youtubebeat/vendor/github.com/elastic/beats/auditbeat/magefile.go

271 lines
8.5 KiB
Go

// Licensed to Elasticsearch B.V. under one or more contributor
// license agreements. See the NOTICE file distributed with
// this work for additional information regarding copyright
// ownership. Elasticsearch B.V. licenses this file to you under
// the Apache License, Version 2.0 (the "License"); you may
// not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing,
// software distributed under the License is distributed on an
// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
// KIND, either express or implied. See the License for the
// specific language governing permissions and limitations
// under the License.
// +build mage
package main
import (
"context"
"fmt"
"regexp"
"time"
"github.com/magefile/mage/mg"
"github.com/magefile/mage/sh"
"github.com/pkg/errors"
"github.com/elastic/beats/dev-tools/mage"
)
func init() {
mage.BeatDescription = "Audit the activities of users and processes on your system."
}
// Build builds the Beat binary.
func Build() error {
return mage.Build(mage.DefaultBuildArgs())
}
// GolangCrossBuild build the Beat binary inside of the golang-builder.
// Do not use directly, use crossBuild instead.
func GolangCrossBuild() error {
return mage.GolangCrossBuild(mage.DefaultGolangCrossBuildArgs())
}
// BuildGoDaemon builds the go-daemon binary (use crossBuildGoDaemon).
func BuildGoDaemon() error {
return mage.BuildGoDaemon()
}
// CrossBuild cross-builds the beat for all target platforms.
func CrossBuild() error {
return mage.CrossBuild()
}
// CrossBuildXPack cross-builds the beat with XPack for all target platforms.
func CrossBuildXPack() error {
return mage.CrossBuildXPack()
}
// CrossBuildGoDaemon cross-builds the go-daemon binary using Docker.
func CrossBuildGoDaemon() error {
return mage.CrossBuildGoDaemon()
}
// Clean cleans all generated files and build artifacts.
func Clean() error {
return mage.Clean()
}
// Package packages the Beat for distribution.
// Use SNAPSHOT=true to build snapshots.
// Use PLATFORMS to control the target platforms.
func Package() {
start := time.Now()
defer func() { fmt.Println("package ran for", time.Since(start)) }()
mage.UseElasticBeatPackaging()
customizePackaging()
mg.Deps(Update)
mg.Deps(makeConfigTemplates, CrossBuild, CrossBuildXPack, CrossBuildGoDaemon)
mg.SerialDeps(mage.Package, TestPackages)
}
// TestPackages tests the generated packages (i.e. file modes, owners, groups).
func TestPackages() error {
return mage.TestPackages()
}
// Update updates the generated files (aka make update).
func Update() error {
return sh.Run("make", "update")
}
// Fields generates a fields.yml for the Beat.
func Fields() error {
return mage.GenerateFieldsYAML("module")
}
// GoTestUnit executes the Go unit tests.
// Use TEST_COVERAGE=true to enable code coverage profiling.
// Use RACE_DETECTOR=true to enable the race detector.
func GoTestUnit(ctx context.Context) error {
return mage.GoTest(ctx, mage.DefaultGoTestUnitArgs())
}
// GoTestIntegration executes the Go integration tests.
// Use TEST_COVERAGE=true to enable code coverage profiling.
// Use RACE_DETECTOR=true to enable the race detector.
func GoTestIntegration(ctx context.Context) error {
return mage.GoTest(ctx, mage.DefaultGoTestIntegrationArgs())
}
// -----------------------------------------------------------------------------
// Customizations specific to Auditbeat.
// - Config files are Go templates.
const (
configTemplateGlob = "module/*/_meta/config*.yml.tmpl"
shortConfigTemplate = "build/auditbeat.yml.tmpl"
referenceConfigTemplate = "build/auditbeat.reference.yml.tmpl"
)
func makeConfigTemplates() error {
configFiles, err := mage.FindFiles(configTemplateGlob)
if err != nil {
return errors.Wrap(err, "failed to find config templates")
}
var shortIn []string
shortIn = append(shortIn, "_meta/common.p1.yml")
shortIn = append(shortIn, configFiles...)
shortIn = append(shortIn, "_meta/common.p2.yml")
shortIn = append(shortIn, "../libbeat/_meta/config.yml")
if !mage.IsUpToDate(shortConfigTemplate, shortIn...) {
fmt.Println(">> Building", shortConfigTemplate)
mage.MustFileConcat(shortConfigTemplate, 0600, shortIn...)
mage.MustFindReplace(shortConfigTemplate, regexp.MustCompile("beatname"), "{{.BeatName}}")
mage.MustFindReplace(shortConfigTemplate, regexp.MustCompile("beat-index-prefix"), "{{.BeatIndexPrefix}}")
}
var referenceIn []string
referenceIn = append(referenceIn, "_meta/common.reference.yml")
referenceIn = append(referenceIn, configFiles...)
referenceIn = append(referenceIn, "../libbeat/_meta/config.reference.yml")
if !mage.IsUpToDate(referenceConfigTemplate, referenceIn...) {
fmt.Println(">> Building", referenceConfigTemplate)
mage.MustFileConcat(referenceConfigTemplate, 0644, referenceIn...)
mage.MustFindReplace(referenceConfigTemplate, regexp.MustCompile("beatname"), "{{.BeatName}}")
mage.MustFindReplace(referenceConfigTemplate, regexp.MustCompile("beat-index-prefix"), "{{.BeatIndexPrefix}}")
}
return nil
}
// customizePackaging modifies the package specs to use templated config files
// instead of the defaults.
//
// Customizations specific to Auditbeat:
// - Include audit.rules.d directory in packages.
func customizePackaging() {
var (
shortConfig = mage.PackageFile{
Mode: 0600,
Source: "{{.PackageDir}}/auditbeat.yml",
Dep: generateShortConfig,
Config: true,
}
referenceConfig = mage.PackageFile{
Mode: 0644,
Source: "{{.PackageDir}}/auditbeat.reference.yml",
Dep: generateReferenceConfig,
}
)
archiveRulesDir := "audit.rules.d"
linuxPkgRulesDir := "/etc/{{.BeatName}}/audit.rules.d"
rulesSrcDir := "module/auditd/_meta/audit.rules.d"
sampleRules := mage.PackageFile{
Mode: 0644,
Source: rulesSrcDir,
Dep: func(spec mage.PackageSpec) error {
if spec.OS == "linux" {
params := map[string]interface{}{
"ArchBits": archBits,
}
rulesFile := spec.MustExpand(rulesSrcDir+"/sample-rules-linux-{{call .ArchBits .GOARCH}}bit.conf", params)
if err := mage.Copy(rulesFile, spec.MustExpand("{{.PackageDir}}/audit.rules.d/sample-rules.conf.disabled")); err != nil {
return errors.Wrap(err, "failed to copy sample rules")
}
}
return nil
},
}
for _, args := range mage.Packages {
pkgType := args.Types[0]
switch pkgType {
case mage.TarGz, mage.Zip:
args.Spec.ReplaceFile("{{.BeatName}}.yml", shortConfig)
args.Spec.ReplaceFile("{{.BeatName}}.reference.yml", referenceConfig)
case mage.Deb, mage.RPM, mage.DMG:
args.Spec.ReplaceFile("/etc/{{.BeatName}}/{{.BeatName}}.yml", shortConfig)
args.Spec.ReplaceFile("/etc/{{.BeatName}}/{{.BeatName}}.reference.yml", referenceConfig)
default:
panic(errors.Errorf("unhandled package type: %v", pkgType))
}
if args.OS == "linux" {
rulesDest := archiveRulesDir
if pkgType != mage.TarGz {
rulesDest = linuxPkgRulesDir
}
args.Spec.Files[rulesDest] = sampleRules
}
}
}
func generateReferenceConfig(spec mage.PackageSpec) error {
params := map[string]interface{}{
"Reference": true,
"ArchBits": archBits,
}
return spec.ExpandFile(referenceConfigTemplate,
"{{.PackageDir}}/auditbeat.reference.yml", params)
}
func generateShortConfig(spec mage.PackageSpec) error {
params := map[string]interface{}{
"Reference": false,
"ArchBits": archBits,
}
return spec.ExpandFile(shortConfigTemplate,
"{{.PackageDir}}/auditbeat.yml", params)
}
// archBits returns the number of bit width of the GOARCH architecture value.
// This function is used by the auditd module configuration templates to
// generate architecture specific audit rules.
func archBits(goarch string) int {
switch goarch {
case "386", "arm":
return 32
default:
return 64
}
}
// Configs generates the auditbeat.yml and auditbeat.reference.yml config files.
// Set DEV_OS and DEV_ARCH to change the target host for the generated configs.
// Defaults to linux/amd64.
func Configs() {
mg.Deps(makeConfigTemplates)
params := map[string]interface{}{
"GOOS": mage.EnvOr("DEV_OS", "linux"),
"GOARCH": mage.EnvOr("DEV_ARCH", "amd64"),
"ArchBits": archBits,
"Reference": false,
}
fmt.Printf(">> Building auditbeat.yml for %v/%v\n", params["GOOS"], params["GOARCH"])
mage.MustExpandFile(shortConfigTemplate, "auditbeat.yml", params)
params["Reference"] = true
fmt.Printf(">> Building auditbeat.reference.yml for %v/%v\n", params["GOOS"], params["GOARCH"])
mage.MustExpandFile(referenceConfigTemplate, "auditbeat.reference.yml", params)
}