forked from litiian/security-kibana-plugin
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathbuild.sh
executable file
·197 lines (167 loc) · 5.37 KB
/
build.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
#!/bin/bash
KIBANA_VERSION="$1"
ELASTICSEARCH_SECURITY_PLUGIN_VERSION="$2"
COMMAND="$3"
# sanity checks for options
if [ -z "$KIBANA_VERSION" ] || [ -z "$ELASTICSEARCH_SECURITY_PLUGIN_VERSION" ] || [ -z "$COMMAND" ]; then
echo "Usage: ./build.sh <kibana_version> <elasticsearch_security_plugin_version> <install|deploy>"
exit 1
fi
if [ "$COMMAND" != "deploy" ] && [ "$COMMAND" != "deploy-snapshot" ] && [ "$COMMAND" != "install" ]; then
echo "Usage: ./build.sh <kibana_version> <elasticsearch_security_plugin_version> <install|deploy>"
echo "Unknown command: $COMMAND"
exit 1
fi
# sanity checks for maven
if [ -z "$MAVEN_HOME" ]; then
echo "MAVEN_HOME not set"
exit 1
fi
echo "+++ Checking Maven version +++"
$MAVEN_HOME/bin/mvn -version
if [ $? != 0 ]; then
echo "Checking maven version failed";
exit 1
fi
# sanity checks for nvm
if [ -z "$NVM_HOME" ]; then
echo "NVM_HOME not set"
exit 1
fi
echo "+++ Sourcing nvm +++"
[ -s "$NVM_HOME/nvm.sh" ] && \. "$NVM_HOME/nvm.sh"
echo "+++ Checking nvm version +++"
nvm version
if [ $? != 0 ]; then
echo "Checking mvn version failed"
exit 1
fi
# check version matches. Do not use jq here, only bash
WORK_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
cd $WORK_DIR
# while read -r line
# do
# if [[ "$line" =~ ^\"version\".* ]]; then
# if [[ "$line" != "\"version\": \"$1-$2\"," ]]; then
# echo "Provided version \"version\": \"$1-$2\" does not match Kibana version: $line"
# exit 1;
# fi
# fi
# done < "package.json"
# cleanup any leftovers
./clean.sh
if [ $? != 0 ]; then
echo "Cleaning leftovers failed"
exit 1
fi
# prepare artefacts
PLUGIN_NAME="opendistro_security_kibana_plugin-$ELASTICSEARCH_SECURITY_PLUGIN_VERSION"
echo "+++ Building $PLUGIN_NAME.zip +++"
WORK_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
cd "$WORK_DIR"
BUILD_STAGE_DIR="$WORK_DIR/build_stage"
mkdir -p $BUILD_STAGE_DIR
cd $BUILD_STAGE_DIR
echo "+++ Cloning https://github.com/elastic/kibana.git +++"
git clone https://github.com/elastic/kibana.git || true > /dev/null 2>&1
if [ $? != 0 ]; then
echo "got clone Kibana repository failed"
exit 1
fi
cd "kibana"
git fetch
echo "+++ Change to tags/v$KIBANA_VERSION +++"
git checkout "tags/v$KIBANA_VERSION"
if [ $? != 0 ]; then
echo "Switching to Kibana tags/v$KIBANA_VERSION failed"
exit 1
fi
echo "+++ Installing node version $(cat .node-version) +++"
nvm install "$(cat .node-version)"
if [ $? != 0 ]; then
echo "Installing node $(cat .node-version) failed"
exit 1
fi
echo "+++ Installing Yarn +++"
curl -o- -L https://yarnpkg.com/install.sh | bash
if [ $? != 0 ]; then
echo "Installing Yarn failed"
exit 1
fi
echo "+++ Sourcing Yarn +++"
export PATH="$HOME/.yarn/bin:$HOME/.config/yarn/global/node_modules/.bin:$PATH"
echo "+++ Copy plugin contents to build stage +++"
BUILD_STAGE_PLUGIN_DIR="$BUILD_STAGE_DIR/kibana/plugins/security-kibana-plugin"
mkdir -p $BUILD_STAGE_PLUGIN_DIR
cp -a "$WORK_DIR/index.js" "$BUILD_STAGE_PLUGIN_DIR"
cp -a "$WORK_DIR/package.json" "$BUILD_STAGE_PLUGIN_DIR"
cp -a "$WORK_DIR/lib" "$BUILD_STAGE_PLUGIN_DIR"
cp -a "$WORK_DIR/public" "$BUILD_STAGE_PLUGIN_DIR"
cp -a "$WORK_DIR/tests" "$BUILD_STAGE_PLUGIN_DIR"
cp -a "$WORK_DIR/babel.config.js" "$BUILD_STAGE_PLUGIN_DIR"
cd $BUILD_STAGE_PLUGIN_DIR
echo "+++ Checking yarn packages for vulnerabilities +++"
auditResult=`yarn audit --level 4`
isNoVulnerability="[^\d]0 vulnerabilities found.*$"
let limit=1*10**20 # Limit num of chars because the result can be huge
if [[ ! $auditResult =~ $isNoVulnerability && $EXIT_IF_VULNERABILITY = true ]]; then
echo ${auditResult::limit}
exit 1
fi
echo ${auditResult::limit}
echo "+++ Installing plugin node modules +++"
yarn kbn bootstrap
if [ $? != 0 ]; then
echo "Installing node modules failed"
exit 1
fi
echo "+++ Installing plugin node modules for production +++"
rm -rf "node_modules"
yarn install --production --pure-lockfile
if [ $? != 0 ]; then
echo "Installing node modules failed"
exit 1
fi
cd "$WORK_DIR"
rm -rf build/
rm -rf node_modules/
echo "+++ Copy plugin contents to finalize build +++"
COPYPATH="build/kibana/$PLUGIN_NAME"
mkdir -p "$COPYPATH"
cp -a "$BUILD_STAGE_PLUGIN_DIR/index.js" "$COPYPATH"
cp -a "$BUILD_STAGE_PLUGIN_DIR/package.json" "$COPYPATH"
cp -a "$BUILD_STAGE_PLUGIN_DIR/node_modules" "$COPYPATH"
cp -a "$BUILD_STAGE_PLUGIN_DIR/lib" "$COPYPATH"
cp -a "$BUILD_STAGE_PLUGIN_DIR/public" "$COPYPATH"
# Replace pom version
rm -f pom.xml
sed -e "s/RPLC_PLUGIN_VERSION/$KIBANA_VERSION-$SECURITY_PLUGIN_VERSION/" ./pom.template.xml > ./pom.xml
if [ $? != 0 ]; then
echo "sed failed"
exit 1
fi
if [ "$COMMAND" = "deploy" ] ; then
echo "+++ mvn clean deploy -Prelease +++"
$MAVEN_HOME/bin/mvn clean deploy -Prelease
if [ $? != 0 ]; then
echo "$MAVEN_HOME/bin/mvn clean deploy -Prelease failed"
exit 1
fi
fi
#-s settings.xml is needed on circleci only
if [ "$COMMAND" = "deploy-snapshot" ] ; then
echo "+++ mvn clean deploy +++"
$MAVEN_HOME/bin/mvn clean deploy -s settings.xml
if [ $? != 0 ]; then
echo "$MAVEN_HOME/bin/mvn clean deploy -s settings.xml failed"
exit 1
fi
fi
if [ "$COMMAND" = "install" ] ; then
echo "+++ mvn clean install +++"
$MAVEN_HOME/bin/mvn clean package -Duser.home=/home/jenkins
if [ $? != 0 ]; then
echo "$MAVEN_HOME/bin/mvn clean install failed"
exit 1
fi
fi