From 4886d5cd1d76b3bc664cdaad0610808f4f2526f8 Mon Sep 17 00:00:00 2001 From: RJ Sampson Date: Mon, 8 Apr 2024 19:56:31 -0600 Subject: [PATCH] feat(packages): Add NeuVector Manager and CLI Signed-off-by: RJ Sampson --- neuvector-manager-5.3.yaml | 102 +++++++++++++++++++++++++++++++++++++ 1 file changed, 102 insertions(+) create mode 100644 neuvector-manager-5.3.yaml diff --git a/neuvector-manager-5.3.yaml b/neuvector-manager-5.3.yaml new file mode 100644 index 00000000000..fa382f0a19b --- /dev/null +++ b/neuvector-manager-5.3.yaml @@ -0,0 +1,102 @@ +package: + name: neuvector-manager-5.3 + version: 5.3.2 + epoch: 0 + description: NeuVector Security Center Admin Console. + copyright: + - license: Apache-2.0 + dependencies: + provides: + - neuvector-manager=${{package.full-version}} + runtime: + - openjdk-11-default-jvm + +environment: + environment: + JAVA_OPTS: "-Xms2g -Xmx3g" + contents: + packages: + - busybox + - openjdk-11 + - openjdk-11-default-jvm + - py3-pip + - python3 + - sbt + - wget + - zip + +pipeline: + - uses: git-checkout + with: + expected-commit: 67402fe784d6e6ec362cd04116b0d5929d247767 + repository: https://github.com/neuvector/manager + tag: v${{package.version}} + + - runs: | + # Build and compress JAR + sbt admin/assembly + zip -d admin/target/scala-2.11/admin-assembly-1.0.jar rest-management-private-classpath\* + + # Unfortunately, a lot of things are hardcoded to /usr/local/... + mkdir -p ${{targets.contextdir}}/usr/local/bin + install -Dm755 admin/target/scala-2.11/admin-assembly-1.0.jar ${{targets.contextdir}}/usr/local/bin/ + install -Dm755 scripts/* ${{targets.contextdir}}/usr/local/bin/ + + # Retrieve certs + mkdir -p ${{targets.contextdir}}/etc/neuvector/certs + wget https://raw.githubusercontent.com/neuvector/manifests/main/build/share/etc/neuvector/certs/ssl-cert.key -P ${{targets.contextdir}}/etc/neuvector/certs/ + wget https://raw.githubusercontent.com/neuvector/manifests/main/build/share/etc/neuvector/certs/ssl-cert.pem -P ${{targets.contextdir}}/etc/neuvector/certs/ + + - uses: strip + +subpackages: + - name: ${{package.name}}-cli + description: NeuVector Manager CLI + dependencies: + provides: + - neuvector-manager-cli=${{package.full-version}} + runtime: + - py3-click + - py3-requests + - py3-six + - py3-urllib3 + - python-3.12-base + - supervisor + pipeline: + - runs: | + # Setup virtual environment + python3 -m venv .venv --system-site-packages + .venv/bin/pip install -I cmd2 prettytable --no-compile + + # Remove pip from venv + .venv/bin/pip uninstall --yes pip + + # Upstream places this at /. Let's put it in /usr/share/... + mkdir -p ${{targets.contextdir}}/usr/share/neuvector-manager-cli + mv .venv ${{targets.contextdir}}/usr/share/neuvector-manager-cli/ + + # Install CLI + mkdir -p ${{targets.contextdir}}/usr/local/bin + install -Dm755 cli/cli.py ${{targets.contextdir}}/usr/share/neuvector-manager-cli/.venv/bin/cli + ln -sf /usr/share/neuvector-manager-cli/.venv/bin/cli ${{targets.contextdir}}/usr/local/bin/cli + mv cli/prog ${{targets.contextdir}}/usr/share/neuvector-manager-cli/.venv/bin/ + + # Use Python provided by venv + sed -i "s|bin/python3|share/neuvector-manager-cli/.venv/bin/python3|g" ${{targets.contextdir}}/usr/share/neuvector-manager-cli/.venv/bin/cli + test: + pipeline: + - runs: | + cli -h + +test: + pipeline: + - runs: | + java -jar /usr/local/bin/admin-assembly-1.0.jar & sleep 2; kill $! + +update: + enabled: true + github: + identifier: neuvector/manager + strip-prefix: v + tag-filter: v5.3. + use-tag: true