omnibus 8.0.9 → 8.3.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +1 -2
- data/lib/omnibus/builder.rb +57 -17
- data/lib/omnibus/compressors/dmg.rb +2 -2
- data/lib/omnibus/config.rb +3 -1
- data/lib/omnibus/health_check.rb +147 -38
- data/lib/omnibus/manifest_diff.rb +7 -13
- data/lib/omnibus/metadata.rb +7 -3
- data/lib/omnibus/packagers/pkg.rb +21 -13
- data/lib/omnibus/packagers/rpm.rb +23 -9
- data/lib/omnibus/software.rb +2 -2
- data/lib/omnibus/version.rb +1 -1
- data/lib/omnibus/whitelist.rb +33 -12
- data/omnibus.gemspec +4 -3
- data/resources/msi/CustomActionFastMsi.CA.dll +0 -0
- data/resources/pkg/distribution.xml.erb +1 -1
- data/resources/rpm/spec.erb +5 -2
- data/spec/functional/fetchers/net_fetcher_spec.rb +2 -11
- data/spec/unit/builder_spec.rb +6 -0
- data/spec/unit/compressor_spec.rb +2 -2
- data/spec/unit/compressors/dmg_spec.rb +9 -9
- data/spec/unit/compressors/tgz_spec.rb +4 -4
- data/spec/unit/fetchers/net_fetcher_spec.rb +5 -1
- data/spec/unit/health_check_spec.rb +75 -6
- data/spec/unit/metadata_spec.rb +2 -0
- data/spec/unit/packager_spec.rb +2 -2
- data/spec/unit/packagers/pkg_spec.rb +29 -7
- data/spec/unit/packagers/rpm_spec.rb +10 -0
- data/spec/unit/project_spec.rb +2 -2
- data/spec/unit/software_spec.rb +25 -25
- metadata +33 -7
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 0ead593d30d6adc565642ff443cce0b239294752253a6811d94f830160af190c
|
4
|
+
data.tar.gz: b75f1260a3b3acfb23bc31f9f376edb1be0799567d5623a2c33a3d350041468f
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: c403ea34e2b0352ed171abc7d329a797f36f1b8bd9d79c4bd2f4da1c3d5c187a9caa7bcad4fca8d7ab4577b9d3c079b05927fe872d145ccd0e2ffa1b9c302820
|
7
|
+
data.tar.gz: 3230fb144ca86a372f6de1e3e5fd21f1e9e0c72c95c2a8ef0194bca0b0f8437a7881d1de882666c9980d2a9c2ccaba371646ae69648eb6191d55266875d3258e
|
data/README.md
CHANGED
@@ -2,7 +2,6 @@
|
|
2
2
|
|
3
3
|
[][gem]
|
4
4
|
[](https://buildkite.com/chef-oss/chef-omnibus-master-verify)
|
5
|
-
[][appveyor]
|
6
5
|
|
7
6
|
**Umbrella Project**: [Chef Foundation](https://github.com/chef/chef-oss-practices/blob/master/projects/chef-foundation.md)
|
8
7
|
|
@@ -16,7 +15,6 @@ Easily create full-stack installers for your project across a variety of platfor
|
|
16
15
|
|
17
16
|
Seth Chisamore and Christopher Maier of CHEF gave an introductory talk on Omnibus at ChefConf 2013, entitled **Eat the Whole Bowl: Building a Full-Stack Installer with Omnibus**:
|
18
17
|
|
19
|
-
- [Video](http://www.youtube.com/watch?v=q8iJAntXCNY)
|
20
18
|
- [Slides](https://speakerdeck.com/schisamo/eat-the-whole-bowl-building-a-full-stack-installer-with-omnibus)
|
21
19
|
|
22
20
|
This project is managed by the CHEF Release Engineering team. For more information on the Release Engineering team's contribution, triage, and release process, please consult the [CHEF Release Engineering OSS Management Guide](https://docs.google.com/a/opscode.com/document/d/1oJB0vZb_3bl7_ZU2YMDBkMFdL-EWplW1BJv_FXTUOzg/edit).
|
@@ -196,6 +194,7 @@ DSL Method | Description
|
|
196
194
|
`patch` | Apply a patch from disk
|
197
195
|
`workers` | The maximum number of builders
|
198
196
|
`windows_safe_path` | Format the path to be safe for shelling out on Windows
|
197
|
+
`go` | Execute the code as the embedded Go
|
199
198
|
`ruby` | Execute the code as the embedded Ruby
|
200
199
|
`gem` | Execute the code as the embedded Rubygems
|
201
200
|
`bundle` | Execute the code as the embedded Bundler
|
data/lib/omnibus/builder.rb
CHANGED
@@ -1,5 +1,5 @@
|
|
1
1
|
#
|
2
|
-
# Copyright
|
2
|
+
# Copyright:: Copyright (c) Chef Software Inc.
|
3
3
|
#
|
4
4
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
5
5
|
# you may not use this file except in compliance with the License.
|
@@ -82,7 +82,7 @@ module Omnibus
|
|
82
82
|
warn_for_shell_commands(command)
|
83
83
|
|
84
84
|
build_commands << BuildCommand.new("Execute: `#{command}'") do
|
85
|
-
shellout!(command, options)
|
85
|
+
shellout!(command, **options)
|
86
86
|
end
|
87
87
|
end
|
88
88
|
expose :command
|
@@ -248,7 +248,7 @@ module Omnibus
|
|
248
248
|
patches << patch_path
|
249
249
|
options[:in_msys_bash] = true
|
250
250
|
build_commands << BuildCommand.new("Apply patch `#{source}'") do
|
251
|
-
shellout!(patch_cmd, options)
|
251
|
+
shellout!(patch_cmd, **options)
|
252
252
|
end
|
253
253
|
end
|
254
254
|
expose :patch
|
@@ -296,6 +296,41 @@ module Omnibus
|
|
296
296
|
# @!endgroup
|
297
297
|
# --------------------------------------------------
|
298
298
|
|
299
|
+
#
|
300
|
+
# @!group Go DSL methods
|
301
|
+
#
|
302
|
+
# The following DSL methods are available from within build blocks and
|
303
|
+
# expose Go DSL methods.
|
304
|
+
# --------------------------------------------------
|
305
|
+
|
306
|
+
#
|
307
|
+
# Execute the given Go command or script against the embedded Go.
|
308
|
+
#
|
309
|
+
# @example
|
310
|
+
# go 'build -o hello'
|
311
|
+
#
|
312
|
+
# @param (see #command)
|
313
|
+
# @return (see #command)
|
314
|
+
#
|
315
|
+
def go(command, options = {})
|
316
|
+
build_commands << BuildCommand.new("go `#{command}'") do
|
317
|
+
bin = windows? ? windows_safe_path("#{install_dir}/embedded/go/bin/go") : embedded_bin("go")
|
318
|
+
|
319
|
+
# Check if we are building a go binary and then check if we are on
|
320
|
+
# Red Hat or CentOS so we build the binary properly with a build-id
|
321
|
+
if command.start_with?("build", " build") && rhel?
|
322
|
+
command << " -ldflags=-linkmode=external"
|
323
|
+
end
|
324
|
+
|
325
|
+
shellout!("#{bin} #{command}", options)
|
326
|
+
end
|
327
|
+
end
|
328
|
+
expose :go
|
329
|
+
|
330
|
+
#
|
331
|
+
# @!endgroup
|
332
|
+
# --------------------------------------------------
|
333
|
+
|
299
334
|
#
|
300
335
|
# @!group Ruby DSL methods
|
301
336
|
#
|
@@ -315,7 +350,7 @@ module Omnibus
|
|
315
350
|
def ruby(command, options = {})
|
316
351
|
build_commands << BuildCommand.new("ruby `#{command}'") do
|
317
352
|
bin = embedded_bin("ruby")
|
318
|
-
shellout!("#{bin} #{command}", options)
|
353
|
+
shellout!("#{bin} #{command}", **options)
|
319
354
|
end
|
320
355
|
end
|
321
356
|
expose :ruby
|
@@ -332,7 +367,7 @@ module Omnibus
|
|
332
367
|
def gem(command, options = {})
|
333
368
|
build_commands << BuildCommand.new("gem `#{command}'") do
|
334
369
|
bin = embedded_bin("gem")
|
335
|
-
shellout!("#{bin} #{command}", options)
|
370
|
+
shellout!("#{bin} #{command}", **options)
|
336
371
|
end
|
337
372
|
end
|
338
373
|
expose :gem
|
@@ -352,7 +387,7 @@ module Omnibus
|
|
352
387
|
def bundle(command, options = {})
|
353
388
|
build_commands << BuildCommand.new("bundle `#{command}'") do
|
354
389
|
bin = embedded_bin("bundle")
|
355
|
-
shellout!("#{bin} #{command}", options)
|
390
|
+
shellout!("#{bin} #{command}", **options)
|
356
391
|
end
|
357
392
|
end
|
358
393
|
expose :bundle
|
@@ -373,11 +408,16 @@ module Omnibus
|
|
373
408
|
# @param (see #command)
|
374
409
|
# @return (see #command)
|
375
410
|
#
|
376
|
-
def appbundle(software_name,
|
411
|
+
def appbundle(software_name, options = {})
|
377
412
|
build_commands << BuildCommand.new("appbundle `#{software_name}'") do
|
378
413
|
bin_dir = "#{install_dir}/bin"
|
379
414
|
appbundler_bin = embedded_bin("appbundler")
|
380
415
|
|
416
|
+
lockdir = options.delete(:lockdir)
|
417
|
+
gem = options.delete(:gem)
|
418
|
+
without = options.delete(:without)
|
419
|
+
extra_bin_files = options.delete(:extra_bin_files)
|
420
|
+
|
381
421
|
lockdir ||=
|
382
422
|
begin
|
383
423
|
app_software = project.softwares.find do |p|
|
@@ -425,7 +465,7 @@ module Omnibus
|
|
425
465
|
def rake(command, options = {})
|
426
466
|
build_commands << BuildCommand.new("rake `#{command}'") do
|
427
467
|
bin = embedded_bin("rake")
|
428
|
-
shellout!("#{bin} #{command}", options)
|
468
|
+
shellout!("#{bin} #{command}", **options)
|
429
469
|
end
|
430
470
|
end
|
431
471
|
expose :rake
|
@@ -535,7 +575,7 @@ module Omnibus
|
|
535
575
|
def mkdir(directory, options = {})
|
536
576
|
build_commands << BuildCommand.new("mkdir `#{directory}'") do
|
537
577
|
Dir.chdir(software.project_dir) do
|
538
|
-
FileUtils.mkdir_p(directory, options)
|
578
|
+
FileUtils.mkdir_p(directory, **options)
|
539
579
|
end
|
540
580
|
end
|
541
581
|
end
|
@@ -557,7 +597,7 @@ module Omnibus
|
|
557
597
|
parent = File.dirname(file)
|
558
598
|
FileUtils.mkdir_p(parent) unless File.directory?(parent)
|
559
599
|
|
560
|
-
FileUtils.touch(file, options)
|
600
|
+
FileUtils.touch(file, **options)
|
561
601
|
end
|
562
602
|
end
|
563
603
|
end
|
@@ -578,7 +618,7 @@ module Omnibus
|
|
578
618
|
build_commands << BuildCommand.new("delete `#{path}'") do
|
579
619
|
Dir.chdir(software.project_dir) do
|
580
620
|
FileSyncer.glob(path).each do |file|
|
581
|
-
FileUtils.rm_rf(file, options)
|
621
|
+
FileUtils.rm_rf(file, **options)
|
582
622
|
end
|
583
623
|
end
|
584
624
|
end
|
@@ -629,7 +669,7 @@ module Omnibus
|
|
629
669
|
log.warn(log_key) { "no matched files for glob #{command}" }
|
630
670
|
else
|
631
671
|
files.each do |file|
|
632
|
-
FileUtils.cp_r(file, destination, options)
|
672
|
+
FileUtils.cp_r(file, destination, **options)
|
633
673
|
end
|
634
674
|
end
|
635
675
|
end
|
@@ -658,7 +698,7 @@ module Omnibus
|
|
658
698
|
log.warn(log_key) { "no matched files for glob #{command}" }
|
659
699
|
else
|
660
700
|
files.each do |file|
|
661
|
-
FileUtils.mv(file, destination, options)
|
701
|
+
FileUtils.mv(file, destination, **options)
|
662
702
|
end
|
663
703
|
end
|
664
704
|
end
|
@@ -683,14 +723,14 @@ module Omnibus
|
|
683
723
|
build_commands << BuildCommand.new(command) do
|
684
724
|
Dir.chdir(software.project_dir) do
|
685
725
|
if options.delete(:unchecked)
|
686
|
-
FileUtils.ln_s(source, destination, options)
|
726
|
+
FileUtils.ln_s(source, destination, **options)
|
687
727
|
else
|
688
728
|
files = FileSyncer.glob(source)
|
689
729
|
if files.empty?
|
690
730
|
log.warn(log_key) { "no matched files for glob #{command}" }
|
691
731
|
else
|
692
732
|
files.each do |file|
|
693
|
-
FileUtils.ln_s(file, destination, options)
|
733
|
+
FileUtils.ln_s(file, destination, **options)
|
694
734
|
end
|
695
735
|
end
|
696
736
|
end
|
@@ -711,7 +751,7 @@ module Omnibus
|
|
711
751
|
def sync(source, destination, options = {})
|
712
752
|
build_commands << BuildCommand.new("sync `#{source}' to `#{destination}'") do
|
713
753
|
Dir.chdir(software.project_dir) do
|
714
|
-
FileSyncer.sync(source, destination, options)
|
754
|
+
FileSyncer.sync(source, destination, **options)
|
715
755
|
end
|
716
756
|
end
|
717
757
|
end
|
@@ -868,7 +908,7 @@ module Omnibus
|
|
868
908
|
options[:live_stream] ||= log.live_stream(:debug)
|
869
909
|
|
870
910
|
# Use Util's shellout
|
871
|
-
super(command_string, options)
|
911
|
+
super(command_string, **options)
|
872
912
|
end
|
873
913
|
|
874
914
|
#
|
@@ -259,8 +259,8 @@ module Omnibus
|
|
259
259
|
sync
|
260
260
|
hdiutil unmount "#{@device}"
|
261
261
|
# Give some time to the system so unmount dmg
|
262
|
-
ATTEMPTS=
|
263
|
-
until [ $ATTEMPTS -eq
|
262
|
+
ATTEMPTS=1
|
263
|
+
until [ $ATTEMPTS -eq 6 ] || hdiutil detach "#{@device}"; do
|
264
264
|
sleep 10
|
265
265
|
echo Attempt number $(( ATTEMPTS++ ))
|
266
266
|
done
|
data/lib/omnibus/config.rb
CHANGED
@@ -1,5 +1,5 @@
|
|
1
1
|
#
|
2
|
-
# Copyright
|
2
|
+
# Copyright:: Copyright (c) Chef Software Inc.
|
3
3
|
#
|
4
4
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
5
5
|
# you may not use this file except in compliance with the License.
|
@@ -15,6 +15,7 @@
|
|
15
15
|
#
|
16
16
|
|
17
17
|
require "singleton" unless defined?(Singleton)
|
18
|
+
require "omnibus/sugarable" unless defined?(Sugarable)
|
18
19
|
|
19
20
|
module Omnibus
|
20
21
|
class Config
|
@@ -22,6 +23,7 @@ module Omnibus
|
|
22
23
|
include NullArgumentable
|
23
24
|
include Singleton
|
24
25
|
include Util
|
26
|
+
include Sugarable
|
25
27
|
|
26
28
|
class << self
|
27
29
|
#
|
data/lib/omnibus/health_check.rb
CHANGED
@@ -1,5 +1,5 @@
|
|
1
1
|
|
2
|
-
# Copyright
|
2
|
+
# Copyright:: Copyright (c) Chef Software Inc.
|
3
3
|
#
|
4
4
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
5
5
|
# you may not use this file except in compliance with the License.
|
@@ -66,20 +66,25 @@ module Omnibus
|
|
66
66
|
def run!
|
67
67
|
measure("Health check time") do
|
68
68
|
log.info(log_key) { "Running health on #{project.name}" }
|
69
|
-
bad_libs =
|
70
|
-
|
71
|
-
|
72
|
-
|
73
|
-
|
74
|
-
|
75
|
-
|
76
|
-
|
77
|
-
|
78
|
-
|
79
|
-
|
80
|
-
|
81
|
-
|
82
|
-
|
69
|
+
bad_libs, good_libs =
|
70
|
+
case Ohai["platform"]
|
71
|
+
when "mac_os_x"
|
72
|
+
health_check_otool
|
73
|
+
when "aix"
|
74
|
+
health_check_aix
|
75
|
+
when "windows"
|
76
|
+
# TODO: objdump -p will provided a very limited check of
|
77
|
+
# explicit dependencies on windows. Most dependencies are
|
78
|
+
# implicit and hence not detected.
|
79
|
+
log.warn(log_key) { "Skipping dependency health checks on Windows." }
|
80
|
+
[{}, {}]
|
81
|
+
when "solaris2"
|
82
|
+
health_check_solaris
|
83
|
+
when "freebsd", "openbsd", "netbsd"
|
84
|
+
health_check_freebsd
|
85
|
+
else
|
86
|
+
health_check_linux
|
87
|
+
end
|
83
88
|
|
84
89
|
unresolved = []
|
85
90
|
unreliable = []
|
@@ -167,6 +172,10 @@ module Omnibus
|
|
167
172
|
raise HealthCheckFailed
|
168
173
|
end
|
169
174
|
|
175
|
+
if good_libs.keys.length == 0 && !windows?
|
176
|
+
raise "Internal error: no good libraries were found"
|
177
|
+
end
|
178
|
+
|
170
179
|
conflict_map = {}
|
171
180
|
|
172
181
|
conflict_map = relocation_check if relocation_checkable?
|
@@ -280,19 +289,20 @@ module Omnibus
|
|
280
289
|
def health_check_otool
|
281
290
|
current_library = nil
|
282
291
|
bad_libs = {}
|
292
|
+
good_libs = {}
|
283
293
|
|
284
|
-
read_shared_libs("find #{project.install_dir}/ -type f | egrep '\.(dylib|bundle)$'
|
294
|
+
read_shared_libs("find #{project.install_dir}/ -type f | egrep '\.(dylib|bundle)$'", "xargs otool -L") do |line|
|
285
295
|
case line
|
286
296
|
when /^(.+):$/
|
287
297
|
current_library = Regexp.last_match[1]
|
288
298
|
when /^\s+(.+) \(.+\)$/
|
289
299
|
linked = Regexp.last_match[1]
|
290
300
|
name = File.basename(linked)
|
291
|
-
bad_libs = check_for_bad_library(bad_libs, current_library, name, linked)
|
301
|
+
bad_libs, good_libs = check_for_bad_library(bad_libs, good_libs, current_library, name, linked)
|
292
302
|
end
|
293
303
|
end
|
294
304
|
|
295
|
-
bad_libs
|
305
|
+
[bad_libs, good_libs]
|
296
306
|
end
|
297
307
|
|
298
308
|
#
|
@@ -304,8 +314,9 @@ module Omnibus
|
|
304
314
|
def health_check_aix
|
305
315
|
current_library = nil
|
306
316
|
bad_libs = {}
|
317
|
+
good_libs = {}
|
307
318
|
|
308
|
-
read_shared_libs("find #{project.install_dir}/ -type f | xargs file | grep \"
|
319
|
+
read_shared_libs("find #{project.install_dir}/ -type f | xargs file | grep \"XCOFF\" | awk -F: '{print $1}'", "xargs -n 1 ldd") do |line|
|
309
320
|
case line
|
310
321
|
when /^(.+) needs:$/
|
311
322
|
current_library = Regexp.last_match[1]
|
@@ -313,31 +324,63 @@ module Omnibus
|
|
313
324
|
when /^\s+(.+)$/
|
314
325
|
name = Regexp.last_match[1]
|
315
326
|
linked = Regexp.last_match[1]
|
316
|
-
bad_libs = check_for_bad_library(bad_libs, current_library, name, linked)
|
327
|
+
( bad_libs, good_libs ) = check_for_bad_library(bad_libs, good_libs, current_library, name, linked)
|
317
328
|
when /File is not an executable XCOFF file/ # ignore non-executable files
|
318
329
|
else
|
319
330
|
log.warn(log_key) { "Line did not match for #{current_library}\n#{line}" }
|
320
331
|
end
|
321
332
|
end
|
322
333
|
|
323
|
-
bad_libs
|
334
|
+
[bad_libs, good_libs]
|
324
335
|
end
|
325
336
|
|
326
337
|
#
|
327
|
-
# Run healthchecks
|
338
|
+
# Run healthchecks on Solaris.
|
328
339
|
#
|
329
340
|
# @return [Hash<String, Hash<String, Hash<String, Int>>>]
|
330
341
|
# the bad libraries (library_name -> dependency_name -> satisfied_lib_path -> count)
|
331
342
|
#
|
332
|
-
def
|
333
|
-
|
334
|
-
|
335
|
-
|
343
|
+
def health_check_solaris
|
344
|
+
current_library = nil
|
345
|
+
bad_libs = {}
|
346
|
+
good_libs = {}
|
336
347
|
|
348
|
+
read_shared_libs("find #{project.install_dir}/ -type f | xargs file | grep \"ELF\" | awk -F: '{print $1}' | sed -e 's/:$//'", "xargs -n 1 ldd") do |line|
|
349
|
+
case line
|
350
|
+
when /^(.+):$/
|
351
|
+
current_library = Regexp.last_match[1]
|
352
|
+
log.debug(log_key) { "Analyzing dependencies for #{current_library}" }
|
353
|
+
when /^\s+(.+) \=\>\s+(.+)( \(.+\))?$/
|
354
|
+
name = Regexp.last_match[1]
|
355
|
+
linked = Regexp.last_match[2]
|
356
|
+
( bad_libs, good_libs ) = check_for_bad_library(bad_libs, good_libs, current_library, name, linked)
|
357
|
+
when /^\s+(.+) \(.+\)$/
|
358
|
+
next
|
359
|
+
when /^\s+statically linked$/
|
360
|
+
next
|
361
|
+
when /^\s+not a dynamic executable$/ # ignore non-executable files
|
362
|
+
else
|
363
|
+
log.warn(log_key) do
|
364
|
+
"Line did not match for #{current_library}\n#{line}"
|
365
|
+
end
|
366
|
+
end
|
367
|
+
end
|
368
|
+
|
369
|
+
[bad_libs, good_libs]
|
370
|
+
end
|
371
|
+
|
372
|
+
#
|
373
|
+
# Run healthchecks on FreeBSD
|
374
|
+
#
|
375
|
+
# @return [Hash<String, Hash<String, Hash<String, Int>>>]
|
376
|
+
# the bad libraries (library_name -> dependency_name -> satisfied_lib_path -> count)
|
377
|
+
#
|
378
|
+
def health_check_freebsd
|
337
379
|
current_library = nil
|
338
380
|
bad_libs = {}
|
381
|
+
good_libs = {}
|
339
382
|
|
340
|
-
read_shared_libs("find #{project.install_dir}/ -type f
|
383
|
+
read_shared_libs("find #{project.install_dir}/ -type f | xargs file | grep \"ELF\" | awk -F: '{print $1}' | sed -e 's/:$//'", "xargs ldd") do |line|
|
341
384
|
case line
|
342
385
|
when /^(.+):$/
|
343
386
|
current_library = Regexp.last_match[1]
|
@@ -345,16 +388,51 @@ module Omnibus
|
|
345
388
|
when /^\s+(.+) \=\>\s+(.+)( \(.+\))?$/
|
346
389
|
name = Regexp.last_match[1]
|
347
390
|
linked = Regexp.last_match[2]
|
348
|
-
bad_libs = check_for_bad_library(bad_libs, current_library, name, linked)
|
391
|
+
( bad_libs, good_libs ) = check_for_bad_library(bad_libs, good_libs, current_library, name, linked)
|
349
392
|
when /^\s+(.+) \(.+\)$/
|
350
393
|
next
|
351
394
|
when /^\s+statically linked$/
|
352
395
|
next
|
353
|
-
when /^\s+
|
396
|
+
when /^\s+not a dynamic executable$/ # ignore non-executable files
|
397
|
+
else
|
398
|
+
log.warn(log_key) do
|
399
|
+
"Line did not match for #{current_library}\n#{line}"
|
400
|
+
end
|
401
|
+
end
|
402
|
+
end
|
403
|
+
|
404
|
+
[bad_libs, good_libs]
|
405
|
+
end
|
406
|
+
|
407
|
+
#
|
408
|
+
# Run healthchecks against ldd.
|
409
|
+
#
|
410
|
+
# @return [Hash<String, Hash<String, Hash<String, Int>>>]
|
411
|
+
# the bad libraries (library_name -> dependency_name -> satisfied_lib_path -> count)
|
412
|
+
#
|
413
|
+
def health_check_linux
|
414
|
+
current_library = nil
|
415
|
+
bad_libs = {}
|
416
|
+
good_libs = {}
|
417
|
+
|
418
|
+
read_shared_libs("find #{project.install_dir}/ -type f | xargs file | grep \"ELF\" | awk -F: '{print $1}' | sed -e 's/:$//'", "xargs ldd") do |line|
|
419
|
+
case line
|
420
|
+
when /^(.+):$/
|
421
|
+
current_library = Regexp.last_match[1]
|
422
|
+
log.debug(log_key) { "Analyzing dependencies for #{current_library}" }
|
423
|
+
when /^\s+(.+) \=\>\s+(.+)( \(.+\))?$/
|
424
|
+
name = Regexp.last_match[1]
|
425
|
+
linked = Regexp.last_match[2]
|
426
|
+
( bad_libs, good_libs ) = check_for_bad_library(bad_libs, good_libs, current_library, name, linked)
|
427
|
+
when /^\s+(.+) \(.+\)$/
|
354
428
|
next
|
355
|
-
when /^\s+
|
429
|
+
when /^\s+statically linked$/
|
356
430
|
next
|
357
|
-
when /^\s+
|
431
|
+
when /^\s+libjvm.so/ # FIXME: should remove if it doesn't blow up server
|
432
|
+
next
|
433
|
+
when /^\s+libjava.so/ # FIXME: should remove if it doesn't blow up server
|
434
|
+
next
|
435
|
+
when /^\s+libmawt.so/ # FIXME: should remove if it doesn't blow up server
|
358
436
|
next
|
359
437
|
when /^\s+not a dynamic executable$/ # ignore non-executable files
|
360
438
|
else
|
@@ -364,7 +442,7 @@ module Omnibus
|
|
364
442
|
end
|
365
443
|
end
|
366
444
|
|
367
|
-
bad_libs
|
445
|
+
[bad_libs, good_libs]
|
368
446
|
end
|
369
447
|
|
370
448
|
private
|
@@ -399,10 +477,40 @@ module Omnibus
|
|
399
477
|
# @yield [String]
|
400
478
|
# each line
|
401
479
|
#
|
402
|
-
def read_shared_libs(
|
403
|
-
|
404
|
-
|
405
|
-
|
480
|
+
def read_shared_libs(find_command, ldd_command, &output_proc)
|
481
|
+
#
|
482
|
+
# construct the list of files to check
|
483
|
+
#
|
484
|
+
|
485
|
+
find_output = shellout!(find_command).stdout.lines
|
486
|
+
|
487
|
+
find_output.reject! { |file| IGNORED_ENDINGS.any? { |ending| file.end_with?("#{ending}\n") } }
|
488
|
+
|
489
|
+
find_output.reject! { |file| IGNORED_SUBSTRINGS.any? { |substr| file.include?(substr) } }
|
490
|
+
|
491
|
+
if find_output.empty?
|
492
|
+
# probably the find_command is busted, it should never be empty or why are you using omnibus?
|
493
|
+
raise "Internal Error: Health Check found no lines"
|
494
|
+
end
|
495
|
+
|
496
|
+
if find_output.any? { |file| file !~ Regexp.new(project.install_dir) }
|
497
|
+
# every file in the find output should be within the install_dir
|
498
|
+
raise "Internal Error: Health Check lines not matching the install_dir"
|
499
|
+
end
|
500
|
+
|
501
|
+
#
|
502
|
+
# feed the list of files to the "ldd" command
|
503
|
+
#
|
504
|
+
|
505
|
+
# this command will typically fail if the last file isn't a valid lib/binary which happens often
|
506
|
+
ldd_output = shellout(ldd_command, input: find_output.join).stdout
|
507
|
+
|
508
|
+
#
|
509
|
+
# do the output process to determine if the files are good or bad
|
510
|
+
#
|
511
|
+
|
512
|
+
ldd_output.each_line do |line|
|
513
|
+
output_proc.call(line)
|
406
514
|
end
|
407
515
|
end
|
408
516
|
|
@@ -420,7 +528,7 @@ module Omnibus
|
|
420
528
|
#
|
421
529
|
# @return the modified bad_library hash
|
422
530
|
#
|
423
|
-
def check_for_bad_library(bad_libs, current_library, name, linked)
|
531
|
+
def check_for_bad_library(bad_libs, good_libs, current_library, name, linked)
|
424
532
|
safe = nil
|
425
533
|
|
426
534
|
whitelist_libs = case Ohai["platform"]
|
@@ -463,10 +571,11 @@ module Omnibus
|
|
463
571
|
bad_libs[current_library][name][linked] = 1
|
464
572
|
end
|
465
573
|
else
|
574
|
+
good_libs[current_library] = true
|
466
575
|
log.debug(log_key) { " -> PASSED: #{name} is either whitelisted or safely provided." }
|
467
576
|
end
|
468
577
|
|
469
|
-
bad_libs
|
578
|
+
[bad_libs, good_libs]
|
470
579
|
end
|
471
580
|
end
|
472
581
|
end
|
@@ -25,28 +25,22 @@ module Omnibus
|
|
25
25
|
|
26
26
|
def updated
|
27
27
|
@updated ||=
|
28
|
-
|
29
|
-
(first.
|
30
|
-
|
31
|
-
end.compact
|
32
|
-
end
|
28
|
+
(first.entry_names & second.entry_names).collect do |name|
|
29
|
+
diff(first.entry_for(name), second.entry_for(name))
|
30
|
+
end.compact
|
33
31
|
end
|
34
32
|
|
35
33
|
def removed
|
36
34
|
@removed ||=
|
37
|
-
|
38
|
-
(first.
|
39
|
-
removed_entry(first.entry_for(name))
|
40
|
-
end
|
35
|
+
(first.entry_names - second.entry_names).collect do |name|
|
36
|
+
removed_entry(first.entry_for(name))
|
41
37
|
end
|
42
38
|
end
|
43
39
|
|
44
40
|
def added
|
45
41
|
@added ||=
|
46
|
-
|
47
|
-
(second.
|
48
|
-
new_entry(second.entry_for(name))
|
49
|
-
end
|
42
|
+
(second.entry_names - first.entry_names).collect do |name|
|
43
|
+
new_entry(second.entry_for(name))
|
50
44
|
end
|
51
45
|
end
|
52
46
|
|
data/lib/omnibus/metadata.rb
CHANGED
@@ -170,12 +170,16 @@ module Omnibus
|
|
170
170
|
# rubocop:disable Lint/DuplicateCaseCondition
|
171
171
|
def truncate_platform_version(platform_version, platform)
|
172
172
|
case platform
|
173
|
-
when "centos", "debian", "el", "fedora", "freebsd", "omnios", "pidora", "raspbian", "rhel", "sles", "suse", "smartos"
|
173
|
+
when "centos", "cumulus", "debian", "el", "fedora", "freebsd", "omnios", "pidora", "raspbian", "rhel", "sles", "suse", "smartos"
|
174
174
|
# Only want MAJOR (e.g. Debian 7, OmniOS r151006, SmartOS 20120809T221258Z)
|
175
175
|
platform_version.split(".").first
|
176
|
-
when "aix", "alpine", "
|
177
|
-
# Only want MAJOR.MINOR (e.g.
|
176
|
+
when "aix", "alpine", "openbsd", "slackware", "solaris2", "opensuse", "opensuseleap", "ubuntu", "amazon"
|
177
|
+
# Only want MAJOR.MINOR (e.g. Ubuntu 12.04)
|
178
178
|
platform_version.split(".")[0..1].join(".")
|
179
|
+
when "mac_os_x", "darwin", "macos"
|
180
|
+
# If running macOS >= 11, use only MAJOR version. Otherwise, use MAJOR.MINOR
|
181
|
+
pv_bits = platform_version.split(".")
|
182
|
+
pv_bits[0].to_i >= 11 ? pv_bits[0] : pv_bits[0..1].join(".")
|
179
183
|
when "arch", "gentoo", "kali"
|
180
184
|
# Arch Linux / Gentoo do not have a platform_version ohai attribute, they are rolling release (lsb_release -r)
|
181
185
|
"rolling"
|