135 lines
2.9 KiB
Bash
Executable File
135 lines
2.9 KiB
Bash
Executable File
#!/bin/bash
|
|
|
|
script_file_path="$(realpath "${0}")"
|
|
script_dir_path="$(dirname "${script_file_path}")"
|
|
|
|
pushd "${script_dir_path}" >/dev/null || exit 1
|
|
|
|
# shellcheck disable=SC1091
|
|
source ./_libs/libbase.sh
|
|
# shellcheck disable=SC1091
|
|
source ./kybus.conf
|
|
|
|
function helpKybus {
|
|
cat <<EOF
|
|
------
|
|
Kybus - Automated Vulnerability Deployment
|
|
Author: Spencer
|
|
------
|
|
|
|
--cve -c Select the CVE to deploy
|
|
|
|
--list-roles Display a list of available roles to deploy
|
|
|
|
--destroy Destroys any Kybus environment previously deployed
|
|
By default running a new role will destroy any prior
|
|
|
|
--help -h Displays this message
|
|
|
|
EOF
|
|
}
|
|
|
|
function initKybus {
|
|
StatusEcho "Cleaning up old Environment"
|
|
rm -f .kybusenv >/dev/null
|
|
}
|
|
|
|
function parseKybusRole {
|
|
metaKybus=$(cat "roles/${1}/meta/kybus.yml")
|
|
|
|
KYBUS_BASE_IMAGE="download/$(echo "${metaKybus}" | grep "^image:" | cut -d " " -f 2-)"
|
|
setKybusVariable "KYBUS_BASE_IMAGE" "${KYBUS_BASE_IMAGE}"
|
|
|
|
return
|
|
}
|
|
|
|
function setKybusVariable {
|
|
if [[ -z "${1}" || -z ${2} ]]; then
|
|
WarningEcho "Variables not passed to setKybusVariable correctly"
|
|
exit 1
|
|
fi
|
|
|
|
# Create variable file if one does not exist
|
|
if [[ ! -e .kybusenv ]]; then
|
|
touch .kybusenv
|
|
fi
|
|
|
|
StatusEcho "Setting ${1}"
|
|
|
|
# Set blank variable if it does not already exist
|
|
grep "${1}" .kybusenv >/dev/null || echo "${1}=" >>.kybusenv
|
|
|
|
# Set variable
|
|
sed -i "s|${1}=.*|${1}=${2}|" .kybusenv >/dev/null
|
|
|
|
return
|
|
}
|
|
|
|
function findCVE {
|
|
StatusEcho "Attempting to find ${1}"
|
|
ls "roles/${1}" &>/dev/null || failed=1
|
|
|
|
if (( failed == 1 )); then
|
|
WarningEcho "CVE - ${1} not found"
|
|
exit 1
|
|
fi
|
|
|
|
return
|
|
}
|
|
|
|
function ArgParse {
|
|
# Exit if no args are passed
|
|
if (( $# == 0 )); then
|
|
helpKybus
|
|
exit 1
|
|
fi
|
|
|
|
while (("${#}")); do
|
|
case "${1}" in
|
|
--cve | -c)
|
|
shift
|
|
findCVE "${1}" && setKybusVariable "KYBUS_SELECTED_CVE" "${1}"
|
|
export KYBUS_SELECTED_CVE=${1}
|
|
shift
|
|
;;
|
|
--help | -h)
|
|
shift
|
|
helpKybus
|
|
exit 0
|
|
;;
|
|
--list-roles)
|
|
shift
|
|
local roles
|
|
roles=$(find roles/* -maxdepth 0 | sed 's|roles/||g')
|
|
CyanEcho "Available Roles:"
|
|
CyanEcho "${roles}"
|
|
unset roles
|
|
exit 0
|
|
;;
|
|
--destroy)
|
|
terraform destroy -auto-approve || echo "Destory is currently run locally and an error occured"
|
|
shift
|
|
exit 0
|
|
;;
|
|
*)
|
|
shift
|
|
helpKybus
|
|
exit 0
|
|
;;
|
|
esac
|
|
done
|
|
|
|
return
|
|
}
|
|
|
|
#initKybus
|
|
ArgParse "${@}"
|
|
parseKybusRole "${KYBUS_SELECTED_CVE}"
|
|
|
|
docker run --rm -v /var/run/libvirt/libvirt-sock:/var/run/libvirt/libvirt-sock -v "$(pwd):/mnt" -v "${SSH_KEY_FILE}:/root/.ssh/key" --env-file kybus.conf --env-file .kybusenv kybus:latest ./init.sh
|
|
KYBUS_ADDRESS=$(grep -A 1 addresses <terraform.tfstate | tail -n 1 | sed 's| ||g;s|"||g')
|
|
CyanEcho "Kybus IP Address: ${KYBUS_ADDRESS}"
|
|
|
|
popd || exit 1
|
|
|