diff --git a/Solutions/Tanium/README.md b/Solutions/Tanium/README.md index c1cb595d1ab..3fea522e6a2 100644 --- a/Solutions/Tanium/README.md +++ b/Solutions/Tanium/README.md @@ -27,6 +27,19 @@ Prerequisites: - Install make `brew install make` - Install arm-ttk in powershell: https://github.com/Azure/arm-ttk +Ensure that you add arm-ttk to your powershell profile e.g. + +``` +(in powershell) + +> New-Item -Type File -Path $PROFILE -Force +> vim $PROFILE + +(in that file add:) + +Import-Module /full/path/to/import/module/for/arm-ttk +``` + Building a solution: 1. Clone the https://github.com/Tanium/Azure-Sentinel repo diff --git a/Solutions/Tanium/build_solution.sh b/Solutions/Tanium/build_solution.sh index 96b8d7144fd..d5f913fcbec 100755 --- a/Solutions/Tanium/build_solution.sh +++ b/Solutions/Tanium/build_solution.sh @@ -2,12 +2,6 @@ set -Eeuo pipefail -# globals -_TOOL_DIRECTORY="Tools/Create-Azure-Sentinel-Solution/V2" -_SH_TOOL_DIRECTORY="./$_TOOL_DIRECTORY" -_INPUT_DIRECTORY="$_SH_TOOL_DIRECTORY/input" -_REBUILD=0 - _msg() { echo >&2 -e "${1-}" } @@ -29,7 +23,9 @@ _msg_success() { } _shout() { + _msg echo >&2 "$(tput bold)${*}$(tput sgr0)" + _msg } _die() { @@ -39,40 +35,21 @@ _die() { exit "$code" } -report_failure() { - declare log=$1 - grep Failed "$log" - grep -E 'Errors.*:.*[A-Z]' -A10 "$log" || true -} - build_solution() { - _msg "๐Ÿ— Building Tanium Sentinel solution" - pwsh -Command "$_TOOL_DIRECTORY/createSolutionV2.ps1" -} - -build_failed() { - grep -qm1 '^Failed' "$1" -} - -report_success() { - declare log=$1 - - _msg_success "๐ŸŽ‰ Build success" - - _msg </dev/null; then _die "$1 command not found: please brew install ${2-:$1}" fi } -check-new-version() { - local declared_version - declared_version=$(jq -r ".Version" Solutions/Tanium/Data/Solution_Tanium.json) - DECLARED_VERSION=$declared_version - - if [[ "$_REBUILD" -eq 1 ]]; then - rm "Solutions/Tanium/Package/$declared_version.zip" || true - fi - - if find Solutions/Tanium/Package -name '*.zip' | grep -q "$declared_version"; then - _msg - _msg_error "Found $declared_version.zip already built in Solutions/Tanium/Package" - _msg - _msg "Did you forget to increment the version in Solutions/Tanium/Data/Solution_Tanium.json?" - _msg "If you want to rebuild $declared_version then delete the zip file first or use --rebuild" - _msg - exit 1 +check-arm-ttk() { + _msg " ๐Ÿ”ง checking arm-ttk module in powershell" + if ! pwsh -c Get-Module arm-ttk | grep -q arm-ttk; then + _die "arm-ttk module not found in your powershell" fi } @@ -142,6 +99,7 @@ check-matching-playbook-declarations() { playbook_json_files=$(find Solutions/Tanium/Playbooks -name "azuredeploy.json" | sort | sed -e 's|Solutions/Tanium/||') declared_playbook_json_files=$(jq -r ".Playbooks[]" Solutions/Tanium/Data/Solution_Tanium.json | sort) + _msg " ๐Ÿ•ต๏ธ checking that playbook json files are all declared in the manifest" # comm -23 : omit lines in common and lines only in the second file undeclared_playbook_json_files=$(comm -23 <(echo "$playbook_json_files") <(echo "$declared_playbook_json_files")) if [[ -n "$undeclared_playbook_json_files" ]]; then @@ -153,6 +111,7 @@ check-matching-playbook-declarations() { exit 1 fi + _msg " ๐Ÿ•ต๏ธ checking that all playbooks declared in the manifest have playbook json files" # comm -13 : omit lines in common and lines only in the first file missing_playbook_json_files=$(comm -13 <(echo "$playbook_json_files") <(echo "$declared_playbook_json_files")) if [[ -n "$missing_playbook_json_files" ]]; then @@ -166,17 +125,24 @@ check-matching-playbook-declarations() { } check-prerequisites() { + _msg "๐Ÿงฐ checking prerequisites" check-command "jq" check-command "git" check-command "pwsh" "powershell" - check-new-version + check-arm-ttk + _msg "๐Ÿงพ checking the package manifest" check-matching-playbook-declarations } usage() { - _msg "build_solution.sh to build Solutions/Tanium" - _msg "Will build according to metadata from Solutions/Tanium/Data/Solution_Tanium.json" - _msg "Use --rebuild to rebuild the same version again" + _msg "build_solution.sh" + _msg "" + _msg "Builds a Sentinel package for Solutions/Tanium" + _msg "" + _msg "Will build a Sentinel package using the manifest Solutions/Tanium/Data/Solution_Tanium.json via Tools/Create-Azure-Sentinel-Solution/V3/createSolutionV3.ps1" + _msg "" + _msg "The built package will land in Solutions/Tanium/Package" + _msg "" exit 0 } @@ -185,26 +151,16 @@ main() { while :; do case "${1-}" in -h | --help) usage ;; - -r | --rebuild) _REBUILD=1 ;; -?*) _die "Unknown option: $1" ;; *) break ;; esac shift done + _shout "Checking prerequisites" check-prerequisites - _shout "Building Solutions/Tanium $DECLARED_VERSION using $_TOOL_DIRECTORY" - declare logfile="/tmp/tanium_sentinel_create_package.log" - declare tmpdir - tmpdir=$(mktemp -d) - pre_build_prep "$tmpdir" - build_solution | tee /dev/tty > "$logfile" - post_build_cleanup "$tmpdir" - if build_failed "$logfile"; then - report_failure "$logfile" - _die "Detected a build failure" - fi - report_success "$logfile" + _shout "Building Solution" + build_solution ) } diff --git a/Solutions/Tanium/check_build.sh b/Solutions/Tanium/check_build.sh index adaec26e623..fd128137be6 100755 --- a/Solutions/Tanium/check_build.sh +++ b/Solutions/Tanium/check_build.sh @@ -77,7 +77,6 @@ compare_contents() { } show_diff_commands() { - echo "$previous" _msg "\nTo diff mainTemplate.json:" _msg " check_build.sh diff mainTemplate.json" _msg "\nTo diff createUiDefinition.json:" @@ -101,7 +100,7 @@ show_manual_check_steps() { 2. Validate maintemplate.json: - Validate mainTemplate.json by deploying the template in portal. Follow these steps to deploy in portal: + Validate mainTemplate.json by deploying the template in portal. Follow these steps to deploy in portal: โ€ข Open up https://aka.ms/AzureSentinelPrP which launches the Azure portal with the needed private preview flags. โ€ข Go to "Deploy a Custom Template" on the portal