From c92253ae40ba945eaaafdce41f06820acaf0021d Mon Sep 17 00:00:00 2001 From: "iadgovuser26 iadgovuser26@empire.eclipse.ncsc.mil" Date: Fri, 16 Feb 2024 09:45:47 -0500 Subject: [PATCH] Added mariadb and java 17 as required packages --- HIRS_AttestationCAPortal/build.gradle | 44 ++++++++++++++++--------- package/scripts/aca/aca_remove_setup.sh | 13 +++++--- package/scripts/aca/aca_setup.sh | 4 +-- package/scripts/db/db_create.sh | 2 +- 4 files changed, 39 insertions(+), 24 deletions(-) diff --git a/HIRS_AttestationCAPortal/build.gradle b/HIRS_AttestationCAPortal/build.gradle index 99b40792..b947238d 100644 --- a/HIRS_AttestationCAPortal/build.gradle +++ b/HIRS_AttestationCAPortal/build.gradle @@ -87,7 +87,7 @@ test { useJUnitPlatform() } -build { +build { doFirst{ def verFile = new File(projectDir, "build/VERSION") verFile.write("${jarVersion}") @@ -127,32 +127,46 @@ ospackage { user 'root' fileMode = 0755 } - - // Post Install - postInstall 'bash /opt/hirs/aca/scripts/aca/aca_setup.sh -u' - // add chrontab to run ACA at boot - postInstall 'echo "@reboot root /opt/hirs/aca/scripts/aca/aca_bootRun.sh -w" >> /etc/crontab' - // run ACA after install - postInstall '/opt/hirs/aca/scripts/aca/aca_bootRun.sh -w &' - postInstall 'chmod +x /opt/hirs/aca/scripts/aca/*' - postInstall 'bash /opt/hirs/aca/scripts/aca/check_for_aca.sh' - postInstall 'if [ -f /opt/hirs/aca/VERSION ]; then rm /opt/hirs/aca/VERSION; fi;' - + // Uninstall preUninstall 'bash /opt/hirs/aca/scripts/aca/aca_remove_setup.sh' + postUninstall 'rm -rf /etc/hirs' + postUninstall 'rm -rf /opt/hirs' buildRpm { dependsOn ':build' arch = X86_64 - requires('java-17-openjdk', '17.0', GREATER|EQUAL) + // Required apps will be aut installed by dnf if not present + requires('java-17-openjdk', '17.0', GREATER | EQUAL) requires('mariadb-server' , '10.3' , GREATER | EQUAL) + requires('procps-ng', '3.3.15', GREATER | EQUAL) + + // Post Trans stage (Occurs after required app and postInstall stage) + // Note postInstall wont wait forrequired apps + postTrans 'bash /opt/hirs/aca/scripts/aca/aca_setup.sh -u' + postTrans '/opt/hirs/aca/scripts/aca/aca_bootRun.sh -w &' + // add chrontab to run ACA at boot + postTrans 'echo "@reboot root /opt/hirs/aca/scripts/aca/aca_bootRun.sh -w" >> /etc/crontab' + postTrans 'chmod +x /opt/hirs/aca/scripts/aca/*' + postTrans 'if [ -f /opt/hirs/aca/VERSION ]; then rm /opt/hirs/aca/VERSION; fi;' + // Wait for ACA to start up before finishing the install + postTrans 'bash /opt/hirs/aca/scripts/aca/check_for_aca.sh' } buildDeb { dependsOn ':build' packageName = 'hirs-attestationca' arch = 'amd64' - requires('openjdk-17-jdk', '17.0', GREATER|EQUAL) - requires('mariadb-server' , '10.3' , GREATER|EQUAL) + requires('openjdk-17-jdk', '17.0', GREATER | EQUAL) + requires('mariadb-server' , '10.3' , GREATER | EQUAL) + requires('curl') + // Install after required packages + postInstall 'bash /opt/hirs/aca/scripts/aca/aca_setup.sh -u' + postInstall '/opt/hirs/aca/scripts/aca/aca_bootRun.sh -w &' + postTrans 'echo "@reboot root /opt/hirs/aca/scripts/aca/aca_bootRun.sh -w" >> /etc/crontab' + postTrans 'chmod +x /opt/hirs/aca/scripts/aca/*' + postTrans 'if [ -f /opt/hirs/aca/VERSION ]; then rm /opt/hirs/aca/VERSION; fi;' + // Wait for ACA to start up before finishing the install + postInstall 'bash /opt/hirs/aca/scripts/aca/check_for_aca.sh' } } diff --git a/package/scripts/aca/aca_remove_setup.sh b/package/scripts/aca/aca_remove_setup.sh index 1dceb530..35727def 100755 --- a/package/scripts/aca/aca_remove_setup.sh +++ b/package/scripts/aca/aca_remove_setup.sh @@ -30,11 +30,14 @@ popd &>/dev/null # remove pki files and config files if not installed by rpm echo "Removing certificates and config files..." -if [ -d "/etc/hirs" ]; then - rm -rf /etc/hirs >/dev/null 2>&1 -fi -if [ -d "/opt/hirs" ]; then - rm -rf /opt/hirs >/dev/null 2>&1 +# Remove /opt/hirs only if not configured by a package basedd install: +if [ ! -f /etc/hirs/aca/VERSION ]; then +# if [ -d "/etc/hirs" ]; then +# rm -rf /etc/hirs >/dev/null 2>&1 +# fi + if [ -d "/opt/hirs" ]; then + rm -rf /opt/hirs >/dev/null 2>&1 + fi fi # Remove crontab and current ACA process diff --git a/package/scripts/aca/aca_setup.sh b/package/scripts/aca/aca_setup.sh index 6882969c..ef8a5248 100755 --- a/package/scripts/aca/aca_setup.sh +++ b/package/scripts/aca/aca_setup.sh @@ -88,9 +88,7 @@ fi echo "HIRS ACA Setup initiated on $(date +%Y-%m-%d)" >> "$LOG_FILE" # Create a version file for bootRun to use -git --version 2>&1 >/dev/null -GIT_AVAILABLE=$? -if [ $GIT_AVAILABLE -eq 0 ]; then +if command -v git ; then jarVersion=$(cat '../../../VERSION').$(date +%s).$(git rev-parse --short HEAD) echo $jarVersion > $ACA_VERSION_FILE fi diff --git a/package/scripts/db/db_create.sh b/package/scripts/db/db_create.sh index 21cea242..58fbef70 100755 --- a/package/scripts/db/db_create.sh +++ b/package/scripts/db/db_create.sh @@ -74,7 +74,7 @@ check_mysql_root_pwd () { DB_ADMIN_PWD=$(head -c 64 /dev/urandom | md5sum | tr -dc 'a-zA-Z0-9') echo "DB Admin will be set to $DB_ADMIN_PWD , please make note for next mysql use." # Check UNATTENDED flag set m if not then prompt user for permission ot store mysql root password - if [ -z $UNATTENDED ]; then + if [ -z $UNATTEmariadb-serverNDED ]; then read -p "Do you wish to save this password to the aca.properties file? " confirm if [[ $confirm == [yY] || $confirm == [yY][eE][sS] ]]; then echo "mysql_admin_password=$DB_ADMIN_PWD" >> $ACA_PROP_FILE