From bc39118883b321e76df57357706466266f2cf5bc Mon Sep 17 00:00:00 2001 From: Zach Wasserman Date: Tue, 2 Mar 2021 11:24:32 -0800 Subject: [PATCH] Use symlink for current orbit binary --- cmd/package/package.go | 4 ++++ pkg/packaging/deb.go | 5 +++-- pkg/packaging/macos.go | 21 ++++++++++++--------- pkg/packaging/macos_templates.go | 5 +++-- pkg/packaging/packaging.go | 10 +++++++--- pkg/update/update.go | 6 ++++++ 6 files changed, 35 insertions(+), 16 deletions(-) diff --git a/cmd/package/package.go b/cmd/package/package.go index fa2c7af43a..8d1308aade 100644 --- a/cmd/package/package.go +++ b/cmd/package/package.go @@ -94,6 +94,10 @@ func main() { } } + // TODO take these from flags + opt.OrbitChannel = "stable" + opt.OsqueryChannel = "stable" + switch c.String("type") { case "pkg": return packaging.BuildPkg(opt) diff --git a/pkg/packaging/deb.go b/pkg/packaging/deb.go index 98825b9260..9b7692282b 100644 --- a/pkg/packaging/deb.go +++ b/pkg/packaging/deb.go @@ -40,12 +40,13 @@ func BuildDeb(opt Options) error { updateOpt := update.DefaultOptions updateOpt.Platform = "linux" updateOpt.RootDirectory = orbitRoot + updateOpt.OrbitChannel = opt.OrbitChannel + updateOpt.OsqueryChannel = opt.OsqueryChannel // TODO these should be configurable updateOpt.ServerURL = "https://tuf.fleetctl.com" - osqueryChannel, orbitChannel := "stable", "stable" - if err := initializeUpdates(updateOpt, osqueryChannel, orbitChannel); err != nil { + if err := initializeUpdates(updateOpt); err != nil { return errors.Wrap(err, "initialize updates") } diff --git a/pkg/packaging/macos.go b/pkg/packaging/macos.go index 26ffb6f215..bc4a4c9dae 100644 --- a/pkg/packaging/macos.go +++ b/pkg/packaging/macos.go @@ -43,12 +43,13 @@ func BuildPkg(opt Options) error { updateOpt := update.DefaultOptions updateOpt.Platform = "macos" updateOpt.RootDirectory = orbitRoot + updateOpt.OrbitChannel = opt.OrbitChannel + updateOpt.OsqueryChannel = opt.OsqueryChannel // TODO these should be configurable updateOpt.ServerURL = "https://tuf.fleetctl.com" - osqueryChannel, orbitChannel := "stable", "stable" - if err := initializeUpdates(updateOpt, osqueryChannel, orbitChannel); err != nil { + if err := initializeUpdates(updateOpt); err != nil { return errors.Wrap(err, "initialize updates") } @@ -76,13 +77,15 @@ func BuildPkg(opt Options) error { return errors.Wrap(err, "write fleet certificate") } } - if err := copyFile( - "./orbit", - filepath.Join(orbitRoot, "bin", "orbit", "macos", "current", "orbit"), - 0755, - ); err != nil { - return errors.Wrap(err, "write orbit") - } + + // TODO gate behind a flag and allow copying a local orbit + // if err := copyFile( + // "./orbit", + // filepath.Join(orbitRoot, "bin", "orbit", "macos", "current", "orbit"), + // 0755, + // ); err != nil { + // return errors.Wrap(err, "write orbit") + // } // Build package if err := xarBom(opt, tmpDir); err != nil { diff --git a/pkg/packaging/macos_templates.go b/pkg/packaging/macos_templates.go index 8ecdea473c..361eeabf1a 100644 --- a/pkg/packaging/macos_templates.go +++ b/pkg/packaging/macos_templates.go @@ -33,7 +33,8 @@ var macosDistributionTemplate = template.Must(template.New("").Option("missingke var macosPostinstallTemplate = template.Must(template.New("").Option("missingkey=error").Parse( `#!/bin/bash -ln -sf /var/lib/orbit/orbit /usr/local/bin/orbit +ln -sf /var/lib/orbit/bin/orbit/macos/{{.OrbitChannel}}/orbit /var/lib/orbit/bin/orbit/orbit +ln -sf /var/lib/orbit/bin/orbit/orbit /usr/local/bin/orbit {{ if .StartService -}} launchctl stop com.fleetdm.orbit @@ -60,7 +61,7 @@ var macosLaunchdTemplate = template.Must(template.New("").Option("missingkey=err com.fleetdm.orbit ProgramArguments - /var/lib/orbit/bin/orbit/macos/current/orbit + /var/lib/orbit/bin/orbit/orbit StandardOutPath /var/log/orbit/orbit.stdout.log diff --git a/pkg/packaging/packaging.go b/pkg/packaging/packaging.go index 7d75bf643d..3b59a03dca 100644 --- a/pkg/packaging/packaging.go +++ b/pkg/packaging/packaging.go @@ -34,6 +34,10 @@ type Options struct { Notarize bool // FleetCertificate is a path to a server certificate to include in the package. FleetCertificate string + // OrbitChannel is the update channel to use for Orbit. + OrbitChannel string + // OsqueryChannel is the update channel to use for Osquery. + OsqueryChannel string } func copyFile(srcPath, dstPath string, perm os.FileMode) error { @@ -60,7 +64,7 @@ func copyFile(srcPath, dstPath string, perm os.FileMode) error { return nil } -func initializeUpdates(updateOpt update.Options, osqueryChannel, orbitChannel string) error { +func initializeUpdates(updateOpt update.Options) error { localStore, err := filestore.New(filepath.Join(updateOpt.RootDirectory, "tuf-metadata.json")) if err != nil { return errors.Wrap(err, "failed to create local metadata store") @@ -74,13 +78,13 @@ func initializeUpdates(updateOpt update.Options, osqueryChannel, orbitChannel st if err := updater.UpdateMetadata(); err != nil { return errors.Wrap(err, "failed to update metadata") } - osquerydPath, err := updater.Get("osqueryd", osqueryChannel) + osquerydPath, err := updater.Get("osqueryd", updateOpt.OsqueryChannel) if err != nil { return errors.Wrap(err, "failed to get osqueryd") } log.Debug().Str("path", osquerydPath).Msg("got osqueryd") - orbitPath, err := updater.Get("orbit", orbitChannel) + orbitPath, err := updater.Get("orbit", updateOpt.OrbitChannel) if err != nil { return errors.Wrap(err, "failed to get orbit") } diff --git a/pkg/update/update.go b/pkg/update/update.go index 2fd31de1e2..9ee33d5716 100644 --- a/pkg/update/update.go +++ b/pkg/update/update.go @@ -46,6 +46,10 @@ type Options struct { // Platform is the target of the platform to update for. In the default // options this is the current platform. Platform string + // OrbitChannel is the update channel to use for Orbit. + OrbitChannel string + // OsqueryChannel is the update channel to use for Osquery. + OsqueryChannel string } var ( @@ -58,6 +62,8 @@ var ( InsecureTransport: false, Platform: constant.PlatformName, RootKeys: defaultRootKeys, + OrbitChannel: "stable", + OsqueryChannel: "stable", } )