Moved tool definitions into the artifact. (Velocidex#485)

There is no need now to run the Server.Utils.DownloadBinaries artifact to sync tools. Each artifact defines its own tool in its own YAML and it gets added dynamically.
nirhalfon · Jul 10, 2020 · 053af0b · 053af0b
1 parent 9bb3b1c
commit 053af0b
Show file tree

Hide file tree

Showing 27 changed files with 658 additions and 522 deletions.
diff --git a/README.md b/README.md
@@ -126,14 +126,14 @@ feature submitted that you are really interested in, we would love to
 have more testing prior to the official release.
 
 We have a CI pipeline at https://www.velocidex.com/ci managed by
-AppVeyor. The pipeline produces a complete windows and linux binary
+AppVeyor. The pipeline produces a complete windows binary
 built at each commit poiint - simply click on the `artifacts` tab,
-scroll down and download `velociraptor.exe` or
-`velociraptor_linux.elf`
+scroll down and download `velociraptor.exe`
 
 Additionally we build all binaries using Github actions. Simply click
-the actions tab on Github and download the `Binaries.zip` file. This
-will contain binaries for Windows, MacOS and Linux.
+the [actions tab](https://github.com/Velocidex/velociraptor/actions)
+on Github and download the `Binaries.zip` file. This will contain
+binaries for Windows, MacOS and Linux.
 
 
 ## Getting help

diff --git a/api/proto/inventory.pb.go b/api/proto/inventory.pb.go
diff --git a/api/proto/inventory.proto b/api/proto/inventory.proto
diff --git a/artifacts/artifacts.go b/artifacts/artifacts.go
@@ -401,9 +401,9 @@ func (self *Repository) PopulateArtifactsVQLCollectorArgs(
 		artifact, pres := self.Get(k)
 		if pres {
 			// Include any dependent tools.
-			for _, required_tool := range artifact.RequiredTools {
-				if !utils.InString(request.Tools, required_tool) {
-					request.Tools = append(request.Tools, required_tool)
+			for _, required_tool := range artifact.Tools {
+				if !utils.InString(request.Tools, required_tool.Name) {
+					request.Tools = append(request.Tools, required_tool.Name)
 				}
 			}
 
@@ -465,9 +465,9 @@ func (self *Repository) Compile(artifact *artifacts_proto.Artifact,
 	}
 
 	// Merge any tools we need.
-	for _, required_tool := range artifact.RequiredTools {
-		if !utils.InString(result.Tools, required_tool) {
-			result.Tools = append(result.Tools, required_tool)
+	for _, required_tool := range artifact.Tools {
+		if !utils.InString(result.Tools, required_tool.Name) {
+			result.Tools = append(result.Tools, required_tool.Name)
 		}
 	}
 

diff --git a/artifacts/definitions/Server/Utils/CreateCollector.yaml b/artifacts/definitions/Server/Utils/CreateCollector.yaml
@@ -4,10 +4,13 @@ description: |
 
 type: SERVER
 
-required_tools:
-  - VelociraptorWindows
-  - VelociraptorLinux
-  - VelociraptorDarwin
+tools:
+  - name: VelociraptorWindows
+    url: https://github.com/Velocidex/velociraptor/releases/download/v0.4.6/velociraptor-v0.4.6-windows-amd64.exe
+  - name: VelociraptorLinux
+    url: https://github.com/Velocidex/velociraptor/releases/download/v0.4.6/velociraptor-v0.4.6-linux-amd64
+  - name: VelociraptorDarwin
+    url: https://github.com/Velocidex/velociraptor/releases/download/v0.4.6/velociraptor-v0.4.6-darwin-amd64
 
 parameters:
   - name: OS
@@ -186,11 +189,11 @@ sources:
 
       LET Binaries <= SELECT * FROM foreach(
           row={
-             SELECT required_tools FROM artifact_definitions(names=Artifacts)
+             SELECT tools FROM artifact_definitions(names=Artifacts)
           }, query={
-             SELECT * FROM foreach(row=required_tools,
+             SELECT * FROM foreach(row=tools,
              query={
-              SELECT _value AS Binary FROM scope()
+              SELECT name AS Binary FROM scope()
              })
           }) GROUP BY Binary
 

diff --git a/artifacts/definitions/Server/Utils/DownloadBinaries.yaml b/artifacts/definitions/Server/Utils/DownloadBinaries.yaml
diff --git a/artifacts/definitions/Server/Utils/UpdatePublicHashes.yaml b/artifacts/definitions/Server/Utils/UpdatePublicHashes.yaml
diff --git a/artifacts/definitions/Windows/Forensics/BulkExtractor.yaml b/artifacts/definitions/Windows/Forensics/BulkExtractor.yaml
@@ -47,8 +47,9 @@ author: Matt Green - @mgreen27
 required_permissions:
   - EXECVE
 
-required_tools:
-  - Bulk_Extractor
+tools:
+  - name: Bulk_Extractor
+    url: https://github.com/4n6ist/bulk_extractor-rec/releases/download/rec03/bulk_extractor-rec03_x64.zip
 
 precondition: SELECT OS From info() where OS = 'windows'
 

diff --git a/artifacts/definitions/Windows/Memory/Acquisition.yaml b/artifacts/definitions/Windows/Memory/Acquisition.yaml
@@ -6,8 +6,9 @@ description: |
   NOTE: This artifact usually takes a long time. You should increase
   the default timeout to allow it to complete.
 
-required_tools:
-  - WinPmem
+tools:
+  - name: WinPmem
+    url: https://github.com/Velocidex/c-aff4/releases/download/v3.3.rc3/winpmem_v3.3.rc3.exe
 
 sources:
   - queries: