build: Build AppImage with appimagetool instead of appimage-builder
This commit is contained in:
parent
21a2083903
commit
638004cfb2
|
@ -0,0 +1 @@
|
||||||
|
*.AppImage
|
|
@ -0,0 +1,41 @@
|
||||||
|
#! /bin/bash
|
||||||
|
|
||||||
|
# Export APPRUN if running from an extracted image
|
||||||
|
self="$(readlink -f -- $0)"
|
||||||
|
here="${self%/*}"
|
||||||
|
APPDIR="${APPDIR:-${here}}"
|
||||||
|
|
||||||
|
# Export TCl/Tk
|
||||||
|
export TCL_LIBRARY="${APPDIR}/usr/share/tcltk/tcl8.4"
|
||||||
|
export TK_LIBRARY="${APPDIR}/usr/share/tcltk/tk8.4"
|
||||||
|
export TKPATH="${TK_LIBRARY}"
|
||||||
|
|
||||||
|
# Export SSL certificate
|
||||||
|
export SSL_CERT_FILE="${APPDIR}/opt/_internal/certs.pem"
|
||||||
|
|
||||||
|
# Call the entry point
|
||||||
|
for opt in "$@"
|
||||||
|
do
|
||||||
|
[ "${opt:0:1}" != "-" ] && break
|
||||||
|
if [[ "${opt}" =~ "I" ]] || [[ "${opt}" =~ "E" ]]; then
|
||||||
|
# Environment variables are disabled ($PYTHONHOME). Let's run in a safe
|
||||||
|
# mode from the raw Python binary inside the AppImage
|
||||||
|
"$APPDIR/opt/python3.7/bin/python3.7" "$@"
|
||||||
|
exit "$?"
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
|
||||||
|
# Get the executable name, i.e. the AppImage or the python binary if running from an
|
||||||
|
# extracted image
|
||||||
|
executable="${APPDIR}/opt/python3.7/bin/python3.7"
|
||||||
|
if [[ "${ARGV0}" =~ "/" ]]; then
|
||||||
|
executable="$(cd $(dirname ${ARGV0}) && pwd)/$(basename ${ARGV0})"
|
||||||
|
elif [[ "${ARGV0}" != "" ]]; then
|
||||||
|
executable=$(which "${ARGV0}")
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Wrap the call to Python in order to mimic a call from the source
|
||||||
|
# executable ($ARGV0), but potentially located outside of the Python
|
||||||
|
# install ($PYTHONHOME)
|
||||||
|
(PYTHONHOME="${APPDIR}/opt/python3.7" exec "/bin/bash" "${APPDIR}/usr/src/monkey_island/linux/run_appimage.sh")
|
||||||
|
exit "$?"
|
|
@ -18,10 +18,9 @@ NOTE: This script is intended to be run from a clean VM. You can also manually
|
||||||
remove build artifacts by removing the following files and directories.
|
remove build artifacts by removing the following files and directories.
|
||||||
|
|
||||||
- $HOME/.monkey_island (optional)
|
- $HOME/.monkey_island (optional)
|
||||||
- $HOME/monkey-appdir
|
- $HOME/squashfs-root
|
||||||
- $HOME/git/monkey
|
- $HOME/git/monkey
|
||||||
- $HOME/appimage/appimage-builder-cache
|
- $HOME/appimage/Infection_Monkey-x86_64.AppImage
|
||||||
- $HOME/appimage/"Monkey\ Island-\*-x86-64.Appimage"
|
|
||||||
|
|
||||||
After removing the above files and directories, you can again execute `bash
|
After removing the above files and directories, you can again execute `bash
|
||||||
build_appimage.sh`.
|
build_appimage.sh`.
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
|
|
||||||
python_cmd="python3.7"
|
APPDIR="$HOME/squashfs-root"
|
||||||
APPDIR="$HOME/monkey-appdir"
|
CONFIG_URL="https://raw.githubusercontent.com/guardicore/monkey/develop/deployment_scripts/config"
|
||||||
INSTALL_DIR="$APPDIR/usr/src"
|
INSTALL_DIR="$APPDIR/usr/src"
|
||||||
|
|
||||||
GIT=$HOME/git
|
GIT=$HOME/git
|
||||||
|
@ -33,16 +33,18 @@ log_message() {
|
||||||
echo -e "DEPLOYMENT SCRIPT: $1"
|
echo -e "DEPLOYMENT SCRIPT: $1"
|
||||||
}
|
}
|
||||||
|
|
||||||
setup_appdir() {
|
setup_python_37_appdir() {
|
||||||
|
PYTHON_APPIMAGE_URL="https://github.com/niess/python-appimage/releases/download/python3.7/python3.7.9-cp37-cp37m-manylinux1_x86_64.AppImage"
|
||||||
|
PYTHON_APPIMAGE="python3.7.9_x86_64.AppImage"
|
||||||
rm -rf "$APPDIR" || true
|
rm -rf "$APPDIR" || true
|
||||||
mkdir -p "$INSTALL_DIR"
|
curl -L -o "$PYTHON_APPIMAGE" "$PYTHON_APPIMAGE_URL"
|
||||||
}
|
|
||||||
|
|
||||||
install_pip_37() {
|
chmod u+x "$PYTHON_APPIMAGE"
|
||||||
pip_url=https://bootstrap.pypa.io/get-pip.py
|
|
||||||
curl $pip_url -o get-pip.py
|
./"$PYTHON_APPIMAGE" --appimage-extract
|
||||||
${python_cmd} get-pip.py
|
rm "$PYTHON_APPIMAGE"
|
||||||
rm get-pip.py
|
mv ./squashfs-root "$APPDIR"
|
||||||
|
mkdir -p "$INSTALL_DIR"
|
||||||
}
|
}
|
||||||
|
|
||||||
install_nodejs() {
|
install_nodejs() {
|
||||||
|
@ -63,21 +65,14 @@ install_build_prereqs() {
|
||||||
|
|
||||||
#monkey island prereqs
|
#monkey island prereqs
|
||||||
sudo apt install -y curl libcurl4 python3.7 python3.7-dev openssl git build-essential moreutils
|
sudo apt install -y curl libcurl4 python3.7 python3.7-dev openssl git build-essential moreutils
|
||||||
install_pip_37
|
|
||||||
install_nodejs
|
install_nodejs
|
||||||
}
|
}
|
||||||
|
|
||||||
install_appimage_builder() {
|
|
||||||
sudo pip3 install appimage-builder
|
|
||||||
|
|
||||||
install_appimage_tool
|
|
||||||
}
|
|
||||||
|
|
||||||
install_appimage_tool() {
|
install_appimage_tool() {
|
||||||
APP_TOOL_BIN=$HOME/bin/appimagetool
|
APP_TOOL_BIN=$HOME/bin/appimagetool
|
||||||
APP_TOOL_URL=https://github.com/AppImage/AppImageKit/releases/download/12/appimagetool-x86_64.AppImage
|
APP_TOOL_URL=https://github.com/AppImage/AppImageKit/releases/download/12/appimagetool-x86_64.AppImage
|
||||||
|
|
||||||
mkdir "$HOME"/bin
|
mkdir -p "$HOME"/bin
|
||||||
curl -L -o "$APP_TOOL_BIN" "$APP_TOOL_URL"
|
curl -L -o "$APP_TOOL_BIN" "$APP_TOOL_URL"
|
||||||
chmod u+x "$APP_TOOL_BIN"
|
chmod u+x "$APP_TOOL_BIN"
|
||||||
|
|
||||||
|
@ -88,7 +83,7 @@ load_monkey_binary_config() {
|
||||||
tmpfile=$(mktemp)
|
tmpfile=$(mktemp)
|
||||||
|
|
||||||
log_message "downloading configuration"
|
log_message "downloading configuration"
|
||||||
curl -L -s -o "$tmpfile" "$config_url"
|
curl -L -s -o "$tmpfile" "$CONFIG_URL"
|
||||||
|
|
||||||
log_message "loading configuration"
|
log_message "loading configuration"
|
||||||
source "$tmpfile"
|
source "$tmpfile"
|
||||||
|
@ -103,14 +98,14 @@ clone_monkey_repo() {
|
||||||
branch=${2:-"develop"}
|
branch=${2:-"develop"}
|
||||||
git clone --single-branch --recurse-submodules -b "$branch" "${MONKEY_GIT_URL}" "${REPO_MONKEY_HOME}" 2>&1 || handle_error
|
git clone --single-branch --recurse-submodules -b "$branch" "${MONKEY_GIT_URL}" "${REPO_MONKEY_HOME}" 2>&1 || handle_error
|
||||||
|
|
||||||
chmod 774 -R "${MONKEY_HOME}"
|
chmod 774 -R "${REPO_MONKEY_HOME}"
|
||||||
}
|
}
|
||||||
|
|
||||||
copy_monkey_island_to_appdir() {
|
copy_monkey_island_to_appdir() {
|
||||||
cp "$REPO_MONKEY_SRC"/__init__.py "$INSTALL_DIR"
|
cp "$REPO_MONKEY_SRC"/__init__.py "$INSTALL_DIR"
|
||||||
cp "$REPO_MONKEY_SRC"/monkey_island.py "$INSTALL_DIR"
|
cp "$REPO_MONKEY_SRC"/monkey_island.py "$INSTALL_DIR"
|
||||||
cp -r "$REPO_MONKEY_SRC"/common "$INSTALL_DIR"
|
cp -r "$REPO_MONKEY_SRC"/common "$INSTALL_DIR/"
|
||||||
cp -r "$REPO_MONKEY_SRC"/monkey_island "$INSTALL_DIR"
|
cp -r "$REPO_MONKEY_SRC"/monkey_island "$INSTALL_DIR/"
|
||||||
cp ./run_appimage.sh "$INSTALL_DIR"/monkey_island/linux/
|
cp ./run_appimage.sh "$INSTALL_DIR"/monkey_island/linux/
|
||||||
cp ./island_logger_config.json "$INSTALL_DIR"/
|
cp ./island_logger_config.json "$INSTALL_DIR"/
|
||||||
cp ./server_config.json.standard "$INSTALL_DIR"/monkey_island/cc/
|
cp ./server_config.json.standard "$INSTALL_DIR"/monkey_island/cc/
|
||||||
|
@ -128,7 +123,7 @@ install_monkey_island_python_dependencies() {
|
||||||
# dependencies and should not be installed as a runtime requirement.
|
# dependencies and should not be installed as a runtime requirement.
|
||||||
cat "$requirements_island" | grep -Piv "virtualenv|pyinstaller" | sponge "$requirements_island"
|
cat "$requirements_island" | grep -Piv "virtualenv|pyinstaller" | sponge "$requirements_island"
|
||||||
|
|
||||||
${python_cmd} -m pip install -r "${requirements_island}" --ignore-installed --prefix /usr --root="$APPDIR" || handle_error
|
"$APPDIR"/AppRun -m pip install -r "${requirements_island}" --ignore-installed || handle_error
|
||||||
}
|
}
|
||||||
|
|
||||||
download_monkey_agent_binaries() {
|
download_monkey_agent_binaries() {
|
||||||
|
@ -170,22 +165,7 @@ build_frontend() {
|
||||||
|
|
||||||
build_appimage() {
|
build_appimage() {
|
||||||
log_message "Building AppImage"
|
log_message "Building AppImage"
|
||||||
appimage-builder --recipe monkey_island_builder.yml --log DEBUG --skip-appimage
|
ARCH="x86_64" appimagetool "$APPDIR"
|
||||||
|
|
||||||
# There is a bug or unwanted behavior in appimage-builder that causes issues
|
|
||||||
# if 32-bit binaries are present in the appimage. To work around this, we:
|
|
||||||
# 1. Build the AppDir with appimage-builder and skip building the appimage
|
|
||||||
# 2. Add the 32-bit binaries to the AppDir
|
|
||||||
# 3. Build the AppImage with appimage-builder from the already-built AppDir
|
|
||||||
#
|
|
||||||
# Note that appimage-builder replaces the interpreter on the monkey agent binaries
|
|
||||||
# when building the AppDir. This is unwanted as the monkey agents may execute in
|
|
||||||
# environments where the AppImage isn't loaded.
|
|
||||||
#
|
|
||||||
# See https://github.com/AppImageCrafters/appimage-builder/issues/93 for more info.
|
|
||||||
download_monkey_agent_binaries
|
|
||||||
|
|
||||||
appimage-builder --recipe monkey_island_builder.yml --log DEBUG --skip-build
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if is_root; then
|
if is_root; then
|
||||||
|
@ -199,18 +179,18 @@ Run \`sudo -v\`, enter your password, and then re-run this script."
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
config_url="https://raw.githubusercontent.com/guardicore/monkey/develop/deployment_scripts/config"
|
|
||||||
|
|
||||||
setup_appdir
|
|
||||||
|
|
||||||
install_build_prereqs
|
install_build_prereqs
|
||||||
install_appimage_builder
|
install_appimage_tool
|
||||||
|
|
||||||
|
setup_python_37_appdir
|
||||||
|
|
||||||
|
|
||||||
load_monkey_binary_config
|
load_monkey_binary_config
|
||||||
clone_monkey_repo "$@"
|
clone_monkey_repo "$@"
|
||||||
|
|
||||||
copy_monkey_island_to_appdir
|
copy_monkey_island_to_appdir
|
||||||
|
download_monkey_agent_binaries
|
||||||
|
|
||||||
# Create folders
|
# Create folders
|
||||||
log_message "Creating island dirs under $ISLAND_PATH"
|
log_message "Creating island dirs under $ISLAND_PATH"
|
||||||
|
@ -224,8 +204,16 @@ generate_ssl_cert
|
||||||
|
|
||||||
build_frontend
|
build_frontend
|
||||||
|
|
||||||
|
unlink "$APPDIR"/python.png
|
||||||
mkdir -p "$APPDIR"/usr/share/icons
|
mkdir -p "$APPDIR"/usr/share/icons
|
||||||
cp "$REPO_MONKEY_SRC"/monkey_island/cc/ui/src/images/monkey-icon.svg "$APPDIR"/usr/share/icons/monkey-icon.svg
|
cp "$REPO_MONKEY_SRC"/monkey_island/cc/ui/src/images/monkey-icon.svg "$APPDIR"/usr/share/icons/monkey-icon.svg
|
||||||
|
ln -s "$APPDIR"/usr/share/icons/monkey-icon.svg "$APPDIR"/monkey-icon.svg
|
||||||
|
|
||||||
|
unlink "$APPDIR"/python3.7.9.desktop
|
||||||
|
cp ./monkey-island.desktop "$APPDIR"/usr/share/applications
|
||||||
|
ln -s "$APPDIR"/usr/share/applications/monkey-island.desktop "$APPDIR"/monkey-island.desktop
|
||||||
|
|
||||||
|
cp ./AppRun "$APPDIR"
|
||||||
|
|
||||||
build_appimage
|
build_appimage
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1,8 @@
|
||||||
|
[Desktop Entry]
|
||||||
|
Type=Application
|
||||||
|
Name=Infection Monkey
|
||||||
|
Exec=bash
|
||||||
|
Comment=Infection Monkey FILL ME IN
|
||||||
|
Icon=monkey-icon
|
||||||
|
Categories=Development;
|
||||||
|
Terminal=true
|
Loading…
Reference in New Issue