Feature/scloud

Makefile

@@ -25,6 +25,8 @@ SPLUNK_WIN_FILENAME ?= splunk-${SPLUNK_VERSION}-${SPLUNK_BUILD}-x64-release.msi
 SPLUNK_WIN_BUILD_URL ?= https://download.splunk.com/products/${SPLUNK_PRODUCT}/releases/${SPLUNK_VERSION}/windows/${SPLUNK_WIN_FILENAME}
 UF_WIN_FILENAME ?= splunkforwarder-${SPLUNK_VERSION}-${SPLUNK_BUILD}-x64-release.msi
 UF_WIN_BUILD_URL ?= https://download.splunk.com/products/universalforwarder/releases/${SPLUNK_VERSION}/windows/${UF_WIN_FILENAME}
+# Splunk Cloud SDK binary
+SCLOUD_URL ?= https://github.com/splunk/splunk-cloud-sdk-go/releases/download/v1.7.0/scloud_v4.0.0_linux_amd64.tar.gz
 
 # Security Scanner Variables
 SCANNER_DATE := `date +%Y-%m-%d`
@@ -59,16 +61,16 @@ ansible:
 base: base-debian-9 base-debian-10 base-centos-7 base-redhat-8 base-windows-2016
 
 base-debian-10:
-	docker build ${DOCKER_BUILD_FLAGS} -t base-debian-10:${IMAGE_VERSION} ./base/debian-10
+	docker build ${DOCKER_BUILD_FLAGS} --build-arg SCLOUD_URL=${SCLOUD_URL} -t base-debian-10:${IMAGE_VERSION} ./base/debian-10
 
 base-debian-9:
-	docker build ${DOCKER_BUILD_FLAGS} -t base-debian-9:${IMAGE_VERSION} ./base/debian-9
+	docker build ${DOCKER_BUILD_FLAGS} --build-arg SCLOUD_URL=${SCLOUD_URL} -t base-debian-9:${IMAGE_VERSION} ./base/debian-9
 
 base-centos-7:
-	docker build ${DOCKER_BUILD_FLAGS} -t base-centos-7:${IMAGE_VERSION} ./base/centos-7
+	docker build ${DOCKER_BUILD_FLAGS} --build-arg SCLOUD_URL=${SCLOUD_URL} -t base-centos-7:${IMAGE_VERSION} ./base/centos-7
 
 base-redhat-8:
-	docker build ${DOCKER_BUILD_FLAGS} --label version=${SPLUNK_VERSION} -t base-redhat-8:${IMAGE_VERSION} ./base/redhat-8
+	docker build ${DOCKER_BUILD_FLAGS} --build-arg SCLOUD_URL=${SCLOUD_URL} --label version=${SPLUNK_VERSION} -t base-redhat-8:${IMAGE_VERSION} ./base/redhat-8
 
 base-windows-2016:
 	docker build ${DOCKER_BUILD_FLAGS} -t base-windows-2016:${IMAGE_VERSION} ./base/windows-2016

base/centos-7/Dockerfile

@@ -15,5 +15,8 @@
 FROM centos:7
 LABEL maintainer="[email protected]"
 
+ARG SCLOUD_URL
+ENV SCLOUD_URL ${SCLOUD_URL}
+
 COPY install.sh /install.sh
 RUN /install.sh && rm -rf /install.sh

base/centos-7/install.sh

@@ -19,7 +19,12 @@ localedef -i en_US -c -f UTF-8 -A /usr/share/locale/locale.alias en_US.UTF-8
 export LANG=en_US.utf8
 
 yum -y update && yum -y install wget sudo epel-release
-yum -y install busybox ansible python-requests
+yum -y install busybox ansible python-requests python-jmespath
+
+# Install scloud
+wget -O /usr/bin/scloud.tar.gz ${SCLOUD_URL}
+tar -xf /usr/bin/scloud.tar.gz -C /usr/bin/
+rm /usr/bin/scloud.tar.gz
 
 cd /bin
 ln -s busybox killall

base/debian-10/Dockerfile

@@ -15,6 +15,9 @@
 FROM debian:buster-slim
 LABEL maintainer="[email protected]"
 
+ARG SCLOUD_URL
+ENV SCLOUD_URL ${SCLOUD_URL}
+
 ENV DEBIAN_FRONTEND=noninteractive
 
 COPY install.sh /install.sh

base/debian-10/install.sh

@@ -33,10 +33,15 @@ apt update
 # put back tools for customer support
 apt-get install -y --no-install-recommends curl sudo libgssapi-krb5-2 busybox procps acl gcc libpython-dev libffi-dev libssl-dev
 apt-get install -y --no-install-recommends python-pip python-setuptools python-requests python-yaml
-pip --no-cache-dir install ansible
+pip --no-cache-dir install ansible jmespath
 apt-get remove -y gcc libffi-dev libssl-dev libpython-dev
 apt-get autoremove -y
 
+# Install scloud
+wget -O /usr/bin/scloud.tar.gz ${SCLOUD_URL}
+tar -xf /usr/bin/scloud.tar.gz -C /usr/bin/
+rm /usr/bin/scloud.tar.gz
+
 cd /bin
 ln -s busybox killall
 ln -s busybox netstat

base/debian-9/Dockerfile

@@ -15,6 +15,9 @@
 FROM debian:stretch-slim
 LABEL maintainer="[email protected]"
 
+ARG SCLOUD_URL
+ENV SCLOUD_URL ${SCLOUD_URL}
+
 ENV DEBIAN_FRONTEND=noninteractive
 
 COPY install.sh /install.sh

base/debian-9/install.sh

@@ -35,7 +35,12 @@ apt-get update
 # put back tools for customer support
 apt-cache show ansible
 apt-get install -y --no-install-recommends ansible curl sudo libgssapi-krb5-2 busybox procps acl
-apt-get install -y --no-install-recommends python-requests
+apt-get install -y --no-install-recommends python-requests python-jmespath
+
+# Install scloud
+wget -O /usr/bin/scloud.tar.gz ${SCLOUD_URL}
+tar -xf /usr/bin/scloud.tar.gz -C /usr/bin/
+rm /usr/bin/scloud.tar.gz
 
 cd /bin
 ln -s busybox diff

base/redhat-8/Dockerfile

@@ -24,6 +24,9 @@ LABEL name="splunk" \
       summary="UBI 8 Docker image of Splunk Enterprise" \
       description="Splunk Enterprise is a platform for operational intelligence. Our software lets you collect, analyze, and act upon the untapped value of big data that your technology infrastructure, security systems, and business applications generate. It gives you insights to drive operational performance and business results."
 
+ARG SCLOUD_URL
+ENV SCLOUD_URL ${SCLOUD_URL}
+
 COPY install.sh /install.sh
 
 RUN mkdir /licenses \

base/redhat-8/install.sh

@@ -34,7 +34,7 @@ wget -O /bin/busybox https://busybox.net/downloads/binaries/1.28.1-defconfig-mul
 chmod +x /bin/busybox
 microdnf -y --nodocs update gnutls kernel-headers
 microdnf -y --nodocs install python2-pip python2-devel redhat-rpm-config gcc libffi-devel openssl-devel
-pip2 --no-cache-dir install requests ansible
+pip2 --no-cache-dir install requests ansible jmespath
 microdnf -y remove gcc openssl-devel redhat-rpm-config python2-devel device-mapper-libs device-mapper trousers systemd systemd-pam \
                    dwz dbus dbus-common dbus-daemon dbus-tools dbus-libs go-srpm-macros iptables-libs annobin cryptsetup-libs \
                    ocaml-srpm-macros openblas-srpm-macros qt5-srpm-macros perl-srpm-macros rust-srpm-macros ghc-srpm-macros \
@@ -44,6 +44,11 @@ microdnf -y remove gcc openssl-devel redhat-rpm-config python2-devel device-mapp
                    libfdisk libpcap libseccomp libselinux-devel libutempter binutils libxcrypt-devel cpp glibc-devel glibc-headers \
                    krb5-devel libkadm5 platform-python-pip
 
+# Install scloud
+wget -O /usr/bin/scloud.tar.gz ${SCLOUD_URL}
+tar -xf /usr/bin/scloud.tar.gz -C /usr/bin/
+rm /usr/bin/scloud.tar.gz
+
 cd /bin
 ln -s python2 python || true
 ln -s busybox diff || true

splunk/common-files/Dockerfile

@@ -1,4 +1,4 @@
-# Copyright 2018 Splunk
+# Copyright 2018-2020 Splunk
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.

tests/test_docker_splunk.py

@@ -455,7 +455,7 @@ def test_splunk_entrypoint_no_provision(self):
             if cid:
                 self.client.remove_container(cid, v=True, force=True)
 
-    def test_splunk_uid_gid(self):
+    def test_splunk_scloud(self):
         cid = None
         try:
             # Run container
@@ -465,11 +465,13 @@ def test_splunk_uid_gid(self):
             # Wait a bit
             time.sleep(5)
             # If the container is still running, we should be able to exec inside
-            # Check that the git SHA exists in /opt/ansible
-            exec_command = self.client.exec_create(cid, "id", user="splunk")
+            # Check that the version returns successfully for multiple users
+            exec_command = self.client.exec_create(cid, "scloud version", user="splunk")
             std_out = self.client.exec_start(exec_command)
-            assert "uid=41812" in std_out
-            assert "gid=41812" in std_out
+            assert "scloud version " in std_out
+            exec_command = self.client.exec_create(cid, "scloud version", user="ansible")
+            std_out = self.client.exec_start(exec_command)
+            assert "scloud version " in std_out
         except Exception as e:
             self.logger.error(e)
             raise e
@@ -487,7 +489,7 @@ def test_splunk_uid_gid(self):
             # Wait a bit
             time.sleep(5)
             # If the container is still running, we should be able to exec inside
-            # Check that the git SHA exists in /opt/ansible
+            # Check that the uid/gid is correct
             exec_command = self.client.exec_create(cid, "id", user="splunk")
             std_out = self.client.exec_start(exec_command)
             assert "uid=41812" in std_out
@@ -559,8 +561,8 @@ def test_uf_entrypoint_no_provision(self):
         finally:
             if cid:
                 self.client.remove_container(cid, v=True, force=True)
-    
-    def test_uf_uid_gid(self):
+
+    def test_uf_scloud(self):
         cid = None
         try:
             # Run container
@@ -570,11 +572,13 @@ def test_uf_uid_gid(self):
             # Wait a bit
             time.sleep(5)
             # If the container is still running, we should be able to exec inside
-            # Check that the git SHA exists in /opt/ansible
-            exec_command = self.client.exec_create(cid, "id", user="splunk")
+            # Check that the version returns successfully for multiple users
+            exec_command = self.client.exec_create(cid, "scloud version", user="splunk")
             std_out = self.client.exec_start(exec_command)
-            assert "uid=41812" in std_out
-            assert "gid=41812" in std_out
+            assert "scloud version " in std_out
+            exec_command = self.client.exec_create(cid, "scloud version", user="ansible")
+            std_out = self.client.exec_start(exec_command)
+            assert "scloud version " in std_out
         except Exception as e:
             self.logger.error(e)
             raise e
@@ -592,7 +596,7 @@ def test_uf_uid_gid(self):
             # Wait a bit
             time.sleep(5)
             # If the container is still running, we should be able to exec inside
-            # Check that the git SHA exists in /opt/ansible
+            # Check that the uid/gid is correct
             exec_command = self.client.exec_create(cid, "id", user="splunk")
             std_out = self.client.exec_start(exec_command)
             assert "uid=41812" in std_out