This repository has been archived by the owner on May 2, 2020. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 10
/
0_build_images.sh
executable file
·144 lines (126 loc) · 3.72 KB
/
0_build_images.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
#!/bin/bash
VERSION=7.6.1
DOCKERHUB="soshybridhunter"
TAGPRE=""
TAG="HH1.2.1"
FLAVOR="-oss"
OPTIONS="--no-cache"
SKIP=0
PUSH="no"
#########################################
# Options
#########################################
usage()
{
cat <<EOF
SO Docker Image Build Script
Options:
# Build Elastic search w/ Features
Ex. ./0_build_images.sh -i elasticsearch -t HH1.1.4 -f -y
# Build All Elastic Images (oss)
Ex. ./0_build_images.sh -i elastic -t HH1.1.4 -y
# Build All Images
Ex. ./0_build_images.sh -i all -t HH1.1.4 -y
# Build Image with different (than default) repo
Ex. ./0_build_images.sh -i elasticsearch -t HH1.1.4 -d mynewrepo -y
-h Help
-i Docker image
-d Dockerhub repo
-t Image Tag
-f Use Features
-o Specify additional options
-p Push and sign
-y Skip prompt
EOF
}
while getopts "hfypd:i:t:" OPTION
do
case $OPTION in
h)
usage
exit 0
;;
i)
BUILD=$OPTARG
;;
d)
DOCKERHUB=$OPTARG
;;
f)
FLAVOR=""
TAGPRE="features-"
;;
o)
OPTIONS=$OPTARG
;;
p)
PUSH="yes"
;;
t)
TAG=$OPTARG
;;
y)
SKIP=1
;;
esac
done
if [ "$SKIP" = 0 ]; then
echo
echo "This script will build all Docker images for Security Onion."
echo
echo "It is currently set to build Elastic stack version ${VERSION}."
echo
echo "Press Enter to continue or Ctrl-c to cancel."
read PAUSE
echo
fi
if [ "$PUSH" = "yes" ]; then
echo "Tell me your secret:"
read -s $KEY
fi
# Elastic
for i in elasticsearch logstash kibana filebeat ; do
if [ "$BUILD" = $i ] || [ "$BUILD" = "elastic" ] || [ "$BUILD" = "all" ]; then
cp so-$i/Dockerfile so-$i/Dockerfile.bak
sed -i "s|FLAVOR|$i${FLAVOR}|g" so-$i/Dockerfile
sed -i "s|X.Y.Z|$VERSION|g" so-$i/Dockerfile
docker build $OPTIONS -t $DOCKERHUB/so-$i:$TAGRPRE$TAG so-$i
mv so-$i/Dockerfile.bak so-$i/Dockerfile
if [ "PUSH" = "yes" ];then
echo "$KEY" | docker trust sign $DOCKERHUB/so-wazuh:$TAGPRE$TAG
docker push $DOCKERHUB/so-wazuh:$TAGPRE$TAG
fi
fi
done
# TheHive
for i in thehive thehive-cortex thehive-es; do
if [ "$BUILD" = $i ] || [ "$BUILD" = "allthehive" ] || [ "$BUILD" = "all" ]; then
if [ $i = "thehive-es" ]; then
cp so-$i/Dockerfile so-$i/Dockerfile.bak
sed -i "s|FLAVOR|elasticsearch${FLAVOR}|g" so-$i/Dockerfile
sed -i "s|X.Y.Z|$VERSION|g" so-$i/Dockerfile
docker build $OPTIONS -t $DOCKERHUB/so-$i:$TAGPRE$TAG so-$i
mv so-$i/Dockerfile.bak so-$i/Dockerfile
else
docker build $OPTIONS -t $DOCKERHUB/so-$i:$TAG so-$i/
fi
if [ "PUSH" = "yes" ];then
echo "$KEY" | docker trust sign $DOCKERHUB/so-wazuh:$TAGPRE$TAG
docker push $DOCKERHUB/so-wazuh:$TAGPRE$TAG
fi
fi
done
# Single builds
for i in core curator elastalert domainstats fleet fleet-launcher freqserver grafana idstools influxdb mysql tcpreplay navigator playbook redis steno soctopus suricata telegraf wazuh zeek; do
if [ "$BUILD" = $i ] || [ "$BUILD" = "all" ]; then
if [ $i = "core" ]; then
./so-core/get_cyberchef && docker build $OPTIONS -t $DOCKERHUB/so-core:$TAG so-core/
else
docker build $OPTIONS -t $DOCKERHUB/so-$i:$TAG so-$i/
fi
if [ "PUSH" = "yes" ]; then
echo "$KEY" | docker trust sign $DOCKERHUB/so-wazuh:$TAGPRE$TAG
docker push $DOCKERHUB/so-wazuh:$TAGPRE$TAG
fi
fi
done