Skip to content

Commit

Permalink
Merge pull request #9253 from tanium/update-tanium-readme
Browse files Browse the repository at this point in the history
Update Tanium's README file
  • Loading branch information
v-atulyadav authored Oct 25, 2023
2 parents 3ccade3 + 4c43ae8 commit d9cdfe6
Show file tree
Hide file tree
Showing 3 changed files with 51 additions and 83 deletions.
13 changes: 13 additions & 0 deletions Solutions/Tanium/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,19 @@ Prerequisites:
- Install make `brew install make`
- Install arm-ttk in powershell: https://github.com/Azure/arm-ttk

Ensure that you add arm-ttk to your powershell profile e.g.

```
(in powershell)
> New-Item -Type File -Path $PROFILE -Force
> vim $PROFILE
(in that file add:)
Import-Module /full/path/to/import/module/for/arm-ttk
```

Building a solution:

1. Clone the https://github.com/Tanium/Azure-Sentinel repo
Expand Down
118 changes: 37 additions & 81 deletions Solutions/Tanium/build_solution.sh
Original file line number Diff line number Diff line change
Expand Up @@ -2,12 +2,6 @@

set -Eeuo pipefail

# globals
_TOOL_DIRECTORY="Tools/Create-Azure-Sentinel-Solution/V2"
_SH_TOOL_DIRECTORY="./$_TOOL_DIRECTORY"
_INPUT_DIRECTORY="$_SH_TOOL_DIRECTORY/input"
_REBUILD=0

_msg() {
echo >&2 -e "${1-}"
}
Expand All @@ -29,7 +23,9 @@ _msg_success() {
}

_shout() {
_msg
echo >&2 "$(tput bold)${*}$(tput sgr0)"
_msg
}

_die() {
Expand All @@ -39,40 +35,21 @@ _die() {
exit "$code"
}

report_failure() {
declare log=$1
grep Failed "$log"
grep -E 'Errors.*:.*[A-Z]' -A10 "$log" || true
}

build_solution() {
_msg "🏗 Building Tanium Sentinel solution"
pwsh -Command "$_TOOL_DIRECTORY/createSolutionV2.ps1"
}

build_failed() {
grep -qm1 '^Failed' "$1"
}

report_success() {
declare log=$1

_msg_success "🎉 Build success"

_msg <<END
- files: ./Solutions/Tanium/Package/*
- build log: $log"
END

_msg "\nYou should next run Solutions/Tanium/check_build.sh to compare this build with the previous build"
}

clear_existing_build_inputs() {
rm -f "$_INPUT_DIRECTORY"/*
}

copy_tanium_build_manifest_into_tooling() {
cp ./Solutions/Tanium/Data/Solution_Tanium.json "$_INPUT_DIRECTORY/Solution_Tanium.json"
_msg "🤖 Sorry but the V3 build script requires user interaction"
_msg ""
_msg "Run this command to perform the build:"
_msg ""
_msg " (cd ../.. && pwsh ./Tools/Create-Azure-Sentinel-Solution/V3/createSolutionV3.ps1)"
_msg ""
_msg "At the prompt type in: ./Solutions/Tanium/Data"
_msg ""
_msg "e.g. Enter solution data file path : ./Solutions/Tanium/Data"
_msg ""
_msg "---"
_msg "NOTE: Property: \"id\" must use one of the following expressions for an resourceId property is an IGNORABLE error"
_msg "Citation: https://github.com/Azure/Azure-Sentinel/tree/e92286da7d185c99c6d30c2cb8c86bbeca1a99ba/Tools/Create-Azure-Sentinel-Solution/V3#arm-ttk-failue-for-contentproductid-id-issues"
_msg ""
}

move_tanium_package_directory_to_temporary_location() {
Expand All @@ -89,47 +66,27 @@ copy_previous_tanium_package_zip_files_from_temporary_location_back_into_package

pre_build_prep() {
local tmpdir=$1
_msg "🚮 Clearing existing inputs from the solution build tool"
clear_existing_build_inputs
_msg "💾 Copying Tanium build input into the solution build tool"
copy_tanium_build_manifest_into_tooling
_msg "🚛 Moving contents of Tanium/Package into a temporary location ($tmpdir) so they are not included in the zip"
move_tanium_package_directory_to_temporary_location "$tmpdir"
}

post_build_cleanup() {
local tmpdir=$1
_msg "🚮 Clearing inputs from the solution build tool"
rm -f "$_INPUT_DIRECTORY"/*
_msg "🆗 Restoring original inputs in the solution build tool"
git checkout "$_INPUT_DIRECTORY"
_msg "⏪ Copying zip files from temporary location back into Tanium/Package"
copy_previous_tanium_package_zip_files_from_temporary_location_back_into_package_directory "$tmpdir"
}

check-command() {
_msg " 🔧 checking $1"
if ! command -v "$1" >/dev/null; then
_die "$1 command not found: please brew install ${2-:$1}"
fi
}

check-new-version() {
local declared_version
declared_version=$(jq -r ".Version" Solutions/Tanium/Data/Solution_Tanium.json)
DECLARED_VERSION=$declared_version

if [[ "$_REBUILD" -eq 1 ]]; then
rm "Solutions/Tanium/Package/$declared_version.zip" || true
fi

if find Solutions/Tanium/Package -name '*.zip' | grep -q "$declared_version"; then
_msg
_msg_error "Found $declared_version.zip already built in Solutions/Tanium/Package"
_msg
_msg "Did you forget to increment the version in Solutions/Tanium/Data/Solution_Tanium.json?"
_msg "If you want to rebuild $declared_version then delete the zip file first or use --rebuild"
_msg
exit 1
check-arm-ttk() {
_msg " 🔧 checking arm-ttk module in powershell"
if ! pwsh -c Get-Module arm-ttk | grep -q arm-ttk; then
_die "arm-ttk module not found in your powershell"
fi
}

Expand All @@ -142,6 +99,7 @@ check-matching-playbook-declarations() {
playbook_json_files=$(find Solutions/Tanium/Playbooks -name "azuredeploy.json" | sort | sed -e 's|Solutions/Tanium/||')
declared_playbook_json_files=$(jq -r ".Playbooks[]" Solutions/Tanium/Data/Solution_Tanium.json | sort)

_msg " 🕵️ checking that playbook json files are all declared in the manifest"
# comm -23 : omit lines in common and lines only in the second file
undeclared_playbook_json_files=$(comm -23 <(echo "$playbook_json_files") <(echo "$declared_playbook_json_files"))
if [[ -n "$undeclared_playbook_json_files" ]]; then
Expand All @@ -153,6 +111,7 @@ check-matching-playbook-declarations() {
exit 1
fi

_msg " 🕵️ checking that all playbooks declared in the manifest have playbook json files"
# comm -13 : omit lines in common and lines only in the first file
missing_playbook_json_files=$(comm -13 <(echo "$playbook_json_files") <(echo "$declared_playbook_json_files"))
if [[ -n "$missing_playbook_json_files" ]]; then
Expand All @@ -166,17 +125,24 @@ check-matching-playbook-declarations() {
}

check-prerequisites() {
_msg "🧰 checking prerequisites"
check-command "jq"
check-command "git"
check-command "pwsh" "powershell"
check-new-version
check-arm-ttk
_msg "🧾 checking the package manifest"
check-matching-playbook-declarations
}

usage() {
_msg "build_solution.sh to build Solutions/Tanium"
_msg "Will build according to metadata from Solutions/Tanium/Data/Solution_Tanium.json"
_msg "Use --rebuild to rebuild the same version again"
_msg "build_solution.sh"
_msg ""
_msg "Builds a Sentinel package for Solutions/Tanium"
_msg ""
_msg "Will build a Sentinel package using the manifest Solutions/Tanium/Data/Solution_Tanium.json via Tools/Create-Azure-Sentinel-Solution/V3/createSolutionV3.ps1"
_msg ""
_msg "The built package will land in Solutions/Tanium/Package"
_msg ""
exit 0
}

Expand All @@ -185,26 +151,16 @@ main() {
while :; do
case "${1-}" in
-h | --help) usage ;;
-r | --rebuild) _REBUILD=1 ;;
-?*) _die "Unknown option: $1" ;;
*) break ;;
esac
shift
done

_shout "Checking prerequisites"
check-prerequisites
_shout "Building Solutions/Tanium $DECLARED_VERSION using $_TOOL_DIRECTORY"
declare logfile="/tmp/tanium_sentinel_create_package.log"
declare tmpdir
tmpdir=$(mktemp -d)
pre_build_prep "$tmpdir"
build_solution | tee /dev/tty > "$logfile"
post_build_cleanup "$tmpdir"
if build_failed "$logfile"; then
report_failure "$logfile"
_die "Detected a build failure"
fi
report_success "$logfile"
_shout "Building Solution"
build_solution
)
}

Expand Down
3 changes: 1 addition & 2 deletions Solutions/Tanium/check_build.sh
Original file line number Diff line number Diff line change
Expand Up @@ -77,7 +77,6 @@ compare_contents() {
}

show_diff_commands() {
echo "$previous"
_msg "\nTo diff mainTemplate.json:"
_msg " check_build.sh diff mainTemplate.json"
_msg "\nTo diff createUiDefinition.json:"
Expand All @@ -101,7 +100,7 @@ show_manual_check_steps() {
2. Validate maintemplate.json:
Validate mainTemplate.json by deploying the template in portal. Follow these steps to deploy in portal:
Validate mainTemplate.json by deploying the template in portal. Follow these steps to deploy in portal:
• Open up https://aka.ms/AzureSentinelPrP which launches the Azure portal with the needed private preview flags.
• Go to "Deploy a Custom Template" on the portal
Expand Down

0 comments on commit d9cdfe6

Please sign in to comment.