From 81ee292f1dc6d59b8fac0a53fd8c5d49519c72ba Mon Sep 17 00:00:00 2001 From: Ming Di Leom <2809763-curben@users.noreply.gitlab.com> Date: Sun, 1 Oct 2023 10:03:49 +0000 Subject: [PATCH] build: reset file permission running in windows may set execution permission that is not allowed in splunk cloud --- build.py | 31 +++++++++++++++++++++++-------- 1 file changed, 23 insertions(+), 8 deletions(-) diff --git a/build.py b/build.py index e5565d4..a81905a 100644 --- a/build.py +++ b/build.py @@ -5,7 +5,9 @@ import tarfile from configparser import ConfigParser from os import environ, path -from re import search, sub +from pathlib import PurePath +from posixpath import join as posixjoin +from re import search from subprocess import check_call from sys import executable @@ -50,18 +52,31 @@ def exclusion(tarinfo): # exclude certain folders/files pathname = tarinfo.name if search( - r"/\.|\\\.|__pycache__|pyproject\.toml|requirements|build\.py|tar\.gz", pathname + r"/\.|\\\.|__pycache__|pyproject\.toml|requirements|build\.py|\.tar\.gz|\.tgz", + pathname, ): return None - # rename parent folder as "TA-malware-filter" - tarinfo.name = sub(r"^.", "TA-malware-filter", pathname) + app = PurePath(pathname).parts[0] # reset file stats - # based on https://splunkbase.splunk.com/app/833 - tarinfo.uid = 1001 - tarinfo.gid = 123 + tarinfo.uid = 0 + tarinfo.gid = 0 tarinfo.uname = tarinfo.gname = "" + if tarinfo.isfile(): + # remove execution permission + tarinfo.mode = 0o644 + + # except for scripts + # tarinfo uses posix (not nt) + if ( + tarinfo.name.startswith(posixjoin(app, "bin")) + and path.splitext(tarinfo.name)[-1] == ".py" + ): + tarinfo.mode = 0o744 + if tarinfo.isdir(): + # remove write permission from group & world + tarinfo.mode = 0o755 return tarinfo @@ -84,4 +99,4 @@ check_call( pkg_file = f"TA-malware-filter-{version()}.tar.gz" print(f"Creating {pkg_file}...") with tarfile.open(pkg_file, "w:gz") as tar: - tar.add(".", filter=exclusion) + tar.add(".", filter=exclusion, arcname="TA-malware-filter")