splunk-malware-filter/build.py

#!/usr/bin/env python

"""Build Splunk app package"""

import tarfile
from configparser import ConfigParser
from os import environ, path
from re import search, sub
from subprocess import check_call
from sys import executable


def version():
    """
    Return version number from app.conf or commit hash if in CI
    """

    commit_sha = (
        (
            # gitlab
            environ.get("CI_COMMIT_TAG")
            or environ.get("CI_COMMIT_SHORT_SHA")
            # github
            or (
                environ.get("GITHUB_REF_NAME")
                if environ.get("GITHUB_REF_TYPE") == "tag"
                else None
            )
            or environ.get("GITHUB_SHA", "")[0:8]
        )
        if environ.get("CI") == "true"
        else None
    )
    if commit_sha:
        return commit_sha

    app_conf_path = path.join(
        "default",
        "app.conf",
    )
    app_conf = ConfigParser()
    app_conf.read(app_conf_path)
    launcher = app_conf["launcher"] if "launcher" in app_conf.sections() else {}
    return launcher.get("version", "")


def exclusion(tarinfo):
    """Exclude dev files and cache, and reset file stats"""

    # exclude certain folders/files
    pathname = tarinfo.name
    if search(
        r"/\.|\\\.|__pycache__|pyproject\.toml|requirements|build\.py|tar\.gz", pathname
    ):
        return None

    # rename parent folder as "TA-malware-filter"
    tarinfo.name = sub(r"^.", "TA-malware-filter", pathname)

    # reset file stats
    # based on https://splunkbase.splunk.com/app/833
    tarinfo.uid = 1001
    tarinfo.gid = 123
    tarinfo.uname = tarinfo.gname = ""

    return tarinfo


print("Installing dependencies into './lib/'...")
check_call(
    [
        executable,
        "-m",
        "pip",
        "install",
        "--quiet",
        "splunk-sdk == 1.*",
        "-t",
        "lib",
        "--upgrade",
    ]
)

pkg_file = f"TA-malware-filter-{version()}.tar.gz"
print(f"Creating {pkg_file}...")
with tarfile.open(pkg_file, "w:gz") as tar:
    tar.add(".", filter=exclusion)
Initial commit 2023-01-27 09:47:59 +00:00			`#!/usr/bin/env python`

			`"""Build Splunk app package"""`

			`import tarfile`
			`from configparser import ConfigParser`
			`from os import environ, path`
			`from re import search, sub`
			`from subprocess import check_call`
			`from sys import executable`


			`def version():`
			`"""`
			`Return version number from app.conf or commit hash if in CI`
			`"""`

			`commit_sha = (`
ci: publish release and asset - https://gitlab.com/gitlab-org/release-cli/-/tree/master/docs/examples/release-assets-as-generic-package - https://docs.gitlab.com/ee/ci/yaml/#release - https://stackoverflow.com/a/29521646 - https://docs.gitlab.com/ee/user/packages/generic_packages/index.html#publish-a-generic-package-by-using-cicd 2023-01-27 11:05:34 +00:00			`(`
			`# gitlab`
			`environ.get("CI_COMMIT_TAG")`
			`or environ.get("CI_COMMIT_SHORT_SHA")`
			`# github`
			`or (`
			`environ.get("GITHUB_REF_NAME")`
			`if environ.get("GITHUB_REF_TYPE") == "tag"`
			`else None`
			`)`
			`or environ.get("GITHUB_SHA", "")[0:8]`
			`)`
			`if environ.get("CI") == "true"`
			`else None`
Initial commit 2023-01-27 09:47:59 +00:00			`)`
			`if commit_sha:`
			`return commit_sha`

			`app_conf_path = path.join(`
			`"default",`
			`"app.conf",`
			`)`
			`app_conf = ConfigParser()`
			`app_conf.read(app_conf_path)`
fix: remove splunk 8 compatibility app is not compatible with SCP1 "chunked=false" Revert "fix: compatibility with splunk 8" This reverts commit 0cc9e2fd6431c39e9fac0355b800b90469b6906d. 2023-02-06 06:40:51 +00:00			`launcher = app_conf["launcher"] if "launcher" in app_conf.sections() else {}`
			`return launcher.get("version", "")`
Initial commit 2023-01-27 09:47:59 +00:00

			`def exclusion(tarinfo):`
			`"""Exclude dev files and cache, and reset file stats"""`

			`# exclude certain folders/files`
			`pathname = tarinfo.name`
			`if search(`
style: escape regex char 2023-02-04 22:40:01 +00:00			`r"/\.\|\\\.\|__pycache__\|pyproject\.toml\|requirements\|build\.py\|tar\.gz", pathname`
Initial commit 2023-01-27 09:47:59 +00:00			`):`
			`return None`

docs: rename add-on https://dev.splunk.com/enterprise/docs/releaseapps/splunkbase/namingguidelines/ 2023-07-14 10:12:39 +00:00			`# rename parent folder as "TA-malware-filter"`
			`tarinfo.name = sub(r"^.", "TA-malware-filter", pathname)`
Initial commit 2023-01-27 09:47:59 +00:00
			`# reset file stats`
			`# based on https://splunkbase.splunk.com/app/833`
			`tarinfo.uid = 1001`
			`tarinfo.gid = 123`
			`tarinfo.uname = tarinfo.gname = ""`

			`return tarinfo`


			`print("Installing dependencies into './lib/'...")`
			`check_call(`
			`[`
			`executable,`
			`"-m",`
			`"pip",`
			`"install",`
			`"--quiet",`
build: exclude requests lib - use splunk built-in, maybe useful for certifi cacert.pem style: add path instead of __init__.py style: remove shebang (not meant to be executed by generic python) 2023-02-08 10:06:21 +00:00			`"splunk-sdk == 1.*",`
Initial commit 2023-01-27 09:47:59 +00:00			`"-t",`
			`"lib",`
			`"--upgrade",`
			`]`
			`)`

docs: rename add-on https://dev.splunk.com/enterprise/docs/releaseapps/splunkbase/namingguidelines/ 2023-07-14 10:12:39 +00:00			`pkg_file = f"TA-malware-filter-{version()}.tar.gz"`
Initial commit 2023-01-27 09:47:59 +00:00			`print(f"Creating {pkg_file}...")`
			`with tarfile.open(pkg_file, "w:gz") as tar:`
			`tar.add(".", filter=exclusion)`