fleet/pkg/packaging/packaging.go

// package packaging provides tools for buildin Orbit installation packages.
package packaging

import (
	"io"
	"os"
	"path/filepath"

	"github.com/fleetdm/orbit/pkg/update"
	"github.com/fleetdm/orbit/pkg/update/filestore"
	"github.com/pkg/errors"
	"github.com/rs/zerolog/log"
)

// Options are the configurable options provided for the package.
type Options struct {
	// FleetURL is the URL to the Fleet server.
	FleetURL string
	// EnrollSecret is the enroll secret used to authenticate to the Fleet
	// server.
	EnrollSecret string
	// Version is the version number for this package.
	Version string
	// Identifier is the identifier (eg. com.fleetdm.orbit) for the package product.
	Identifier string
	// StartService is a boolean indicating whether to start a system-specific
	// background service.
	StartService bool
	// Insecure enables insecure TLS connections for the generated package.
	Insecure bool
	// SignIdentity is the codesigning identity to use (only macOS at this time)
	SignIdentity string
	// Notarize sets whether macOS packages should be Notarized.
	Notarize bool
	// FleetCertificate is a path to a server certificate to include in the package.
	FleetCertificate string
	// OrbitChannel is the update channel to use for Orbit.
	OrbitChannel string
	// OsqueryChannel is the update channel to use for Osquery.
	OsqueryChannel string
}

func copyFile(srcPath, dstPath string, perm os.FileMode) error {
	src, err := os.Open(srcPath)
	if err != nil {
		return errors.Wrap(err, "open src for copy")
	}
	defer src.Close()

	if err := os.MkdirAll(filepath.Dir(dstPath), 0755); err != nil {
		return errors.Wrap(err, "create dst dir for copy")
	}

	dst, err := os.OpenFile(dstPath, os.O_RDWR|os.O_CREATE, perm)
	if err != nil {
		return errors.Wrap(err, "open dst for copy")
	}
	defer dst.Close()

	if _, err := io.Copy(dst, src); err != nil {
		return errors.Wrap(err, "copy src to dst")
	}

	return nil
}

func initializeUpdates(updateOpt update.Options) error {
	localStore, err := filestore.New(filepath.Join(updateOpt.RootDirectory, "tuf-metadata.json"))
	if err != nil {
		return errors.Wrap(err, "failed to create local metadata store")
	}
	updateOpt.LocalStore = localStore

	updater, err := update.New(updateOpt)
	if err != nil {
		return errors.Wrap(err, "failed to init updater")
	}
	if err := updater.UpdateMetadata(); err != nil {
		return errors.Wrap(err, "failed to update metadata")
	}
	osquerydPath, err := updater.Get("osqueryd", updateOpt.OsqueryChannel)
	if err != nil {
		return errors.Wrap(err, "failed to get osqueryd")
	}
	log.Debug().Str("path", osquerydPath).Msg("got osqueryd")

	orbitPath, err := updater.Get("orbit", updateOpt.OrbitChannel)
	if err != nil {
		return errors.Wrap(err, "failed to get orbit")
	}
	log.Debug().Str("path", orbitPath).Msg("got orbit")

	return nil
}
Refactor Deb functionality into packaging package 2021-02-08 23:55:36 +00:00			`// package packaging provides tools for buildin Orbit installation packages.`
			`package packaging`

macOS packaging works with launchd 2021-02-17 02:05:18 +00:00			`import (`
			`"io"`
			`"os"`
			`"path/filepath"`

Add support for packaging certificates - Refactor update initialization 2021-02-25 20:38:21 +00:00			`"github.com/fleetdm/orbit/pkg/update"`
			`"github.com/fleetdm/orbit/pkg/update/filestore"`
macOS packaging works with launchd 2021-02-17 02:05:18 +00:00			`"github.com/pkg/errors"`
Add support for packaging certificates - Refactor update initialization 2021-02-25 20:38:21 +00:00			`"github.com/rs/zerolog/log"`
macOS packaging works with launchd 2021-02-17 02:05:18 +00:00			`)`

Refactor Deb functionality into packaging package 2021-02-08 23:55:36 +00:00			`// Options are the configurable options provided for the package.`
			`type Options struct {`
			`// FleetURL is the URL to the Fleet server.`
			`FleetURL string`
			`// EnrollSecret is the enroll secret used to authenticate to the Fleet`
			`// server.`
			`EnrollSecret string`
Partial progress on macOS packaging 2021-02-09 03:23:50 +00:00			`// Version is the version number for this package.`
			`Version string`
			`// Identifier is the identifier (eg. com.fleetdm.orbit) for the package product.`
			`Identifier string`
Refactor Deb functionality into packaging package 2021-02-08 23:55:36 +00:00			`// StartService is a boolean indicating whether to start a system-specific`
			`// background service.`
			`StartService bool`
			`// Insecure enables insecure TLS connections for the generated package.`
			`Insecure bool`
Code signing and Notarization for macOS 2021-02-17 21:25:56 +00:00			`// SignIdentity is the codesigning identity to use (only macOS at this time)`
			`SignIdentity string`
Make macOS notarization optional for packaging 2021-02-18 00:22:03 +00:00			`// Notarize sets whether macOS packages should be Notarized.`
			`Notarize bool`
Add support for packaging certificates - Refactor update initialization 2021-02-25 20:38:21 +00:00			`// FleetCertificate is a path to a server certificate to include in the package.`
			`FleetCertificate string`
Use symlink for current orbit binary 2021-03-02 19:24:32 +00:00			`// OrbitChannel is the update channel to use for Orbit.`
			`OrbitChannel string`
			`// OsqueryChannel is the update channel to use for Osquery.`
			`OsqueryChannel string`
Refactor Deb functionality into packaging package 2021-02-08 23:55:36 +00:00			`}`
macOS packaging works with launchd 2021-02-17 02:05:18 +00:00
			`func copyFile(srcPath, dstPath string, perm os.FileMode) error {`
			`src, err := os.Open(srcPath)`
			`if err != nil {`
			`return errors.Wrap(err, "open src for copy")`
			`}`
			`defer src.Close()`

			`if err := os.MkdirAll(filepath.Dir(dstPath), 0755); err != nil {`
			`return errors.Wrap(err, "create dst dir for copy")`
			`}`

			`dst, err := os.OpenFile(dstPath, os.O_RDWR\|os.O_CREATE, perm)`
			`if err != nil {`
			`return errors.Wrap(err, "open dst for copy")`
			`}`
			`defer dst.Close()`

			`if _, err := io.Copy(dst, src); err != nil {`
			`return errors.Wrap(err, "copy src to dst")`
			`}`

			`return nil`
			`}`
Add support for packaging certificates - Refactor update initialization 2021-02-25 20:38:21 +00:00
Use symlink for current orbit binary 2021-03-02 19:24:32 +00:00			`func initializeUpdates(updateOpt update.Options) error {`
Add support for packaging certificates - Refactor update initialization 2021-02-25 20:38:21 +00:00			`localStore, err := filestore.New(filepath.Join(updateOpt.RootDirectory, "tuf-metadata.json"))`
			`if err != nil {`
			`return errors.Wrap(err, "failed to create local metadata store")`
			`}`
			`updateOpt.LocalStore = localStore`

			`updater, err := update.New(updateOpt)`
			`if err != nil {`
			`return errors.Wrap(err, "failed to init updater")`
			`}`
			`if err := updater.UpdateMetadata(); err != nil {`
			`return errors.Wrap(err, "failed to update metadata")`
			`}`
Use symlink for current orbit binary 2021-03-02 19:24:32 +00:00			`osquerydPath, err := updater.Get("osqueryd", updateOpt.OsqueryChannel)`
Add support for packaging certificates - Refactor update initialization 2021-02-25 20:38:21 +00:00			`if err != nil {`
			`return errors.Wrap(err, "failed to get osqueryd")`
			`}`
			`log.Debug().Str("path", osquerydPath).Msg("got osqueryd")`

Use symlink for current orbit binary 2021-03-02 19:24:32 +00:00			`orbitPath, err := updater.Get("orbit", updateOpt.OrbitChannel)`
Add support for packaging certificates - Refactor update initialization 2021-02-25 20:38:21 +00:00			`if err != nil {`
			`return errors.Wrap(err, "failed to get orbit")`
			`}`
			`log.Debug().Str("path", orbitPath).Msg("got orbit")`

			`return nil`
			`}`