empayre/fleet
14
0
Fork 0
mirror of https://github.com/empayre/fleet.git synced 2024-11-06 17:05:18 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
befbe88eb8
fleet/tools/tuf
History
Lucas Manuel Rodriguez f4d3159cc9
Fleetctl to package .app bundles for osquery (and changes for orbit to support them) (#4393) 
* WIP

* WIP2

* Fix orbit and fleetctl tests

* Amend macos-app default

* Add some fixes

* Use fleetctl updates roots command

* Add more fixes to Updater

* Fixes to app publishing and downloading

* Add more changes to support fleetctl cross generation

* Amend comment

* Add pkg generation to ease testing

* Make more fixes

* Add changes entry

* Add legacy targets (until our TUF system exposes the new app)

* Fix fleetctl preview

* Fix bool flag

* Fix orbit logic for disabled-updates and dev-mode

* Fix TestPreview

* Remove constant and fix zip-slip attack (codeql)

* Return unknown error

* Fix updater's checkExec

* Add support for executable signing in init_tuf.sh

* Try only signing orbit

* Fix init_tuf.sh targets, macos-app only for osqueryd

* Specify GOARCH to support M1s

* Add workflow to generate osqueryd.app.tar.gz

* Use 5.2.2 on init_tuf.sh

* Add unit test for tar.gz target

* Use artifacts instead of releases

* Remove copy paste residue

* Trigger workflow on PR

* Fixes to ease handling of artifact

* Fix, do not use target name as dir

* Remove workaround
2022-03-15 16:04:12 -03:00
..
init_tuf.sh Fleetctl to package .app bundles for osquery (and changes for orbit to support them) (#4393) 2022-03-15 16:04:12 -03:00
push_target.sh Fix update checks for orbit at startup (#3835) 2022-02-23 14:58:07 -03:00
README.md Fix update checks for orbit at startup (#3835) 2022-02-23 14:58:07 -03:00

README.md

Testing TUF

Scripts in this directory aim to ease the testing of Orbit and the TUF system.

WARNING: All of these scripts are for testing only, they are not safe for production use.

Init

To initialize and run a local TUF server, run the init_tuf.sh script from the repository root directory:

./tools/tuf/init_tuf.sh

Add new updates

To add new updates (osqueryd or orbit), use push_target.sh.

E.g. to add a new version of orbit for Windows:

# Compile a new version of Orbit:
GOOS=windows go build -o orbit-windows.exe ./orbit/cmd/orbit

# Push the compiled Orbit as a new version:
./tools/tuf/push_target.sh windows orbit orbit-windows.exe 43

E.g. to add a new version of osqueryd for macOS:

# Download some version from our TUF server:
curl --output osqueryd https://tuf.fleetctl.com/targets/osqueryd/macos/5.0.1/osqueryd

# Push the osqueryd target as a new version:
./tools/tuf/push_target.sh macos osqueryd osqueryd 43