From 6ab2ed9197812cf694ee6010b099b53caea17ff0 Mon Sep 17 00:00:00 2001 From: Tim Messing <141575989+timmyteo@users.noreply.github.com> Date: Wed, 10 Jul 2024 07:31:20 -0600 Subject: [PATCH 1/2] Updating all 3 plugins Signed-off-by: Tim Messing <141575989+timmyteo@users.noreply.github.com> Signed-off-by: Tim Messing <141575989+timmyteo@users.noreply.github.com> --- .github/workflows/release.yml | 8 +++---- .github/workflows/test.yml | 8 +++---- build.ps1 | 22 +++++++++---------- build.sh | 6 ++--- package-lock.json | 4 ++-- package.json | 2 +- packages/darwin-amd64/build-darwin-amd64.sh | 6 ++--- packages/linux-arm64/build-linux-arm64.sh | 6 ++--- packages/windows-amd64/build-windows-amd64.sh | 10 ++++----- packages/windows-arm64/build-windows-arm64.sh | 10 ++++----- 10 files changed, 41 insertions(+), 41 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 708955b..7c59a72 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -31,10 +31,10 @@ jobs: ${{ runner.os }}-go- - name: Release run: | - wget https://github.com/upx/upx/releases/download/v4.2.2/upx-4.2.2-amd64_linux.tar.xz - tar -xvf upx-4.2.2-amd64_linux.tar.xz - chmod +x upx-4.2.2-amd64_linux/upx - sudo cp upx-4.2.2-amd64_linux/upx /usr/local/bin/ + wget https://github.com/upx/upx/releases/download/v4.2.4/upx-4.2.4-amd64_linux.tar.xz + tar -xvf upx-4.2.4-amd64_linux.tar.xz + chmod +x upx-4.2.4-amd64_linux/upx + sudo cp upx-4.2.4-amd64_linux/upx /usr/local/bin/ npm config set //npm.pkg.github.com/:_authToken=$GITHUB_TOKEN npm config set //registry.npmjs.org/:_authToken=$NPMJS_AUTH_TOKEN bash build.sh diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index b6bff6c..c14a543 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -32,10 +32,10 @@ jobs: ${{ runner.os }}-go- - name: Build run: | - wget https://github.com/upx/upx/releases/download/v4.2.2/upx-4.2.2-amd64_linux.tar.xz - tar -xvf upx-4.2.2-amd64_linux.tar.xz - chmod +x upx-4.2.2-amd64_linux/upx - sudo cp upx-4.2.2-amd64_linux/upx /usr/local/bin/ + wget https://github.com/upx/upx/releases/download/v4.2.4/upx-4.2.4-amd64_linux.tar.xz + tar -xvf upx-4.2.4-amd64_linux.tar.xz + chmod +x upx-4.2.4-amd64_linux/upx + sudo cp upx-4.2.4-amd64_linux/upx /usr/local/bin/ bash build.sh pip3 install blint blint -i plugins -o /tmp/reports diff --git a/build.ps1 b/build.ps1 index 30af8f5..98d8c0b 100644 --- a/build.ps1 +++ b/build.ps1 @@ -1,13 +1,13 @@ New-Item -ItemType Directory -Path plugins\osquery -Force New-Item -ItemType Directory -Path plugins\dosai -Force -Invoke-WebRequest -Uri https://github.com/upx/upx/releases/download/v4.2.2/upx-4.2.2-win64.zip -UseBasicParsing -OutFile upx-4.2.2-win64.zip -Expand-Archive -Path upx-4.2.2-win64.zip -DestinationPath . -Force +Invoke-WebRequest -Uri https://github.com/upx/upx/releases/download/v4.2.4/upx-4.2.4-win64.zip -UseBasicParsing -OutFile upx-4.2.4-win64.zip +Expand-Archive -Path upx-4.2.4-win64.zip -DestinationPath . -Force -Invoke-WebRequest -Uri https://github.com/osquery/osquery/releases/download/5.11.0/osquery-5.11.0.windows_x86_64.zip -UseBasicParsing -OutFile osquery-5.11.0.windows_x86_64.zip -Expand-Archive -Path osquery-5.11.0.windows_x86_64.zip -DestinationPath . -Force -copy "osquery-5.11.0.windows_x86_64\Program Files\osquery\osqueryi.exe" plugins\osquery\osqueryi-windows-amd64.exe -upx-4.2.2-win64\upx.exe -9 --lzma plugins\osquery\osqueryi-windows-amd64.exe +Invoke-WebRequest -Uri https://github.com/osquery/osquery/releases/download/5.12.2/osquery-5.12.2.windows_x86_64.zip -UseBasicParsing -OutFile osquery-5.12.2.windows_x86_64.zip +Expand-Archive -Path osquery-5.12.2.windows_x86_64.zip -DestinationPath . -Force +copy "osquery-5.12.2.windows_x86_64\Program Files\osquery\osqueryi.exe" plugins\osquery\osqueryi-windows-amd64.exe +upx-4.2.4-win64\upx.exe -9 --lzma plugins\osquery\osqueryi-windows-amd64.exe plugins\osquery\osqueryi-windows-amd64.exe --help Invoke-WebRequest -Uri https://github.com/owasp-dep-scan/dosai/releases/latest/download/Dosai.exe -UseBasicParsing -OutFile plugins/dosai/dosai-windows-amd64.exe @@ -19,12 +19,12 @@ set GOARCH=amd64 New-Item -ItemType Directory -Path plugins\trivy -Force cd thirdparty\trivy go build -ldflags "-H=windowsgui -s -w" -o build\trivy-windows-amd64.exe -..\..\upx-4.2.2-win64\upx.exe -9 --lzma build\trivy-windows-amd64.exe +..\..\upx-4.2.4-win64\upx.exe -9 --lzma build\trivy-windows-amd64.exe copy build\* ..\..\plugins\trivy\ Remove-Item build -Recurse -Force cd ..\.. -Remove-Item osquery-5.11.0.windows_x86_64 -Recurse -Force -Remove-Item osquery-5.11.0.windows_x86_64.zip -Recurse -Force -Remove-Item upx-4.2.2-win64 -Recurse -Force -Remove-Item upx-4.2.2-win64.zip -Recurse -Force +Remove-Item osquery-5.12.2.windows_x86_64 -Recurse -Force +Remove-Item osquery-5.12.2.windows_x86_64.zip -Recurse -Force +Remove-Item upx-4.2.4-win64 -Recurse -Force +Remove-Item upx-4.2.4-win64.zip -Recurse -Force diff --git a/build.sh b/build.sh index 2bd341f..dd22287 100755 --- a/build.sh +++ b/build.sh @@ -5,13 +5,13 @@ rm -rf plugins/osquery rm -rf plugins/dosai mkdir -p plugins/osquery plugins/dosai -wget https://github.com/osquery/osquery/releases/download/5.11.0/osquery-5.11.0_1.linux_x86_64.tar.gz -tar -xvf osquery-5.11.0_1.linux_x86_64.tar.gz +wget https://github.com/osquery/osquery/releases/download/5.12.2/osquery-5.12.2_1.linux_x86_64.tar.gz +tar -xvf osquery-5.12.2_1.linux_x86_64.tar.gz cp opt/osquery/bin/osqueryd plugins/osquery/osqueryi-linux-amd64 upx -9 --lzma plugins/osquery/osqueryi-linux-amd64 sha256sum plugins/osquery/osqueryi-linux-amd64 > plugins/osquery/osqueryi-linux-amd64.sha256 rm -rf etc usr var opt -rm osquery-5.11.0_1.linux_x86_64.tar.gz +rm osquery-5.12.2_1.linux_x86_64.tar.gz curl -L https://github.com/owasp-dep-scan/dosai/releases/latest/download/Dosai -o plugins/dosai/dosai-linux-amd64 chmod +x plugins/dosai/dosai-linux-amd64 diff --git a/package-lock.json b/package-lock.json index 6601358..d104a2c 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,12 +1,12 @@ { "name": "@cyclonedx/cdxgen-plugins-bin", - "version": "1.6.0", + "version": "1.6.1", "lockfileVersion": 3, "requires": true, "packages": { "": { "name": "@cyclonedx/cdxgen-plugins-bin", - "version": "1.6.0", + "version": "1.6.1", "cpu": [ "x64" ], diff --git a/package.json b/package.json index e848eb3..9d6300c 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "@cyclonedx/cdxgen-plugins-bin", - "version": "1.6.0", + "version": "1.6.1", "description": "Binary plugins to supercharge @cyclonedx/cdxgen npm package", "main": "index.js", "repository": { diff --git a/packages/darwin-amd64/build-darwin-amd64.sh b/packages/darwin-amd64/build-darwin-amd64.sh index 5d0b8a8..7c903d3 100755 --- a/packages/darwin-amd64/build-darwin-amd64.sh +++ b/packages/darwin-amd64/build-darwin-amd64.sh @@ -5,11 +5,11 @@ rm -rf plugins/osquery rm -rf plugins/dosai mkdir -p plugins/osquery plugins/dosai -wget https://github.com/osquery/osquery/releases/download/5.11.0/osquery-5.11.0_1.macos_x86_64.tar.gz -tar -xvf osquery-5.11.0_1.macos_x86_64.tar.gz +wget https://github.com/osquery/osquery/releases/download/5.12.2/osquery-5.12.2_1.macos_x86_64.tar.gz +tar -xvf osquery-5.12.2_1.macos_x86_64.tar.gz cp -rf opt/osquery/lib/osquery.app plugins/osquery/osqueryi-darwin-amd64.app rm -rf etc usr var opt -rm osquery-5.11.0_1.macos_x86_64.tar.gz +rm osquery-5.12.2_1.macos_x86_64.tar.gz curl -L https://github.com/owasp-dep-scan/dosai/releases/latest/download/Dosai-osx-x64 -o plugins/dosai/dosai-darwin-amd64 chmod +x plugins/dosai/dosai-darwin-amd64 diff --git a/packages/linux-arm64/build-linux-arm64.sh b/packages/linux-arm64/build-linux-arm64.sh index 06afdd6..7010554 100755 --- a/packages/linux-arm64/build-linux-arm64.sh +++ b/packages/linux-arm64/build-linux-arm64.sh @@ -5,13 +5,13 @@ rm -rf plugins/osquery rm -rf plugins/dosai mkdir -p plugins/osquery plugins/dosai -wget https://github.com/osquery/osquery/releases/download/5.11.0/osquery-5.11.0_1.linux_aarch64.tar.gz -tar -xvf osquery-5.11.0_1.linux_aarch64.tar.gz +wget https://github.com/osquery/osquery/releases/download/5.12.2/osquery-5.12.2_1.linux_aarch64.tar.gz +tar -xvf osquery-5.12.2_1.linux_aarch64.tar.gz cp opt/osquery/bin/osqueryd plugins/osquery/osqueryi-linux-arm64 upx -9 --lzma plugins/osquery/osqueryi-linux-arm64 sha256sum plugins/osquery/osqueryi-linux-arm64 > plugins/osquery/osqueryi-linux-arm64.sha256 rm -rf etc usr var opt -rm osquery-5.11.0_1.linux_aarch64.tar.gz +rm osquery-5.12.2_1.linux_aarch64.tar.gz curl -L https://github.com/owasp-dep-scan/dosai/releases/latest/download/Dosai-linux-arm64 -o plugins/dosai/dosai-linux-arm64 chmod +x plugins/dosai/dosai-linux-arm64 diff --git a/packages/windows-amd64/build-windows-amd64.sh b/packages/windows-amd64/build-windows-amd64.sh index cbcddf6..2a440d8 100755 --- a/packages/windows-amd64/build-windows-amd64.sh +++ b/packages/windows-amd64/build-windows-amd64.sh @@ -5,13 +5,13 @@ rm -rf plugins/osquery rm -rf plugins/dosai mkdir -p plugins/osquery plugins/dosai -wget https://github.com/osquery/osquery/releases/download/5.11.0/osquery-5.11.0.windows_x86_64.zip -unzip osquery-5.11.0.windows_x86_64.zip -cp "osquery-5.11.0.windows_x86_64/Program Files/osquery/osqueryi.exe" plugins/osquery/osqueryi-windows-amd64.exe +wget https://github.com/osquery/osquery/releases/download/5.12.2/osquery-5.12.2.windows_x86_64.zip +unzip osquery-5.12.2.windows_x86_64.zip +cp "osquery-5.12.2.windows_x86_64/Program Files/osquery/osqueryi.exe" plugins/osquery/osqueryi-windows-amd64.exe upx -9 --lzma plugins/osquery/osqueryi-windows-amd64.exe sha256sum plugins/osquery/osqueryi-windows-amd64.exe > plugins/osquery/osqueryi-windows-amd64.exe.sha256 -rm -rf osquery-5.11.0.windows_x86_64 -rm osquery-5.11.0.windows_x86_64.zip +rm -rf osquery-5.12.2.windows_x86_64 +rm osquery-5.12.2.windows_x86_64.zip curl -L https://github.com/owasp-dep-scan/dosai/releases/latest/download/Dosai.exe -o plugins/dosai/dosai-windows-amd64.exe sha256sum plugins/dosai/dosai-windows-amd64.exe > plugins/dosai/dosai-windows-amd64.exe.sha256 diff --git a/packages/windows-arm64/build-windows-arm64.sh b/packages/windows-arm64/build-windows-arm64.sh index d60ba93..d858cf0 100755 --- a/packages/windows-arm64/build-windows-arm64.sh +++ b/packages/windows-arm64/build-windows-arm64.sh @@ -5,12 +5,12 @@ rm -rf plugins/osquery rm -rf plugins/dosai mkdir -p plugins/osquery plugins/dosai -wget https://github.com/osquery/osquery/releases/download/5.11.0/osquery-5.11.0.windows_arm64.zip -unzip osquery-5.11.0.windows_arm64.zip -cp "osquery-5.11.0.windows_arm64/Program Files/osquery/osqueryi.exe" plugins/osquery/osqueryi-windows-arm64.exe +wget https://github.com/osquery/osquery/releases/download/5.12.2/osquery-5.12.2.windows_arm64.zip +unzip osquery-5.12.2.windows_arm64.zip +cp "osquery-5.12.2.windows_arm64/Program Files/osquery/osqueryi.exe" plugins/osquery/osqueryi-windows-arm64.exe sha256sum plugins/osquery/osqueryi-windows-arm64.exe > plugins/osquery/osqueryi-windows-arm64.exe.sha256 -rm -rf osquery-5.11.0.windows_arm64 -rm osquery-5.11.0.windows_arm64.zip +rm -rf osquery-5.12.2.windows_arm64 +rm osquery-5.12.2.windows_arm64.zip curl -L https://github.com/owasp-dep-scan/dosai/releases/latest/download/Dosai-windows-arm64.exe -o plugins/dosai/dosai-windows-arm64.exe sha256sum plugins/dosai/dosai-windows-arm64.exe > plugins/dosai/dosai-windows-arm64.exe.sha256 From e1ba8e43598cf835561f5a7e208ba8145134bff4 Mon Sep 17 00:00:00 2001 From: Tim Messing <141575989+timmyteo@users.noreply.github.com> Date: Wed, 10 Jul 2024 15:34:50 -0600 Subject: [PATCH 2/2] Fix for freeing disk space in CI/CD Signed-off-by: Tim Messing <141575989+timmyteo@users.noreply.github.com> --- .github/workflows/test.yml | 4 +++ contrib/free_disk_space.sh | 53 ++++++++++++++++++++++++++++++++++++++ 2 files changed, 57 insertions(+) create mode 100644 contrib/free_disk_space.sh diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index c14a543..5086b9a 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -30,6 +30,10 @@ jobs: key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }} restore-keys: | ${{ runner.os }}-go- + - name: Trim CI agent + run: | + chmod +x contrib/free_disk_space.sh + ./contrib/free_disk_space.sh - name: Build run: | wget https://github.com/upx/upx/releases/download/v4.2.4/upx-4.2.4-amd64_linux.tar.xz diff --git a/contrib/free_disk_space.sh b/contrib/free_disk_space.sh new file mode 100644 index 0000000..e735ca0 --- /dev/null +++ b/contrib/free_disk_space.sh @@ -0,0 +1,53 @@ +#!/usr/bin/env bash +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + + +# +# The Azure provided machines typically have the following disk allocation: +# Total space: 85GB +# Allocated: 67 GB +# Free: 17 GB +# This script frees up 28 GB of disk space by deleting unneeded packages and +# large directories. +# The Flink end to end tests download and generate more than 17 GB of files, +# causing unpredictable behavior and build failures. +# +echo "==============================================================================" +echo "Freeing up disk space on CI system" +echo "==============================================================================" + +echo "Listing 100 largest packages" +dpkg-query -Wf '${Installed-Size}\t${Package}\n' | sort -n | tail -n 100 +df -h +echo "Removing large packages" +sudo apt-get remove -y '^dotnet-.*' +sudo apt-get remove -y '^llvm-.*' +sudo apt-get remove -y 'php.*' +sudo apt-get remove -y '^mongodb-.*' +sudo apt-get remove -y '^mysql-.*' +sudo apt-get remove -y azure-cli google-cloud-sdk hhvm google-chrome-stable firefox powershell mono-devel libgl1-mesa-dri +sudo apt-get autoremove -y +sudo apt-get clean +df -h +echo "Removing large directories" + +sudo rm -rf /usr/share/dotnet/ +sudo rm -rf /usr/local/graalvm/ +sudo rm -rf /usr/local/.ghcup/ +sudo rm -rf /usr/local/share/powershell +sudo rm -rf /usr/local/share/chromium +sudo rm -rf /usr/local/lib/android +df -h \ No newline at end of file