Makefile: add "make collection" target, improve others
This commit is contained in:
parent
1ec25c8d53
commit
3984b82701
32
Makefile
32
Makefile
|
@ -1,18 +1,25 @@
|
||||||
out/osqtool:
|
ARCH ?= $(shell uname -m)
|
||||||
|
COLLECT_DIR ?= "./out/$(shell hostname -s)-$(shell date +%Y-%m-%-d-%H-%M-%S)"
|
||||||
|
|
||||||
|
out/osqtool-$(ARCH):
|
||||||
mkdir -p out
|
mkdir -p out
|
||||||
GOBIN=$(CURDIR)/out go install github.com/chainguard-dev/osqtool/cmd/osqtool@latest
|
GOBIN=$(CURDIR)/out go install github.com/chainguard-dev/osqtool/cmd/osqtool@latest
|
||||||
|
mv out/osqtool out/osqtool-$(ARCH)
|
||||||
|
|
||||||
out/odk-detection.conf: out/osqtool
|
out/odk-detection.conf: out/osqtool-$(ARCH) $(wildcard detection/*.sql)
|
||||||
./out/osqtool --max-results=0 --max-total-daily-duration=3h45m --max-query-daily-duration=1.5h --verify pack detection/ > out/odk-detection.conf
|
./out/osqtool-$(ARCH) --max-results=0 --max-total-daily-duration=3h45m --max-query-daily-duration=1.5h --verify pack detection/ > out/.odk-detection.conf
|
||||||
|
mv out/.odk-detection.conf out/odk-detection.conf
|
||||||
|
|
||||||
out/odk-policy.conf: out/osqtool
|
out/odk-policy.conf: out/osqtool-$(ARCH) $(wildcard policy/*.sql)
|
||||||
./out/osqtool --max-results=0 --verify pack policy/ > out/odk-policy.conf
|
./out/osqtool-$(ARCH) --max-results=0 --verify pack policy/ > out/.odk-policy.conf
|
||||||
|
mv out/.odk-policy.conf out/odk-policy.conf
|
||||||
|
|
||||||
out/odk-incident-response.conf: out/osqtool
|
out/odk-incident-response.conf: out/osqtool-$(ARCH) $(wildcard incident_response/*.sql)
|
||||||
./out/osqtool --max-results=150000 --max-query-duration=8s --max-total-daily-duration=90m --verify pack incident_response/ > out/odk-incident-response.conf
|
./out/osqtool-$(ARCH) --max-results=150000 --max-query-duration=8s --max-total-daily-duration=90m --verify pack incident_response/ > out/.odk-incident_response.conf
|
||||||
|
mv out/.odk-incident_response.conf out/odk-incident_response.conf
|
||||||
|
|
||||||
# An alternative rules file for configurations where the "wireless_networks" table is forbidden for querying
|
# An alternative rules file for configurations where the "wireless_networks" table is forbidden for querying
|
||||||
out/odk-incident-response-no-wifi.conf: out/osqtool
|
out/odk-incident-response-no-wifi.conf: out/osqtool-$(ARCH)
|
||||||
./out/osqtool --max-results=150000 --max-query-duration=8s --max-total-daily-duration=90m --verify --exclude wireless_networks_macos pack incident_response/ > out/odk-incident-response-no-wifi.conf
|
./out/osqtool --max-results=150000 --max-query-duration=8s --max-total-daily-duration=90m --verify --exclude wireless_networks_macos pack incident_response/ > out/odk-incident-response-no-wifi.conf
|
||||||
|
|
||||||
packs: out/odk-detection.conf out/odk-policy.conf out/odk-incident-response.conf out/odk-incident-response-no-wifi.conf
|
packs: out/odk-detection.conf out/odk-policy.conf out/odk-incident-response.conf out/odk-incident-response-no-wifi.conf
|
||||||
|
@ -28,4 +35,13 @@ reformat:
|
||||||
reformat-updates:
|
reformat-updates:
|
||||||
git status -s | awk '{ print $$2 }' | grep ".sql" | perl -ne 'chomp; system("cp $$_ /tmp/fix.sql && npx sql-formatter -l sqlite /tmp/fix.sql > $$_");'
|
git status -s | awk '{ print $$2 }' | grep ".sql" | perl -ne 'chomp; system("cp $$_ /tmp/fix.sql && npx sql-formatter -l sqlite /tmp/fix.sql > $$_");'
|
||||||
|
|
||||||
|
.PHONY: collection
|
||||||
|
collection: ./out/osqtool-$(ARCH)
|
||||||
|
mkdir -p $(COLLECT_DIR)
|
||||||
|
@echo "Saving output to: $(COLLECT_DIR)"
|
||||||
|
./out/osqtool-$(ARCH) run incident_response | tee $(COLLECT_DIR)/incident_response.txt
|
||||||
|
./out/osqtool-$(ARCH) run policy | tee $(COLLECT_DIR)/policy.txt
|
||||||
|
./out/osqtool-$(ARCH) run detection | tee $(COLLECT_DIR)/detection.txt
|
||||||
|
|
||||||
all: out/odk-packs.zip
|
all: out/odk-packs.zip
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue