mirror of https://github.com/MISP/misp-packer
new: [doc] Added a verify.txt to explain how to verify
new: [deploy] Addded symlinks to have an easier latest for actual files.pull/23/head
parent
d0b7ede35d
commit
39da435a13
16
deploy.sh
16
deploy.sh
|
|
@ -227,6 +227,7 @@ if [[ "${LATEST_COMMIT}" != "$(cat /tmp/${PACKER_NAME}-latest.sha)" ]]; then
|
|||
# Create the latest MISP export directory
|
||||
if [[ "${REMOTE}" == "1" ]]; then
|
||||
ssh ${REL_USER}@${REL_SERVER} "mkdir -p export/${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT} ; mkdir -p export/${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}/checksums"
|
||||
scp verify.txt ${REL_USER}@${REL_SERVER}:export/${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}/
|
||||
fi
|
||||
|
||||
# Sign and transfer files
|
||||
|
|
@ -242,15 +243,22 @@ if [[ "${LATEST_COMMIT}" != "$(cat /tmp/${PACKER_NAME}-latest.sha)" ]]; then
|
|||
|
||||
if [[ "${REMOTE}" == "1" ]]; then
|
||||
rsync -azvq --progress ${FILE} ${REL_USER}@${REL_SERVER}:export/${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}
|
||||
ssh ${REL_USER}@${REL_SERVER} "rm export/latest ; ln -s ${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT} export/latest"
|
||||
ssh ${REL_USER}@${REL_SERVER} "rm export/latest ; ln -s ${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT} export/latest ;\
|
||||
rm export/${PACKER_VM}_${VER}@latest-CHECKSUM.sfv.asc ; ln -s ${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}/checksums/${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}-CHECKSUM.sfv.asc export/${PACKER_VM}_${VER}@latest-CHECKSUM.sfv.asc"
|
||||
fi
|
||||
done
|
||||
|
||||
if [[ "${REMOTE}" == "1" ]]; then
|
||||
ssh ${REL_USER}@${REL_SERVER} "chmod -R +r export ;\
|
||||
mv export/${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}/${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}-CHECKSUM.sfv export/${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}/checksums ;\
|
||||
mv export/${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}/${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}-CHECKSUM.sfv.asc export/${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}/checksums ;\
|
||||
cd export ; tree -T "${PACKER_VM} VM Images" -H https://www.circl.lu/misp-images/ -o index.html"
|
||||
mv export/${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}/${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}-CHECKSUM.sfv export/${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}/checksums ;\
|
||||
mv export/${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}/${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}-CHECKSUM.sfv.asc export/${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}/checksums ;\
|
||||
rm export/${PACKER_VM}_${VER}@latest.ova ; ln -s ${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}/${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}.ova export/${PACKER_VM}_${VER}@latest.ova ;\
|
||||
rm export/${PACKER_VM}_${VER}@latest.ova.asc ; ln -s ${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}/${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}.ova.asc export/${PACKER_VM}_${VER}@latest.ova.asc ;\
|
||||
rm export/${PACKER_VM}_${VER}@latest-VMware.zip ; ln -s ${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}/${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}-VMware.zip export/${PACKER_VM}_${VER}@latest-VMware.zip ;\
|
||||
rm export/${PACKER_VM}_${VER}@latest-VMware.zip.asc ; ln -s ${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}/${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}-VMware.zip.asc export/${PACKER_VM}_${VER}@latest-VMware.zip.asc ;\
|
||||
rm export/${PACKER_VM}_${VER}@latest-CHECKSUM.sfv ; ln -s ${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}/checksums/${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}-CHECKSUM.sfv export/${PACKER_VM}_${VER}@latest-CHECKSUM.sfv ;\
|
||||
rm export/${PACKER_VM}_${VER}@latest-CHECKSUM.sfv.asc ; ln -s ${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}/checksums/${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}-CHECKSUM.sfv.asc export/${PACKER_VM}_${VER}@latest-CHECKSUM.sfv.asc ;\
|
||||
cd export ; tree -T "${PACKER_VM} VM Images" -H https://www.circl.lu/misp-images/ -o index.html "
|
||||
fi
|
||||
|
||||
else
|
||||
|
|
|
|||
|
|
@ -0,0 +1,56 @@
|
|||
How to verify the Automate MISP-VMs?
|
||||
------------------------------------
|
||||
|
||||
In this directory you will find the following files:
|
||||
|
||||
- OVA File (VirtualBox export of the VM)
|
||||
- ZIP File (ZIP Packae of the VMware VM)
|
||||
- ASC File (PGP Armored file of the above files)
|
||||
- checksums Directory (The directory with all the checksums of the above files)
|
||||
|
||||
Verify VirtualBox OVA
|
||||
---------------------
|
||||
|
||||
1. Download signatures
|
||||
|
||||
Download the OVA and the ASC into the same directory.
|
||||
|
||||
2. Verify signatures
|
||||
|
||||
On the command line verify the PGP signature first, example:
|
||||
|
||||
$ gpg --verify MISP_v2.4.107@latest.ova.asc MISP_v2.4.107@latest.ova
|
||||
|
||||
TODO: Include output.
|
||||
|
||||
3. Download SFV files
|
||||
|
||||
Now download the checksum file and its signature, and verify.
|
||||
|
||||
$ wget https://www.circl.lu/misp-images/MISP_v2.4.107@latest-CHECKSUM.sfv
|
||||
$ wget https://www.circl.lu/misp-images/MISP_v2.4.107@latest-CHECKSUM.sfv.asc
|
||||
$ gpg --verify /MISP_v2.4.107@latest-CHECKSUM.sfv.asc MISP_v2.4.107@latest-CHECKSUM.sfv
|
||||
|
||||
Next, use rhash or go with the manual way.
|
||||
|
||||
rhash
|
||||
-----
|
||||
|
||||
$ rhash -c MISP_v2.4.107@latest-CHECKSUM.sfv
|
||||
|
||||
Verify VMware
|
||||
-------------
|
||||
|
||||
1. Download signatures
|
||||
|
||||
Download the ZIP and the ASC into the same directory.
|
||||
|
||||
2. Verify signatures
|
||||
|
||||
On the command line verify the PGP signature first, example:
|
||||
|
||||
$ gpg --verify MISP_v2.4.107@latest-VMware.zip.asc MISP_v2.4.107@latest-VMware.zip
|
||||
|
||||
TODO: Include output.
|
||||
|
||||
Do steps number 3 from above.
|
||||
Loading…
Reference in New Issue