mirror of
https://github.com/fleetdm/fleet
synced 2026-05-23 08:58:41 +00:00
Support fleetctl preview from a branch, default to production (#2476)
This commit is contained in:
Martin Angers
GitHub
parent
ded8feea56
commit
dcf701ef2b
2 changed files with 24 additions and 17 deletions
1
changes/add-osquery-in-a-box-branch-flag-to-fleetctl
Normal file
1
changes/add-osquery-in-a-box-branch-flag-to-fleetctl
Normal file
|
|
@ -0,0 +1 @@
|
|||
* Add the `preview-config` flag to `fleetctl preview`, default to the `production` branch.
|
||||
|
|
@ -21,10 +21,11 @@ import (
|
|||
)
|
||||
|
||||
const (
|
||||
downloadUrl = "https://github.com/fleetdm/osquery-in-a-box/archive/master.zip"
|
||||
downloadUrl = "https://github.com/fleetdm/osquery-in-a-box/archive/%s.zip"
|
||||
standardQueryLibraryUrl = "https://raw.githubusercontent.com/fleetdm/fleet/main/docs/01-Using-Fleet/standard-query-library/standard-query-library.yml"
|
||||
licenseKeyFlagName = "license-key"
|
||||
tagFlagName = "tag"
|
||||
previewConfigFlagName = "preview-config"
|
||||
)
|
||||
|
||||
func previewCommand() *cli.Command {
|
||||
|
|
@ -51,6 +52,11 @@ Use the stop and reset subcommands to manage the server and dependencies once st
|
|||
Usage: "Run a specific version of Fleet",
|
||||
Value: "latest",
|
||||
},
|
||||
&cli.StringFlag{
|
||||
Name: previewConfigFlagName,
|
||||
Usage: "Run a specific branch of the preview repository",
|
||||
Value: "production",
|
||||
},
|
||||
},
|
||||
Action: func(c *cli.Context) error {
|
||||
if err := checkDocker(); err != nil {
|
||||
|
|
@ -59,8 +65,9 @@ Use the stop and reset subcommands to manage the server and dependencies once st
|
|||
|
||||
// Download files every time to ensure the user gets the most up to date versions
|
||||
previewDir := previewDirectory()
|
||||
fmt.Printf("Downloading dependencies into %s...\n", previewDir)
|
||||
if err := downloadFiles(); err != nil {
|
||||
osqueryBranch := c.String(previewConfigFlagName)
|
||||
fmt.Printf("Downloading dependencies from %s into %s...\n", osqueryBranch, previewDir)
|
||||
if err := downloadFiles(osqueryBranch); err != nil {
|
||||
return errors.Wrap(err, "Error downloading dependencies")
|
||||
}
|
||||
|
||||
|
|
@ -77,6 +84,9 @@ Use the stop and reset subcommands to manage the server and dependencies once st
|
|||
if err := os.Chmod(filepath.Join(previewDir, "logs"), 0777); err != nil {
|
||||
return errors.Wrap(err, "make logs writable")
|
||||
}
|
||||
if err := os.Chmod(filepath.Join(previewDir, "vulndb"), 0777); err != nil {
|
||||
return errors.Wrap(err, "make vulndb writable")
|
||||
}
|
||||
|
||||
if err := os.Setenv("FLEET_VERSION", c.String(tagFlagName)); err != nil {
|
||||
return errors.Wrap(err, "failed to set Fleet version")
|
||||
|
|
@ -198,10 +208,12 @@ Use the stop and reset subcommands to manage the server and dependencies once st
|
|||
return errors.Wrap(err, "failed to apply standard query library")
|
||||
}
|
||||
|
||||
// disable anonymous analytics collection and enable software inventory for preview
|
||||
if err := client.ApplyAppConfig(map[string]map[string]bool{
|
||||
"host_settings": {"enable_software_inventory": true},
|
||||
"host_settings": {"enable_software_inventory": true},
|
||||
"server_settings": {"enable_analytics": false},
|
||||
}); err != nil {
|
||||
return errors.Wrap(err, "failed to enable software inventory app config")
|
||||
return errors.Wrap(err, "failed to apply updated app config")
|
||||
}
|
||||
|
||||
secrets, err := client.GetEnrollSecretSpec()
|
||||
|
|
@ -213,13 +225,6 @@ Use the stop and reset subcommands to manage the server and dependencies once st
|
|||
return errors.New("Expected 1 active enroll secret")
|
||||
}
|
||||
|
||||
// disable anonymous analytics collection for preview
|
||||
if err := client.ApplyAppConfig(map[string]map[string]bool{
|
||||
"server_settings": {"enable_analytics": false}},
|
||||
); err != nil {
|
||||
return errors.Wrap(err, "Error disabling anonymous analytics collection in app config")
|
||||
}
|
||||
|
||||
fmt.Println("Starting simulated hosts...")
|
||||
cmd = exec.Command("docker-compose", "up", "-d", "--remove-orphans")
|
||||
cmd.Dir = filepath.Join(previewDir, "osquery")
|
||||
|
|
@ -254,8 +259,8 @@ func previewDirectory() string {
|
|||
return filepath.Join(homeDir, ".fleet", "preview")
|
||||
}
|
||||
|
||||
func downloadFiles() error {
|
||||
resp, err := http.Get(downloadUrl)
|
||||
func downloadFiles(branch string) error {
|
||||
resp, err := http.Get(fmt.Sprintf(downloadUrl, branch))
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
|
@ -276,7 +281,7 @@ func downloadFiles() error {
|
|||
}
|
||||
// zip.NewReader does not need to be closed (and cannot be)
|
||||
|
||||
if err := unzip(zipReader); err != nil {
|
||||
if err := unzip(zipReader, branch); err != nil {
|
||||
return errors.Wrap(err, "unzip download contents")
|
||||
}
|
||||
|
||||
|
|
@ -299,11 +304,12 @@ func downloadStandardQueryLibrary() ([]byte, error) {
|
|||
}
|
||||
|
||||
// Adapted from https://stackoverflow.com/a/24792688/491710
|
||||
func unzip(r *zip.Reader) error {
|
||||
func unzip(r *zip.Reader, branch string) error {
|
||||
previewDir := previewDirectory()
|
||||
|
||||
// Closure to address file descriptors issue with all the deferred .Close()
|
||||
// methods
|
||||
replacePath := fmt.Sprintf("osquery-in-a-box-%s", branch)
|
||||
extractAndWriteFile := func(f *zip.File) error {
|
||||
rc, err := f.Open()
|
||||
if err != nil {
|
||||
|
|
@ -312,7 +318,7 @@ func unzip(r *zip.Reader) error {
|
|||
defer rc.Close()
|
||||
|
||||
path := f.Name
|
||||
path = strings.Replace(path, "osquery-in-a-box-master", previewDir, 1)
|
||||
path = strings.Replace(path, replacePath, previewDir, 1)
|
||||
|
||||
// We don't need to check for directory traversal as we are already
|
||||
// trusting the validity of this ZIP file.
|
||||
|
|
|
|||
Loading…
Reference in a new issue