splunk-malware-filter/build.py

88 lines
2.0 KiB
Python
Raw Normal View History

2023-01-27 09:47:59 +00:00
#!/usr/bin/env python
"""Build Splunk app package"""
import tarfile
from configparser import ConfigParser
from os import environ, path
from re import search, sub
from subprocess import check_call
from sys import executable
def version():
"""
Return version number from app.conf or commit hash if in CI
"""
commit_sha = (
(
# gitlab
environ.get("CI_COMMIT_TAG")
or environ.get("CI_COMMIT_SHORT_SHA")
# github
or (
environ.get("GITHUB_REF_NAME")
if environ.get("GITHUB_REF_TYPE") == "tag"
else None
)
or environ.get("GITHUB_SHA", "")[0:8]
)
if environ.get("CI") == "true"
else None
2023-01-27 09:47:59 +00:00
)
if commit_sha:
return commit_sha
app_conf_path = path.join(
"default",
"app.conf",
)
app_conf = ConfigParser()
app_conf.read(app_conf_path)
launcher = app_conf["launcher"] if "launcher" in app_conf.sections() else {}
return launcher.get("version", "")
2023-01-27 09:47:59 +00:00
def exclusion(tarinfo):
"""Exclude dev files and cache, and reset file stats"""
# exclude certain folders/files
pathname = tarinfo.name
if search(
2023-02-04 22:40:01 +00:00
r"/\.|\\\.|__pycache__|pyproject\.toml|requirements|build\.py|tar\.gz", pathname
2023-01-27 09:47:59 +00:00
):
return None
# rename parent folder as "TA-malware-filter"
tarinfo.name = sub(r"^.", "TA-malware-filter", pathname)
2023-01-27 09:47:59 +00:00
# reset file stats
# based on https://splunkbase.splunk.com/app/833
tarinfo.uid = 1001
tarinfo.gid = 123
tarinfo.uname = tarinfo.gname = ""
return tarinfo
print("Installing dependencies into './lib/'...")
check_call(
[
executable,
"-m",
"pip",
"install",
"--quiet",
"splunk-sdk == 1.*",
2023-01-27 09:47:59 +00:00
"-t",
"lib",
"--upgrade",
]
)
pkg_file = f"TA-malware-filter-{version()}.tar.gz"
2023-01-27 09:47:59 +00:00
print(f"Creating {pkg_file}...")
with tarfile.open(pkg_file, "w:gz") as tar:
tar.add(".", filter=exclusion)