osc copypac from project:home:jeff_mahoney:security:sensor package:velociraptor revision:2

OBS-URL: https://build.opensuse.org/package/show/security:sensor/velociraptor?expand=0&rev=1
2022-01-21 17:45:44 +00:00 · 2022-01-21 17:45:44 +00:00 · 13a001b73e
commit 13a001b73e
13 changed files with 352 additions and 0 deletions
--- a/.gitattributes
+++ b/.gitattributes
@ -0,0 +1,23 @@
+## Default LFS
+*.7z filter=lfs diff=lfs merge=lfs -text
+*.bsp filter=lfs diff=lfs merge=lfs -text
+*.bz2 filter=lfs diff=lfs merge=lfs -text
+*.gem filter=lfs diff=lfs merge=lfs -text
+*.gz filter=lfs diff=lfs merge=lfs -text
+*.jar filter=lfs diff=lfs merge=lfs -text
+*.lz filter=lfs diff=lfs merge=lfs -text
+*.lzma filter=lfs diff=lfs merge=lfs -text
+*.obscpio filter=lfs diff=lfs merge=lfs -text
+*.oxt filter=lfs diff=lfs merge=lfs -text
+*.pdf filter=lfs diff=lfs merge=lfs -text
+*.png filter=lfs diff=lfs merge=lfs -text
+*.rpm filter=lfs diff=lfs merge=lfs -text
+*.tbz filter=lfs diff=lfs merge=lfs -text
+*.tbz2 filter=lfs diff=lfs merge=lfs -text
+*.tgz filter=lfs diff=lfs merge=lfs -text
+*.ttf filter=lfs diff=lfs merge=lfs -text
+*.txz filter=lfs diff=lfs merge=lfs -text
+*.whl filter=lfs diff=lfs merge=lfs -text
+*.xz filter=lfs diff=lfs merge=lfs -text
+*.zip filter=lfs diff=lfs merge=lfs -text
+*.zst filter=lfs diff=lfs merge=lfs -text
--- a/.gitignore
+++ b/.gitignore
@ -0,0 +1 @@
+.osc
--- a/18
+++ b/18
@ -0,0 +1,18 @@
+<services>
+  <service mode="manual" name="obs_scm">
+    <param name="url">https://github.com/jeffmahoney/velociraptor</param>
+    <param name="versionformat">@PARENT_TAG@~git@TAG_OFFSET@.%h</param>
+    <param name="revision">v0.6.3</param>
+    <param name="scm">git</param>
+    <param name="parent-tag">v0.6.2</param>
+    <param name="versionrewrite-pattern">v(.*)</param>
+    <param name="changesgenerate">enable</param>
+  </service>
+  <service name="set_version" mode="manual" />
+  <service mode="buildtime" name="tar"/>
+  <service mode="buildtime" name="recompress">
+    <param name="file">*.tar</param>
+    <param name="compression">xz</param>
+  </service>
+</services>
+
--- a/update-vendoring.sh
+++ b/update-vendoring.sh
@ -0,0 +1,48 @@
+#!/bin/bash
+
+cleanup() {
+	test -n "$dir" && rm -rf "$dir"
+}
+
+error() {
+	echo "An error occurred.  Exiting." >&2
+}
+
+trap error ERR SIGINT
+trap cleanup EXIT
+set -e
+
+version=$(rpmspec -q --queryformat="%{VERSION}" velociraptor.spec)
+
+dir="$(realpath "$(mktemp -d vendoring.XXXXXX)")"
+
+rpmspec -P velociraptor.spec --define "_sourcedir $PWD" | \
+awk '
+BEGIN { go=0; };
+/^%build/ { go=0; };
+{ if (go) print };
+/^%setup/ { go=1 }' > $dir/setup.sh
+
+echo "Expanding archive..."
+cpio -D "$dir" -id < velociraptor-${version}.obscpio
+
+echo "Running %prep"
+cd "$dir/velociraptor-${version}"
+sh ../setup.sh
+
+echo "Re-vendoring Go code..."
+rm -rf vendor
+go mod vendor
+tar Jcf ../vendor-golang-${version}.tar.xz vendor
+
+echo "Re-vendoring nodejs code..."
+cd gui/velociraptor
+rm -rf node_modules
+npm install
+cd ../..
+tar Jcf ../vendor-nodejs-${version}.tar.xz gui/velociraptor/node_modules
+
+cd ..
+mv vendor-golang-${version}.tar.xz vendor-nodejs-${version}.tar.xz ..
+
+echo "Done"
--- a/velociraptor-0.6.2~git73.dc02b45e.obscpio
+++ b/velociraptor-0.6.2~git73.dc02b45e.obscpio
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:f84140992149c016b693a8b03ed53caf47e94188810529aa6f68e1f64d9c9274
+size 19303437
--- a/velociraptor-client.changes
+++ b/velociraptor-client.changes
@ -0,0 +1,41 @@
+-------------------------------------------------------------------
+Thu Jan  6 21:50:43 UTC 2022 - Jeff Mahoney <jeffm@suse.com>
+
+- Remove dependencies on nodejs since we don't use it in client mode.
+
+-------------------------------------------------------------------
+Thu Jan 06 20:14:39 UTC 2022 - jeffm@suse.com
+
+- Update to version 0.6.2~git73.dc02b45e:
+  * Update PrivateKeys.yaml (#1459)
+  * Added recursion_callback option to the glob plugin (#1461)
+  * Added config wizard for multi-frontend configuration (#1460)
+  * Calculate the sha256 hash of the offline container. (#1458)
+  * Artifact inspection GUI now allows pivot. (#1457)
+  * Client certs can now be specified in the config file. (#1456)
+  * New Upload File Form element (#1455)
+  * Added a sparse accessor (#1453)
+  * Hunt wizard estimates clients affected (#1452)
+  * Make the interrogation process customizable. (#1451)
+
+-------------------------------------------------------------------
+Tue Dec 21 20:25:43 UTC 2021 - Jeff Mahoney <jeffm@suse.com>
+
+- Disable Windows artifacts.  We don't target Windows endpoints and
+  the queries clutter the GUI.
+
+-------------------------------------------------------------------
+Thu Dec 16 14:12:05 UTC 2021 - Jeff Mahoney <jeffm@suse.com>
+
+- Switch to using master branch via service files.
+  - Added update-vendoring.sh to update the nodejs and go dependencies
+    after version update.
+  - Now building with linux_bare target that disables the GUI for
+    endpoint usage.
+  - Patch the version string to reflect the package version instead
+    of an indistinguishable <next-tag>-dev.
+
+-------------------------------------------------------------------
+Thu Dec  2 01:46:34 UTC 2021 - Jeff Mahoney <jeffm@suse.com>
+
+- Initial packaging.
--- a/velociraptor-client.spec
+++ b/velociraptor-client.spec
@ -0,0 +1,73 @@
+#
+# spec file for package velociraptor
+#
+# Copyright (c) 2021 SUSE LLC
+#
+# All modifications and additions to the file contributed by third parties
+# remain the property of their copyright owners, unless otherwise agreed
+# upon. The license for this file, and modifications and additions to the
+# file, is the same license as for the pristine package itself (unless the
+# license for the pristine package is not an Open Source License, in which
+# case the license is the MIT License). An "Open Source License" is a
+# license that conforms to the Open Source Definition (Version 1.9)
+# published by the Open Source Initiative.
+
+# Please submit bugfixes or comments via https://bugs.opensuse.org/
+#
+
+%define projname velociraptor
+
+Name:           velociraptor-client
+Version:        0.6.2~git73.dc02b45e
+Release:        0
+Summary:	Endpoint visibility and collection tool (endpoint only)
+
+# FIXME: Select a correct license from https://github.com/openSUSE/spec-cleaner#spdx-licenses
+License:        AGPL-3.0-only
+URL:            https://github.com/Velocidex/velociraptor
+Source:         %{projname}-%{version}.tar.xz
+Source1:	vendor-golang-%{version}.tar.xz
+Patch1:		velociraptor-golang-mage-vendoring.diff
+BuildRequires:  golang-packaging
+BuildRequires:  systemd-rpm-macros
+BuildRequires:  golang(API) >= 1.14
+BuildRequires:	fileb0x
+BuildRequires:	mage
+BuildRequires:	libtsan0
+Conflicts:	velociraptor
+
+%description
+Velociraptor is a tool for collecting host based state information
+using The Velociraptor Query Language (VQL) queries.
+
+To learn more about Velociraptor, read the documentation on:
+
+https://docs.velociraptor.app/
+
+This package contains only the endpoint agent.  For the full console, please
+install the 'velociraptor' package.
+
+
+%prep
+%setup -q -a 1 -n %{projname}-%{version}
+%autopatch -p1
+
+# Set the version to something more specific than <next-tag>-dev
+sed -ie "s/\(VERSION *= \).*/\1 \"%{version}\"/" constants/constants.go
+
+# These just clutter the GUI and we don't have Windows clients
+rm -rf artifacts/definitions/Windows
+
+%build
+make linux_bare
+
+%install
+mkdir -p %buildroot/%{_bindir}
+install -m 755 output/velociraptor-v%{version}-linux-* %buildroot/%{_bindir}/velociraptor
+
+%files
+%license LICENSE
+%doc README.md
+%{_bindir}/velociraptor
+
+%changelog
--- a/velociraptor-golang-mage-vendoring.diff
+++ b/velociraptor-golang-mage-vendoring.diff
@ -0,0 +1,22 @@
+From: Jeff Mahoney <jeffm@suse.com>
+Subject: [PATCH] velociraptor: add dummy main function for mage
+
+Mage won't pull in the full dependencies without there being a real
+import.  This isn't used in the executable, since that's in bin/, but it
+will be used for 'go mod vendor'
+---
+ dummy.go |    9 +++++++++
+ 1 file changed, 9 insertions(+)
+
+--- /dev/null
+++ b/dummy.go
+@@ -0,0 +1,9 @@
+// +build useless
+package main
+
+import (
+	"github.com/magefile/mage"
+)
+
+func main() {
+}
--- a/velociraptor.changes
+++ b/velociraptor.changes
@ -0,0 +1,34 @@
+-------------------------------------------------------------------
+Thu Jan 06 20:14:39 UTC 2022 - jeffm@suse.com
+
+- Update to version 0.6.2~git73.dc02b45e:
+  * Update PrivateKeys.yaml (#1459)
+  * Added recursion_callback option to the glob plugin (#1461)
+  * Added config wizard for multi-frontend configuration (#1460)
+  * Calculate the sha256 hash of the offline container. (#1458)
+  * Artifact inspection GUI now allows pivot. (#1457)
+  * Client certs can now be specified in the config file. (#1456)
+  * New Upload File Form element (#1455)
+  * Added a sparse accessor (#1453)
+  * Hunt wizard estimates clients affected (#1452)
+  * Make the interrogation process customizable. (#1451)
+
+-------------------------------------------------------------------
+Tue Dec 21 20:25:43 UTC 2021 - Jeff Mahoney <jeffm@suse.com>
+
+- Disable Windows artifacts.  We don't target Windows endpoints and
+  the queries clutter the GUI.
+
+-------------------------------------------------------------------
+Thu Dec 16 14:12:05 UTC 2021 - Jeff Mahoney <jeffm@suse.com>
+
+- Switch to using master branch via service files.
+  - Added update-vendoring.sh to update the nodejs and go dependencies
+    after version update.
+  - Patch the version string to reflect the package version instead
+    of an indistinguishable <next-tag>-dev.
+
+-------------------------------------------------------------------
+Thu Dec  2 01:46:34 UTC 2021 - Jeff Mahoney <jeffm@suse.com>
+
+- Initial packaging.
--- a/velociraptor.obsinfo
+++ b/velociraptor.obsinfo
@ -0,0 +1,5 @@
+name: velociraptor
+version: 0.6.2~git73.dc02b45e
+mtime: 1641209811
+commit: dc02b45e1ca5c75f7e5d9d5d2e35a3addac26c84
+
--- a/velociraptor.spec
+++ b/velociraptor.spec
@ -0,0 +1,78 @@
+#
+# spec file for package velociraptor
+#
+# Copyright (c) 2021 SUSE LLC
+#
+# All modifications and additions to the file contributed by third parties
+# remain the property of their copyright owners, unless otherwise agreed
+# upon. The license for this file, and modifications and additions to the
+# file, is the same license as for the pristine package itself (unless the
+# license for the pristine package is not an Open Source License, in which
+# case the license is the MIT License). An "Open Source License" is a
+# license that conforms to the Open Source Definition (Version 1.9)
+# published by the Open Source Initiative.
+
+# Please submit bugfixes or comments via https://bugs.opensuse.org/
+#
+
+%define projname velociraptor
+
+Name:           velociraptor
+Version:        0.6.2~git73.dc02b45e
+Release:        0
+Summary:	Endpoint visibility and collection tool
+
+# FIXME: Select a correct license from https://github.com/openSUSE/spec-cleaner#spdx-licenses
+License:        AGPL-3.0-only
+URL:            https://github.com/Velocidex/velociraptor
+Source:         %{projname}-%{version}.tar.xz
+Source1:	vendor-golang-%{version}.tar.xz
+Source2:	vendor-nodejs-%{version}.tar.xz
+Patch1:		velociraptor-golang-mage-vendoring.diff
+BuildRequires:  golang-packaging
+BuildRequires:  systemd-rpm-macros
+BuildRequires:  golang(API) >= 1.14
+BuildRequires:	fileb0x
+BuildRequires:	mage
+BuildRequires:	libtsan0
+BuildRequires:	nodejs16
+BuildRequires:	npm16
+Conflicts:	velociraptor-client
+Obsoletes:	velociraptor-console
+
+%description
+Velociraptor is a tool for collecting host based state information
+using The Velociraptor Query Language (VQL) queries.
+
+To learn more about Velociraptor, read the documentation on:
+
+https://docs.velociraptor.app/
+
+This package contains the endpoint agent and full console GUI.
+For just the endpoint agent, please install the 'velociraptor-client' package.
+
+
+%prep
+%setup -q -a 1 -a 2 -n %{projname}-%{version}
+%autopatch -p1
+
+# Set the version to something more specific than <next-tag>-dev
+sed -ie "s/\(VERSION *= \).*/\1 \"%{version}\"/" constants/constants.go
+
+# These just clutter the GUI and we don't have Windows clients
+rm -rf artifacts/definitions/Windows
+
+%build
+(cd gui/velociraptor ; npm run build)
+make linux
+
+%install
+mkdir -p %buildroot/%{_bindir}
+install -m 755 output/velociraptor-v%{version}-linux-* %buildroot/%{_bindir}/velociraptor
+
+%files
+%license LICENSE
+%doc README.md
+%{_bindir}/velociraptor
+
+%changelog
--- a/vendor-golang-0.6.2~git73.dc02b45e.tar.xz
+++ b/vendor-golang-0.6.2~git73.dc02b45e.tar.xz
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:eb73a988803b463c2e81d855e704f56ce532bb8369446f777f9c2c1e8c130c98
+size 7357072
--- a/vendor-nodejs-0.6.2~git73.dc02b45e.tar.xz
+++ b/vendor-nodejs-0.6.2~git73.dc02b45e.tar.xz
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:31aecd0eabb2859a5daa73a654fa935ce1ccdf7c9ce6dba84bcaa8c89c278d65
+size 30936988