# # spec file for package velociraptor # # Copyright (c) 2021 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via https://bugs.opensuse.org/ # %define projname velociraptor %define vendor_version 0.6.4~git17.cb7dfd49 Name: velociraptor Version: 0.6.4~git31.4298eab0 Release: 0 Summary: Endpoint visibility and collection tool # FIXME: Select a correct license from https://github.com/openSUSE/spec-cleaner#spdx-licenses License: AGPL-3.0-only URL: https://github.com/Velocidex/velociraptor Source: %{projname}-%{version}.tar.xz Source1: vendor-golang-%{vendor_version}.tar.xz Source2: vendor-golang-kafka-humio-gateway-%{vendor_version}.tar.xz Source3: vendor-nodejs-%{vendor_version}.tar.xz Source4: %{name}.service Source5: %{name}-server.config.placeholder Source6: %{name}-client.service Source7: %{name}-client.config.placeholder Patch1: velociraptor-golang-mage-vendoring.diff Patch2: velociraptor-skip-git-submodule-import-for-OBS-build.patch Patch3: velociraptor-makefile-add-bpf-rules-to-linux_bare.patch Patch4: make-libbpfgo-vendorable.patch BuildRequires: golang-packaging BuildRequires: systemd-rpm-macros BuildRequires: systemd-devel BuildRequires: golang(API) >= 1.14 BuildRequires: fileb0x BuildRequires: mage BuildRequires: libtsan0 BuildRequires: nodejs16 BuildRequires: npm16 BuildRequires: clang13 BuildRequires: llvm13 BuildRequires: bpftool BuildRequires: libelf-devel Conflicts: velociraptor-client %description Velociraptor is a tool for collecting host based state information using The Velociraptor Query Language (VQL) queries. To learn more about Velociraptor, read the documentation on: https://docs.velociraptor.app/ This package contains the endpoint agent and full console GUI. For just the endpoint agent, please install the 'velociraptor-client' package. %package kafka-humio-gateway Summary: Gateway between Kafka and Humio for Velociraptor Artifacts Version: 0.6.4~git31.4298eab0 %description kafka-humio-gateway This tool is used to consume events generated by the Kafka Velociraptor plugin and post them to a Humio cluster. %prep %setup -q -a 1 -a 2 -a 3 -n %{projname}-%{version} %autopatch -p1 # Without this, the libbpfgo tests want to vendor the external version rm -rf third_party/libbpfgo/selftest third_party/libbpfgo/helpers/example_tracelisten_test.go # Set the version to something more specific than -dev sed -ie "s/\(VERSION *= \).*/\1 \"%{version}\"/" constants/constants.go # These just clutter the GUI and we don't have Windows clients # Note: There are dependencies on these that need to be resolved before # removing them outright. # rm -rf artifacts/definitions/Windows %build (cd gui/velociraptor ; npm run build) PATH=$PATH:/usr/sbin make linux (cd contrib/kafka-humio-gateway; go build -o velociraptor-kafka-humio-gateway) %install mkdir -p %buildroot/%{_bindir} mkdir -p %buildroot/%{_sysconfdir}/velociraptor mkdir -p %buildroot/%{_unitdir} mkdir -p %buildroot/%{_sharedstatedir}/velociraptor/data mkdir -p %buildroot/%{_sharedstatedir}/velociraptor/logs mkdir -p %buildroot/%{_sharedstatedir}/velociraptor-client install -m 755 output/velociraptor-v%{version}-linux-* %buildroot/%{_bindir}/velociraptor install -m 755 contrib/kafka-humio-gateway/velociraptor-kafka-humio-gateway %buildroot/%{_bindir} install -m 0644 %{SOURCE4} %{buildroot}%{_unitdir}/%{name}.service install -m 0600 %{SOURCE5} %{buildroot}%{_sysconfdir}/velociraptor/server.config install -m 0644 %{SOURCE6} %{buildroot}%{_unitdir}/%{name}-client.service install -m 0600 %{SOURCE7} %{buildroot}%{_sysconfdir}/velociraptor/client.config %files %license LICENSE %doc README.md %dir %{_sysconfdir}/velociraptor %{_bindir}/velociraptor %config(noreplace) %{_sysconfdir}/velociraptor/server.config %config(noreplace) %{_sysconfdir}/velociraptor/client.config %{_unitdir}/%{name}.service %{_unitdir}/%{name}-client.service %dir %{_sharedstatedir}/velociraptor %dir %{_sharedstatedir}/velociraptor/data %dir %{_sharedstatedir}/velociraptor/logs %dir %{_sharedstatedir}/velociraptor-client %files kafka-humio-gateway %license LICENSE %doc contrib/kafka-humio-gateway/README.md %{_bindir}/velociraptor-kafka-humio-gateway %pre %service_add_pre %{name}.service %service_add_pre %{name}-client.service %post %service_add_post %{name}.service %service_add_post %{name}-client.service %preun %service_del_preun %{name}.service %service_del_preun %{name}-client.service %postun %service_del_postun %{name}.service %service_del_postun %{name}-client.service %changelog