Skip to content
This repository was archived by the owner on Feb 12, 2025. It is now read-only.

Commit 69c0c26

Browse files
To-omTo-om
committed
TheHive-Project#2042 Include cloner tool in docker entrypoint
1 parent 6a7a20d commit 69c0c26

File tree

3 files changed

+74
-52
lines changed

3 files changed

+74
-52
lines changed

docker.sbt

+1-1
Original file line numberDiff line numberDiff line change
@@ -46,7 +46,7 @@ dockerCommands := Seq(
4646
Cmd("ADD", "--chown=root:root", "opt", "/opt"),
4747
Cmd("ADD", "--chown=thehive:thehive", "var", "/var"),
4848
Cmd("ADD", "--chown=thehive:thehive", "etc", "/etc"),
49-
ExecCmd("RUN", "chmod", "+x", "/opt/thehive/bin/thehive", "/opt/thehive/entrypoint"),
49+
ExecCmd("RUN", "chmod", "+x", "/opt/thehive/bin/thehive", "/opt/thehive/entrypoint", "/opt/thehive/bin/cloner", "/opt/thehive/bin/migrate"),
5050
Cmd("RUN", "mkdir", "/data", "/opt/thp", "&&", "chown", "thehive:thehive", "/data", "/opt/thp"),
5151
Cmd("EXPOSE", "9000"),
5252
Cmd("USER", "thehive"),

migration/src/main/scala/org/thp/thehive/cloner/Cloner.scala

+1-1
Original file line numberDiff line numberDiff line change
@@ -39,7 +39,7 @@ object Cloner extends App with IntegrityCheckApp {
3939
val argParser = {
4040
import builder._
4141
OParser.sequence(
42-
programName("clone"),
42+
programName("cloner"),
4343
version('v', "version"),
4444
help('h', "help"),
4545
head("TheHive cloner tool", getVersion),

package/docker/entrypoint

+72-50
Original file line numberDiff line numberDiff line change
@@ -21,6 +21,9 @@ test "${TH_NO_CONFIG}" == 1
2121
CONFIG=$?
2222
CONFIG_FILE=${TH_CONFIG_FILE:-/etc/thehive/application.conf}
2323
CORTEX_KEYS=${TH_CORTEX_KEYS}
24+
MIGRATE=${TH_MIGRATE:-0}
25+
CLONER=${TH_CLONER:-0}
26+
2427
function usage {
2528
cat <<- _EOF_
2629
Available options:
@@ -42,16 +45,18 @@ function usage {
4245
--cortex-port <port> | define port to connect to Cortex (default: 9001)
4346
--cortex-hostname <host>,<host>,... | resolve this hostname to find Cortex instances
4447
--cortex-keys <key>,<key>,... | define Cortex key
48+
migrate <param> <param> ... | run migration tool
49+
cloner <param> <param> ... | run cloner tool
4550
_EOF_
4651
exit 1
4752
}
4853

4954

5055
STOP=0
51-
while test $# -gt 0 -o "${STOP}" = 1
56+
while test $# -gt 0 -a "${STOP}" = 0
5257
do
5358
case "$1" in
54-
"--config-file") shift;CONFIG_FILE=$1 ;;
59+
"--config-file") shift; CONFIG_FILE=$1 ;;
5560
"--no-config") CONFIG=0 ;;
5661
"--no-config-secret") CONFIG_SECRET=0 ;;
5762
"--secret") shift; SECRET=$1 ;;
@@ -70,12 +75,26 @@ do
7075
"--cortex-port") shift; CORTEX_PORT=$1 ;;
7176
"--cortex-hostnames") shift; CORTEX_HOSTNAMES=$1 ;;
7277
"--cortex-keys") shift; CORTEX_KEYS=$1 ;;
73-
"--") STOP=1;;
74-
*) usage
78+
"--") STOP=1 ;;
79+
"migrate") MIGRATE=1; STOP=1 ;;
80+
"cloner") CLONER=1; STOP=1 ;;
81+
*) echo param is -"$1"-; usage
7582
esac
7683
shift
7784
done
7885

86+
if test "${MIGRATE}" = 1
87+
then
88+
bin/migrate "$@"
89+
exit $?
90+
fi
91+
92+
if test "${CLONER}" = 1
93+
then
94+
bin/cloner "$@"
95+
exit $?
96+
fi
97+
7998
if test "${CONFIG}" = 1
8099
then
81100
CONFIG_FILE=$(mktemp --tmpdir thehive-XXXXXX.conf)
@@ -84,9 +103,9 @@ then
84103
if test -z "${SECRET}"
85104
then
86105
SECRET=$(dd if=/dev/urandom bs=1024 count=1 | tr -dc 'a-zA-Z0-9' | fold -w 64 | head -n 1)
87-
test "${SHOW_SECRET}" = 1 && echo Using secret: ${SECRET}
106+
test "${SHOW_SECRET}" = 1 && echo "Using secret: ${SECRET}"
88107
fi
89-
echo "play.http.secret.key = \"${SECRET}\"" >> ${CONFIG_FILE}
108+
echo "play.http.secret.key = \"${SECRET}\"" >> "${CONFIG_FILE}"
90109
fi
91110

92111
if test "${CONFIG_DB}" = 1
@@ -95,75 +114,78 @@ then
95114
declare -a CQL
96115
for C in "${CQL_HOSTS[@]}"
97116
do
98-
CQL+=($(getent ahostsv4 "$C" | awk '{ print $1 }' | sort -u))
117+
for IP in $(getent ahostsv4 "$C" | awk '{ print $1 }' | sort -u)
118+
do
119+
CQL+=("$IP")
120+
done
99121
done
100-
echo "db.janusgraph {" >> ${CONFIG_FILE}
122+
echo "db.janusgraph {" >> "${CONFIG_FILE}"
101123
if test "${#CQL[@]}" = 0
102124
then
103125
echo "Local database in ${BDB_DIRECTORY} is be used"
104126
mkdir -p "${BDB_DIRECTORY}"
105-
echo "storage.backend = berkeleyje" >> ${CONFIG_FILE}
106-
echo "storage.directory = \"${BDB_DIRECTORY}\"" >> ${CONFIG_FILE}
107-
echo "berkeleyje.freeDisk = 1" >> ${CONFIG_FILE}
127+
echo "storage.backend = berkeleyje" >> "${CONFIG_FILE}"
128+
echo "storage.directory = \"${BDB_DIRECTORY}\"" >> "${CONFIG_FILE}"
129+
echo "berkeleyje.freeDisk = 1" >> "${CONFIG_FILE}"
108130
if test -e "${BDB_DIRECTORY}"
109131
then
110132
test -w "${BDB_DIRECTORY}" || echo "WARNING the directory used to store database ($BDB_DIRECTORY) is not writable"
111133
else
112134
mkdir -p "${BDB_DIRECTORY}" || echo "WARNING the directory used to store database ($BDB_DIRECTORY) is not writable"
113135
fi
114136
else
115-
echo "Using cassandra address = ${CQL[@]}"
116-
echo "storage.backend = cql" >> ${CONFIG_FILE}
137+
echo "Using cassandra address = ${CQL[*]}"
138+
echo "storage.backend = cql" >> "${CONFIG_FILE}"
117139
if [[ -n $CQL_USERNAME && -n $CQL_PASSWORD ]]
118140
then
119-
echo "storage.username = \"${CQL_USERNAME}\"" >> ${CONFIG_FILE}
120-
echo "storage.password = \"${CQL_PASSWORD}\"" >> ${CONFIG_FILE}
121-
printf "Using ${CQL_USERNAME} as cassandra username and ${CQL_PASSWORD} as its password\n"
141+
echo "storage.username = \"${CQL_USERNAME}\"" >> "${CONFIG_FILE}"
142+
echo "storage.password = \"${CQL_PASSWORD}\"" >> "${CONFIG_FILE}"
143+
echo "Using ${CQL_USERNAME} as cassandra username and ${CQL_PASSWORD} as its password"
122144
fi
123-
echo "storage.cql.cluster-name = thp" >> ${CONFIG_FILE}
124-
echo "storage.cql.keyspace = thehive" >> ${CONFIG_FILE}
125-
echo "storage.hostname = [" >> ${CONFIG_FILE}
126-
printf '%s\n' "${CQL_HOSTS[@]}" >> ${CONFIG_FILE}
127-
echo "]" >> ${CONFIG_FILE}
145+
echo "storage.cql.cluster-name = thp" >> "${CONFIG_FILE}"
146+
echo "storage.cql.keyspace = thehive" >> "${CONFIG_FILE}"
147+
echo "storage.hostname = [" >> "${CONFIG_FILE}"
148+
printf '%s\n' "${CQL_HOSTS[@]}" >> "${CONFIG_FILE}"
149+
echo "]" >> "${CONFIG_FILE}"
128150
echo "Waiting until Cassandra DB is up"
129151
sleep 30 # Sleep until cassandra Db is up
130152
fi
131-
echo "index.search.backend = lucene" >> ${CONFIG_FILE}
132-
echo "index.search.directory = \"${INDEX_DIRECTORY}\"" >> ${CONFIG_FILE}
153+
echo "index.search.backend = lucene" >> "${CONFIG_FILE}"
154+
echo "index.search.directory = \"${INDEX_DIRECTORY}\"" >> "${CONFIG_FILE}"
133155
if test -e "${INDEX_DIRECTORY}"
134156
then
135157
test -w "${INDEX_DIRECTORY}" || echo "WARNING the directory used to store index ($INDEX_DIRECTORY) is not writable"
136158
else
137159
mkdir -p "${INDEX_DIRECTORY}" || echo "WARNING the directory used to store index ($INDEX_DIRECTORY) is not writable"
138160
fi
139-
echo "}" >> ${CONFIG_FILE}
161+
echo "}" >> "${CONFIG_FILE}"
140162
fi
141163

142164
if test "${CONFIG_STORAGE}" = 1
143165
then
144-
echo "storage {" >> ${CONFIG_FILE}
166+
echo "storage {" >> "${CONFIG_FILE}"
145167
if test -n "${HDFS_URL}"
146168
then
147169
echo "Using HDFS ${HDFS_URL}"
148-
echo "provider: hdfs" >> ${CONFIG_FILE}
149-
echo "hdfs {" >> ${CONFIG_FILE}
150-
echo "root: \"${HDFS_URL}\"" >> ${CONFIG_FILE}
151-
echo "location: "/thehive"" >> ${CONFIG_FILE}
152-
echo "username: thehive" >> ${CONFIG_FILE}
153-
echo "}" >> ${CONFIG_FILE}
170+
echo "provider: hdfs" >> "${CONFIG_FILE}"
171+
echo "hdfs {" >> "${CONFIG_FILE}"
172+
echo "root: \"${HDFS_URL}\"" >> "${CONFIG_FILE}"
173+
echo "location: \"/thehive\"" >> "${CONFIG_FILE}"
174+
echo "username: thehive" >> "${CONFIG_FILE}"
175+
echo "}" >> "${CONFIG_FILE}"
154176
else
155177
echo "Using local storage in ${STORAGE_DIRECTORY}"
156178
mkdir -p "${STORAGE_DIRECTORY}"
157-
echo "provider: localfs" >> ${CONFIG_FILE}
158-
echo "localfs.directory: \"${STORAGE_DIRECTORY}\"" >> ${CONFIG_FILE}
179+
echo "provider: localfs" >> "${CONFIG_FILE}"
180+
echo "localfs.directory: \"${STORAGE_DIRECTORY}\"" >> "${CONFIG_FILE}"
159181
if test -e "${STORAGE_DIRECTORY}"
160182
then
161183
test -w "${STORAGE_DIRECTORY}" || echo "WARNING the directory used to store files ($STORAGE_DIRECTORY) is not writable"
162184
else
163185
mkdir -p "${STORAGE_DIRECTORY}" || echo "WARNING the directory used to store files ($STORAGE_DIRECTORY) is not writable"
164186
fi
165187
fi
166-
echo "}" >> ${CONFIG_FILE}
188+
echo "}" >> "${CONFIG_FILE}"
167189
fi
168190

169191
if test "${CONFIG_CORTEX}" = 1
@@ -177,34 +199,34 @@ then
177199
done
178200
if test ${#CORTEX_URLS[@]} -gt 0
179201
then
180-
echo "play.modules.enabled += org.thp.thehive.connector.cortex.CortexModule" >> ${CONFIG_FILE}
181-
echo "cortex.servers = [" >> ${CONFIG_FILE}
202+
echo "play.modules.enabled += org.thp.thehive.connector.cortex.CortexModule" >> "${CONFIG_FILE}"
203+
echo "cortex.servers = [" >> "${CONFIG_FILE}"
182204
I=0
183-
for C in ${CORTEX_URLS[@]}
205+
for C in "${CORTEX_URLS[@]}"
184206
do
185207
echo "Add Cortex cortex${I}: ${C}"
186-
echo "{" >> ${CONFIG_FILE}
187-
echo "name = cortex${I}" >> ${CONFIG_FILE}
188-
echo "url = \"$C\"" >> ${CONFIG_FILE}
189-
echo auth { >> ${CONFIG_FILE}
190-
echo "type = \"bearer\"" >> ${CONFIG_FILE}
191-
echo "key = \"${CK[$I]}\"" >> ${CONFIG_FILE}
192-
echo "}" >> ${CONFIG_FILE}
193-
echo "}" >> ${CONFIG_FILE}
194-
I=$((${I}+1))
208+
echo "{" >> "${CONFIG_FILE}"
209+
echo "name = cortex${I}" >> "${CONFIG_FILE}"
210+
echo "url = \"$C\"" >> "${CONFIG_FILE}"
211+
echo "auth {" >> "${CONFIG_FILE}"
212+
echo "type = \"bearer\"" >> "${CONFIG_FILE}"
213+
echo "key = \"${CK[$I]}\"" >> "${CONFIG_FILE}"
214+
echo "}" >> "${CONFIG_FILE}"
215+
echo "}" >> "${CONFIG_FILE}"
216+
I=$((I+1))
195217
done
196-
echo "]" >> ${CONFIG_FILE}
218+
echo "]" >> "${CONFIG_FILE}"
197219
fi
198220
fi
199221

200-
echo "include file(\"/etc/thehive/application.conf\")" >> ${CONFIG_FILE}
222+
echo "include file(\"/etc/thehive/application.conf\")" >> "${CONFIG_FILE}"
201223
fi
202224

203225
bin/thehive \
204-
-Dconfig.file=${CONFIG_FILE} \
226+
-Dconfig.file="${CONFIG_FILE}" \
205227
-Dlogger.file=/etc/thehive/logback.xml \
206228
-Dpidfile.path=/dev/null \
207-
$@
229+
"$@"
208230
PID=$!
209231
trap 'kill -SIGTERM "${PID}"; wait "${PID}"; exit 143' SIGTERM SIGINT
210232
wait ${PID}

0 commit comments

Comments
 (0)