splunk-malware-filter/build.py

103 lines
2.4 KiB
Python

#!/usr/bin/env python
"""Build Splunk app package"""
import tarfile
from configparser import ConfigParser
from os import environ, path
from pathlib import PurePath
from posixpath import join as posixjoin
from re import search
from subprocess import check_call
from sys import executable
def version():
"""
Return version number from app.conf or commit hash if in CI
"""
commit_sha = (
(
# gitlab
environ.get("CI_COMMIT_TAG")
or environ.get("CI_COMMIT_SHORT_SHA")
# github
or (
environ.get("GITHUB_REF_NAME")
if environ.get("GITHUB_REF_TYPE") == "tag"
else None
)
or environ.get("GITHUB_SHA", "")[0:8]
)
if environ.get("CI") == "true"
else None
)
if commit_sha:
return commit_sha
app_conf_path = path.join(
"default",
"app.conf",
)
app_conf = ConfigParser()
app_conf.read(app_conf_path)
launcher = app_conf["launcher"] if "launcher" in app_conf.sections() else {}
return launcher.get("version", "")
def exclusion(tarinfo):
"""Exclude dev files and cache, and reset file stats"""
# exclude certain folders/files
pathname = tarinfo.name
if search(
r"/\.|\\\.|__pycache__|pyproject\.toml|requirements|build\.py|\.tar\.gz|\.tgz",
pathname,
):
return None
app = PurePath(pathname).parts[0]
# reset file stats
tarinfo.uid = 0
tarinfo.gid = 0
tarinfo.uname = tarinfo.gname = ""
if tarinfo.isfile():
# remove execution permission
tarinfo.mode = 0o644
# except for scripts
# tarinfo uses posix (not nt)
if (
tarinfo.name.startswith(posixjoin(app, "bin"))
and path.splitext(tarinfo.name)[-1] == ".py"
):
tarinfo.mode = 0o744
if tarinfo.isdir():
# remove write permission from group & world
tarinfo.mode = 0o755
return tarinfo
print("Installing dependencies into './lib/'...")
check_call(
[
executable,
"-m",
"pip",
"install",
"--quiet",
"splunk-sdk == 1.*",
"-t",
"lib",
"--upgrade",
]
)
pkg_file = f"TA-malware-filter-{version()}.tar.gz"
print(f"Creating {pkg_file}...")
with tarfile.open(pkg_file, "w:gz") as tar:
tar.add(".", filter=exclusion, arcname="TA-malware-filter")