mirror of
https://github.com/openappsec/openappsec.git
synced 2025-06-28 16:41:02 +03:00
Update nodes/orchestration/scripts/cp-nano-makefile-generator.sh
This commit is contained in:
Ned Wright
parent
79bac9f501
commit
f3ede0c60e
@ -11,9 +11,29 @@ initializeEnviroment()
|
|||||||
TMP_NGINX_PARSED_CONFIGURATION_FLAGS="/tmp/nginx_parsed_conf_flags.txt"
|
TMP_NGINX_PARSED_CONFIGURATION_FLAGS="/tmp/nginx_parsed_conf_flags.txt"
|
||||||
TMP_DECODED_FILE_PATH="/tmp/decoded_file.txt"
|
TMP_DECODED_FILE_PATH="/tmp/decoded_file.txt"
|
||||||
IS_ALPINE=false
|
IS_ALPINE=false
|
||||||
if [ ! -z "$(cat /etc/*release | grep alpine)" ]; then
|
if [[ ! -z "$(cat /etc/*release | grep alpine)" ]]; then
|
||||||
IS_ALPINE=true
|
IS_ALPINE=true
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
if [[ $PRODUCT_TYPE == "kong" ]]; then
|
||||||
|
SERVER_TYPE="$PRODUCT_TYPE"
|
||||||
|
IS_KONG=true
|
||||||
|
nginx_cmd=nginx
|
||||||
|
if [[ -f $NGINX_INPUT_PATH ]]; then
|
||||||
|
nginx_cmd="$NGINX_INPUT_PATH"
|
||||||
|
fi
|
||||||
|
else
|
||||||
|
SERVER_TYPE="nginx"
|
||||||
|
IS_KONG=false
|
||||||
|
nginx_cmd=nginx
|
||||||
|
if [[ -n "$(command -v kong)" ]]; then
|
||||||
|
SERVER_TYPE="kong"
|
||||||
|
IS_KONG=true
|
||||||
|
if [[ -f /usr/local/openresty/nginx/sbin/nginx ]]; then
|
||||||
|
nginx_cmd='/usr/local/openresty/nginx/sbin/nginx'
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
usage()
|
usage()
|
||||||
@ -65,6 +85,8 @@ check_flags_options()
|
|||||||
IS_VERBOSE_MODE_ACTIVE=true
|
IS_VERBOSE_MODE_ACTIVE=true
|
||||||
elif [[ "$option" == "--force" || "$option" == "-f" ]]; then
|
elif [[ "$option" == "--force" || "$option" == "-f" ]]; then
|
||||||
IS_FORCE_OUTPUT=true
|
IS_FORCE_OUTPUT=true
|
||||||
|
elif [[ "$option" == "--overwrite-file" || "$option" == "-of" ]]; then
|
||||||
|
IS_OVERWRITE_FILE=true
|
||||||
elif [[ "$option" == "--output" || "$option" == "-o" ]]; then
|
elif [[ "$option" == "--output" || "$option" == "-o" ]]; then
|
||||||
IS_OUTPUT_NAME_MODE_ACTIVE=true
|
IS_OUTPUT_NAME_MODE_ACTIVE=true
|
||||||
i=$((i+1))
|
i=$((i+1))
|
||||||
@ -73,6 +95,27 @@ check_flags_options()
|
|||||||
echo "Error: No file name was given for ${option} option."
|
echo "Error: No file name was given for ${option} option."
|
||||||
exit -1
|
exit -1
|
||||||
fi
|
fi
|
||||||
|
elif [[ "$option" == "--product" || "$option" == "-p" ]]; then
|
||||||
|
i=$((i+1))
|
||||||
|
PRODUCT_TYPE=${!i}
|
||||||
|
if [[ -z ${PRODUCT_TYPE} ]]; then
|
||||||
|
echo "Error: No product name was given for ${option} option."
|
||||||
|
exit -1
|
||||||
|
fi
|
||||||
|
elif [[ "$option" == "--product-version" || "$option" == "-pv" ]]; then
|
||||||
|
i=$((i+1))
|
||||||
|
PRODUCT_VERSION=${!i}
|
||||||
|
if [[ -z ${PRODUCT_VERSION} ]]; then
|
||||||
|
echo "Error: No product version was given for ${option} option."
|
||||||
|
exit -1
|
||||||
|
fi
|
||||||
|
elif [[ "$option" == "--product-nginx-path" || "$option" == "-n" ]]; then
|
||||||
|
i=$((i+1))
|
||||||
|
NGINX_INPUT_PATH=${!i}
|
||||||
|
if [[ -z "$NGINX_INPUT_PATH" ]]; then
|
||||||
|
echo "Error: No nginx input path was given for ${option} option."
|
||||||
|
exit -1
|
||||||
|
fi
|
||||||
elif [[ "$option" == "--help" || "$option" == "-h" ]]; then
|
elif [[ "$option" == "--help" || "$option" == "-h" ]]; then
|
||||||
usage ${IS_ERROR} ${option}
|
usage ${IS_ERROR} ${option}
|
||||||
elif [[ ! -z $option ]]; then
|
elif [[ ! -z $option ]]; then
|
||||||
@ -87,7 +130,7 @@ _main()
|
|||||||
echo "Starting verification of Check Point support with local nginx server"
|
echo "Starting verification of Check Point support with local nginx server"
|
||||||
initializeEnviroment
|
initializeEnviroment
|
||||||
getNginxVersion
|
getNginxVersion
|
||||||
nginx -V &> "$TMP_NGINX_UNPARSED_CONFIGURATION"
|
${nginx_cmd} -V &> "$TMP_NGINX_UNPARSED_CONFIGURATION"
|
||||||
|
|
||||||
if [[ $IS_VERBOSE_MODE_ACTIVE == true ]]; then
|
if [[ $IS_VERBOSE_MODE_ACTIVE == true ]]; then
|
||||||
echo ""
|
echo ""
|
||||||
@ -131,7 +174,7 @@ _main()
|
|||||||
else
|
else
|
||||||
tearDown
|
tearDown
|
||||||
echo -e "Extracted environment data to $(pwd)/${FILE_NAME} \nPlease send file to nano-agent-attachments-support@checkpoint.com"
|
echo -e "Extracted environment data to $(pwd)/${FILE_NAME} \nPlease send file to nano-agent-attachments-support@checkpoint.com"
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
tearDown()
|
tearDown()
|
||||||
@ -145,18 +188,36 @@ tearDown()
|
|||||||
getNginxVersion()
|
getNginxVersion()
|
||||||
{
|
{
|
||||||
TMP_NGINX_VERSION_FILE="/tmp/nginx_version_file.txt"
|
TMP_NGINX_VERSION_FILE="/tmp/nginx_version_file.txt"
|
||||||
nginx -v &> "$TMP_NGINX_VERSION_FILE"
|
${nginx_cmd} -v &> "$TMP_NGINX_VERSION_FILE"
|
||||||
if [[ $IS_ALPINE == true ]]; then
|
|
||||||
NGINX_VERSION=`cat ${TMP_NGINX_VERSION_FILE} | grep -oE [0-9]+.[0-9]+.[0-9]+`
|
while IFS= read -ra UNPARSED_VERSION_CONFIGURATION_LINE <&3; do
|
||||||
else
|
if [[ ${UNPARSED_VERSION_CONFIGURATION_LINE} =~ ^"nginx version:" ]]; then
|
||||||
NGINX_VERSION=`cat ${TMP_NGINX_VERSION_FILE} | grep -oP [0-9]+.[0-9]+.[0-9]+`
|
if [[ $IS_ALPINE == true ]]; then
|
||||||
|
NGINX_VERSION=`echo ${UNPARSED_VERSION_CONFIGURATION_LINE} | grep -oE [0-9]+.[0-9]+.[0-9]+`
|
||||||
|
else
|
||||||
|
NGINX_VERSION=`echo ${UNPARSED_VERSION_CONFIGURATION_LINE} | grep -oP [0-9]+.[0-9]+.[0-9]+`
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
done 3<"$TMP_NGINX_VERSION_FILE"
|
||||||
|
|
||||||
|
if [[ ${SERVER_TYPE} == "kong" ]]; then
|
||||||
|
if [[ -z ${PRODUCT_VERSION} ]]; then
|
||||||
|
KONG_VERSION="$(echo $(kong version) | cut -d" " -f3)"
|
||||||
|
else
|
||||||
|
KONG_VERSION="$PRODUCT_VERSION"
|
||||||
|
fi
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
openFile()
|
openFile()
|
||||||
{
|
{
|
||||||
if [[ ${IS_OUTPUT_NAME_MODE_ACTIVE} != true ]]; then
|
if [[ ${IS_OUTPUT_NAME_MODE_ACTIVE} != true ]]; then
|
||||||
FILE_NAME="${NGINX_VERSION}.mk"
|
if [ ${SERVER_TYPE} == "kong" ]; then
|
||||||
|
FILE_NAME="${SERVER_TYPE}_${NGINX_VERSION}.mk"
|
||||||
|
else
|
||||||
|
FILE_NAME="${NGINX_VERSION}.mk"
|
||||||
|
fi
|
||||||
debug "Trying to create an empty ${NGINX_VERSION} file"
|
debug "Trying to create an empty ${NGINX_VERSION} file"
|
||||||
FILE_NAME_PATH="$(pwd)/${FILE_NAME}"
|
FILE_NAME_PATH="$(pwd)/${FILE_NAME}"
|
||||||
|
|
||||||
@ -166,11 +227,13 @@ openFile()
|
|||||||
fi
|
fi
|
||||||
|
|
||||||
if [[ -f "${FILE_NAME_PATH}" ]]; then
|
if [[ -f "${FILE_NAME_PATH}" ]]; then
|
||||||
echo "The output file: ${FILE_NAME} already exists. Do you want to overwrite this file? [y/N]"
|
if [[ ${IS_OVERWRITE_FILE} != true ]]; then
|
||||||
read answer
|
echo "The output file: ${FILE_NAME} already exists. Do you want to overwrite this file? [y/N]"
|
||||||
if [[ ${answer} != "y" ]]; then
|
read answer
|
||||||
echo -e "Stopping after the operation was cancelled.\nIf you wish to use other output file name you can use option -o or --output"
|
if [[ ${answer} != "y" ]]; then
|
||||||
exit -1
|
echo -e "Stopping after the operation was cancelled.\nIf you wish to use other output file name you can use option -o or --output"
|
||||||
|
exit -1
|
||||||
|
fi
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
else
|
else
|
||||||
@ -261,7 +324,7 @@ addBuiltConfiguration()
|
|||||||
fi
|
fi
|
||||||
if [[ "$GCC_VERSION" == "gcc-4" ]]; then
|
if [[ "$GCC_VERSION" == "gcc-4" ]]; then
|
||||||
GCC_VERSION=gcc-5
|
GCC_VERSION=gcc-5
|
||||||
elif [[ "$GCC_VERSION" == "gcc-10" ]] || [[ "$GCC_VERSION" == "gcc-11" ]]; then
|
elif [[ "$GCC_VERSION" == "gcc-10" ]] || [[ "$GCC_VERSION" == "gcc-11" ]] || [[ "$GCC_VERSION" == "gcc-12" ]] || [[ "$GCC_VERSION" == "gcc-13" ]]; then
|
||||||
GCC_VERSION=gcc-8
|
GCC_VERSION=gcc-8
|
||||||
fi
|
fi
|
||||||
BUILT_BY_GCC_FLAG=" \\\\\n${BUILT_BY_GCC_FLAG_PREFIX}${GCC_VERSION}"
|
BUILT_BY_GCC_FLAG=" \\\\\n${BUILT_BY_GCC_FLAG_PREFIX}${GCC_VERSION}"
|
||||||
@ -301,16 +364,25 @@ addCCFlagsWithoutSpecsLocalFlag()
|
|||||||
NO_ERROR_PREFIX="-Wno-error="
|
NO_ERROR_PREFIX="-Wno-error="
|
||||||
FCF_PROTECTION_PREFIX="-fcf-protection"
|
FCF_PROTECTION_PREFIX="-fcf-protection"
|
||||||
FSTACK_PREFIX="-fstack-clash-protection"
|
FSTACK_PREFIX="-fstack-clash-protection"
|
||||||
|
BAZEL_PREFIX="-I/home/runner/.cache/bazel"
|
||||||
|
FFILE_PREFIX="-ffile-prefix-map"
|
||||||
|
TMP_KONG_INCLUDE="-I/tmp/build/usr/local/kong/include"
|
||||||
|
|
||||||
for (( j = 0; j < $argc; j++ )); do
|
for (( j = 0; j < $argc; j++ )); do
|
||||||
if [[ ! ${argv[j]} =~ ^${SPECS_FLAG_PREFIX} ]] && \
|
if [[ ${argv[j]} =~ ^${FFILE_PREFIX} ]] ;
|
||||||
|
then
|
||||||
|
CC_OPTIONAL_FLAGS="${CC_OPTIONAL_FLAGS} ${FFILE_PREFIX}"
|
||||||
|
elif [[ ! ${argv[j]} =~ ^${SPECS_FLAG_PREFIX} ]] && \
|
||||||
[[ ! ${argv[j]} =~ ^${NO_ERROR_PREFIX} ]] && \
|
[[ ! ${argv[j]} =~ ^${NO_ERROR_PREFIX} ]] && \
|
||||||
[[ ! ${argv[j]} =~ ^${FSTACK_PREFIX} ]] && \
|
[[ ! ${argv[j]} =~ ^${FSTACK_PREFIX} ]] && \
|
||||||
[[ ! ${argv[j]} =~ ^${FCF_PROTECTION_PREFIX} ]]; \
|
[[ ! ${argv[j]} =~ ^${FCF_PROTECTION_PREFIX} ]] && \
|
||||||
|
[[ ! ($IS_KONG == true && ("${argv[j]}" =~ ^${BAZEL_PREFIX})) ]] && \
|
||||||
|
[[ ! ($IS_KONG == true && ("${argv[j]}" =~ ^${TMP_KONG_INCLUDE})) ]] ; \
|
||||||
then
|
then
|
||||||
CC_OPTIONAL_FLAGS="${CC_OPTIONAL_FLAGS} ${argv[j]}"
|
CC_OPTIONAL_FLAGS="${CC_OPTIONAL_FLAGS} ${argv[j]}"
|
||||||
fi
|
fi
|
||||||
done
|
done
|
||||||
|
|
||||||
CC_OPTIONAL_FLAGS=`echo $CC_OPTIONAL_FLAGS | grep ^"-"`
|
CC_OPTIONAL_FLAGS=`echo $CC_OPTIONAL_FLAGS | grep ^"-"`
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -325,12 +397,16 @@ addRequiredFlags()
|
|||||||
BUILD_FLAG_PREFIX="--build="
|
BUILD_FLAG_PREFIX="--build="
|
||||||
OPENSSL_VERSION_PREFIX="--with-openssl="
|
OPENSSL_VERSION_PREFIX="--with-openssl="
|
||||||
OPENSSL_OPT_PREFIX="--with-openssl-opt="
|
OPENSSL_OPT_PREFIX="--with-openssl-opt="
|
||||||
|
ZLIB_VERSION_PREFIX="--with-zlib="
|
||||||
HPACK_ENC_PREFIX="--with-http_v2_hpack_enc"
|
HPACK_ENC_PREFIX="--with-http_v2_hpack_enc"
|
||||||
AUTH_JWT_PREFIX="--with-http_auth_jwt_module"
|
AUTH_JWT_PREFIX="--with-http_auth_jwt_module"
|
||||||
F4F_PREFIX="--with-http_f4f_module"
|
F4F_PREFIX="--with-http_f4f_module"
|
||||||
HLS_PREFIX="--with-http_hls_module"
|
HLS_PREFIX="--with-http_hls_module"
|
||||||
SESSION_LOG_PREFIX="--with-http_session_log_module"
|
SESSION_LOG_PREFIX="--with-http_session_log_module"
|
||||||
COMMON_PREFIX="--"
|
COMMON_PREFIX="--"
|
||||||
|
PCRE_PREFIX="--with-pcre="
|
||||||
|
PCRE_OPT_PREFIX="--with-pcre-opt="
|
||||||
|
NGINX_PATH_PREFIX="--prefix="
|
||||||
|
|
||||||
for (( i = 1; i < $argc; i++ )); do
|
for (( i = 1; i < $argc; i++ )); do
|
||||||
if [[ "${argv[i]}" =~ ^${COMMON_PREFIX} ]] && \
|
if [[ "${argv[i]}" =~ ^${COMMON_PREFIX} ]] && \
|
||||||
@ -339,13 +415,17 @@ addRequiredFlags()
|
|||||||
[[ ! ("${argv[i]}" =~ ${ADDITIONAL_MODULE_FLAG_PREFIX}) ]] && \
|
[[ ! ("${argv[i]}" =~ ${ADDITIONAL_MODULE_FLAG_PREFIX}) ]] && \
|
||||||
[[ ! ("${argv[i]}" =~ ${OPENSSL_VERSION_PREFIX}) ]] && \
|
[[ ! ("${argv[i]}" =~ ${OPENSSL_VERSION_PREFIX}) ]] && \
|
||||||
[[ ! ("${argv[i]}" =~ ${OPENSSL_OPT_PREFIX}) ]] && \
|
[[ ! ("${argv[i]}" =~ ${OPENSSL_OPT_PREFIX}) ]] && \
|
||||||
|
[[ ! ("${argv[i]}" =~ ${ZLIB_VERSION_PREFIX}) ]] && \
|
||||||
[[ ! ("${argv[i]}" =~ ${DYNAMIC_MODULE_FLAG_PREFIX}) ]] && \
|
[[ ! ("${argv[i]}" =~ ${DYNAMIC_MODULE_FLAG_PREFIX}) ]] && \
|
||||||
[[ ! ("${argv[i]}" =~ ${BUILD_FLAG_PREFIX}) ]] && \
|
[[ ! ("${argv[i]}" =~ ${BUILD_FLAG_PREFIX}) ]] && \
|
||||||
[[ ! ("${argv[i]}" =~ ${AUTH_JWT_PREFIX}) ]] && \
|
[[ ! ("${argv[i]}" =~ ${AUTH_JWT_PREFIX}) ]] && \
|
||||||
[[ ! ("${argv[i]}" =~ ${F4F_PREFIX}) ]] && \
|
[[ ! ("${argv[i]}" =~ ${F4F_PREFIX}) ]] && \
|
||||||
[[ ! ("${argv[i]}" =~ ${HLS_PREFIX}) ]] && \
|
[[ ! ("${argv[i]}" =~ ${HLS_PREFIX}) ]] && \
|
||||||
[[ ! ("${argv[i]}" =~ ${SESSION_LOG_PREFIX}) ]] && \
|
[[ ! ("${argv[i]}" =~ ${SESSION_LOG_PREFIX}) ]] && \
|
||||||
[[ ! ("${argv[i]}" =~ ${HPACK_ENC_PREFIX}) ]] ; \
|
[[ ! ("${argv[i]}" =~ ${PCRE_PREFIX}) ]] && \
|
||||||
|
[[ ! ("${argv[i]}" =~ ${PCRE_OPT_PREFIX}) ]] && \
|
||||||
|
[[ ! ("${argv[i]}" =~ ${HPACK_ENC_PREFIX}) ]] && \
|
||||||
|
[[ ! ($IS_KONG == true && ("${argv[i]}" =~ ${NGINX_PATH_PREFIX})) ]] ; \
|
||||||
then
|
then
|
||||||
debug "Adding configuration flag: ${argv[i]}\n"
|
debug "Adding configuration flag: ${argv[i]}\n"
|
||||||
NUMBER_OF_CONFIGURATION_FLAGS=$((NUMBER_OF_CONFIGURATION_FLAGS+1))
|
NUMBER_OF_CONFIGURATION_FLAGS=$((NUMBER_OF_CONFIGURATION_FLAGS+1))
|
||||||
@ -359,11 +439,12 @@ addRequiredFlags()
|
|||||||
add_nginx_and_release_versions()
|
add_nginx_and_release_versions()
|
||||||
{
|
{
|
||||||
echo -e "NGINX_VERSION=${NGINX_VERSION}" >> ${FILE_NAME}
|
echo -e "NGINX_VERSION=${NGINX_VERSION}" >> ${FILE_NAME}
|
||||||
|
[ -n "${KONG_VERSION}" ] && echo -e "KONG_VERSION=${KONG_VERSION}" >> "${FILE_NAME}"
|
||||||
RELEASE_VERSION=`cat /etc/*-release | grep -i "PRETTY_NAME\|Gaia" | cut -d"\"" -f2`
|
RELEASE_VERSION=`cat /etc/*-release | grep -i "PRETTY_NAME\|Gaia" | cut -d"\"" -f2`
|
||||||
echo -e "RELEASE_VERSION=${RELEASE_VERSION}" >> ${FILE_NAME}
|
echo -e "RELEASE_VERSION=${RELEASE_VERSION}" >> ${FILE_NAME}
|
||||||
}
|
}
|
||||||
|
|
||||||
initializeEnviroment
|
|
||||||
echo -e "Check Point Nano Agent Nginx compatibility verifier version ${PACKAGE_VERSION}\n"
|
echo -e "Check Point Nano Agent Nginx compatibility verifier version ${PACKAGE_VERSION}\n"
|
||||||
check_flags_options "$@"
|
check_flags_options "$@"
|
||||||
|
initializeEnviroment
|
||||||
_main
|
_main
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user