From 97d042589b424c51bd22523cd57a77e5dbf7ad11 Mon Sep 17 00:00:00 2001
From: avigailo <avigailo@checkpoint.com>
Date: Sun, 16 Mar 2025 13:41:28 +0200
Subject: [PATCH 1/3] Add manifest to the image creation

---
 build_system/docker/CMakeLists.txt                            | 2 +-
 build_system/docker/Dockerfile                                | 4 ++++
 .../docker/self_managed_cloudguard_appsec_manifest.json       | 0
 nodes/orchestration/package/orchestration_package.sh          | 3 ++-
 4 files changed, 7 insertions(+), 2 deletions(-)
 create mode 100644 build_system/docker/self_managed_cloudguard_appsec_manifest.json

diff --git a/build_system/docker/CMakeLists.txt b/build_system/docker/CMakeLists.txt
index bc7d16b..c9bf0d1 100644
--- a/build_system/docker/CMakeLists.txt
+++ b/build_system/docker/CMakeLists.txt
@@ -1,4 +1,4 @@
-install(FILES Dockerfile entry.sh install-cp-agent-intelligence-service.sh install-cp-crowdsec-aux.sh DESTINATION .)
+install(FILES Dockerfile entry.sh install-cp-agent-intelligence-service.sh install-cp-crowdsec-aux.sh self_managed_cloudguard_appsec_manifest.json DESTINATION .)
 
 add_custom_command(
     OUTPUT ${CMAKE_INSTALL_PREFIX}/agent-docker.img
diff --git a/build_system/docker/Dockerfile b/build_system/docker/Dockerfile
index 2152321..a0b5f73 100644
--- a/build_system/docker/Dockerfile
+++ b/build_system/docker/Dockerfile
@@ -1,5 +1,7 @@
 FROM alpine
 
+ENV INFINITY_NEXT_NANO_AGENT=TRUE
+
 RUN apk add --no-cache -u busybox
 RUN apk add --no-cache -u zlib
 RUN apk add --no-cache bash
@@ -13,6 +15,8 @@ RUN apk add --no-cache libxml2
 RUN apk add --no-cache pcre2
 RUN apk add --update coreutils
 
+COPY self_managed_cloudguard_appsec_manifest.json /tmp/self_managed_cloudguard_appsec_manifest.json
+
 COPY install*.sh /nano-service-installers/
 COPY entry.sh /entry.sh
 
diff --git a/build_system/docker/self_managed_cloudguard_appsec_manifest.json b/build_system/docker/self_managed_cloudguard_appsec_manifest.json
new file mode 100644
index 0000000..e69de29
diff --git a/nodes/orchestration/package/orchestration_package.sh b/nodes/orchestration/package/orchestration_package.sh
index e276fb4..976c1bc 100755
--- a/nodes/orchestration/package/orchestration_package.sh
+++ b/nodes/orchestration/package/orchestration_package.sh
@@ -1018,7 +1018,8 @@ install_orchestration()
             rm -f "${FILESYSTEM_PATH}/${CONF_PATH}/default_orchestration_flags"
         fi
 
-        upgrade_conf_if_needed
+        update_cloudguard_appsec_manifest
+	upgrade_conf_if_needed
 
         cp_exec "${FILESYSTEM_PATH}/${WATCHDOG_PATH}/cp-nano-watchdog --un-register ${FILESYSTEM_PATH}/${SERVICE_PATH}/cp-nano-orchestration $var_arch_flag"
         if [ "$IS_K8S_ENV" = "true" ]; then

From e9098e28458629341f7b9caa8d40757d483962f8 Mon Sep 17 00:00:00 2001
From: avigailo <avigailo@checkpoint.com>
Date: Sun, 16 Mar 2025 16:57:48 +0200
Subject: [PATCH 2/3] Add manifest to the image creation

---
 nodes/orchestration/package/orchestration_package.sh | 11 +++++++----
 nodes/orchestration/package/watchdog/watchdog        |  7 ++++++-
 2 files changed, 13 insertions(+), 5 deletions(-)

diff --git a/nodes/orchestration/package/orchestration_package.sh b/nodes/orchestration/package/orchestration_package.sh
index 976c1bc..fde06c4 100755
--- a/nodes/orchestration/package/orchestration_package.sh
+++ b/nodes/orchestration/package/orchestration_package.sh
@@ -353,7 +353,7 @@ done
 # VS ID argument is available only on install, for other actions, extract it from the package location
 if [ -z "$VS_ID" ]; then
     parent_pid=$PPID
-    parent_cmdline=$(ps -o cmd= -p "$parent_pid")
+    parent_cmdline=$(cat /proc/"$parent_pid"/cmdline | tr '\0' ' ')
     parent_dir=$(dirname "$parent_cmdline")
     packages_folder=$(dirname "$parent_dir")
     vs_folder=$(dirname "$packages_folder")
@@ -779,8 +779,9 @@ upgrade_conf_if_needed()
 
         [ -f "${FILESYSTEM_PATH}/${SERVICE_PATH}/${ORCHESTRATION_FILE_NAME}.cfg" ] && . "${FILESYSTEM_PATH}/${SERVICE_PATH}/${ORCHESTRATION_FILE_NAME}.cfg"
 
-        previous_mode=$(cat ${FILESYSTEM_PATH}/${SERVICE_PATH}/${ORCHESTRATION_FILE_NAME}.cfg | grep "orchestration-mode" | cut -d = -f 3 | sed 's/"//')
- 		if ! [ -z "$previous_mode" ]; then
+        [ -f "${FILESYSTEM_PATH}/${SERVICE_PATH}/${ORCHESTRATION_FILE_NAME}.cfg" ] && \
+	previous_mode=$(cat ${FILESYSTEM_PATH}/${SERVICE_PATH}/${ORCHESTRATION_FILE_NAME}.cfg | grep "orchestration-mode" | cut -d = -f 3 | sed 's/"//')
+	if ! [ -z "$previous_mode" ]; then
             var_orchestration_mode=${previous_mode}
         fi
 
@@ -994,7 +995,9 @@ install_orchestration()
         fi
 
         [ -f "${FILESYSTEM_PATH}/${SERVICE_PATH}/${ORCHESTRATION_FILE_NAME}.cfg" ] && . "${FILESYSTEM_PATH}/${SERVICE_PATH}/${ORCHESTRATION_FILE_NAME}.cfg"
-        previous_mode=$(cat ${FILESYSTEM_PATH}/${SERVICE_PATH}/${ORCHESTRATION_FILE_NAME}.cfg | grep "orchestration-mode" | cut -d = -f 3 | sed 's/"//')
+
+	[ -f "${FILESYSTEM_PATH}/${SERVICE_PATH}/${ORCHESTRATION_FILE_NAME}.cfg" ] && \
+	previous_mode=$(cat ${FILESYSTEM_PATH}/${SERVICE_PATH}/${ORCHESTRATION_FILE_NAME}.cfg | grep "orchestration-mode" | cut -d = -f 3 | sed 's/"//')
 
         if ! [ -z "$previous_mode" ]; then
             var_orchestration_mode=${previous_mode}
diff --git a/nodes/orchestration/package/watchdog/watchdog b/nodes/orchestration/package/watchdog/watchdog
index ababdf7..817c04f 100755
--- a/nodes/orchestration/package/watchdog/watchdog
+++ b/nodes/orchestration/package/watchdog/watchdog
@@ -53,7 +53,12 @@ var_upgarde=false
 get_profile_agent_setting_with_default() {
     key="$1"
     default_value="$2"
-    value=$(grep -oP "\"key\":\s*\"$key\".*?\"value\":\s*\"[^\"]+\"" $SETTINGS_FILE | sed -E 's/.*"value":\s*"([^"]+)".*/\1/')
+
+    value=$(grep -o "\"key\":\s*\"$key\".*?\"value\":\s*\"[^\"]*\"" $SETTINGS_FILE | sed -E 's/.*"value":\s*"([^"]*)".*/\1/')
+    if [ -z "$value" ]; then
+        value=$(grep -o "\"$key\":\s*\"[^\"]*\"" $SETTINGS_FILE | sed -E 's/.*"'"$key"'":\s*"([^"]*)".*/\1/')
+    fi
+
     if [ "$value" = "null" ] || [ -z "$value" ]; then
         echo "$default_value"
     else

From 919921f6d3e4b398424cdc0429fbd0ddc2dedbe3 Mon Sep 17 00:00:00 2001
From: avigailo <avigailo@checkpoint.com>
Date: Mon, 17 Mar 2025 15:26:11 +0200
Subject: [PATCH 3/3] Add manifest to the image creation

---
 build_system/docker/CMakeLists.txt            |  2 +-
 build_system/docker/Dockerfile                |  4 ++--
 ... => self_managed_openappsec_manifest.json} |  0
 .../package/orchestration_package.sh          | 22 +++++++++----------
 4 files changed, 14 insertions(+), 14 deletions(-)
 rename build_system/docker/{self_managed_cloudguard_appsec_manifest.json => self_managed_openappsec_manifest.json} (100%)

diff --git a/build_system/docker/CMakeLists.txt b/build_system/docker/CMakeLists.txt
index c9bf0d1..e8447bd 100644
--- a/build_system/docker/CMakeLists.txt
+++ b/build_system/docker/CMakeLists.txt
@@ -1,4 +1,4 @@
-install(FILES Dockerfile entry.sh install-cp-agent-intelligence-service.sh install-cp-crowdsec-aux.sh self_managed_cloudguard_appsec_manifest.json DESTINATION .)
+install(FILES Dockerfile entry.sh install-cp-agent-intelligence-service.sh install-cp-crowdsec-aux.sh self_managed_openappsec_manifest.json DESTINATION .)
 
 add_custom_command(
     OUTPUT ${CMAKE_INSTALL_PREFIX}/agent-docker.img
diff --git a/build_system/docker/Dockerfile b/build_system/docker/Dockerfile
index a0b5f73..70eba5f 100644
--- a/build_system/docker/Dockerfile
+++ b/build_system/docker/Dockerfile
@@ -1,6 +1,6 @@
 FROM alpine
 
-ENV INFINITY_NEXT_NANO_AGENT=TRUE
+ENV OPENAPPSEC_NANO_AGENT=TRUE
 
 RUN apk add --no-cache -u busybox
 RUN apk add --no-cache -u zlib
@@ -15,7 +15,7 @@ RUN apk add --no-cache libxml2
 RUN apk add --no-cache pcre2
 RUN apk add --update coreutils
 
-COPY self_managed_cloudguard_appsec_manifest.json /tmp/self_managed_cloudguard_appsec_manifest.json
+COPY self_managed_openappsec_manifest.json /tmp/self_managed_openappsec_manifest.json
 
 COPY install*.sh /nano-service-installers/
 COPY entry.sh /entry.sh
diff --git a/build_system/docker/self_managed_cloudguard_appsec_manifest.json b/build_system/docker/self_managed_openappsec_manifest.json
similarity index 100%
rename from build_system/docker/self_managed_cloudguard_appsec_manifest.json
rename to build_system/docker/self_managed_openappsec_manifest.json
diff --git a/nodes/orchestration/package/orchestration_package.sh b/nodes/orchestration/package/orchestration_package.sh
index fde06c4..acb415b 100755
--- a/nodes/orchestration/package/orchestration_package.sh
+++ b/nodes/orchestration/package/orchestration_package.sh
@@ -494,26 +494,26 @@ cp_copy() # Initials - cc
     cp_print "Destination md5, after the copy:\n$DEST_AFTER_COPY"
 }
 
-update_cloudguard_appsec_manifest()
+update_openappsec_manifest()
 {
-    if [ -z ${INFINITY_NEXT_NANO_AGENT} ] && { [ -z ${CLOUDGUARD_APPSEC_STANDALONE} ] || [ -z ${DOCKER_RPM_ENABLED} ]; }; then
+    if [ -z ${OPENAPPSEC_NANO_AGENT} ] && { [ -z ${CLOUDGUARD_APPSEC_STANDALONE} ] || [ -z ${DOCKER_RPM_ENABLED} ]; }; then
         return
     fi
 
-    selected_cloudguard_appsec_manifest_path="${TMP_FOLDER}/cloudguard_appsec_manifest.json"
-    if [ "${DOCKER_RPM_ENABLED}" = "false" ] || [ "${INFINITY_NEXT_NANO_AGENT}" = "TRUE" ]; then
-        selected_cloudguard_appsec_manifest_path="${TMP_FOLDER}/self_managed_cloudguard_appsec_manifest.json"
+    selected_openappsec_manifest_path="${TMP_FOLDER}/openappsec_manifest.json"
+    if [ "${DOCKER_RPM_ENABLED}" = "false" ] || [ "${OPENAPPSEC_NANO_AGENT}" = "TRUE" ]; then
+        selected_openappsec_manifest_path="${TMP_FOLDER}/self_managed_openappsec_manifest.json"
     fi
 
-    if [ ! -f "$selected_cloudguard_appsec_manifest_path" ]; then
+    if [ ! -f "$selected_openappsec_manifest_path" ]; then
         return
     fi
 
-    cloudguard_appsec_manifest_path="${selected_cloudguard_appsec_manifest_path}.used"
-    mv "$selected_cloudguard_appsec_manifest_path" "$cloudguard_appsec_manifest_path"
+    openappsec_manifest_path="${selected_openappsec_manifest_path}.used"
+    mv "$selected_openappsec_manifest_path" "$openappsec_manifest_path"
     fog_host=$(echo "$var_fog_address" | sed 's/https\?:\/\///')
     fog_host=${fog_host%/}
-    sed "s/namespace/${fog_host}/g" ${cloudguard_appsec_manifest_path} > "${FILESYSTEM_PATH}/${CONF_PATH}/manifest.json"
+    sed "s/namespace/${fog_host}/g" ${openappsec_manifest_path} > "${FILESYSTEM_PATH}/${CONF_PATH}/manifest.json"
 }
 
 set_cloud_storage()
@@ -1021,7 +1021,7 @@ install_orchestration()
             rm -f "${FILESYSTEM_PATH}/${CONF_PATH}/default_orchestration_flags"
         fi
 
-        update_cloudguard_appsec_manifest
+        update_openappsec_manifest
 	upgrade_conf_if_needed
 
         cp_exec "${FILESYSTEM_PATH}/${WATCHDOG_PATH}/cp-nano-watchdog --un-register ${FILESYSTEM_PATH}/${SERVICE_PATH}/cp-nano-orchestration $var_arch_flag"
@@ -1077,7 +1077,7 @@ install_orchestration()
     cp_exec "mkdir -p ${LOG_FILE_PATH}/${LOG_PATH}"
     cp_exec "mkdir -p ${FILESYSTEM_PATH}/${DATA_PATH}"
 
-    update_cloudguard_appsec_manifest
+    update_openappsec_manifest
 
     if [ ! -f ${FILESYSTEM_PATH}/${DEFAULT_SETTINGS_PATH} ]; then
         echo "{\"agentSettings\": []}" >  ${FILESYSTEM_PATH}/${DEFAULT_SETTINGS_PATH}