added Malcolm

Vagrant/resources/malcolm/sensor-iso/beats/Dockerfile

@@ -0,0 +1,51 @@
+FROM debian:buster-slim
+
+# Copyright (c) 2021 Battelle Energy Alliance, LLC.  All rights reserved.
+
+LABEL maintainer="malcolm.netsec@gmail.com"
+
+ENV DEBIAN_FRONTEND noninteractive
+ENV GOPATH=/go
+ENV GOBIN=/go/bin
+ENV GOARCH=amd64
+ENV GOVERS="2:1.15~1~bpo10+1"
+ENV PATH="$GOBIN:${PATH}"
+ENV PYTHON_EXE=python3
+
+RUN set -x && \
+    sed -i "s/buster main/buster main contrib non-free/g" /etc/apt/sources.list && \
+      echo "deb http://deb.debian.org/debian buster-backports main" >> /etc/apt/sources.list && \
+      apt-get -q update && \
+      apt-get install -y curl git vim-tiny && \
+      apt-get install -t buster-backports -y \
+        "golang-doc=$GOVERS" \
+        "golang-go=$GOVERS" \
+        "golang-src=$GOVERS" \
+        "golang=$GOVERS" \
+        build-essential \
+        python3 \
+        python3-dev \
+        python3-pip \
+        python3-setuptools \
+        python3-virtualenv \
+        python3-wheel \
+        virtualenv && \
+    rm -rf /var/lib/apt/lists/* && \
+    update-alternatives --install /usr/bin/python python /usr/bin/python3 2 && \
+    update-alternatives --install /usr/bin/pip pip /usr/bin/pip3 2 && \
+    python3 -m pip install -U pyyaml cookiecutter && \
+    mkdir -p "$GOPATH/bin" && \
+    bash -c "curl -sSL https://raw.githubusercontent.com/Masterminds/glide.sh/master/get | sed 's@https://glide.sh/@https://raw.githubusercontent.com/Masterminds/glide.sh/master/@g'| bash" && \
+    go get -u -d github.com/magefile/mage && \
+    cd $GOPATH/src/github.com/magefile/mage && \
+    go run bootstrap.go
+
+ENV BEATS=metricbeat
+ENV BEATS_VERSION=7.10.2
+
+ADD ./build.sh /build.sh
+RUN [ "chmod", "+x", "/build.sh" ]
+RUN [ "mkdir", "-p", "/go" ]
+RUN [ "mkdir", "/build" ]
+
+CMD "/build.sh"

Vagrant/resources/malcolm/sensor-iso/beats/beat-build.sh

@@ -0,0 +1,26 @@
+#!/bin/bash
+
+# Copyright (c) 2021 Battelle Energy Alliance, LLC.  All rights reserved.
+
+VERSION="7.10.2"
+THIRD_PARTY_BRANCH="master"
+while getopts b:v:t: opts; do
+   case ${opts} in
+      b) BEAT=${OPTARG} ;;
+      v) VERSION=${OPTARG} ;;
+      t) THIRD_PARTY_BRANCH=${OPTARG} ;;
+   esac
+done
+
+if [[ -z $BEAT || -z $VERSION || -z $THIRD_PARTY_BRANCH ]] ; then
+  echo "usage:" >&2
+  echo "  beat-build.sh -b <BEAT> [-v <BEAT_VERSION>] [-v <THIRD_PARTY_BEAT_BRANCH>]" >&2
+  echo "" >&2
+  echo "example:" >&2
+  echo "  beat-build.sh -b metricbeat -v $VERSION" >&2
+  exit 1
+fi
+
+BEAT_DIR="$(pwd)/$(echo "$BEAT" | sed "s@^https*://@@" | sed 's@/@_@g')"
+mkdir -p "$BEAT_DIR"
+docker run --rm -v "$BEAT_DIR":/build -e "BEATS_VERSION=$VERSION" -e "THIRD_PARTY_BRANCH=$THIRD_PARTY_BRANCH" -e "BEATS=$BEAT" beats-build:latest

Vagrant/resources/malcolm/sensor-iso/beats/build-docker-image.sh

@@ -0,0 +1,11 @@
+#!/bin/bash
+
+# Copyright (c) 2021 Battelle Energy Alliance, LLC.  All rights reserved.
+
+# force-navigate to script directory
+SCRIPT_PATH="$( cd -P "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
+pushd "$SCRIPT_PATH" >/dev/null 2>&1
+
+docker build -t beats-build:latest .
+
+popd >/dev/null 2>&1

Vagrant/resources/malcolm/sensor-iso/beats/build.sh

@@ -0,0 +1,69 @@
+#!/bin/bash
+
+# Copyright (c) 2021 Battelle Energy Alliance, LLC.  All rights reserved.
+
+echo Target version: $BEATS_VERSION
+
+BRANCH=$(echo $BEATS_VERSION | awk -F \. {'print $1 "." $2'})
+echo Target branch: $BRANCH
+
+if [ ! -d "$GOPATH/src/github.com/elastic/beats" ]; then go get -v github.com/elastic/beats; fi
+
+cd $GOPATH/src/github.com/elastic/beats
+git checkout $BRANCH
+
+IFS=","
+BEATS_ARRAY=($BEATS)
+
+for BEAT in "${BEATS_ARRAY[@]}"
+do
+
+    if [[ -d "$GOPATH/src/github.com/elastic/beats/$BEAT" ]] ; then
+      # an official beat
+      cd "$GOPATH/src/github.com/elastic/beats/$BEAT"
+      make
+      cp "$BEAT" /build
+
+      # package
+      DOWNLOAD="$BEAT-$BEATS_VERSION-linux-x86.tar.gz"
+      if [ ! -e $DOWNLOAD ]; then curl -s -O -J "https://artifacts.elastic.co/downloads/beats/$BEAT/$DOWNLOAD"; fi
+      tar xf "$DOWNLOAD"
+
+      cp "$BEAT" "$BEAT-$BEATS_VERSION-linux-x86"
+      tar zcf "$BEAT-$BEATS_VERSION-linux-amd64.tar.gz" "$BEAT-$BEATS_VERSION-linux-x86"
+      cp "$BEAT-$BEATS_VERSION-linux-amd64.tar.gz" /build
+
+    elif [[ "$BEAT" =~ ^https*://(gogs\..*|github\.com) ]] ; then
+      BRANCH=${THIRD_PARTY_BRANCH:-"master"}
+
+      # clone from git manually rather than do a "go get"
+      mkdir -p "$GOPATH/src/$(dirname "$(echo "$BEAT" | sed "s@^https*://@@")")"
+      cd "$GOPATH/src/$(dirname "$(echo "$BEAT" | sed "s@^https*://@@")")"
+      git clone --depth=1 --single-branch --branch "$BRANCH" "$BEAT"
+      BEAT_EXE_NAME="$(basename "$BEAT" | sed "s/\.git$//")"
+      cd "$BEAT_EXE_NAME"
+      go get
+      go install
+      if [[ -f "$GOBIN/$BEAT_EXE_NAME" ]] ; then
+        cp "$GOBIN/$BEAT_EXE_NAME" /build
+        strip "/build/$BEAT_EXE_NAME"
+      fi
+
+    else
+      # a community beat?
+      if [[ "$BEAT" =~ gogs\..* ]]; then
+        INSECURE_FLAG="--insecure"
+      else
+        INSECURE_FLAG=""
+      fi
+      go get $INSECURE_FLAG "$BEAT"
+      BEAT_EXE_NAME="$(basename "$BEAT")"
+      if [[ -f "$GOBIN/$BEAT_EXE_NAME" ]] ; then
+        cp "$GOBIN/$BEAT_EXE_NAME" /build
+        strip "/build/$BEAT_EXE_NAME"
+      fi
+    fi
+
+    ls -lh /build
+
+done