diff --git a/scripts/install_hat.ps1 b/scripts/install_hat.ps1 index 9d84e941..d67f437f 100644 --- a/scripts/install_hat.ps1 +++ b/scripts/install_hat.ps1 @@ -1,12 +1,25 @@ #Requires -RunAsAdministrator # Powershell script to install the HIRS Acceptance Test on Windows +Write-Host "Installing the HIRS Acceptance Test (HAT)" +Write-Host "Checking for prerequisites..." + +# Check for connectivity to github +$Github=Test-Connection -ComputerName www.github.com -Quiet +if ($Github -ne 'True' ) { + Write-Host "Cannot reach www.github.com, please check internet connection and Firewall settings" + Write-Host "Exiting without installing HAT. Hit Any key to exit" + $Host.UI.RawUI.ReadKey("NoEcho,IncludeKeyDown") + exit; +} else { + Write-Host "Github is accessible, continuing installation..." +} # Check For Docker Services -$Service = Get-Service -Name Docker +$Service=Get-Service -Name Docker if ($Service.Status -ne 'Running') { Write-Host "Docker is either NOT running or NOT installed." Write-Host "Please start or install Docker Desktop. See https://docs.docker.com/desktop/install/windows-install/"; - Write-Host "Exiting without removing the HAT. Hit Any Key to exit" + Write-Host "Exiting without installing HAT. Hit any key to exit" $Host.UI.RawUI.ReadKey("NoEcho,IncludeKeyDown") exit; } else { @@ -16,30 +29,43 @@ if ($Service.Status -ne 'Running') { # Check for previos install if (Test-Path -Path hirs) { Write-Host "The hirs folder exists under the current directory, aborting install." - Write-Host "Exiting without removing the HAT. Hit Any Key to exit" + Write-Host "Exiting without installing HAT. Hit Any key to exit" $Host.UI.RawUI.ReadKey("NoEcho,IncludeKeyDown") exit } +# Warn Admin that device needs to be attached for the next step and wait for connection +Write-Host "Please attach an Ethernet cable between this device and a powered target device for the next step. Hit Any Key to Continue" +$Host.UI.RawUI.ReadKey("NoEcho,IncludeKeyDown") | out-null +Write-Host "Testing connection" +$adapter=Get-NetAdapter Ethernet -Physical +if ($adapter.status -ne "Up") { + do { + $adapter=Get-NetAdapter Ethernet -Physical + Start-Sleep -seconds 10 + Write-Host "Waiting for an Ethernet connection..." + } until ($adapter.status -eq "Up") +} + # Make Firwall Rules for ACA to operate Write-Host "Adding Firewall rules" -netsh advfirewall firewall add rule name="ACA HTTPS" dir=in action=allow protocol=TCP localport=8443 -netsh advfirewall firewall add rule name="ACA HTTPS" dir=out action=allow protocol=TCP localport=8443 +netsh advfirewall firewall add rule name="ACA HTTPS" dir=in action=allow protocol=TCP localport=8443 | out-null +netsh advfirewall firewall add rule name="ACA HTTPS" dir=out action=allow protocol=TCP localport=8443 | out-null # Make folder for necessary files mkdir hirs | out-null Push-Location .\hirs\ | out-null -# Download necessary files -Write-Host "Reteiving Configuration Files" -wget https://raw.githubusercontent.com/nsacyber/HIRS/v3_issue_645/.ci/docker/compose-acceptance-test.yml -o compose-acceptance-test.yml +Write-Host "Retreiving Configuration Files" +wget https://raw.githubusercontent.com/nsacyber/HIRS/main/.ci/docker/compose-acceptance-test.yml -o compose-acceptance-test.yml Write-Host "Retreiving Trust Stores" -wget https://raw.githubusercontent.com/nsacyber/HIRS/v3_issue_645/.ci/setup/certs/oem_certs.zip -o oem_certs.zip -#Copy-Item -Path ..\projects\github\HIRS\.ci\setup\certs\oem_certs.zip -Destination . -wget https://raw.githubusercontent.com/nsacyber/HIRS/v3_issue_645/scripts/start_hat.ps1 -o start_hat.ps1 -#Copy-Item -Path ..\projects\github\HIRS\scripts\start_hat.ps1 -Destination . -wget https://raw.githubusercontent.com/nsacyber/HIRS/v3_issue_645/scripts/remove_hat.ps1 -o remove_hat.ps1 -#Copy-Item -Path ..\projects\github\HIRS\scripts\remove_hat.ps1 -Destination . +wget https://raw.githubusercontent.com/nsacyber/HIRS/main/.ci/setup/certs/oem_certs.zip -o oem_certs.zip +wget https://raw.githubusercontent.com/nsacyber/HIRS/main/scripts/start_hat.ps1 -o start_hat.ps1 +wget https://raw.githubusercontent.com/nsacyber/HIRS/main/scripts/remove_hat.ps1 -o remove_hat.ps1 +#wget https://raw.githubusercontent.com/nsacyber/HIRS/v3_issue_645/.ci/setup/certs/oem_certs.zip -o oem_certs.zip +#wget https://raw.githubusercontent.com/nsacyber/HIRS/v3_issue_645/scripts/start_hat.ps1 -o start_hat.ps1 +#wget https://raw.githubusercontent.com/nsacyber/HIRS/v3_issue_645/scripts/remove_hat.ps1 -o remove_hat.ps1 + Expand-Archive -Path oem_certs.zip Write-Host "Downloading images (This can take a while)" docker pull ghcr.io/nsacyber/hirs/aca:latest @@ -53,13 +79,11 @@ $Shortcut.Targetpath = "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.ex $Shortcut.Arguments = "-ExecutionPolicy bypass $Home\hirs\start_hat.ps1" $Shortcut.Save() -# Warn Admin that device needs to be attached for the next step -Write-Host "Please attach ethernet cable to this device and target device for the next step . Hit Any Key to Continue" -$Host.UI.RawUI.ReadKey("NoEcho,IncludeKeyDown") # Start up the containers in a detached mode docker compose -f $Home\hirs\compose-acceptance-test.yml up --detach # Wait for ACA to start Write-Host "Waiting for ACA to start up on local host port 8443 ..." +Write-Host " Note that several TCP connect failure notices are expectred while the container boots up." Start-Sleep -seconds 10 while ((Test-NetConnection -computername localhost -Port 8443 ).TcpTestSucceeded -eq $FALSE ) { Start-Sleep -seconds 5 } Write-Host "ACA is up!" @@ -75,5 +99,5 @@ foreach-Object { # Done Write-Host "HIRS Acceptance Test Installation complete." -Write-Host "Use the Desktop Shortcut to start the ACA and hat servers." +Write-Host "Open up the HIRS ACA Portal on your browser using this url: https://localhost:8443" Pop-Location | out-null \ No newline at end of file diff --git a/scripts/remove_hat.ps1 b/scripts/remove_hat.ps1 index c6784d3b..4a0f8aa0 100644 --- a/scripts/remove_hat.ps1 +++ b/scripts/remove_hat.ps1 @@ -13,10 +13,10 @@ if ($Service.Status -ne 'Running') { } $CurrentDir = Split-Path -Path (Get-Location) -Leaf -if ($CurrentDir -eq 'hirs') { +if ($CurrentDir -ne 'hirs') { Write-Host "Please run this script from the hirs directory" Write-Host "Exiting without removing the HAT. Hit Any Key to exit" - $Host.UI.RawUI.ReadKey("NoEcho,IncludeKeyDown") + $Host.UI.RawUI.ReadKey("NoEcho,IncludeKeyDown") Exit; } # remove Firewall Rules @@ -48,9 +48,10 @@ docker network rm hat_network Write-Host "Removing HAT images" #docker image rm ghcr.io/nsacyber/hirs/aca:latest -#docker image rm ghcr.io/nsacyber/hirs/hat:alpha6 +#docker image rm ghcr.io/nsacyber/hirs/hat:latest Write-Host "Removing local HAT folder and files" +cd .. if (Test-Path -LiteralPath hirs) { Remove-Item -LiteralPath hirs -Recurse diff --git a/scripts/start_hat.ps1 b/scripts/start_hat.ps1 index 545cb946..d5af7cc0 100644 --- a/scripts/start_hat.ps1 +++ b/scripts/start_hat.ps1 @@ -2,14 +2,14 @@ $DockerProc = Get-process "*docker desktop*" if ($DockerProc.Count -eq 0 ) { - Write-Host "Docker Service is not started, please start Docker desktop." - Write-Host "Exiting without starting Acceptance Test. Hit Any Key to exit" + Write-Host "Docker Service is not started, please start Docker Desktop." + Write-Host "Exiting without starting HAT. Hit any key to exit" $Host.UI.RawUI.ReadKey("NoEcho,IncludeKeyDown") exit } -$IsAcaRunning = docker container inspect -f '{{.State.Running}}' aca 2>&1 | out-null -$IsHatRunning = docker container inspect -f '{{.State.Running}}' hat 2>&1 | out-null +$IsAcaRunning = docker container inspect -f '{{.State.Running}}' aca 2>&1 +$IsHatRunning = docker container inspect -f '{{.State.Running}}' hat 2>&1 if ($IsHatRunning -eq $TRUE) { Write-Host "HAT container is already running" @@ -20,17 +20,20 @@ if ($IsAcaRunning -eq $TRUE) { } if ( ($IsHatRunning -eq $TRUE) -and ($IsAcaRunning -eq $TRUE) ) { - Write-Host "ACA and Hat container are already started, exiting" - Write-Host "Hit any key to exit" + Write-Host "ACA and Hat container are already started, exiting" + Write-Host "You can check container status in the Docker Desktop." + Write-Host "Use the following URL in your Browser to view the ACA Portal: https://localhost:8443" + Write-Host "Hit any key to exit" $Host.UI.RawUI.ReadKey("NoEcho,IncludeKeyDown") exit } else { Write-Host "Starting ACA and HAT containers..." - docker compose -f $Home\hirs\compose-acceptance-test.yml up + docker compose -f $Home\hirs\compose-acceptance-test.yml up --detach } Write-Host "HIRS Acceptance Test Servers Have been started." Write-Host "You can check container status in the Docker Desktop." -Write-Host "Use the following URL in your Browser to view the ACA Portal: https://172.16.1.75:8443" -Write-Host "Hit Any Key to continue" -$Host.UI.RawUI.ReadKey("NoEcho,IncludeKeyDown") \ No newline at end of file +Write-Host "Use the following URL in your Browser to view the ACA Portal: https://localhost:8443" +Write-Host "Hit any key" +$Host.UI.RawUI.ReadKey("NoEcho,IncludeKeyDown") +exit; \ No newline at end of file