } /checksums
# Sign and transfer files
for FILE in ${ FILE_LIST } ; do
gpg --armor --output ${ FILE } .asc --detach-sig ${ FILE }
rsync -azvq --progress ${ FILE } ${ REL_USER } @${ REL_SERVER } :export/${ PACKER_VM } _${ VER } @${ LATEST_COMMIT }
rsync -azvq --progress ${ FILE } .asc ${ REL_USER } @${ REL_SERVER } :export/${ PACKER_VM } _${ VER } @${ LATEST_COMMIT }
ssh ${ REL_USER } @${ REL_SERVER } rm export/latest
ssh ${ REL_USER } @${ REL_SERVER } ln -s ${ PACKER_VM } _${ VER } @${ LATEST_COMMIT } export/latest
done
ssh ${ REL_USER } @${ REL_SERVER } chmod -R +r export
ssh ${ REL_USER } @${ REL_SERVER } mv export/${ PACKER_VM } _${ VER } @${ LATEST_COMMIT } /*.checksum* export/${ PACKER_VM } _${ VER } @${ LATEST_COMMIT } /checksums
ssh ${ REL_USER } @${ REL_SERVER } mv export/${ PACKER_VM } _${ VER } @${ LATEST_COMMIT } /*-vmware.zip.sha* export/${ PACKER_VM } _${ VER } @${ LATEST_COMMIT } /checksums
ssh ${ REL_USER } @${ REL_SERVER } cd export ; tree -T " ${ PACKER_VM } VM Images " -H https://www.circl.lu/misp-images/ -o index.html
else
2019-04-25 05:55:22 +02:00
echo " The packer exit code of VMware was: ${ VMWARE_BUILD } "
echo " The packer exit code of VBox was: ${ VIRTUALBOX_BUILD } "
2019-04-25 05:50:39 +02:00
fi
2018-01-19 12:39:07 +01:00
2017-10-13 09:57:37 +02:00
# Remove files for next run
2019-01-21 14:15:50 +01:00
removeAll 2> /dev/null
2017-10-13 09:57:37 +02:00
echo ${ LATEST_COMMIT } > /tmp/misp-latest.sha
2018-03-28 16:10:57 +02:00
TIME_END = $( date +%s)
TIME_DELTA = $( expr ${ TIME_END } - ${ TIME_START } )
2019-04-11 08:42:00 +02:00
say " The generation took ${ TIME_DELTA } seconds "
2017-10-13 09:57:37 +02:00
else
2019-04-11 08:42:00 +02:00
clear
think " Current ${ PACKER_VM } version ${ VER } @ ${ LATEST_COMMIT_SHORT } is up to date. "
2017-10-13 09:57:37 +02:00
fi
