diff --git a/.drone.yml b/.drone.yml index c19dcdc05..9697d6ca9 100644 --- a/.drone.yml +++ b/.drone.yml @@ -36,7 +36,7 @@ steps: fi . ~/.nvm/nvm.sh [ -n "$PLUGIN_PGP_KEY" ] && gpg --batch --import - <<< $PLUGIN_PGP_KEY - sbt -Duser.home=$PWD docker:stage debian:packageBin rpm:packageBin universal:packageBin + sbt -Duser.home=$PWD Docker/stage Debian/packageBin Rpm/packageBin Universal/packageBin cortexWithDeps/Docker/stage if ( echo $V | grep -qi rc ) then echo $( echo $V | sed -re 's/([0-9]+.[0-9]+.[0-9]+)-RC([0-9]+)-([0-9]+)/\1-RC\2,\1-RC\2-\3/' ) > .tags @@ -104,6 +104,22 @@ steps: when: event: [tag] + - name: update docker tags + image: thehiveproject/drone-scala-node + commands: sed -i -e 's/,/-withdeps,/g; s/$/-withdeps/' .tags + + # Publish docker image on Docker Hub + - name: docker + image: plugins/docker + settings: + context: target/docker-withdeps/target/docker/stage + dockerfile: target/docker-withdeps/target/docker/stage/Dockerfile + repo: thehiveproject/cortex + username: {from_secret: docker_username} + password: {from_secret: docker_password} + when: + event: [tag] + # Publish docker image on Harbor - name: harbor image: plugins/docker diff --git a/build.sbt b/build.sbt index f25d5d42d..cbc06ead0 100644 --- a/build.sbt +++ b/build.sbt @@ -3,34 +3,48 @@ import Common._ lazy val cortex = (project in file(".")) .enablePlugins(PlayScala) .settings(projectSettings) + .settings(PackageSettings.packageSettings) + .settings(PackageSettings.rpmSettings) + .settings(PackageSettings.debianSettings) + .settings(DockerSettings.default) + .settings( + Seq( + libraryDependencies ++= Seq( + Dependencies.Play.cache, + Dependencies.Play.ws, + Dependencies.Play.ahc, + Dependencies.Play.specs2 % Test, + Dependencies.Play.guice, + Dependencies.scalaGuice, + Dependencies.elastic4play, + Dependencies.reflections, + Dependencies.zip4j, + Dependencies.dockerClient, + Dependencies.akkaCluster, + Dependencies.akkaClusterTyped + ), + resolvers += Resolver.sbtPluginRepo("releases"), + resolvers += "scalaz-bintray" at "https://dl.bintray.com/scalaz/releases", + resolvers += "elasticsearch-releases" at "https://artifacts.elastic.co/maven", + Compile / packageDoc / publishArtifact := false, + Compile / doc / sources := Seq.empty, + // Front-end // + Assets / packageBin / mappings ++= frontendFiles.value, + packageBin := { + (Debian / packageBin).value + (Rpm / packageBin).value + (Universal / packageBin).value + } + ) + ) -libraryDependencies ++= Seq( - Dependencies.Play.cache, - Dependencies.Play.ws, - Dependencies.Play.ahc, - Dependencies.Play.specs2 % Test, - Dependencies.Play.guice, - Dependencies.scalaGuice, - Dependencies.elastic4play, - Dependencies.reflections, - Dependencies.zip4j, - Dependencies.dockerClient, - Dependencies.akkaCluster, - Dependencies.akkaClusterTyped -) - -resolvers += Resolver.sbtPluginRepo("releases") -resolvers += "scalaz-bintray" at "https://dl.bintray.com/scalaz/releases" -resolvers += "elasticsearch-releases" at "https://artifacts.elastic.co/maven" -publishArtifact in (Compile, packageDoc) := false -publishArtifact in packageDoc := false -sources in (Compile, doc) := Seq.empty - -// Front-end // -mappings in packageBin in Assets ++= frontendFiles.value - -packageBin := { - (packageBin in Debian).value - (packageBin in Rpm).value - (packageBin in Universal).value -} +lazy val cortexWithDeps = (project in file("target/docker-withdeps")) + .dependsOn(cortex) + .enablePlugins(DockerPlugin) + .settings(projectSettings) + .settings(DockerSettings.withDeps) + .settings( + Docker / mappings := (cortex / Docker / mappings).value, + Docker / version := version.value + "-withdeps", + Docker / packageName := "cortex" + ) diff --git a/debian.sbt b/debian.sbt deleted file mode 100644 index f9d804d14..000000000 --- a/debian.sbt +++ /dev/null @@ -1,21 +0,0 @@ -import Common.{betaVersion, snapshotVersion, stableVersion, versionUsage} - -linuxPackageMappings in Debian += packageMapping(file("LICENSE") -> "/usr/share/doc/cortex/copyright").withPerms("644") -version in Debian := { - version.value match { - case stableVersion(_, _) => version.value - case betaVersion(v1, v2, v3) => v1 + "-0." + v3 + "RC" + v2 - case snapshotVersion(stableVersion(v1, v2)) => v1 + "-" + v2 + "-SNAPSHOT" - case snapshotVersion(betaVersion(v1, v2, v3)) => v1 + "-0." + v3 + "RC" + v2 + "-SNAPSHOT" - case _ => versionUsage(version.value) - } -} - -debianPackageRecommends := Seq("elasticsearch") -debianPackageDependencies += "java8-runtime | java8-runtime-headless" -maintainerScripts in Debian := maintainerScriptsFromDirectory( - baseDirectory.value / "package" / "debian", - Seq(DebianConstants.Postinst, DebianConstants.Prerm, DebianConstants.Postrm) -) -linuxEtcDefaultTemplate in Debian := (baseDirectory.value / "package" / "etc_default_cortex").asURL -linuxMakeStartScript in Debian := None diff --git a/docker.sbt b/docker.sbt deleted file mode 100644 index b00495861..000000000 --- a/docker.sbt +++ /dev/null @@ -1,62 +0,0 @@ -import Common.{betaVersion, snapshotVersion, stableVersion, versionUsage} -import com.typesafe.sbt.packager.docker.{Cmd, ExecCmd} - -version in Docker := { - version.value match { - case stableVersion(_, _) => version.value - case betaVersion(v1, v2, v3) => v1 + "-0." + v3 + "RC" + v2 - case snapshotVersion(stableVersion(v1, v2)) => v1 + "-" + v2 + "-SNAPSHOT" - case snapshotVersion(betaVersion(v1, v2, v3)) => v1 + "-0." + v3 + "RC" + v2 + "-SNAPSHOT" - case _ => versionUsage(version.value) - } -} -defaultLinuxInstallLocation in Docker := "/opt/cortex" -dockerRepository := Some("thehiveproject") -dockerUpdateLatest := !version.value.toUpperCase.contains("RC") && !version.value.contains("SNAPSHOT") -dockerEntrypoint := Seq("/opt/cortex/entrypoint") -dockerExposedPorts := Seq(9001) -mappings in Docker ++= Seq( - file("package/docker/entrypoint") -> "/opt/cortex/entrypoint", - file("package/logback.xml") -> "/etc/cortex/logback.xml", - file("package/empty") -> "/var/log/cortex/application.log" -) -mappings in Docker ~= (_.filterNot { - case (_, filepath) => filepath == "/opt/cortex/conf/application.conf" -}) -dockerCommands := Seq( - Cmd("FROM", "openjdk:8"), - Cmd("LABEL", "MAINTAINER=\"TheHive Project \"", "repository=\"https://github.com/TheHive-Project/TheHive\""), - Cmd("WORKDIR", "/opt/cortex"), - // format: off - Cmd("RUN", - "wget", "-q", "-O", "-", "https://download.docker.com/linux/static/stable/x86_64/docker-18.09.0.tgz", "|", - "tar", "-xzC", "/usr/local/bin/", "--strip-components", "1", "&&", - "addgroup", "--system", "dockremap", "&&", - "adduser", "--system", "--ingroup", "dockremap", "dockremap", "&&", - "addgroup", "--system", "docker", "&&", - "echo", "dockremap:165536:65536", ">>", "/etc/subuid", "&&", - "echo", "dockremap:165536:65536", ">>", "/etc/subgid", "&&", - "apt", "update", "&&", - "apt", "upgrade", "-y", "&&", - "apt", "install", "-y", "iptables", "lxc", "&&", - "apt", "autoclean", "-y", "-q", "&&", - "apt", "autoremove", "-y", "-q", "&&", - "rm", "-rf", "/var/lib/apt/lists/*", "&&", - "(", "type", "groupadd", "1>/dev/null", "2>&1", "&&", - "groupadd", "-g", "1001", "cortex", "||", - "addgroup", "-g", "1001", "-S", "cortex", - ")", "&&", - "(", "type", "useradd", "1>/dev/null", "2>&1", "&&", - "useradd", "--system", "--uid", "1001", "--gid", "1001", "cortex", "||", - "adduser", "-S", "-u", "1001", "-G", "cortex", "cortex", - ")"), - //format: on - Cmd("ADD", "--chown=root:root", "opt", "/opt"), - Cmd("ADD", "--chown=cortex:cortex", "var", "/var"), - Cmd("ADD", "--chown=cortex:cortex", "etc", "/etc"), - Cmd("VOLUME", "/var/lib/docker"), - ExecCmd("RUN", "chmod", "+x", "/opt/cortex/bin/cortex", "/opt/cortex/entrypoint"), - Cmd("EXPOSE", "9001"), - ExecCmd("ENTRYPOINT", "/opt/cortex/entrypoint"), - ExecCmd("CMD") -) diff --git a/package.sbt b/package.sbt deleted file mode 100644 index 5ca968275..000000000 --- a/package.sbt +++ /dev/null @@ -1,55 +0,0 @@ -// Add information in manifest -import Package.ManifestAttributes -import java.util.jar.Attributes.Name._ -packageOptions ++= Seq( - ManifestAttributes(IMPLEMENTATION_TITLE -> name.value), - ManifestAttributes(IMPLEMENTATION_VERSION -> version.value), - ManifestAttributes(SPECIFICATION_VENDOR -> "TheHive Project"), - ManifestAttributes(SPECIFICATION_TITLE -> name.value), - ManifestAttributes(SPECIFICATION_VERSION -> "TheHive Project") -) - -// Install files // -mappings in Universal ~= { - _.flatMap { - case (_, "conf/application.conf") => Nil - case (file, "conf/apllication.sample") => Seq(file -> "conf/application.conf") - case (_, "conf/logback.xml") => Nil - case other => Seq(other) - } ++ Seq( - file("package/cortex.service") -> "package/cortex.service", - file("package/cortex.conf") -> "package/cortex.conf", - file("package/cortex") -> "package/cortex", - file("package/logback.xml") -> "conf/logback.xml" - ) -} - -maintainer := "TheHive Project " -packageSummary := "Powerful Observable Analysis Engine" -packageDescription := """Cortex tries to solve a common problem frequently encountered by SOCs, CSIRTs and security - | researchers in the course of threat intelligence, digital forensics and incident response: how to analyze - | observables they have collected, at scale, by querying a single tool instead of several? - | Cortex, an open source and free software, has been created by TheHive Project for this very purpose. Observables, - | such as IP and email addresses, URLs, domain names, files or hashes, can be analyzed one by one or in bulk mode - | using a Web interface. Analysts can also automate these operations thanks to the Cortex REST API. """.stripMargin -defaultLinuxInstallLocation := "/opt" -linuxPackageMappings ~= { - _.map { pm => - val mappings = pm.mappings.filterNot { - case (_, path) => path.startsWith("/opt/cortex/package") || (path.startsWith("/opt/cortex/conf") && path != "/opt/cortex/conf/reference.conf") - } - com.typesafe.sbt.packager.linux.LinuxPackageMapping(mappings, pm.fileData).withConfig() - } :+ packageMapping( - file("package/cortex.service") -> "/etc/systemd/system/cortex.service", - file("package/cortex.conf") -> "/etc/init/cortex.conf", - file("package/cortex") -> "/etc/init.d/cortex", - file("conf/application.sample") -> "/etc/cortex/application.conf", - file("package/logback.xml") -> "/etc/cortex/logback.xml" - ).withConfig() -} - -packageBin := { - (packageBin in Debian).value - (packageBin in Rpm).value - (packageBin in Universal).value -} diff --git a/project/Common.scala b/project/Common.scala index 4cf047169..4a61bdbde 100644 --- a/project/Common.scala +++ b/project/Common.scala @@ -10,7 +10,6 @@ object Common { organization := "org.thehive-project", licenses += "AGPL-V3" -> url("https://www.gnu.org/licenses/agpl-3.0.html"), organizationHomepage := Some(url("http://thehive-project.org/")), - resolvers += Resolver.bintrayRepo("thehive-project", "maven"), resolvers += "elasticsearch-releases" at "https://artifacts.elastic.co/maven", scalaVersion := Dependencies.scalaVersion, scalacOptions ++= Seq( @@ -34,7 +33,7 @@ object Common { // Redirect logs from ElasticSearch (which uses log4j2) to slf4j libraryDependencies += "org.apache.logging.log4j" % "log4j-to-slf4j" % "2.9.1", excludeDependencies += "org.apache.logging.log4j" % "log4j-core", - dependencyOverrides += "com.typesafe.akka" %% "akka-actor" % play.core.PlayVersion.akkaVersion + dependencyOverrides += "com.typesafe.akka" %% "akka-actor" % play.core.PlayVersion.akkaVersion ) val stableVersion: Regex = "(\\d+\\.\\d+\\.\\d+)-(\\d+)".r diff --git a/project/DockerSettings.scala b/project/DockerSettings.scala new file mode 100644 index 000000000..ebb1b7eb3 --- /dev/null +++ b/project/DockerSettings.scala @@ -0,0 +1,120 @@ +import Common.{betaVersion, snapshotVersion, stableVersion, versionUsage} +import com.typesafe.sbt.packager.docker.DockerPlugin.autoImport._ +import com.typesafe.sbt.packager.docker.{Cmd, ExecCmd} +import com.typesafe.sbt.packager.linux.LinuxPlugin.autoImport.defaultLinuxInstallLocation +import sbt.Keys._ +import sbt._ + +object DockerSettings { + val default = Seq( + Docker / version := { + version.value match { + case stableVersion(_, _) => version.value + case betaVersion(v1, v2, v3) => v1 + "-0." + v3 + "RC" + v2 + case snapshotVersion(stableVersion(v1, v2)) => v1 + "-" + v2 + "-SNAPSHOT" + case snapshotVersion(betaVersion(v1, v2, v3)) => v1 + "-0." + v3 + "RC" + v2 + "-SNAPSHOT" + case _ => versionUsage(version.value) + } + }, + Docker / defaultLinuxInstallLocation := "/opt/cortex", + dockerRepository := Some("thehiveproject"), + dockerUpdateLatest := !version.value.toUpperCase.contains("RC") && !version.value.contains("SNAPSHOT"), + dockerExposedPorts := Seq(9001), + Docker / mappings ++= Seq( + file("package/docker/entrypoint") -> "/opt/cortex/entrypoint", + file("package/logback.xml") -> "/etc/cortex/logback.xml", + file("package/empty") -> "/var/log/cortex/application.log" + ), + Docker / mappings ~= (_.filterNot { + case (_, filepath) => filepath == "/opt/cortex/conf/application.conf" + }), + dockerCommands := Seq( + Cmd("FROM", "openjdk:8"), + Cmd("LABEL", "MAINTAINER=\"TheHive Project \"", "repository=\"https://github.com/TheHive-Project/TheHive\""), + Cmd("WORKDIR", "/opt/cortex"), + // format: off + Cmd("RUN", + "wget", "-q", "-O", "-", "https://download.docker.com/linux/static/stable/x86_64/docker-18.09.0.tgz", "|", + "tar", "-xzC", "/usr/local/bin/", "--strip-components", "1", "&&", + "addgroup", "--system", "dockremap", "&&", + "adduser", "--system", "--ingroup", "dockremap", "dockremap", "&&", + "addgroup", "--system", "docker", "&&", + "echo", "dockremap:165536:65536", ">>", "/etc/subuid", "&&", + "echo", "dockremap:165536:65536", ">>", "/etc/subgid", "&&", + "apt", "update", "&&", + "apt", "upgrade", "-y", "&&", + "apt", "install", "-y", "iptables", "lxc", "&&", + "apt", "autoclean", "-y", "-q", "&&", + "apt", "autoremove", "-y", "-q", "&&", + "rm", "-rf", "/var/lib/apt/lists/*", "&&", + "(", "type", "groupadd", "1>/dev/null", "2>&1", "&&", + "groupadd", "-g", "1001", "cortex", "||", + "addgroup", "-g", "1001", "-S", "cortex", + ")", "&&", + "(", "type", "useradd", "1>/dev/null", "2>&1", "&&", + "useradd", "--system", "--uid", "1001", "--gid", "1001", "cortex", "||", + "adduser", "-S", "-u", "1001", "-G", "cortex", "cortex", + ")"), + //format: on + Cmd("ADD", "--chown=root:root", "opt", "/opt"), + Cmd("ADD", "--chown=cortex:cortex", "var", "/var"), + Cmd("ADD", "--chown=cortex:cortex", "etc", "/etc"), + Cmd("VOLUME", "/var/lib/docker"), + ExecCmd("RUN", "chmod", "+x", "/opt/cortex/bin/cortex", "/opt/cortex/entrypoint"), + Cmd("EXPOSE", "9001"), + ExecCmd("ENTRYPOINT", "/opt/cortex/entrypoint"), + ExecCmd("CMD") + ) + ) + + val withDeps = default ++ Seq( + dockerCommands ++= Seq( + Cmd( + "RUN", + """ + | apt update && + | apt upgrade -y && + | apt install -y -q --no-install-recommends --no-install-suggests + | wkhtmltopdf libfuzzy-dev libimage-exiftool-perl + | libboost-regex-dev + | libboost-program-options-dev + | libboost-system-dev libboost-filesystem-dev libssl-dev + | build-essential cmake python3-dev python2-dev + | git python3 python3-pip libffi-dev libjpeg62-turbo-dev libtiff5-dev + | libopenjp2-7-dev zlib1g-dev libfreetype6-dev liblcms2-dev libwebp-dev + | tcl8.6-dev tk8.6-dev python3-tk libharfbuzz-dev libfribidi-dev + | libxcb1-dev python2.7 && + | rm -rf /var/lib/apt/lists/* && + | curl https://bootstrap.pypa.io/pip/2.7/get-pip.py --output /tmp/get-pip.py && + | python2.7 /tmp/get-pip.py && + | pip2 install -U setuptools && + | pip3 install -U setuptools && + | ln -sf python3 /usr/bin/python && + | hash -r && + | git clone https://github.com/JusticeRage/Manalyze.git /tmp/Manalyze && + | cd /tmp/Manalyze && + | cmake . && + | make -j5 && + | cd /tmp/Manalyze/bin/yara_rules && + | pip3 install requests && + | python3 update_clamav_signatures.py && + | cd /tmp/Manalyze && + | make install && + | cd / && + | rm -rf /tmp/Manalyze && + | curl -SL https://github.com/fireeye/flare-floss/releases/download/v1.7.0/floss-v1.7.0-linux.zip + | --output /tmp/floss.zip && + | unzip /tmp/floss.zip -d /usr/bin && + | rm /tmp/floss.zip && + | git clone https://github.com/TheHive-Project/Cortex-Analyzers.git /tmp/analyzers && + | cat $(find /tmp/analyzers -name requirements.txt) | sort -u | while read I ; + | do + | pip2 install $I || true && + | pip3 install $I || true ; + | done && + | rm -rf /tmp/analyzers + """.stripMargin.split("\\s").filter(_.nonEmpty): _* + ) + ) + ) +} diff --git a/project/PackageSettings.scala b/project/PackageSettings.scala new file mode 100644 index 000000000..a2ed84973 --- /dev/null +++ b/project/PackageSettings.scala @@ -0,0 +1,138 @@ +import Common.{betaVersion, snapshotVersion, stableVersion, versionUsage} +import com.typesafe.sbt.SbtNativePackager.autoImport.{maintainer, maintainerScripts, packageDescription, packageSummary} +import com.typesafe.sbt.packager.Keys._ +import com.typesafe.sbt.packager.archetypes.JavaAppPackaging.autoImport.maintainerScriptsFromDirectory +import com.typesafe.sbt.packager.debian.DebianPlugin.autoImport.{debianPackageDependencies, debianPackageRecommends, Debian, DebianConstants} +import com.typesafe.sbt.packager.linux.LinuxPlugin.autoImport.{ + defaultLinuxInstallLocation, + linuxEtcDefaultTemplate, + linuxMakeStartScript, + linuxPackageMappings, + packageMapping +} +import com.typesafe.sbt.packager.linux.Mapper.configWithNoReplace +import com.typesafe.sbt.packager.rpm.RpmPlugin.autoImport.{Rpm, RpmConstants} +import com.typesafe.sbt.packager.universal.UniversalPlugin.autoImport.Universal +import sbt.Keys._ +import sbt.Package.ManifestAttributes +import sbt._ + +import java.util.jar.Attributes.Name._ + +object PackageSettings { + val rpmSettings = Seq( + Rpm / version := { + version.value match { + case stableVersion(v1, _) => v1 + case betaVersion(v1, _, _) => v1 + case snapshotVersion(stableVersion(v1, _)) => v1 + case snapshotVersion(betaVersion(v1, _, _)) => v1 + case _ => versionUsage(version.value) + } + }, + rpmRelease := { + version.value match { + case stableVersion(_, v2) => v2 + case betaVersion(_, v2, v3) => "0." + v3 + "RC" + v2 + case snapshotVersion(stableVersion(_, v2)) => v2 + "-SNAPSHOT" + case snapshotVersion(betaVersion(_, v2, v3)) => "0." + v3 + "RC" + v2 + "-SNAPSHOT" + case _ => versionUsage(version.value) + } + }, + rpmVendor := organizationName.value, + rpmUrl := organizationHomepage.value.map(_.toString), + rpmLicense := Some("AGPL"), + rpmRequirements += "java-1.8.0-openjdk-headless", + Rpm / maintainerScripts := maintainerScriptsFromDirectory( + baseDirectory.value / "package" / "rpm", + Seq(RpmConstants.Pre, RpmConstants.Preun, RpmConstants.Post, RpmConstants.Postun) + ), + Rpm / linuxPackageSymlinks := Nil, + rpmPrefix := Some(defaultLinuxInstallLocation.value), + Rpm / linuxEtcDefaultTemplate := (baseDirectory.value / "package" / "etc_default_cortex").asURL, + Rpm / linuxPackageMappings := configWithNoReplace((Rpm / linuxPackageMappings).value), + Rpm / packageBin := { + import scala.sys.process._ + val rpmFile = (Rpm / packageBin).value + Process( + "rpm" :: + "--define" :: "_gpg_name TheHive Project" :: + "--define" :: "_signature gpg" :: + "--define" :: "__gpg_check_password_cmd /bin/true" :: + "--define" :: "__gpg_sign_cmd %{__gpg} gpg --batch --no-verbose --no-armor --use-agent --no-secmem-warning -u \"%{_gpg_name}\" -sbo %{__signature_filename} %{__plaintext_filename}" :: + "--addsign" :: rpmFile.toString :: + Nil + ).!! + rpmFile + } + ) + + val debianSettings = Seq( + Debian / linuxPackageMappings += packageMapping(file("LICENSE") -> "/usr/share/doc/cortex/copyright").withPerms("644"), + Debian / version := { + version.value match { + case stableVersion(_, _) => version.value + case betaVersion(v1, v2, v3) => v1 + "-0." + v3 + "RC" + v2 + case snapshotVersion(stableVersion(v1, v2)) => v1 + "-" + v2 + "-SNAPSHOT" + case snapshotVersion(betaVersion(v1, v2, v3)) => v1 + "-0." + v3 + "RC" + v2 + "-SNAPSHOT" + case _ => versionUsage(version.value) + } + }, + debianPackageRecommends := Seq("elasticsearch"), + debianPackageDependencies += "java8-runtime | java8-runtime-headless", + Debian / maintainerScripts := maintainerScriptsFromDirectory( + baseDirectory.value / "package" / "debian", + Seq(DebianConstants.Postinst, DebianConstants.Prerm, DebianConstants.Postrm) + ), + Debian / linuxEtcDefaultTemplate := (baseDirectory.value / "package" / "etc_default_cortex").asURL, + Debian / linuxMakeStartScript := None + ) + + val packageSettings = Seq( + packageOptions ++= Seq( + ManifestAttributes(IMPLEMENTATION_TITLE -> name.value), + ManifestAttributes(IMPLEMENTATION_VERSION -> version.value), + ManifestAttributes(SPECIFICATION_VENDOR -> "TheHive Project"), + ManifestAttributes(SPECIFICATION_TITLE -> name.value), + ManifestAttributes(SPECIFICATION_VERSION -> "TheHive Project") + ), + // Install files // + Universal / mappings ~= { + _.flatMap { + case (_, "conf/application.conf") => Nil + case (file, "conf/apllication.sample") => Seq(file -> "conf/application.conf") + case (_, "conf/logback.xml") => Nil + case other => Seq(other) + } ++ Seq( + file("package/cortex.service") -> "package/cortex.service", + file("package/cortex.conf") -> "package/cortex.conf", + file("package/cortex") -> "package/cortex", + file("package/logback.xml") -> "conf/logback.xml" + ) + }, + maintainer := "TheHive Project ", + packageSummary := "Powerful Observable Analysis Engine", + packageDescription := """Cortex tries to solve a common problem frequently encountered by SOCs, CSIRTs and security + | researchers in the course of threat intelligence, digital forensics and incident response: how to analyze + | observables they have collected, at scale, by querying a single tool instead of several? + | Cortex, an open source and free software, has been created by TheHive Project for this very purpose. Observables, + | such as IP and email addresses, URLs, domain names, files or hashes, can be analyzed one by one or in bulk mode + | using a Web interface. Analysts can also automate these operations thanks to the Cortex REST API. """.stripMargin, + defaultLinuxInstallLocation := "/opt", + linuxPackageMappings ~= { + _.map { pm => + val mappings = pm.mappings.filterNot { + case (_, path) => + path.startsWith("/opt/cortex/package") || (path.startsWith("/opt/cortex/conf") && path != "/opt/cortex/conf/reference.conf") + } + com.typesafe.sbt.packager.linux.LinuxPackageMapping(mappings, pm.fileData).withConfig() + } :+ packageMapping( + file("package/cortex.service") -> "/etc/systemd/system/cortex.service", + file("package/cortex.conf") -> "/etc/init/cortex.conf", + file("package/cortex") -> "/etc/init.d/cortex", + file("conf/application.sample") -> "/etc/cortex/application.conf", + file("package/logback.xml") -> "/etc/cortex/logback.xml" + ).withConfig() + } + ) +} diff --git a/project/build.properties b/project/build.properties index a919a9b5f..10fd9eee0 100644 --- a/project/build.properties +++ b/project/build.properties @@ -1 +1 @@ -sbt.version=1.3.8 +sbt.version=1.5.5 diff --git a/rpm.sbt b/rpm.sbt deleted file mode 100644 index 3a14edc78..000000000 --- a/rpm.sbt +++ /dev/null @@ -1,51 +0,0 @@ -import Common.{betaVersion, snapshotVersion, stableVersion, versionUsage} - -version in Rpm := { - version.value match { - case stableVersion(v1, _) => v1 - case betaVersion(v1, _, _) => v1 - case snapshotVersion(stableVersion(v1, _)) => v1 - case snapshotVersion(betaVersion(v1, _, _)) => v1 - case _ => versionUsage(version.value) - } -} -rpmRelease := { - version.value match { - case stableVersion(_, v2) => v2 - case betaVersion(_, v2, v3) => "0." + v3 + "RC" + v2 - case snapshotVersion(stableVersion(_, v2)) => v2 + "-SNAPSHOT" - case snapshotVersion(betaVersion(_, v2, v3)) => "0." + v3 + "RC" + v2 + "-SNAPSHOT" - case _ => versionUsage(version.value) - } -} - -rpmVendor := organizationName.value -rpmUrl := organizationHomepage.value.map(_.toString) -rpmLicense := Some("AGPL") -rpmRequirements += "java-1.8.0-openjdk-headless" - -maintainerScripts in Rpm := maintainerScriptsFromDirectory( - baseDirectory.value / "package" / "rpm", - Seq(RpmConstants.Pre, RpmConstants.Preun, RpmConstants.Post, RpmConstants.Postun) -) - -linuxPackageSymlinks in Rpm := Nil -rpmPrefix := Some(defaultLinuxInstallLocation.value) -linuxEtcDefaultTemplate in Rpm := (baseDirectory.value / "package" / "etc_default_cortex").asURL - -linuxPackageMappings in Rpm := configWithNoReplace((linuxPackageMappings in Rpm).value) - -packageBin in Rpm := { - import scala.sys.process._ - val rpmFile = (packageBin in Rpm).value - Process( - "rpm" :: - "--define" :: "_gpg_name TheHive Project" :: - "--define" :: "_signature gpg" :: - "--define" :: "__gpg_check_password_cmd /bin/true" :: - "--define" :: "__gpg_sign_cmd %{__gpg} gpg --batch --no-verbose --no-armor --use-agent --no-secmem-warning -u \"%{_gpg_name}\" -sbo %{__signature_filename} %{__plaintext_filename}" :: - "--addsign" :: rpmFile.toString :: - Nil - ).!! - rpmFile -} diff --git a/version.sbt b/version.sbt index d7c2333b1..7b92e2c5a 100644 --- a/version.sbt +++ b/version.sbt @@ -1 +1 @@ -version in ThisBuild := "3.1.1-1" +ThisBuild / version := "3.1.1-1"