Added check for Ethernet connections during the install

This commit is contained in:
iadgovuser26 2024-01-05 11:40:38 -05:00
parent 93c7cb5aeb
commit 2773e3a986
3 changed files with 59 additions and 31 deletions

View File

@ -1,12 +1,25 @@
#Requires -RunAsAdministrator
# Powershell script to install the HIRS Acceptance Test on Windows
Write-Host "Installing the HIRS Acceptance Test (HAT)"
Write-Host "Checking for prerequisites..."
# Check for connectivity to github
$Github=Test-Connection -ComputerName www.github.com -Quiet
if ($Github -ne 'True' ) {
Write-Host "Cannot reach www.github.com, please check internet connection and Firewall settings"
Write-Host "Exiting without installing HAT. Hit Any key to exit"
$Host.UI.RawUI.ReadKey("NoEcho,IncludeKeyDown")
exit;
} else {
Write-Host "Github is accessible, continuing installation..."
}
# Check For Docker Services
$Service = Get-Service -Name Docker
$Service=Get-Service -Name Docker
if ($Service.Status -ne 'Running') {
Write-Host "Docker is either NOT running or NOT installed."
Write-Host "Please start or install Docker Desktop. See https://docs.docker.com/desktop/install/windows-install/";
Write-Host "Exiting without removing the HAT. Hit Any Key to exit"
Write-Host "Exiting without installing HAT. Hit any key to exit"
$Host.UI.RawUI.ReadKey("NoEcho,IncludeKeyDown")
exit;
} else {
@ -16,30 +29,43 @@ if ($Service.Status -ne 'Running') {
# Check for previos install
if (Test-Path -Path hirs) {
Write-Host "The hirs folder exists under the current directory, aborting install."
Write-Host "Exiting without removing the HAT. Hit Any Key to exit"
Write-Host "Exiting without installing HAT. Hit Any key to exit"
$Host.UI.RawUI.ReadKey("NoEcho,IncludeKeyDown")
exit
}
# Warn Admin that device needs to be attached for the next step and wait for connection
Write-Host "Please attach an Ethernet cable between this device and a powered target device for the next step. Hit Any Key to Continue"
$Host.UI.RawUI.ReadKey("NoEcho,IncludeKeyDown") | out-null
Write-Host "Testing connection"
$adapter=Get-NetAdapter Ethernet -Physical
if ($adapter.status -ne "Up") {
do {
$adapter=Get-NetAdapter Ethernet -Physical
Start-Sleep -seconds 10
Write-Host "Waiting for an Ethernet connection..."
} until ($adapter.status -eq "Up")
}
# Make Firwall Rules for ACA to operate
Write-Host "Adding Firewall rules"
netsh advfirewall firewall add rule name="ACA HTTPS" dir=in action=allow protocol=TCP localport=8443
netsh advfirewall firewall add rule name="ACA HTTPS" dir=out action=allow protocol=TCP localport=8443
netsh advfirewall firewall add rule name="ACA HTTPS" dir=in action=allow protocol=TCP localport=8443 | out-null
netsh advfirewall firewall add rule name="ACA HTTPS" dir=out action=allow protocol=TCP localport=8443 | out-null
# Make folder for necessary files
mkdir hirs | out-null
Push-Location .\hirs\ | out-null
# Download necessary files
Write-Host "Reteiving Configuration Files"
wget https://raw.githubusercontent.com/nsacyber/HIRS/v3_issue_645/.ci/docker/compose-acceptance-test.yml -o compose-acceptance-test.yml
Write-Host "Retreiving Configuration Files"
wget https://raw.githubusercontent.com/nsacyber/HIRS/main/.ci/docker/compose-acceptance-test.yml -o compose-acceptance-test.yml
Write-Host "Retreiving Trust Stores"
wget https://raw.githubusercontent.com/nsacyber/HIRS/v3_issue_645/.ci/setup/certs/oem_certs.zip -o oem_certs.zip
#Copy-Item -Path ..\projects\github\HIRS\.ci\setup\certs\oem_certs.zip -Destination .
wget https://raw.githubusercontent.com/nsacyber/HIRS/v3_issue_645/scripts/start_hat.ps1 -o start_hat.ps1
#Copy-Item -Path ..\projects\github\HIRS\scripts\start_hat.ps1 -Destination .
wget https://raw.githubusercontent.com/nsacyber/HIRS/v3_issue_645/scripts/remove_hat.ps1 -o remove_hat.ps1
#Copy-Item -Path ..\projects\github\HIRS\scripts\remove_hat.ps1 -Destination .
wget https://raw.githubusercontent.com/nsacyber/HIRS/main/.ci/setup/certs/oem_certs.zip -o oem_certs.zip
wget https://raw.githubusercontent.com/nsacyber/HIRS/main/scripts/start_hat.ps1 -o start_hat.ps1
wget https://raw.githubusercontent.com/nsacyber/HIRS/main/scripts/remove_hat.ps1 -o remove_hat.ps1
#wget https://raw.githubusercontent.com/nsacyber/HIRS/v3_issue_645/.ci/setup/certs/oem_certs.zip -o oem_certs.zip
#wget https://raw.githubusercontent.com/nsacyber/HIRS/v3_issue_645/scripts/start_hat.ps1 -o start_hat.ps1
#wget https://raw.githubusercontent.com/nsacyber/HIRS/v3_issue_645/scripts/remove_hat.ps1 -o remove_hat.ps1
Expand-Archive -Path oem_certs.zip
Write-Host "Downloading images (This can take a while)"
docker pull ghcr.io/nsacyber/hirs/aca:latest
@ -53,13 +79,11 @@ $Shortcut.Targetpath = "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.ex
$Shortcut.Arguments = "-ExecutionPolicy bypass $Home\hirs\start_hat.ps1"
$Shortcut.Save()
# Warn Admin that device needs to be attached for the next step
Write-Host "Please attach ethernet cable to this device and target device for the next step . Hit Any Key to Continue"
$Host.UI.RawUI.ReadKey("NoEcho,IncludeKeyDown")
# Start up the containers in a detached mode
docker compose -f $Home\hirs\compose-acceptance-test.yml up --detach
# Wait for ACA to start
Write-Host "Waiting for ACA to start up on local host port 8443 ..."
Write-Host " Note that several TCP connect failure notices are expectred while the container boots up."
Start-Sleep -seconds 10
while ((Test-NetConnection -computername localhost -Port 8443 ).TcpTestSucceeded -eq $FALSE ) { Start-Sleep -seconds 5 }
Write-Host "ACA is up!"
@ -75,5 +99,5 @@ foreach-Object {
# Done
Write-Host "HIRS Acceptance Test Installation complete."
Write-Host "Use the Desktop Shortcut to start the ACA and hat servers."
Write-Host "Open up the HIRS ACA Portal on your browser using this url: https://localhost:8443"
Pop-Location | out-null

View File

@ -13,10 +13,10 @@ if ($Service.Status -ne 'Running') {
}
$CurrentDir = Split-Path -Path (Get-Location) -Leaf
if ($CurrentDir -eq 'hirs') {
if ($CurrentDir -ne 'hirs') {
Write-Host "Please run this script from the hirs directory"
Write-Host "Exiting without removing the HAT. Hit Any Key to exit"
$Host.UI.RawUI.ReadKey("NoEcho,IncludeKeyDown")
$Host.UI.RawUI.ReadKey("NoEcho,IncludeKeyDown")
Exit;
}
# remove Firewall Rules
@ -48,9 +48,10 @@ docker network rm hat_network
Write-Host "Removing HAT images"
#docker image rm ghcr.io/nsacyber/hirs/aca:latest
#docker image rm ghcr.io/nsacyber/hirs/hat:alpha6
#docker image rm ghcr.io/nsacyber/hirs/hat:latest
Write-Host "Removing local HAT folder and files"
cd ..
if (Test-Path -LiteralPath hirs) {
Remove-Item -LiteralPath hirs -Recurse

View File

@ -2,14 +2,14 @@
$DockerProc = Get-process "*docker desktop*"
if ($DockerProc.Count -eq 0 ) {
Write-Host "Docker Service is not started, please start Docker desktop."
Write-Host "Exiting without starting Acceptance Test. Hit Any Key to exit"
Write-Host "Docker Service is not started, please start Docker Desktop."
Write-Host "Exiting without starting HAT. Hit any key to exit"
$Host.UI.RawUI.ReadKey("NoEcho,IncludeKeyDown")
exit
}
$IsAcaRunning = docker container inspect -f '{{.State.Running}}' aca 2>&1 | out-null
$IsHatRunning = docker container inspect -f '{{.State.Running}}' hat 2>&1 | out-null
$IsAcaRunning = docker container inspect -f '{{.State.Running}}' aca 2>&1
$IsHatRunning = docker container inspect -f '{{.State.Running}}' hat 2>&1
if ($IsHatRunning -eq $TRUE) {
Write-Host "HAT container is already running"
@ -20,17 +20,20 @@ if ($IsAcaRunning -eq $TRUE) {
}
if ( ($IsHatRunning -eq $TRUE) -and ($IsAcaRunning -eq $TRUE) ) {
Write-Host "ACA and Hat container are already started, exiting"
Write-Host "Hit any key to exit"
Write-Host "ACA and Hat container are already started, exiting"
Write-Host "You can check container status in the Docker Desktop."
Write-Host "Use the following URL in your Browser to view the ACA Portal: https://localhost:8443"
Write-Host "Hit any key to exit"
$Host.UI.RawUI.ReadKey("NoEcho,IncludeKeyDown")
exit
} else {
Write-Host "Starting ACA and HAT containers..."
docker compose -f $Home\hirs\compose-acceptance-test.yml up
docker compose -f $Home\hirs\compose-acceptance-test.yml up --detach
}
Write-Host "HIRS Acceptance Test Servers Have been started."
Write-Host "You can check container status in the Docker Desktop."
Write-Host "Use the following URL in your Browser to view the ACA Portal: https://172.16.1.75:8443"
Write-Host "Hit Any Key to continue"
Write-Host "Use the following URL in your Browser to view the ACA Portal: https://localhost:8443"
Write-Host "Hit any key"
$Host.UI.RawUI.ReadKey("NoEcho,IncludeKeyDown")
exit;