Giter VIP home page Giter VIP logo

hyper-protect-virtual-servers-tester's Introduction

Secure_Build_Tester

Enter your VARIABLES in user_variables.env

The ones you must enter are labeled MUST ENTER

Variables managed by Script

The script automatically increments IMAGE_NUMBER and stores it in IMAGE_NUMBER.txt in your script directory to get around Docker repositories with "stranded signing keys"

edit the following section {expand me for details} 
## Managed by Script
########################################################
## This number is incremented automatically by script 
## Gets around problem of image name already used in notary server
## for keys in Docker Hub
if [ -w "${PROJECT_DIR}/IMAGE_NUMBER.txt" ];
then
    export IMAGE_NUMBER=$(<"${PROJECT_DIR}/IMAGE_NUMBER.txt")
else
	export IMAGE_NUMBER=${IMAGE_NUMBER:-"0"}
fi
########################################################

Others may be of use depending on the circumstance...

Example Script Runthroughs

Go Hello World Build (USE_GO=1) [tl;dr ~ 5 minutes of runtime] {expand me for details} 
time ./lab1.sh 

Cleaning up quotagroup sb_user00...

Current state of quotagroups on system
+-----------------+
| QUOTAGROUP NAME |
+-----------------+
| sb_user21       |
| sb_user10       |
| prom0630_19     |
| sb_user1        |
| hpvs_bc_21      |
| sbgrafana       |
| hpvs_bc_16      |
| hpvs_bc_3_2     |
| sb_user2        |
| hpvs_grafana    |
| sb_user09       |
| sb_user16       |
| appliance_data  |
| hpvs_bc_10      |
+-----------------+

Current state of Hyper Protect Virtual Servers on system
+----------------------+---------+-------------+----------------------------------------------------------+
| NAMES                | STATE   | STATUS      | IMAGE                                                    |
+----------------------+---------+-------------+----------------------------------------------------------+
| prom0630_19          | running | Up 2 months | jinxiong/prom0630:latest                                 |
| grep11-0a-0016-19876 | running | Up 4 weeks  | ibmzcontainers/hpcs-grep11-prod:1.2.1                    |
| sbserver_16          | running | Up 5 weeks  | ibmzcontainers/secure-docker-build:1.2.1-release-9b63b43 |
| sbserver_10          | running | Up 5 weeks  | ibmzcontainers/secure-docker-build:1.2.1-release-9b63b43 |
| grep11-08-0016-9876  | running | Up 4 weeks  | ibmzcontainers/hpcs-grep11-prod:1.2.1                    |
| sbserver_2           | running | Up 7 days   | ibmzcontainers/secure-docker-build:1.2.1-release-9b63b43 |
| collectd             | running | Up 2 months | ibmzcontainers/collectd-host:1.2.1                       |
| sbserver_1           | running | Up 2 weeks  | ibmzcontainers/secure-docker-build:1.2.1-release-9b63b43 |
| hpvs_bc_3_2          | running | Up 3 days   | rkrishnm/hpvs_bc_3:latest                                |
| hpvs_grafana         | running | Up 2 months | jinxiong/hpvs_grafana:latest                             |
| hpvs_bc_10           | running | Up 5 weeks  | josedeivit/hpvs_bc:latest                                |
| sbserver_21          | running | Up 5 weeks  | ibmzcontainers/secure-docker-build:1.2.1-release-9b63b43 |
| hpvs_bc_21           | running | Up 5 weeks  | rodroxrom/hpvs_bc:latest                                 |
| monitoring           | running | Up 2 months | ibmzcontainers/monitoring:1.2.1                          |
| hpvs_bc_16           | running | Up 5 weeks  | maurocecc/hpvs_bc:latest                                 |
| sbserver_09          | running | Up 5 weeks  | ibmzcontainers/secure-docker-build:1.2.1-release-9b63b43 |
+----------------------+---------+-------------+----------------------------------------------------------+
setup_environment: Setting up the secure build environment...
Generating public/private rsa key pair.
Your identification has been saved in /home/hyper-protect-lab/securebuild-test/github_keys/github_rsa_hpvs.
Your public key has been saved in /home/hyper-protect-lab/securebuild-test/github_keys/github_rsa_hpvs.pub.
The key fingerprint is:
SHA256:8hqyaJ+9GzYyxpxjn/CtPxay+njwc/NpKDs7t8K0uR0 hyper-protect-lab@ubuntu
The key's randomart image is:
+---[RSA 4096]----+
|                 |
|                 |
|                 |
|                 |
|      . S        |
|   o..oo.        |
|    %===Eo       |
|  .+ #&OB...     |
| ...*+#^=*o      |
+----[SHA256]-----+
# github.com:22 SSH-2.0-babeld-00265aa9
# github.com:22 SSH-2.0-babeld-00265aa9
# github.com:22 SSH-2.0-babeld-00265aa9

Creating certificates and keys for secure image build...
Generating a RSA private key
..+++++
.................+++++
writing new private key to '/home/hyper-protect-lab/securebuild-test/sbs_keys/sbs.key'
-----

Creating quotagroup sb_user00 for Hyper Protect Secure Build Server...
+-------------+--------------+
| name        | sb_user00    |
| filesystem  | btrfs        |
| passthrough | false        |
| pool_id     | lv_data_pool |
| size        | 40GB         |
| available   | 40GB         |
| containers  | []           |
+-------------+--------------+

Creating Hyper Protect Secure Build Server: sbserver_00...
+-------------+------------------------------+
| PROPERTIES  | VALUES                       |
+-------------+------------------------------+
| Name        | sbserver_00                  |
| Status      | Up Less than a second        |
| CPU         | 2                            |
| Memory      | 2048                         |
| Networks    | Network:bridge               |
|             | IPAddress:172.31.0.7         |
|             | Gateway:172.31.0.1           |
|             | Subnet:16                    |
|             | MacAddress:02:42:ac:1f:00:07 |
|             |                              |
|             |                              |
| Ports       | LocalPort:443/tcp            |
|             | GuestPort:30000              |
|             |                              |
| Quotagroups | appliance_data               |
|             | sb_user00                    |
|             |                              |
| State       | running                      |
+-------------+------------------------------+

Generating GPG keys to encrypt the image repository definition once the image is built...
gpg: Generating registration definition key
gpg: key AD6328D1C026ECC6 marked as ultimately trusted
gpg: revocation certificate stored as '/home/hyper-protect-lab/.gnupg/openpgp-revocs.d/5E1AE39684D63D642B4D6DC4AD6328D1C026ECC6.rev'
gpg: done
secure_bitcoin_key29612_definition_keys  secure_bitcoin_key29612.pub
secure_bitcoin_key29612.private

Generating secure build config file...

Waiting for Secure Build Server to become available for initialization...taking a 20 second nap.

Waiting for Secure Build Server to become available for initialization...taking a 20 second nap.

Secure build server initialized

Securely Building Container Image: hpvs_hello_world_go1...
+--------+-------------------------+
| status | OK: async build started |
+--------+-------------------------+
###############################
+---------------------+-------------------------------------------------------------------------------------------------------+
| status              | success                                                                                               |
| build_name          | docker.io.gmoney23.hpvs_hello_world_go1.latest-a1d1fc3.2020-09-18_01-45-15.448395                     |
| image_tag           | latest-a1d1fc3                                                                                        |
| manifest_key_gen    | soft_crypto                                                                                           |
| manifest_public_key | manifest.docker.io.gmoney23.hpvs_hello_world_go1.latest-a1d1fc3.2020-09-18_01-45-15.448395-public.pem |
| root_ssh_enabled    | false                                                                                                 |
+---------------------+-------------------------------------------------------------------------------------------------------+

Encrypting registration file with GPG key...
Enter Sigining Private key passphrase: 

For Git Hub account assocaited with the provided GIT_API_TOKEN:
	Removing git key ID: 46284920...

Retrieving secure build manifest...

Retrieving secure build public key...

Files retrieved:
docker.io.gmoney23.hpvs_hello_world_go1.latest-a1d1fc3.2020-09-18_01-45-15.448395-public.pem
manifest.docker.io.gmoney23.hpvs_hello_world_go1.latest-a1d1fc3.2020-09-18_01-45-15.448395.sig.tbz
manifest_files

Verifying build integrity with manifest and public key...
Verified OK

Manifest file directory structure
data  git  root_ssh

Registering hpvs_hello_world_go1_00 container repository with Hyper Protect Virtual Servers appliance...
+-----------------+-----------------------------------------+
| repository name | docker.io/gmoney23/hpvs_hello_world_go1 |
| runtime         | runq                                    |
+-----------------+-----------------------------------------+

Creating quotagroup to deploy application using image repository: hpvs_hello_world_go1_00...
+-------------+-------------------------+
| name        | hpvs_hello_world_go1_00 |
| filesystem  | btrfs                   |
| passthrough | false                   |
| pool_id     | lv_data_pool            |
| size        | 5GB                     |
| available   | 5GB                     |
| containers  | []                      |
+-------------+-------------------------+

Creating Hyper Protect Virtual Servers application using image repository: hpvs_hello_world_go1_00...
+-------------+------------------------------+
| PROPERTIES  | VALUES                       |
+-------------+------------------------------+
| Name        | hpvs_hello_world_go1_00      |
| Status      | Up Less than a second        |
| CPU         | 2                            |
| Memory      | 2048                         |
| Networks    | Network:bridge               |
|             | IPAddress:172.31.0.13        |
|             | Gateway:172.31.0.1           |
|             | Subnet:16                    |
|             | MacAddress:02:42:ac:1f:00:0d |
|             |                              |
|             |                              |
| Ports       | LocalPort:5000/tcp           |
|             | GuestPort:30100              |
|             |                              |
| Quotagroups | hpvs_hello_world_go1_00      |
|             |                              |
| State       | running                      |
+-------------+------------------------------+
+-------------+-----------------------------------+
| PROPERTIES  | VALUES                            |
+-------------+-----------------------------------+
| name        | hpvs_hello_world_go1_00           |
| filesystem  | btrfs                             |
| passthrough | false                             |
| pool_id     | lv_data_pool                      |
| size        | 5 GB                              |
| available   | 752 MB                            |
| containers  | Mountids:"new"                    |
|             |                                   |
|             | Container:hpvs_hello_world_go1_00 |
|             |                                   |
+-------------+-----------------------------------+
+-------------+------------------------------+
| PROPERTIES  | VALUES                       |
+-------------+------------------------------+
| Name        | hpvs_hello_world_go1_00      |
| Status      | Up 2 seconds                 |
| CPU         | 2                            |
| Memory      | 2048                         |
| Networks    | Network:bridge               |
|             | IPAddress:172.31.0.13        |
|             | Gateway:172.31.0.1           |
|             | Subnet:16                    |
|             | MacAddress:02:42:ac:1f:00:0d |
|             |                              |
|             |                              |
| Ports       | LocalPort:5000/tcp           |
|             | GuestPort:30100              |
|             |                              |
| Quotagroups | hpvs_hello_world_go1_00      |
|             |                              |
| State       | running                      |
+-------------+------------------------------+

Hello World Go Application: http://192.168.22.80:30100

real	4m46.120s
user	0m9.161s
sys	0m2.205s
Secure Bitcoin Wallet Build (comment out #USE_GO=1) [tl;dr ~ 13 minutes of runtime] expand me for details {expand me for details} 
time ./lab1.sh 

Cleaning up Hyper Protect Virtual Server sbserver_00...

Cleaning up quotagroup sb_user00...

Current state of quotagroups on system
+-----------------+
| QUOTAGROUP NAME |
+-----------------+
| sb_user21       |
| sb_user10       |
| prom0630_19     |
| sb_user1        |
| hpvs_bc_21      |
| sbgrafana       |
| hpvs_bc_16      |
| sb_user         |
| hpvs_bc_3_2     |
| sb_user2        |
| hpvs_grafana    |
| sb_user09       |
| sb_user16       |
| appliance_data  |
| hpvs_bc_10      |
+-----------------+

Current state of Hyper Protect Virtual Servers on system
+----------------------+---------+--------------+------------------------------------------------------------+
| NAMES                | STATE   | STATUS       | IMAGE                                                      |
+----------------------+---------+--------------+------------------------------------------------------------+
| monitoring           | running | Up 2 months  | ibmzcontainers/monitoring:1.2.1                            |
| sbserver_16          | running | Up 5 weeks   | ibmzcontainers/secure-docker-build:1.2.1-release-9b63b43   |
| prom0630_19          | running | Up 2 months  | jinxiong/prom0630:latest                                   |
| grep11-0a-0016-19876 | running | Up 4 weeks   | ibmzcontainers/hpcs-grep11-prod:1.2.1                      |
| hpvs_bc_21           | running | Up 5 weeks   | rodroxrom/hpvs_bc:latest                                   |
| sbserver_2           | running | Up 8 days    | ibmzcontainers/secure-docker-build:1.2.1-release-9b63b43   |
| sbserver_            | running | Up 6 minutes | ibmzcontainers/secure-docker-build:1.2.1.1-release-bf10b8e |
| hpvs_bc_10           | running | Up 5 weeks   | josedeivit/hpvs_bc:latest                                  |
| sbserver_21          | running | Up 5 weeks   | ibmzcontainers/secure-docker-build:1.2.1-release-9b63b43   |
| hpvs_bc_16           | running | Up 5 weeks   | maurocecc/hpvs_bc:latest                                   |
| sbserver_10          | running | Up 5 weeks   | ibmzcontainers/secure-docker-build:1.2.1-release-9b63b43   |
| grep11-08-0016-9876  | running | Up 4 weeks   | ibmzcontainers/hpcs-grep11-prod:1.2.1                      |
| hpvs_bc_3_2          | running | Up 4 days    | rkrishnm/hpvs_bc_3:latest                                  |
| collectd             | running | Up 2 months  | ibmzcontainers/collectd-host:1.2.1                         |
| hpvs_grafana         | running | Up 2 months  | jinxiong/hpvs_grafana:latest                               |
| sbserver_09          | running | Up 5 weeks   | ibmzcontainers/secure-docker-build:1.2.1-release-9b63b43   |
| sbserver_1           | running | Up 2 weeks   | ibmzcontainers/secure-docker-build:1.2.1-release-9b63b43   |
+----------------------+---------+--------------+------------------------------------------------------------+
setup_environment: Setting up the secure build environment...
Generating public/private rsa key pair.
Your identification has been saved in /home/hyper-protect-lab/securebuild-test/github_keys/github_rsa_hpvs.
Your public key has been saved in /home/hyper-protect-lab/securebuild-test/github_keys/github_rsa_hpvs.pub.
The key fingerprint is:
SHA256:1/rZrC8kZEW/OVBLj++K7ckB4Ejvg95Rtg5HyFXn5ig hyper-protect-lab@ubuntu
The key's randomart image is:
+---[RSA 4096]----+
|           .. + .|
|            .= * |
|        . ..o + +|
|       . =o= . B |
|        So* E = o|
|         +.=.+ o |
|        . *oo . .|
|       . . B.B + |
|        . . *=X  |
+----[SHA256]-----+
# github.com:22 SSH-2.0-babeld-00265aa9
# github.com:22 SSH-2.0-babeld-00265aa9
# github.com:22 SSH-2.0-babeld-00265aa9

Creating certificates and keys for secure image build...
Generating a RSA private key
.............................+++++
............................................+++++
writing new private key to '/home/hyper-protect-lab/securebuild-test/sbs_keys/sbs.key'
-----

Creating quotagroup sb_user00 for Hyper Protect Secure Build Server...
+-------------+--------------+
| name        | sb_user00    |
| filesystem  | btrfs        |
| passthrough | false        |
| pool_id     | lv_data_pool |
| size        | 40GB         |
| available   | 40GB         |
| containers  | []           |
+-------------+--------------+

Creating Hyper Protect Secure Build Server: sbserver_00...
+-------------+------------------------------+
| PROPERTIES  | VALUES                       |
+-------------+------------------------------+
| Name        | sbserver_00                  |
| Status      | Up Less than a second        |
| CPU         | 2                            |
| Memory      | 2048                         |
| Networks    | Network:bridge               |
|             | IPAddress:172.31.0.13        |
|             | Gateway:172.31.0.1           |
|             | Subnet:16                    |
|             | MacAddress:02:42:ac:1f:00:0d |
|             |                              |
|             |                              |
| Ports       | LocalPort:443/tcp            |
|             | GuestPort:30000              |
|             |                              |
| Quotagroups | appliance_data               |
|             | sb_user00                    |
|             |                              |
| State       | running                      |
+-------------+------------------------------+

Generating GPG keys to encrypt the image repository definition once the image is built...
gpg: Generating registration definition key
gpg: key 9E7CE6781BD2EB8B marked as ultimately trusted
gpg: revocation certificate stored as '/home/hyper-protect-lab/.gnupg/openpgp-revocs.d/FA2EE1A7306A0AE15F2FCB7C9E7CE6781BD2EB8B.rev'
gpg: done
secure_bitcoin_key28744_definition_keys  secure_bitcoin_key28744.pub
secure_bitcoin_key28744.private

Generating secure build config file...

Waiting for Secure Build Server to become available for initialization...taking a 20 second nap.

Waiting for Secure Build Server to become available for initialization...taking a 20 second nap.

Secure build server initialized

Securely Building Container Image: hpvs_bc99...
+--------+-------------------------+
| status | OK: async build started |
+--------+-------------------------+
##################################################################################################################################################################################################################################################################################################################################################################################################################
+---------------------+--------------------------------------------------------------------------------------------+
| build_name          | docker.io.gmoney23.hpvs_bc99.latest-ad52e76.2020-09-18_03-33-41.191504                     |
| image_tag           | latest-ad52e76                                                                             |
| manifest_key_gen    | soft_crypto                                                                                |
| manifest_public_key | manifest.docker.io.gmoney23.hpvs_bc99.latest-ad52e76.2020-09-18_03-33-41.191504-public.pem |
| root_ssh_enabled    | false                                                                                      |
| status              | success                                                                                    |
+---------------------+--------------------------------------------------------------------------------------------+

Encrypting registration file with GPG key...
Enter Sigining Private key passphrase: 

For Git Hub account assocaited with the provided GIT_API_TOKEN:
	Removing git key ID: 46287855...

Retrieving secure build manifest...

Retrieving secure build public key...

Files retrieved:
docker.io.gmoney23.hpvs_bc99.latest-ad52e76.2020-09-18_03-33-41.191504-public.pem
manifest.docker.io.gmoney23.hpvs_bc99.latest-ad52e76.2020-09-18_03-33-41.191504.sig.tbz
manifest_files

Verifying build integrity with manifest and public key...
Verified OK

Manifest file directory structure
data  git  root_ssh

Registering hpvs_bc99_00 container repository with Hyper Protect Virtual Servers appliance...
+-----------------+------------------------------+
| repository name | docker.io/gmoney23/hpvs_bc99 |
| runtime         | runq                         |
+-----------------+------------------------------+

Creating quotagroup to deploy application using image repository: hpvs_bc99_00...
+-------------+--------------+
| name        | hpvs_bc99_00 |
| filesystem  | btrfs        |
| passthrough | false        |
| pool_id     | lv_data_pool |
| size        | 5GB          |
| available   | 5GB          |
| containers  | []           |
+-------------+--------------+

Creating Hyper Protect Virtual Servers application using image repository: hpvs_bc99_00...
+-------------+------------------------------+
| PROPERTIES  | VALUES                       |
+-------------+------------------------------+
| Name        | hpvs_bc99_00                 |
| Status      | Up Less than a second        |
| CPU         | 2                            |
| Memory      | 2048                         |
| Networks    | Network:bridge               |
|             | IPAddress:172.31.0.19        |
|             | Gateway:172.31.0.1           |
|             | Subnet:16                    |
|             | MacAddress:02:42:ac:1f:00:13 |
|             |                              |
|             |                              |
| Ports       | LocalPort:443/tcp            |
|             | GuestPort:30100              |
|             |                              |
| Quotagroups | hpvs_bc99_00                 |
|             | appliance_data               |
|             |                              |
| State       | running                      |
+-------------+------------------------------+
+-------------+------------------------+
| PROPERTIES  | VALUES                 |
+-------------+------------------------+
| name        | hpvs_bc99_00           |
| filesystem  | btrfs                  |
| passthrough | false                  |
| pool_id     | lv_data_pool           |
| size        | 5 GB                   |
| available   | 752 MB                 |
| containers  | Container:hpvs_bc99_00 |
|             | Mountids:"new"         |
|             |                        |
|             |                        |
+-------------+------------------------+
+-------------+------------------------------+
| PROPERTIES  | VALUES                       |
+-------------+------------------------------+
| Name        | hpvs_bc99_00                 |
| Status      | Up 2 seconds                 |
| CPU         | 2                            |
| Memory      | 2048                         |
| Networks    | Network:bridge               |
|             | IPAddress:172.31.0.19        |
|             | Gateway:172.31.0.1           |
|             | Subnet:16                    |
|             | MacAddress:02:42:ac:1f:00:13 |
|             |                              |
|             |                              |
| Ports       | LocalPort:443/tcp            |
|             | GuestPort:30100              |
|             |                              |
| Quotagroups | appliance_data               |
|             | hpvs_bc99_00                 |
|             |                              |
| State       | running                      |
+-------------+------------------------------+

Secure Bicoin Wallet Application: https://192.168.22.80:30100/electrum

real	13m6.805s
user	0m4.595s
sys	0m1.048s

:octocat:

hyper-protect-virtual-servers-tester's People

Contributors

stuartteneribm avatar siler23 avatar

Watchers

James Cloos avatar Jin VanStee avatar avatar Lyn Elkins avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.