From d6d0349112c5585586acc0fb8b943060e1ba1086 Mon Sep 17 00:00:00 2001 From: adityapinglesf <79232267+adityapinglesf@users.noreply.github.com> Date: Tue, 5 Mar 2024 13:33:41 -0800 Subject: [PATCH 01/21] Add requests unixsocket to Support UDS builds (#649) * debug: uds-build * revert splunk-ansible branch hard code; * updated pip install command; --- base/redhat-8/install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/base/redhat-8/install.sh b/base/redhat-8/install.sh index b9132785..b9bf7ac0 100755 --- a/base/redhat-8/install.sh +++ b/base/redhat-8/install.sh @@ -62,7 +62,7 @@ ln -sf /usr/bin/pip${PY_SHORT} /usr/bin/pip # Install splunk-ansible dependencies cd / /usr/bin/python3.7 -m pip install --upgrade pip -pip -q --no-cache-dir install --upgrade six wheel requests Mako urllib3 certifi jmespath future avro cryptography lxml protobuf setuptools ansible +pip -q --no-cache-dir install --upgrade "requests_unixsocket<2.29" "requests<2.29" six wheel Mako "urllib3<2.0.0" certifi jmespath future avro cryptography lxml protobuf setuptools ansible # Remove tests packaged in python libs find /usr/lib/ -depth \( -type d -a -not -wholename '*/ansible/plugins/test' -a \( -name test -o -name tests -o -name idle_test \) \) -exec rm -rf '{}' \; From f10e5673e7eff6d0b0becc50aaf01be0c8ef80a8 Mon Sep 17 00:00:00 2001 From: Aditya Pingle Date: Tue, 26 Mar 2024 16:26:13 -0700 Subject: [PATCH 02/21] changes for 9.0.9 --- Makefile | 4 ++-- docs/CHANGELOG.md | 11 +++++++++++ 2 files changed, 13 insertions(+), 2 deletions(-) diff --git a/Makefile b/Makefile index 2e9faeee..7087413b 100644 --- a/Makefile +++ b/Makefile @@ -7,8 +7,8 @@ SPLUNK_ANSIBLE_BRANCH ?= develop SPLUNK_COMPOSE ?= cluster_absolute_unit.yaml # Set Splunk version/build parameters here to define downstream URLs and file names SPLUNK_PRODUCT := splunk -SPLUNK_VERSION := 9.2.0.1 -SPLUNK_BUILD := d8ae995bf219 +SPLUNK_VERSION := 9.0.9 +SPLUNK_BUILD := 6315942c563f ifeq ($(shell arch), s390x) SPLUNK_ARCH = s390x else diff --git a/docs/CHANGELOG.md b/docs/CHANGELOG.md index f70e940a..5fe35d2c 100644 --- a/docs/CHANGELOG.md +++ b/docs/CHANGELOG.md @@ -17,6 +17,7 @@ Red Hat images will continue to be published. * [9.1.1](#911) * [9.1.0.2](#9102) * [9.1.0.1](#9101) +* [9.0.9](#909) * [9.0.8](#908) * [9.0.7](#907) * [9.0.6](#906) @@ -191,6 +192,16 @@ Red Hat images will continue to be published. --- +## 9.0.9 + +#### What's New? +* Releasing new images to support Splunk Enterprise release. + +#### docker-splunk changes: +* Bumping Splunk version. For details, see [Fixed issues for 9.0.9](https://docs.splunk.com/Documentation/Splunk/9.0.9/ReleaseNotes/Fixedissues#Splunk_Enterprise_9.0.9) + +--- + ## 9.0.8 #### What's New? From 3bc640bdb4b97af180f11b9a7e48a81003a27d6a Mon Sep 17 00:00:00 2001 From: adityapinglesf <79232267+adityapinglesf@users.noreply.github.com> Date: Wed, 27 Mar 2024 12:34:02 -0700 Subject: [PATCH 03/21] changes for 9.1.4 (#654) --- Makefile | 4 ++-- docs/CHANGELOG.md | 15 +++++++++++++++ 2 files changed, 17 insertions(+), 2 deletions(-) diff --git a/Makefile b/Makefile index 7087413b..6dfd57d1 100644 --- a/Makefile +++ b/Makefile @@ -7,8 +7,8 @@ SPLUNK_ANSIBLE_BRANCH ?= develop SPLUNK_COMPOSE ?= cluster_absolute_unit.yaml # Set Splunk version/build parameters here to define downstream URLs and file names SPLUNK_PRODUCT := splunk -SPLUNK_VERSION := 9.0.9 -SPLUNK_BUILD := 6315942c563f +SPLUNK_VERSION := 9.1.4 +SPLUNK_BUILD := a414fc70250e ifeq ($(shell arch), s390x) SPLUNK_ARCH = s390x else diff --git a/docs/CHANGELOG.md b/docs/CHANGELOG.md index 5fe35d2c..5aaba0de 100644 --- a/docs/CHANGELOG.md +++ b/docs/CHANGELOG.md @@ -12,6 +12,7 @@ Red Hat images will continue to be published. * [9.2.0.1](#9201) * [9.2.0](#920) +* [9.1.4](#914) * [9.1.3](#913) * [9.1.2](#912) * [9.1.1](#911) @@ -129,6 +130,20 @@ Red Hat images will continue to be published. --- +## 9.1.4 + +#### What's New? +* Releasing new images to support Splunk Enterprise release. + +#### docker-splunk changes: +* Bumping Splunk version. For details, see [Fixed issues for 9.1.4](https://docs.splunk.com/Documentation/Splunk/9.1.4/ReleaseNotes/Fixedissues#Splunk_Enterprise_9.1.4) + +#### splunk-ansible changes: +* Docs updated +* Bugfixes + +--- + ## 9.1.3 #### What's New? From 07a7c86f15abd13a1ee97661bdf8e4e762f8d1bf Mon Sep 17 00:00:00 2001 From: adityapinglesf <79232267+adityapinglesf@users.noreply.github.com> Date: Wed, 27 Mar 2024 13:07:49 -0700 Subject: [PATCH 04/21] changes for 9.2.1; (#656) --- Makefile | 4 ++-- docs/CHANGELOG.md | 15 +++++++++++++++ 2 files changed, 17 insertions(+), 2 deletions(-) diff --git a/Makefile b/Makefile index 6dfd57d1..aa741830 100644 --- a/Makefile +++ b/Makefile @@ -7,8 +7,8 @@ SPLUNK_ANSIBLE_BRANCH ?= develop SPLUNK_COMPOSE ?= cluster_absolute_unit.yaml # Set Splunk version/build parameters here to define downstream URLs and file names SPLUNK_PRODUCT := splunk -SPLUNK_VERSION := 9.1.4 -SPLUNK_BUILD := a414fc70250e +SPLUNK_VERSION := 9.2.1 +SPLUNK_BUILD := 78803f08aabb ifeq ($(shell arch), s390x) SPLUNK_ARCH = s390x else diff --git a/docs/CHANGELOG.md b/docs/CHANGELOG.md index 5aaba0de..843fdf07 100644 --- a/docs/CHANGELOG.md +++ b/docs/CHANGELOG.md @@ -10,6 +10,7 @@ Red Hat images will continue to be published. ## Navigation +* [9.2.1](#921) * [9.2.0.1](#9201) * [9.2.0](#920) * [9.1.4](#914) @@ -102,6 +103,20 @@ Red Hat images will continue to be published. --- +## 9.2.1 + +#### What's New? +* Releasing new images to support Splunk Enterprise release. + +#### docker-splunk changes: +* Bumping Splunk version. For details, see [Fixed issues for 9.2.1](https://docs.splunk.com/Documentation/Splunk/9.2.1/ReleaseNotes/Fixedissues#Splunk_Enterprise_9.2.1) + +#### splunk-ansible changes: +* Docs updated +* Bugfixes + +--- + ## 9.2.0.1 #### What's New? From 0de4bffe24c71604a19d95222011d1b2e6d41f10 Mon Sep 17 00:00:00 2001 From: michaellee-splunk <96087429+michaellee-splunk@users.noreply.github.com> Date: Tue, 16 Apr 2024 10:07:56 -0700 Subject: [PATCH 05/21] install busybox 1.36.1 in base redhat 8 (#664) --- base/redhat-8/install.sh | 22 +++++++++++++++------- docs/CHANGELOG.md | 15 +++++++++++++++ 2 files changed, 30 insertions(+), 7 deletions(-) diff --git a/base/redhat-8/install.sh b/base/redhat-8/install.sh index b9bf7ac0..63e7950c 100755 --- a/base/redhat-8/install.sh +++ b/base/redhat-8/install.sh @@ -28,7 +28,8 @@ export LANG=en_US.utf8 # Install utility packages microdnf -y --nodocs install wget sudo shadow-utils procps tar make gcc \ openssl-devel bzip2-devel libffi-devel findutils \ - libssh-devel libcurl-devel glib2-devel ncurses-devel + libssh-devel libcurl-devel glib2-devel ncurses-devel \ + diffutils bzip2 # Patch security updates microdnf -y --nodocs update gnutls kernel-headers libdnf librepo libnghttp2 nettle \ libpwquality libxml2 systemd-libs lz4-libs curl \ @@ -39,6 +40,18 @@ microdnf -y --nodocs update gnutls kernel-headers libdnf librepo libnghttp2 nett # Reinstall tzdata (originally stripped from minimal image): https://bugzilla.redhat.com/show_bug.cgi?id=1903219 microdnf -y --nodocs reinstall tzdata || microdnf -y --nodocs update tzdata +# Build and install busybox direct from the multiarch since EPEL isn't available yet for redhat8 +cd ~ +wget https://busybox.net/downloads/busybox-1.36.1.tar.bz2 +bzip2 -d busybox-1.36.1.tar.bz2 +tar -xf busybox-1.36.1.tar +cd busybox-1.36.1 +make defconfig +make +cp busybox /bin/busybox +cd ~ +rm -rf busybox-1.36.1.tar busybox-1.36.1/ + # Install Python and necessary packages PY_SHORT=${PYTHON_VERSION%.*} wget -O /tmp/python.tgz https://www.python.org/ftp/python/${PYTHON_VERSION}/Python-${PYTHON_VERSION}.tgz @@ -74,14 +87,9 @@ ldconfig microdnf remove -y make gcc openssl-devel bzip2-devel findutils glib2-devel glibc-devel cpp binutils \ keyutils-libs-devel krb5-devel libcom_err-devel libffi-devel libcurl-devel \ libselinux-devel libsepol-devel libssh-devel libverto-devel libxcrypt-devel \ - ncurses-devel pcre2-devel zlib-devel + ncurses-devel pcre2-devel zlib-devel diffutils bzip2 microdnf clean all -# Install busybox direct from the multiarch since EPEL isn't available yet for redhat8 -BUSYBOX_URL=${BUSYBOX_URL:=https://busybox.net/downloads/binaries/1.35.0-`arch`-linux-musl/busybox} -wget -O /bin/busybox ${BUSYBOX_URL} -chmod +x /bin/busybox - # Enable busybox symlinks cd /bin BBOX_LINKS=( clear find diff hostname killall netstat nslookup ping ping6 readline route syslogd tail traceroute vi ) diff --git a/docs/CHANGELOG.md b/docs/CHANGELOG.md index 843fdf07..1a83e886 100644 --- a/docs/CHANGELOG.md +++ b/docs/CHANGELOG.md @@ -14,6 +14,7 @@ Red Hat images will continue to be published. * [9.2.0.1](#9201) * [9.2.0](#920) * [9.1.4](#914) +* [9.1.3-patch1](#913p1) * [9.1.3](#913) * [9.1.2](#912) * [9.1.1](#911) @@ -159,6 +160,20 @@ Red Hat images will continue to be published. --- +## 9.1.3-patch1 + +#### What's New? +* Install busybox 1.36.1 for remediation of CVE-2022-28391 and CVE-2022-30065 + +#### docker-splunk changes: +* Bumping Splunk version. For details, see [Fixed issues for 9.1.3](https://docs.splunk.com/Documentation/Splunk/9.1.3/ReleaseNotes/Fixedissues#Splunk_Enterprise_9.1.3) + +#### splunk-ansible changes: +* Docs updated +* Bugfixes + +--- + ## 9.1.3 #### What's New? From beed1449ac382830466a174912799eb9cbf7111b Mon Sep 17 00:00:00 2001 From: michaellee-splunk <96087429+michaellee-splunk@users.noreply.github.com> Date: Thu, 30 May 2024 11:11:04 -0700 Subject: [PATCH 06/21] Update exclude list for changes in splunk files (#674) * update exclude list for changes in splunk files * update exclude list for changes in splunk files --- splunk/common-files/make-minimal-exclude.py | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/splunk/common-files/make-minimal-exclude.py b/splunk/common-files/make-minimal-exclude.py index 72747e0c..d68b6727 100755 --- a/splunk/common-files/make-minimal-exclude.py +++ b/splunk/common-files/make-minimal-exclude.py @@ -39,7 +39,6 @@ minor_version = version_string.group(2) if major_version: - print(EXCLUDE_V7) if int(major_version) == 7: print("*/bin/parsetest*") if int(minor_version) < 3: @@ -51,3 +50,7 @@ print("*/etc/apps/splunk_metrics_workspace*") if int(minor_version) < 1: print("*/bin/parsetest*") + elif int(major_version) >= 9: + if int(minor_version) >= 4: + EXCLUDE_V7 = EXCLUDE_V7.replace('*/bin/jsmin*', '') + print(EXCLUDE_V7) From 120bf34868d46f6950f68f3855d42a153d122dba Mon Sep 17 00:00:00 2001 From: michaellee-splunk <96087429+michaellee-splunk@users.noreply.github.com> Date: Fri, 31 May 2024 12:58:37 -0700 Subject: [PATCH 07/21] Add default.meta for splunk_enterprise_on_docker app (#675) * add default.meta for splunk_enterprise_on_docker app * add default.meta for splunk_enterprise_on_docker app --- .../apps/splunk_enterprise_on_docker/metadata/default.meta | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 splunk/common-files/apps/splunk_enterprise_on_docker/metadata/default.meta diff --git a/splunk/common-files/apps/splunk_enterprise_on_docker/metadata/default.meta b/splunk/common-files/apps/splunk_enterprise_on_docker/metadata/default.meta new file mode 100644 index 00000000..52fba224 --- /dev/null +++ b/splunk/common-files/apps/splunk_enterprise_on_docker/metadata/default.meta @@ -0,0 +1,2 @@ +[] +access = read : [ * ], write : [ admin ] From 8d3efd5d4e9f8e78b3a2210a9716aed29383a9d0 Mon Sep 17 00:00:00 2001 From: Jack Meixensperger Date: Tue, 11 Jun 2024 10:26:29 -0700 Subject: [PATCH 08/21] upgrade redhat8 python/ansible --- base/redhat-8/Dockerfile | 4 ++-- base/redhat-8/install.sh | 2 +- py23-image/redhat-8/Dockerfile | 10 +++++----- 3 files changed, 8 insertions(+), 8 deletions(-) diff --git a/base/redhat-8/Dockerfile b/base/redhat-8/Dockerfile index 2f71cb49..c52fe57c 100644 --- a/base/redhat-8/Dockerfile +++ b/base/redhat-8/Dockerfile @@ -28,8 +28,8 @@ LABEL name="splunk" \ ARG BUSYBOX_URL ENV BUSYBOX_URL=${BUSYBOX_URL} \ - PYTHON_VERSION=3.7.16 \ - PYTHON_GPG_KEY_ID=0D96DF4D4110E5C43FBFB17F2D347EA6AA65421D + PYTHON_VERSION=3.8.19 \ + PYTHON_GPG_KEY_ID=E3FF2839C048B25C084DEBE9B26995E310250568 COPY install.sh /install.sh diff --git a/base/redhat-8/install.sh b/base/redhat-8/install.sh index 63e7950c..017b8e8a 100755 --- a/base/redhat-8/install.sh +++ b/base/redhat-8/install.sh @@ -74,7 +74,7 @@ ln -sf /usr/bin/pip${PY_SHORT} /usr/bin/pip # Install splunk-ansible dependencies cd / -/usr/bin/python3.7 -m pip install --upgrade pip +/usr/bin/python3.8 -m pip install --upgrade pip pip -q --no-cache-dir install --upgrade "requests_unixsocket<2.29" "requests<2.29" six wheel Mako "urllib3<2.0.0" certifi jmespath future avro cryptography lxml protobuf setuptools ansible # Remove tests packaged in python libs diff --git a/py23-image/redhat-8/Dockerfile b/py23-image/redhat-8/Dockerfile index 89676579..4dd297a8 100644 --- a/py23-image/redhat-8/Dockerfile +++ b/py23-image/redhat-8/Dockerfile @@ -5,8 +5,8 @@ USER root RUN microdnf -y --nodocs update \ && microdnf -y --nodocs install python2-pip python2-devel \ && pip2 --no-cache-dir install requests pyyaml jmespath \ - && ln -sf /usr/bin/python3.7 /usr/bin/python3 \ - && ln -sf /usr/bin/pip3.7 /usr/bin/pip3 \ - && ln -sf /usr/bin/python3.7 /usr/bin/python \ - && ln -sf /usr/bin/pip3.7 /usr/bin/pip \ - && pip3 install --upgrade ansible==3.4.0 requests==2.25.1 pyyaml==5.4.1 jmespath==0.10.0 + && ln -sf /usr/bin/python3.8 /usr/bin/python3 \ + && ln -sf /usr/bin/pip3.8 /usr/bin/pip3 \ + && ln -sf /usr/bin/python3.8 /usr/bin/python \ + && ln -sf /usr/bin/pip3.8 /usr/bin/pip \ + && pip3 install --upgrade requests==2.25.1 pyyaml==5.4.1 jmespath==0.10.0 From 27201c1bf600c5655015f5886fc2221ab1bceb1f Mon Sep 17 00:00:00 2001 From: Jack Meixensperger Date: Tue, 11 Jun 2024 12:07:18 -0700 Subject: [PATCH 09/21] add py3 interpreter path --- py23-image/redhat-8/Dockerfile | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/py23-image/redhat-8/Dockerfile b/py23-image/redhat-8/Dockerfile index 4dd297a8..22353cee 100644 --- a/py23-image/redhat-8/Dockerfile +++ b/py23-image/redhat-8/Dockerfile @@ -9,4 +9,5 @@ RUN microdnf -y --nodocs update \ && ln -sf /usr/bin/pip3.8 /usr/bin/pip3 \ && ln -sf /usr/bin/python3.8 /usr/bin/python \ && ln -sf /usr/bin/pip3.8 /usr/bin/pip \ - && pip3 install --upgrade requests==2.25.1 pyyaml==5.4.1 jmespath==0.10.0 + && pip3 install --upgrade requests==2.25.1 pyyaml==5.4.1 jmespath==0.10.0 \ + && sed -i '/^\[defaults\]/a\interpreter_python = /usr/bin/python3' /opt/ansible/ansible.cfg From c2560fa29863f3968c68355d30c1b02834b30b23 Mon Sep 17 00:00:00 2001 From: Jack Meixensperger Date: Wed, 12 Jun 2024 15:35:11 -0700 Subject: [PATCH 10/21] use py3.9, resolve CVEs --- base/redhat-8/Dockerfile | 2 +- base/redhat-8/install.sh | 8 ++++++-- py23-image/redhat-8/Dockerfile | 11 ++++++----- 3 files changed, 13 insertions(+), 8 deletions(-) diff --git a/base/redhat-8/Dockerfile b/base/redhat-8/Dockerfile index c52fe57c..d839e582 100644 --- a/base/redhat-8/Dockerfile +++ b/base/redhat-8/Dockerfile @@ -28,7 +28,7 @@ LABEL name="splunk" \ ARG BUSYBOX_URL ENV BUSYBOX_URL=${BUSYBOX_URL} \ - PYTHON_VERSION=3.8.19 \ + PYTHON_VERSION=3.9.19 \ PYTHON_GPG_KEY_ID=E3FF2839C048B25C084DEBE9B26995E310250568 COPY install.sh /install.sh diff --git a/base/redhat-8/install.sh b/base/redhat-8/install.sh index 017b8e8a..2763a84a 100755 --- a/base/redhat-8/install.sh +++ b/base/redhat-8/install.sh @@ -17,7 +17,8 @@ set -e # Generate UTF-8 char map and locale # Reinstalling local English def for now, removed in minimal image: https://bugzilla.redhat.com/show_bug.cgi?id=1665251 -microdnf -y --nodocs install glibc-langpack-en +# Comment below install until glibc update is available in minimal image: https://access.redhat.com/errata/RHSA-2024:2722 +#microdnf -y --nodocs install glibc-langpack-en # Currently there is no access to the UTF-8 char map. The following command is commented out until # the base container can generate the locale. @@ -74,9 +75,12 @@ ln -sf /usr/bin/pip${PY_SHORT} /usr/bin/pip # Install splunk-ansible dependencies cd / -/usr/bin/python3.8 -m pip install --upgrade pip +/usr/bin/python3.9 -m pip install --upgrade pip pip -q --no-cache-dir install --upgrade "requests_unixsocket<2.29" "requests<2.29" six wheel Mako "urllib3<2.0.0" certifi jmespath future avro cryptography lxml protobuf setuptools ansible +# Avoid vulnerability on old pip version +/usr/libexec/platform-python -m pip install --upgrade pip + # Remove tests packaged in python libs find /usr/lib/ -depth \( -type d -a -not -wholename '*/ansible/plugins/test' -a \( -name test -o -name tests -o -name idle_test \) \) -exec rm -rf '{}' \; find /usr/lib/ -depth \( -type f -a -name '*.pyc' -o -name '*.pyo' -o -name '*.a' \) -exec rm -rf '{}' \; diff --git a/py23-image/redhat-8/Dockerfile b/py23-image/redhat-8/Dockerfile index 22353cee..c2dd5471 100644 --- a/py23-image/redhat-8/Dockerfile +++ b/py23-image/redhat-8/Dockerfile @@ -3,11 +3,12 @@ FROM ${SPLUNK_PRODUCT}-redhat-8:latest USER root RUN microdnf -y --nodocs update \ - && microdnf -y --nodocs install python2-pip python2-devel \ + && microdnf -y --nodocs install python2 \ + && pip2 install --upgrade pip \ && pip2 --no-cache-dir install requests pyyaml jmespath \ - && ln -sf /usr/bin/python3.8 /usr/bin/python3 \ - && ln -sf /usr/bin/pip3.8 /usr/bin/pip3 \ - && ln -sf /usr/bin/python3.8 /usr/bin/python \ - && ln -sf /usr/bin/pip3.8 /usr/bin/pip \ + && ln -sf /usr/bin/python3.9 /usr/bin/python3 \ + && ln -sf /usr/bin/pip3.9 /usr/bin/pip3 \ + && ln -sf /usr/bin/python3.9 /usr/bin/python \ + && ln -sf /usr/bin/pip3.9 /usr/bin/pip \ && pip3 install --upgrade requests==2.25.1 pyyaml==5.4.1 jmespath==0.10.0 \ && sed -i '/^\[defaults\]/a\interpreter_python = /usr/bin/python3' /opt/ansible/ansible.cfg From 7992f8ae0ec1dad1782f2c03c85e6e6e0ba7690f Mon Sep 17 00:00:00 2001 From: Jack Meixensperger Date: Mon, 17 Jun 2024 14:26:38 -0700 Subject: [PATCH 11/21] move py3/pip3 symlink to base --- base/redhat-8/install.sh | 4 ++++ py23-image/redhat-8/Dockerfile | 2 -- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/base/redhat-8/install.sh b/base/redhat-8/install.sh index 2763a84a..595a4936 100755 --- a/base/redhat-8/install.sh +++ b/base/redhat-8/install.sh @@ -111,3 +111,7 @@ echo " # Clean microdnf clean all rm -rf /install.sh /anaconda-post.log /var/log/anaconda/* + +# Symlink python/pip +ln -sf /usr/bin/python3.9 /usr/bin/python3 +ln -sf /usr/bin/pip3.9 /usr/bin/pip3 diff --git a/py23-image/redhat-8/Dockerfile b/py23-image/redhat-8/Dockerfile index c2dd5471..85e8813f 100644 --- a/py23-image/redhat-8/Dockerfile +++ b/py23-image/redhat-8/Dockerfile @@ -6,8 +6,6 @@ RUN microdnf -y --nodocs update \ && microdnf -y --nodocs install python2 \ && pip2 install --upgrade pip \ && pip2 --no-cache-dir install requests pyyaml jmespath \ - && ln -sf /usr/bin/python3.9 /usr/bin/python3 \ - && ln -sf /usr/bin/pip3.9 /usr/bin/pip3 \ && ln -sf /usr/bin/python3.9 /usr/bin/python \ && ln -sf /usr/bin/pip3.9 /usr/bin/pip \ && pip3 install --upgrade requests==2.25.1 pyyaml==5.4.1 jmespath==0.10.0 \ From c5c45d499a10057f8d2cc6bf24e2a0604d9496b8 Mon Sep 17 00:00:00 2001 From: Jack Meixensperger Date: Mon, 17 Jun 2024 14:56:53 -0700 Subject: [PATCH 12/21] move all symlinking --- base/centos-7/install.sh | 4 ++++ base/centos-8/install.sh | 1 + base/debian-10/install.sh | 4 ++++ base/debian-9/install.sh | 4 ++++ py23-image/centos-7/Dockerfile | 3 +-- py23-image/centos-8/Dockerfile | 3 +-- py23-image/debian-10/Dockerfile | 2 -- py23-image/debian-9/Dockerfile | 2 -- py23-image/redhat-8/Dockerfile | 3 +-- splunk/common-files/Dockerfile | 1 + 10 files changed, 17 insertions(+), 10 deletions(-) diff --git a/base/centos-7/install.sh b/base/centos-7/install.sh index 0d2c2873..ae8e4e33 100755 --- a/base/centos-7/install.sh +++ b/base/centos-7/install.sh @@ -47,3 +47,7 @@ rm -rf /etc/security/limits.d/20-nproc.conf # Clean yum clean all rm -rf /anaconda-post.log /var/log/anaconda/* + +# symlink for python3 +ln -s /bin/python3 /bin/python +ln -sf /usr/bin/pip3.7 /usr/bin/pip3 diff --git a/base/centos-8/install.sh b/base/centos-8/install.sh index ebcd7dda..af1f69d2 100755 --- a/base/centos-8/install.sh +++ b/base/centos-8/install.sh @@ -49,6 +49,7 @@ echo " # symlink for python3 ln -s /bin/python3 /bin/python +ln -sf /usr/bin/pip3.7 /usr/bin/pip3 # Clean yum clean all diff --git a/base/debian-10/install.sh b/base/debian-10/install.sh index 28bdb290..d8357bac 100755 --- a/base/debian-10/install.sh +++ b/base/debian-10/install.sh @@ -92,3 +92,7 @@ chmod u+s /bin/ping # Clean apt clean autoclean rm -rf /var/lib/apt/lists/* + +# Symlink python/pip +ln -sf /usr/bin/python3.7 /usr/bin/python3 +ln -sf /usr/bin/pip3.7 /usr/bin/pip3 \ No newline at end of file diff --git a/base/debian-9/install.sh b/base/debian-9/install.sh index 7c074cc8..12dc0ef2 100755 --- a/base/debian-9/install.sh +++ b/base/debian-9/install.sh @@ -93,3 +93,7 @@ chmod u+s /bin/ping # Clean apt clean autoclean rm -rf /var/lib/apt/lists/* + +# Symlink python/pip +ln -sf /usr/bin/python3.7 /usr/bin/python3 +ln -sf /usr/bin/pip3.7 /usr/bin/pip3 diff --git a/py23-image/centos-7/Dockerfile b/py23-image/centos-7/Dockerfile index 04a439f6..0811f0dc 100644 --- a/py23-image/centos-7/Dockerfile +++ b/py23-image/centos-7/Dockerfile @@ -17,8 +17,7 @@ RUN wget https://www.python.org/ftp/python/3.7.4/Python-3.7.4.tgz \ && python3.7 get-pip.py \ && rm -f get-pip.py \ #pip version is not automatically "fixed", unlike debian-based - && ln -sf /usr/bin/pip2 /usr/bin/pip \ - && ln -sf /usr/bin/pip3.7 /usr/bin/pip3 + && ln -sf /usr/bin/pip2 /usr/bin/pip RUN yum remove -y --setopt=tsflags=noscripts gcc openssl-devel bzip2-devel libffi-devel \ && yum autoremove -y \ && yum clean all diff --git a/py23-image/centos-8/Dockerfile b/py23-image/centos-8/Dockerfile index db936b26..6562f180 100644 --- a/py23-image/centos-8/Dockerfile +++ b/py23-image/centos-8/Dockerfile @@ -18,8 +18,7 @@ RUN wget https://www.python.org/ftp/python/3.7.4/Python-3.7.4.tgz \ && python3.7 get-pip.py \ && rm -f get-pip.py \ # pip version is not automatically "fixed", unlike debian-based - && ln -sf /usr/bin/pip2 /usr/bin/pip \ - && ln -sf /usr/bin/pip3.7 /usr/bin/pip3 + && ln -sf /usr/bin/pip2 /usr/bin/pip # add python alias # && ln -s /bin/python3 /bin/python diff --git a/py23-image/debian-10/Dockerfile b/py23-image/debian-10/Dockerfile index 8ff6d359..bae3f1c2 100644 --- a/py23-image/debian-10/Dockerfile +++ b/py23-image/debian-10/Dockerfile @@ -4,8 +4,6 @@ USER root RUN apt-get update -y \ && apt-get install -y --no-install-recommends libpython-dev python-pip python-requests python-jmespath python-yaml \ - && ln -sf /usr/bin/python3.7 /usr/bin/python3 \ - && ln -sf /usr/bin/pip3.7 /usr/bin/pip3 \ && ln -sf /usr/bin/python3.7 /usr/bin/python \ && ln -sf /usr/bin/pip3.7 /usr/bin/pip \ && pip3 install --upgrade ansible==3.4.0 requests==2.25.1 pyyaml==5.4.1 jmespath==0.10.0 diff --git a/py23-image/debian-9/Dockerfile b/py23-image/debian-9/Dockerfile index 69779918..acbd13d2 100644 --- a/py23-image/debian-9/Dockerfile +++ b/py23-image/debian-9/Dockerfile @@ -4,8 +4,6 @@ USER root RUN apt-get update -y \ && apt-get install -y --no-install-recommends libpython-dev python-pip python-requests python-jmespath python-yaml \ - && ln -sf /usr/bin/python3.7 /usr/bin/python3 \ - && ln -sf /usr/bin/pip3.7 /usr/bin/pip3 \ && ln -sf /usr/bin/python3.7 /usr/bin/python \ && ln -sf /usr/bin/pip3.7 /usr/bin/pip \ && pip3 install --upgrade ansible==3.4.0 requests==2.25.1 pyyaml==5.4.1 jmespath==0.10.0 diff --git a/py23-image/redhat-8/Dockerfile b/py23-image/redhat-8/Dockerfile index 85e8813f..deb0a063 100644 --- a/py23-image/redhat-8/Dockerfile +++ b/py23-image/redhat-8/Dockerfile @@ -8,5 +8,4 @@ RUN microdnf -y --nodocs update \ && pip2 --no-cache-dir install requests pyyaml jmespath \ && ln -sf /usr/bin/python3.9 /usr/bin/python \ && ln -sf /usr/bin/pip3.9 /usr/bin/pip \ - && pip3 install --upgrade requests==2.25.1 pyyaml==5.4.1 jmespath==0.10.0 \ - && sed -i '/^\[defaults\]/a\interpreter_python = /usr/bin/python3' /opt/ansible/ansible.cfg + && pip3 install --upgrade requests==2.25.1 pyyaml==5.4.1 jmespath==0.10.0 diff --git a/splunk/common-files/Dockerfile b/splunk/common-files/Dockerfile index 7338c52a..809c09c3 100644 --- a/splunk/common-files/Dockerfile +++ b/splunk/common-files/Dockerfile @@ -112,6 +112,7 @@ RUN sed -i -e 's/%sudo\s\+ALL=(ALL\(:ALL\)\?)\s\+ALL/%sudo ALL=NOPASSWD:ALL\nans && chgrp ${ANSIBLE_GROUP} ${SPLUNK_ANSIBLE_HOME} ${SPLUNK_ANSIBLE_HOME}/ansible.cfg \ && chmod 775 ${SPLUNK_ANSIBLE_HOME} \ && chmod 664 ${SPLUNK_ANSIBLE_HOME}/ansible.cfg \ + && sed -i '/^\[defaults\]/a\interpreter_python = /usr/bin/python3' ${SPLUNK_ANSIBLE_HOME}/ansible.cfg \ && chmod 755 /sbin/entrypoint.sh /sbin/createdefaults.py /sbin/checkstate.sh USER ${ANSIBLE_USER} From b08dedf22b25989686115503da57dc7df8330be5 Mon Sep 17 00:00:00 2001 From: Jack Meixensperger Date: Mon, 17 Jun 2024 15:05:28 -0700 Subject: [PATCH 13/21] set ansible interpreter on uf --- uf/common-files/Dockerfile | 1 + 1 file changed, 1 insertion(+) diff --git a/uf/common-files/Dockerfile b/uf/common-files/Dockerfile index 785de0eb..0048eae1 100644 --- a/uf/common-files/Dockerfile +++ b/uf/common-files/Dockerfile @@ -105,6 +105,7 @@ RUN sed -i -e 's/%sudo\s\+ALL=(ALL\(:ALL\)\?)\s\+ALL/%sudo ALL=NOPASSWD:ALL\nans && chgrp ${ANSIBLE_GROUP} ${SPLUNK_ANSIBLE_HOME} ${SPLUNK_ANSIBLE_HOME}/ansible.cfg \ && chmod 775 ${SPLUNK_ANSIBLE_HOME} \ && chmod 664 ${SPLUNK_ANSIBLE_HOME}/ansible.cfg \ + && sed -i '/^\[defaults\]/a\interpreter_python = /usr/bin/python3' ${SPLUNK_ANSIBLE_HOME}/ansible.cfg \ && chmod 755 /sbin/entrypoint.sh /sbin/createdefaults.py /sbin/checkstate.sh USER ${ANSIBLE_USER} From 57045ecf1d6895d060759ee836b03b0df0e33c6d Mon Sep 17 00:00:00 2001 From: Jack Meixensperger Date: Tue, 18 Jun 2024 14:04:14 -0700 Subject: [PATCH 14/21] fix pip3 symlink --- base/redhat-8/install.sh | 9 ++------- 1 file changed, 2 insertions(+), 7 deletions(-) diff --git a/base/redhat-8/install.sh b/base/redhat-8/install.sh index 595a4936..790f7217 100755 --- a/base/redhat-8/install.sh +++ b/base/redhat-8/install.sh @@ -72,15 +72,14 @@ make altinstall LDFLAGS="-Wl,--strip-all" rm -rf /tmp/pyinstall ln -sf /usr/bin/python${PY_SHORT} /usr/bin/python ln -sf /usr/bin/pip${PY_SHORT} /usr/bin/pip +ln -sf /usr/bin/python${PY_SHORT} /usr/bin/python3 +ln -sf /usr/bin/pip${PY_SHORT} /usr/bin/pip3 # Install splunk-ansible dependencies cd / /usr/bin/python3.9 -m pip install --upgrade pip pip -q --no-cache-dir install --upgrade "requests_unixsocket<2.29" "requests<2.29" six wheel Mako "urllib3<2.0.0" certifi jmespath future avro cryptography lxml protobuf setuptools ansible -# Avoid vulnerability on old pip version -/usr/libexec/platform-python -m pip install --upgrade pip - # Remove tests packaged in python libs find /usr/lib/ -depth \( -type d -a -not -wholename '*/ansible/plugins/test' -a \( -name test -o -name tests -o -name idle_test \) \) -exec rm -rf '{}' \; find /usr/lib/ -depth \( -type f -a -name '*.pyc' -o -name '*.pyo' -o -name '*.a' \) -exec rm -rf '{}' \; @@ -111,7 +110,3 @@ echo " # Clean microdnf clean all rm -rf /install.sh /anaconda-post.log /var/log/anaconda/* - -# Symlink python/pip -ln -sf /usr/bin/python3.9 /usr/bin/python3 -ln -sf /usr/bin/pip3.9 /usr/bin/pip3 From 2b6b9d8a43178be5317908a638b435ef8854491f Mon Sep 17 00:00:00 2001 From: Zach Arend Date: Mon, 21 Oct 2024 11:36:33 -0700 Subject: [PATCH 15/21] fix(logging): handle file rotation of splunkd_sterr.log (#684) Fix issue with logging of standard error messages where standard error logs would be lost when logging large amount of data to stadard error. Splunk logs to splunkd_stdout.log as the Unix standard error device. This file is rotated. According to [What Splunk software logs about itself](https://docs.splunk.com/Documentation/Splunk/9.2.1/Troubleshooting/WhatSplunklogsaboutitself), "The historical rotation for most internal logs is 5 files of 25MB each". docker-splunk container tails the output of splunkd_stdout.log to standard output. The existing behavior is that the container receives Splunk's standard error messages until splunkd_stdout.log is about 25MB. When the log files passes 25MB, Splunk rotates the log file by rename splunkd_stdout.log to something like splunkd_stoudt1.log and creating a new splunkd_stdout.log. By default, tail follows the file descriptor of argument file. I believe that if the file is renamed, it continutes to track the file descriptor of argument file, if that is available. This is not the behavior we want for file rotation, since we always want to follow the information that goes to splunkd_stdout.log and not splunkd_stdout1.log, splunkd_stdout2.log, etc. Fix standard error logs not surfacing by passing `-F` option to unix tail command. This causes tail to keep retrying to open argument file name if it becomes unavailable. Change in behavior to print standard error logs to standard out for entire lifetime of the program, instead of stopping after the first file rotation. Fix #626 Co-authored-by: Zach Arend --- splunk/common-files/entrypoint.sh | 4 ++-- uf/common-files/entrypoint.sh | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/splunk/common-files/entrypoint.sh b/splunk/common-files/entrypoint.sh index 02f8b492..b27bdf8b 100755 --- a/splunk/common-files/entrypoint.sh +++ b/splunk/common-files/entrypoint.sh @@ -62,10 +62,10 @@ watch_for_failure(){ # Any crashes/errors while Splunk is running should get logged to splunkd_stderr.log and sent to the container's stdout if [ -z "$SPLUNK_TAIL_FILE" ]; then echo Ansible playbook complete, will begin streaming splunkd_stderr.log - ${RUN_AS_SPLUNK} tail -n 0 -f ${SPLUNK_HOME}/var/log/splunk/splunkd_stderr.log & + ${RUN_AS_SPLUNK} tail -n 0 -F ${SPLUNK_HOME}/var/log/splunk/splunkd_stderr.log & else echo Ansible playbook complete, will begin streaming ${SPLUNK_TAIL_FILE} - ${RUN_AS_SPLUNK} tail -n 0 -f ${SPLUNK_TAIL_FILE} & + ${RUN_AS_SPLUNK} tail -n 0 -F ${SPLUNK_TAIL_FILE} & fi if [[ "$DISABLE_ENTIRE_SHELL_ACCESS" == "true" ]]; then disable_entire_shell_access_for_container diff --git a/uf/common-files/entrypoint.sh b/uf/common-files/entrypoint.sh index 19c24dae..51a1c5ab 100755 --- a/uf/common-files/entrypoint.sh +++ b/uf/common-files/entrypoint.sh @@ -63,9 +63,9 @@ watch_for_failure(){ fi # Any crashes/errors while Splunk is running should get logged to splunkd_stderr.log and sent to the container's stdout if [ -z "$SPLUNK_TAIL_FILE" ]; then - ${RUN_AS_SPLUNK} tail -n 0 -f ${SPLUNK_HOME}/var/log/splunk/splunkd_stderr.log & + ${RUN_AS_SPLUNK} tail -n 0 -F ${SPLUNK_HOME}/var/log/splunk/splunkd_stderr.log & else - ${RUN_AS_SPLUNK} tail -n 0 -f ${SPLUNK_TAIL_FILE} & + ${RUN_AS_SPLUNK} tail -n 0 -F ${SPLUNK_TAIL_FILE} & fi wait } From 49fa23c4ce79322c0de016647da33e3885a4ec80 Mon Sep 17 00:00:00 2001 From: michaellee-splunk <96087429+michaellee-splunk@users.noreply.github.com> Date: Wed, 6 Nov 2024 15:38:16 -0800 Subject: [PATCH 16/21] revise README with updated Splunk General Terms license statement (#687) --- README.md | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 4d9af0b8..c2637b38 100644 --- a/README.md +++ b/README.md @@ -56,6 +56,8 @@ This command does the following: After the container starts up, you can access Splunk Web at with `admin:`. +The license you are accepting is the Splunk General Terms, available [here](https://www.splunk.com/en_us/legal/splunk-general-terms.html). Unless you have jointly executed with Splunk a negotiated version of these General Terms that explicitly supersedes this agreement, by accessing or using Splunk software, you are agreeing to the Splunk General Terms. Please read and make sure you agree to the Splunk General Terms before you access or use this software. Only once you've done so should you include the `accept-license` flag to indicate your acceptance of the Splunk General Terms available here and launch this software. + To view the logs from the container created above, run: ```bash $ docker logs -f so1 @@ -113,9 +115,13 @@ We welcome feedback and contributions from the community! See our [contribution --- ## License -Copyright 2018-2020 Splunk. +Copyright 2018-2024 Splunk. Distributed under the terms of our [license](docs/LICENSE.md), splunk-ansible is free and open source software. +The software in this container is licensed under and subject to the [Splunk General Terms](https://www.splunk.com/en_us/legal/splunk-general-terms.html). By accessing this container and its software you agree to the [Splunk General Terms](https://www.splunk.com/en_us/legal/splunk-general-terms.html). + +If you do not agree, do not access or use this software. + ## Authors Splunk Inc. and the Splunk Community From 3e5427a7f68f0a634d24f7c36f7e8bc028214592 Mon Sep 17 00:00:00 2001 From: Jack Meixensperger Date: Thu, 7 Nov 2024 12:19:39 -0800 Subject: [PATCH 17/21] update --accept-license setup message --- splunk/common-files/entrypoint.sh | 6 +++++- uf/common-files/entrypoint.sh | 10 +++++++--- 2 files changed, 12 insertions(+), 4 deletions(-) diff --git a/splunk/common-files/entrypoint.sh b/splunk/common-files/entrypoint.sh index 02f8b492..d7ccdff1 100755 --- a/splunk/common-files/entrypoint.sh +++ b/splunk/common-files/entrypoint.sh @@ -18,7 +18,11 @@ set -e setup() { # Check if the user accepted the license if [[ "$SPLUNK_START_ARGS" != *"--accept-license"* ]]; then - printf "License not accepted, please ensure the environment variable SPLUNK_START_ARGS contains the '--accept-license' flag\n" + printf "License not accepted, please adjust SPLUNK_START_ARGS to indicate you have accepted the license.\n" + printf "The license you are accepting is the Splunk General Terms, available here: https://www.splunk.com/en_us/legal/splunk-general-terms.html\n" + printf "Unless you have jointly executed with Splunk a negotiated version of these General Terms that explicitly supersedes this agreement, by accessing or using Splunk software, you are agreeing to the Splunk General Terms.\n" + printf "Please read and make sure you agree to the Splunk General Terms before you access or use this software.\n" + printf "Only once you've done so should you include the '--accept-license' flag to indicate your acceptance of the Splunk General Terms and launch this software.\n" printf "For example: docker run -e SPLUNK_START_ARGS=--accept-license -e SPLUNK_PASSWORD splunk/splunk\n\n" printf "For additional information and examples, see the help: docker run -it splunk/splunk help\n" exit 1 diff --git a/uf/common-files/entrypoint.sh b/uf/common-files/entrypoint.sh index 19c24dae..bce3dee7 100755 --- a/uf/common-files/entrypoint.sh +++ b/uf/common-files/entrypoint.sh @@ -19,9 +19,13 @@ set -e setup() { # Check if the user accepted the license if [[ "$SPLUNK_START_ARGS" != *"--accept-license"* ]]; then - printf "License not accepted, please ensure the environment variable SPLUNK_START_ARGS contains the '--accept-license' flag\n" - printf "For example: docker run -e SPLUNK_START_ARGS=--accept-license splunk/universalforwarder\n\n" - printf "For additional information and examples, see the help: docker run -it splunk/universalforwarder help\n" + printf "License not accepted, please adjust SPLUNK_START_ARGS to indicate you have accepted the license.\n" + printf "The license you are accepting is the Splunk General Terms, available here: https://www.splunk.com/en_us/legal/splunk-general-terms.html\n" + printf "Unless you have jointly executed with Splunk a negotiated version of these General Terms that explicitly supersedes this agreement, by accessing or using Splunk software, you are agreeing to the Splunk General Terms.\n" + printf "Please read and make sure you agree to the Splunk General Terms before you access or use this software.\n" + printf "Only once you've done so should you include the '--accept-license' flag to indicate your acceptance of the Splunk General Terms and launch this software.\n" + printf "For example: docker run -e SPLUNK_START_ARGS=--accept-license -e SPLUNK_PASSWORD splunk/splunk\n\n" + printf "For additional information and examples, see the help: docker run -it splunk/splunk help\n" exit 1 fi } From 507fa78a9896c3667494732dc04ac0980a833019 Mon Sep 17 00:00:00 2001 From: Jack Meixensperger Date: Thu, 7 Nov 2024 12:50:55 -0800 Subject: [PATCH 18/21] revert uf example --- uf/common-files/entrypoint.sh | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/uf/common-files/entrypoint.sh b/uf/common-files/entrypoint.sh index bce3dee7..9f559809 100755 --- a/uf/common-files/entrypoint.sh +++ b/uf/common-files/entrypoint.sh @@ -23,9 +23,8 @@ setup() { printf "The license you are accepting is the Splunk General Terms, available here: https://www.splunk.com/en_us/legal/splunk-general-terms.html\n" printf "Unless you have jointly executed with Splunk a negotiated version of these General Terms that explicitly supersedes this agreement, by accessing or using Splunk software, you are agreeing to the Splunk General Terms.\n" printf "Please read and make sure you agree to the Splunk General Terms before you access or use this software.\n" - printf "Only once you've done so should you include the '--accept-license' flag to indicate your acceptance of the Splunk General Terms and launch this software.\n" - printf "For example: docker run -e SPLUNK_START_ARGS=--accept-license -e SPLUNK_PASSWORD splunk/splunk\n\n" - printf "For additional information and examples, see the help: docker run -it splunk/splunk help\n" + printf "Only once you've done so should you include the '--accept-license' flag to indicate your acceptance of the Splunk General Terms and launch this software.\n" printf "For example: docker run -e SPLUNK_START_ARGS=--accept-license splunk/universalforwarder\n\n" + printf "For additional information and examples, see the help: docker run -it splunk/universalforwarder help\n" exit 1 fi } From 661d9ad93fb6d1f53203557b531cd7b566db989b Mon Sep 17 00:00:00 2001 From: Jack Meixensperger Date: Thu, 7 Nov 2024 12:52:15 -0800 Subject: [PATCH 19/21] fix indent --- uf/common-files/entrypoint.sh | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/uf/common-files/entrypoint.sh b/uf/common-files/entrypoint.sh index 9f559809..e54a014c 100755 --- a/uf/common-files/entrypoint.sh +++ b/uf/common-files/entrypoint.sh @@ -23,7 +23,8 @@ setup() { printf "The license you are accepting is the Splunk General Terms, available here: https://www.splunk.com/en_us/legal/splunk-general-terms.html\n" printf "Unless you have jointly executed with Splunk a negotiated version of these General Terms that explicitly supersedes this agreement, by accessing or using Splunk software, you are agreeing to the Splunk General Terms.\n" printf "Please read and make sure you agree to the Splunk General Terms before you access or use this software.\n" - printf "Only once you've done so should you include the '--accept-license' flag to indicate your acceptance of the Splunk General Terms and launch this software.\n" printf "For example: docker run -e SPLUNK_START_ARGS=--accept-license splunk/universalforwarder\n\n" + printf "Only once you've done so should you include the '--accept-license' flag to indicate your acceptance of the Splunk General Terms and launch this software.\n" + printf "For example: docker run -e SPLUNK_START_ARGS=--accept-license splunk/universalforwarder\n\n" printf "For additional information and examples, see the help: docker run -it splunk/universalforwarder help\n" exit 1 fi From 17cef9d0ea4d1d9bce8e46c6117a5224daa55148 Mon Sep 17 00:00:00 2001 From: Jack Meixensperger Date: Tue, 17 Dec 2024 14:19:39 -0800 Subject: [PATCH 20/21] working image --- base/redhat-8/install.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/base/redhat-8/install.sh b/base/redhat-8/install.sh index 790f7217..1f0ddbca 100755 --- a/base/redhat-8/install.sh +++ b/base/redhat-8/install.sh @@ -29,7 +29,7 @@ export LANG=en_US.utf8 # Install utility packages microdnf -y --nodocs install wget sudo shadow-utils procps tar make gcc \ openssl-devel bzip2-devel libffi-devel findutils \ - libssh-devel libcurl-devel glib2-devel ncurses-devel \ + libssh-devel libcurl-devel ncurses-devel \ diffutils bzip2 # Patch security updates microdnf -y --nodocs update gnutls kernel-headers libdnf librepo libnghttp2 nettle \ @@ -78,7 +78,7 @@ ln -sf /usr/bin/pip${PY_SHORT} /usr/bin/pip3 # Install splunk-ansible dependencies cd / /usr/bin/python3.9 -m pip install --upgrade pip -pip -q --no-cache-dir install --upgrade "requests_unixsocket<2.29" "requests<2.29" six wheel Mako "urllib3<2.0.0" certifi jmespath future avro cryptography lxml protobuf setuptools ansible +pip -q --no-cache-dir install --upgrade requests_unixsocket requests six wheel Mako "urllib3<2.0.0" certifi jmespath future avro cryptography lxml protobuf setuptools ansible # Remove tests packaged in python libs find /usr/lib/ -depth \( -type d -a -not -wholename '*/ansible/plugins/test' -a \( -name test -o -name tests -o -name idle_test \) \) -exec rm -rf '{}' \; @@ -87,7 +87,7 @@ find /usr/lib/ -depth \( -type f -a -name 'wininst-*.exe' \) -exec rm -rf '{}' \ ldconfig # Cleanup -microdnf remove -y make gcc openssl-devel bzip2-devel findutils glib2-devel glibc-devel cpp binutils \ +microdnf remove -y make gcc openssl-devel bzip2-devel findutils glibc-devel cpp binutils \ keyutils-libs-devel krb5-devel libcom_err-devel libffi-devel libcurl-devel \ libselinux-devel libsepol-devel libssh-devel libverto-devel libxcrypt-devel \ ncurses-devel pcre2-devel zlib-devel diffutils bzip2 From 9ee26ab0c8980ca839a53192d4f4e877396da3cb Mon Sep 17 00:00:00 2001 From: Jack Meixensperger Date: Wed, 18 Dec 2024 12:55:05 -0800 Subject: [PATCH 21/21] update build name --- Makefile | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/Makefile b/Makefile index aa741830..573d4bde 100644 --- a/Makefile +++ b/Makefile @@ -7,18 +7,18 @@ SPLUNK_ANSIBLE_BRANCH ?= develop SPLUNK_COMPOSE ?= cluster_absolute_unit.yaml # Set Splunk version/build parameters here to define downstream URLs and file names SPLUNK_PRODUCT := splunk -SPLUNK_VERSION := 9.2.1 -SPLUNK_BUILD := 78803f08aabb +SPLUNK_VERSION := 9.4.0 +SPLUNK_BUILD := 6b4ebe426ca6 ifeq ($(shell arch), s390x) SPLUNK_ARCH = s390x else - SPLUNK_ARCH = x86_64 + SPLUNK_ARCH = amd64 endif # Linux Splunk arguments -SPLUNK_LINUX_FILENAME ?= splunk-${SPLUNK_VERSION}-${SPLUNK_BUILD}-Linux-${SPLUNK_ARCH}.tgz +SPLUNK_LINUX_FILENAME ?= splunk-${SPLUNK_VERSION}-${SPLUNK_BUILD}-linux-${SPLUNK_ARCH}.tgz SPLUNK_LINUX_BUILD_URL ?= https://download.splunk.com/products/${SPLUNK_PRODUCT}/releases/${SPLUNK_VERSION}/linux/${SPLUNK_LINUX_FILENAME} -UF_LINUX_FILENAME ?= splunkforwarder-${SPLUNK_VERSION}-${SPLUNK_BUILD}-Linux-${SPLUNK_ARCH}.tgz +UF_LINUX_FILENAME ?= splunkforwarder-${SPLUNK_VERSION}-${SPLUNK_BUILD}-linux-${SPLUNK_ARCH}.tgz UF_LINUX_BUILD_URL ?= https://download.splunk.com/products/universalforwarder/releases/${SPLUNK_VERSION}/linux/${UF_LINUX_FILENAME} # Windows Splunk arguments SPLUNK_WIN_FILENAME ?= splunk-${SPLUNK_VERSION}-${SPLUNK_BUILD}-x64-release.msi