From a0544977a53186270c0749b47200504c45b4532f Mon Sep 17 00:00:00 2001 From: Ryan Amos <49767442+rbamos@users.noreply.github.com> Date: Tue, 9 Jul 2024 09:14:31 -0400 Subject: [PATCH] SECZ-1582: Add Linux support --- .gitignore | 1 + config.sh | 105 +++++++++++++++++++++++++++ rollback_setup.sh | 47 +++++++++---- setup.sh | 176 ++++++++++++++++++++++------------------------ 4 files changed, 225 insertions(+), 104 deletions(-) create mode 100644 .gitignore create mode 100755 config.sh diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..9f11b75 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +.idea/ diff --git a/config.sh b/config.sh new file mode 100755 index 0000000..1f9686f --- /dev/null +++ b/config.sh @@ -0,0 +1,105 @@ +#!/bin/bash + +kernel_name=$(uname -s) + +# If the utils.sh file is not present, download & run it +if [[ ! -e "utils.sh" ]]; then + eval "$(curl -Ls 'https://raw.githubusercontent.com/panorama-ed/leapp-setup/main/utils.sh')" +else + . ./utils.sh +fi + +if [[ -z "${INTEGRATION_PORTAL_URL}" ]]; then + red_echo "INTEGRATION_PORTAL_URL must be provided" + exit +fi + +if [[ -z "${LEAPP_ROLES}" ]]; then + red_echo "LEAPP_ROLES must be provided" + exit +fi + +if [[ "$kernel_name" == "Darwin" ]]; then + # Leapp integration setup + LEAPP=/Applications/Leapp.app + leapp_proc_name=Leapp +elif [[ "$kernel_name" == "Linux" ]]; then + LEAPP=/opt/Leapp/leapp + leapp_proc_name=leapp +fi + +# Check if Leapp is installed +if [ -e "$LEAPP" ]; then + # If Leapp is not running, open it and wait for it to start up + if ! pgrep -x $leapp_proc_name &>/dev/null; then + if [[ $kernel_name == "Darwin" ]]; then + open $LEAPP + elif [[ $kernel_name == "Linux" ]]; then + $LEAPP & + fi + sleep 5 + fi + + # If there's no Panorama integration, set it up + if ! leapp integration list --no-header | grep -i Panorama; then + leapp integration create \ + --integrationType AWS-SSO \ + --integrationAlias Panorama \ + --integrationPortalUrl $INTEGRATION_PORTAL_URL \ + --integrationRegion us-east-1 + fi + + PANORAMA_INTEGRATION=$( + leapp integration list --csv --columns=ID,"Integration Name","Status" \ + | grep Panorama + ) + + INTEGRATION_ID=$(echo $PANORAMA_INTEGRATION | awk -F$',' '{print $1;}') + INTEGRATION_STATUS=$(echo $PANORAMA_INTEGRATION | awk -F$',' '{print $3;}') + + if [[ $INTEGRATION_STATUS == "Offline" ]]; then + leapp integration login --integrationId $INTEGRATION_ID + fi + + function set_profile_id() { + PROFILE_ID=$( + leapp profile list --csv --columns=ID,'Profile Name' \ + | grep $ROLE_NAME \ + | awk -F$',' '{print $1;}' + ) + } + + AVAILABLE_LEAPP_SESSIONS=$( + leapp session list --csv --columns=id,role | + grep -E $LEAPP_ROLES + ) + + while IFS= read -r line; do + SESSION_ID=$(echo $line | awk -F$',' '{print $1;}') + ROLE_NAME=$(echo $line | awk -F$',' '{print $2;}') + + echo "Creating $ROLE_NAME profile" + + set_profile_id + + # If the role's name is not in the list of existing profiles, create it. + if [ -z "$PROFILE_ID" ]; then + leapp profile create --profileName $ROLE_NAME + + set_profile_id + fi + + # Associate the session with the profile matching the role. + leapp session change-profile --profileId $PROFILE_ID --sessionId $SESSION_ID + done <<< "$AVAILABLE_LEAPP_SESSIONS" + + # If we found at least one available session, then we can presume + # this installation was successful. + if (( $(echo "$AVAILABLE_LEAPP_SESSIONS" | wc -l) > 0 )); then + echo "+++++ Installation successful. +++++" + else + red_echo "----- Error during installation. Please share the above output to the Infra/Ops Zone. -----" + fi +else + red_echo "Leapp has not been installed." +fi diff --git a/rollback_setup.sh b/rollback_setup.sh index 0b8ef1f..e227209 100755 --- a/rollback_setup.sh +++ b/rollback_setup.sh @@ -7,17 +7,36 @@ while true; do esac done -# Uninstall Leapp CLI -brew uninstall Noovolari/brew/leapp-cli -# Uninstall Session Manager Plugin -brew uninstall --cask session-manager-plugin -# Uninstall AWS CLI -brew uninstall awscli -# Remove AWS credential files -rm -rf ~/.aws -# Uninstall python -brew uninstall python --ignore-dependencies python -# Uninstall homebrew -sudo /bin/bash -cf "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/uninstall.sh)" -# Uninstall the Xcode CLT (this may be installed as part of homebrew) -sudo rm -rf /Library/Developer/CommandLineTools +kernel_name=$(uname -s) + +if [[ "$kernel_name" == 'Darwin' ]]; then + # Uninstall Leapp CLI + brew uninstall Noovolari/brew/leapp-cli + # Uninstall Session Manager Plugin + brew uninstall --cask session-manager-plugin + # Uninstall AWS CLI + brew uninstall awscli + # Remove AWS credential files + rm -rf ~/.aws + # Uninstall python + brew uninstall python --ignore-dependencies python + # Uninstall homebrew + sudo /bin/bash -cf "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/uninstall.sh)" + # Uninstall the Xcode CLT (this may be installed as part of homebrew) + sudo rm -rf /Library/Developer/CommandLineTools +elif [[ "$kernel_name" == 'Linux' ]]; then + # Uninstall Leapp CLI + sudo npm uninstall -g @noovolari/leapp-cli + # Remove node + sudo apt remove -y npm + sudo apt remove -y nodejs + # Remove leapp + sudo dpkg -r leapp + sudo dpkg -P leapp + # Remove session-manager-plugin + sudo dpkg -r session-manager-plugin + sudo dpkg -P session-manager-plugin + # Remove AWS CLI + sudo apt remove -y awscli + # Don't remove python! +fi diff --git a/setup.sh b/setup.sh index 221b2af..c821abb 100755 --- a/setup.sh +++ b/setup.sh @@ -1,133 +1,129 @@ #!/bin/bash +# Arguments as environment variables: +# CONFIGURE_LEAPP: 0 to skip configuration, unset or other value will ask for input +# INTEGRATION_PORTAL_URL: See https://panoramaed.atlassian.net/wiki/spaces/ENG/pages/2847113303/Leapp +# LEAPP_ROLES: See https://panoramaed.atlassian.net/wiki/spaces/ENG/pages/2847113303/Leapp + # xcode command line tools installation will hang on OS versions lower than this MIN_OS_VERSION="12.4.0" -CURRENT_OS_VERSION=$(sw_vers -productVersion) +kernel_name=$(uname -s) -. ./utils.sh +# If the utils.sh file is not present, download & run it +if [[ ! -e "utils.sh" ]]; then + eval "$(curl -Ls 'https://raw.githubusercontent.com/panorama-ed/leapp-setup/main/utils.sh')" +else + . ./utils.sh +fi -# use version sorting to check if the current version is less than $MIN_OS_VERSION -if [[ $MIN_OS_VERSION != "$(printf "$MIN_OS_VERSION\n$CURRENT_OS_VERSION" | sort -V | sed -n 1p)" ]]; then - red_echo "MacOS minimum required version is ${MIN_OS_VERSION}. The installed version is ${CURRENT_OS_VERSION}. Please update your OS before running this script." +if [[ "$kernel_name" != 'Darwin' ]] && [[ "$kernel_name" != 'Linux' ]]; then + red_echo "This script is only supported on MacOS and Linux." exit fi -if [[ -z "${INTEGRATION_PORTAL_URL}" ]]; then +if [[ "$kernel_name" == 'Darwin' ]]; then + CURRENT_OS_VERSION=$(sw_vers -productVersion) + # use version sorting to check if the current version is less than $MIN_OS_VERSION + if [[ $MIN_OS_VERSION != "$(printf "$MIN_OS_VERSION\n$CURRENT_OS_VERSION" | sort -V | sed -n 1p)" ]]; then + red_echo "MacOS minimum required version is ${MIN_OS_VERSION}. The installed version is ${CURRENT_OS_VERSION}. Please update your OS before running this script." + exit + fi +fi + +if [[ "${CONFIGURE_LEAPP}" != "0" ]] && [[ -z "${INTEGRATION_PORTAL_URL}" ]]; then red_echo "INTEGRATION_PORTAL_URL must be provided" exit fi -if [[ -z "${LEAPP_ROLES}" ]]; then +if [[ "${CONFIGURE_LEAPP}" != "0" ]] && [[ -z "${LEAPP_ROLES}" ]]; then red_echo "LEAPP_ROLES must be provided" exit fi + +# If using Linux, create /home// using sudo permission +if [[ "$kernel_name" == "Linux" ]] && [[ ! -e "/home/$(whoami)" ]]; then + sudo mkdir -p "/home/$(whoami)" + if id -gn | grep 'users' > /dev/null; then + group='users' + else + group=$(id -gn | cut -d ' ' -f 1) + fi + sudo chown -R "$(whoami):$group" "/home/$(whoami)" +fi + # Install Homebrew if not installed # This may optionally install the Xcode CLT if it is not already installed. -which -s brew -if [[ $? != 0 ]] ; then - /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)" +if [[ "$kernel_name" == 'Darwin' ]] && ! which brew > /dev/null ; then + + NONINTERACTIVE=1 /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)" # If using an M1 machine, load shell environment to run brew commands if [[ $(uname -m) == 'arm64' ]]; then - echo ‘# Set PATH, MANPATH, etc., for Homebrew.’ >> ~/.zprofile - echo ‘eval "$(/opt/homebrew/bin/brew shellenv)"’ >> ~/.zprofile + echo '# Set PATH, MANPATH, etc., for Homebrew.' >> ~/.zprofile + echo 'eval "$(/opt/homebrew/bin/brew shellenv)"' >> ~/.zprofile eval "$(/opt/homebrew/bin/brew shellenv)" fi fi -# The AWS CLI requires python -brew install python -# The AWS credential files require the AWS CLI to be installed -brew install awscli +if [[ "$kernel_name" == "Darwin" ]]; then + # The AWS CLI requires python + brew install python + # The AWS credential files require the AWS CLI to be installed + brew install awscli +elif [[ "$kernel_name" == "Linux" ]]; then + # The AWS CLI requires python + sudo apt install -y python3 + # The AWS credential files require the AWS CLI to be installed + sudo apt install -y awscli +fi # If using an M1 machine, add a symlink for the AWS credential files to where Leapp expects them -if [[ $(uname -m) == 'arm64' ]]; then +if [[ "$kernel_name" == "Darwin" ]] && [[ $(uname -m) == 'arm64' ]]; then sudo ln -s /opt/homebrew/bin/aws /usr/local/bin/aws fi # If the app store version of filezilla is installed, it expects the .aws credentials # to be in the filezilla installation directory. Add a symlink there. -if [ -d ~/Library/Containers/org.filezilla-project.filezilla.sandbox ]; then +if [[ "$kernel_name" == "Darwin" ]] && [ -d ~/Library/Containers/org.filezilla-project.filezilla.sandbox ]; then ln -s ~/.aws ~/Library/Containers/org.filezilla-project.filezilla.sandbox/Data/.aws fi # Install session manager plugin -brew install --cask session-manager-plugin +if [[ "$kernel_name" == "Darwin" ]]; then + brew install --cask session-manager-plugin +elif [[ "$kernel_name" == "Linux" ]] && ! dpkg -l session-manager-plugin; then + mkdir ~/Downloads/ + curl "https://s3.amazonaws.com/session-manager-downloads/plugin/latest/ubuntu_64bit/session-manager-plugin.deb" -o ~/Downloads/session-manager-plugin.deb + sudo dpkg -i ~/Downloads/session-manager-plugin.deb + rm session-manager-plugin.deb +fi # Install Leapp CLI -brew install Noovolari/brew/leapp-cli - -# Leapp integration setup -LEAPP=/Applications/Leapp.app - -# Check if Leapp is installed -if [ -d "$LEAPP" ]; then - # If Leapp is not running, open it and wait for it to start up - if ! pgrep -x Leapp &>/dev/null; then - open $LEAPP - sleep 5 - fi - - # If there's no Panorama integration, set it up - if ! leapp integration list --no-header | grep -i Panorama; then - leapp integration create \ - --integrationType AWS-SSO \ - --integrationAlias Panorama \ - --integrationPortalUrl $INTEGRATION_PORTAL_URL \ - --integrationRegion us-east-1 +if [[ "$kernel_name" == "Darwin" ]]; then + brew install Noovolari/brew/leapp-cli +else [[ "$kernel_name" == "Linux" ]] + mkdir ~/Downloads/ + if ! dpkg -l leapp; then + sudo apt install -y libfuse2 + # Whenever a new Leapp version is updated, this link will break + curl https://asset.noovolari.com/latest/Leapp_0.26.1_amd64.deb -o ~/Downloads/leapp.deb + sudo dpkg -i ~/Downloads/leapp.deb + sudo mv /usr/bin/leapp /usr/bin/leapp-desktop fi + curl -fsSL https://deb.nodesource.com/setup_22.x -o ~/Downloads/nodesource_setup.sh + sudo bash ~/Downloads/nodesource_setup.sh + sudo apt install -y nodejs + sudo apt install -y npm + sudo npm install -g @noovolari/leapp-cli +fi - PANORAMA_INTEGRATION=$( - leapp integration list --csv --columns=ID,"Integration Name","Status" \ - | grep Panorama - ) - - INTEGRATION_ID=$(echo $PANORAMA_INTEGRATION | awk -F$',' '{print $1;}') - INTEGRATION_STATUS=$(echo $PANORAMA_INTEGRATION | awk -F$',' '{print $3;}') - - if [[ $INTEGRATION_STATUS == "Offline" ]]; then - leapp integration login --integrationId $INTEGRATION_ID - fi - - function set_profile_id() { - PROFILE_ID=$( - leapp profile list --csv --columns=ID,'Profile Name' \ - | grep $ROLE_NAME \ - | awk -F$',' '{print $1;}' - ) - } - - AVAILABLE_LEAPP_SESSIONS=$( - leapp session list --csv --columns=id,role | - grep -E $LEAPP_ROLES - ) - - while IFS= read -r line; do - SESSION_ID=$(echo $line | awk -F$',' '{print $1;}') - ROLE_NAME=$(echo $line | awk -F$',' '{print $2;}') - - echo "Creating $ROLE_NAME profile" - - set_profile_id - - # If the role's name is not in the list of existing profiles, create it. - if [ -z "$PROFILE_ID" ]; then - leapp profile create --profileName $ROLE_NAME - - set_profile_id - fi - - # Associate the session with the profile matching the role. - leapp session change-profile --profileId $PROFILE_ID --sessionId $SESSION_ID - done <<< "$AVAILABLE_LEAPP_SESSIONS" +if [[ "${CONFIGURE_LEAPP}" == "0" ]]; then + exit +fi - # If we found at least one available session, then we can presume - # this installation was successful. - if (( $(echo "$AVAILABLE_LEAPP_SESSIONS" | wc -l) > 0 )); then - echo "+++++ Installation successful. +++++" - else - red_echo "----- Error during installation. Please share the above output to the Infra/Ops Zone. -----" - fi +# If the config.sh file is not present, download & run it +if [[ ! -e "config.sh" ]]; then + eval "$(curl -Ls 'https://raw.githubusercontent.com/panorama-ed/leapp-setup/main/config.sh')" else - red_echo "Leapp has not been installed." + . ./config.sh fi