Merge pull request #496 from jmpsec/fix-docker-dev-environment

Default connector for osctrl-cli is API and some fixes
jmpsec · Sep 4, 2024 · d96103d · d96103d
2 parents f8d0d16 + 48eee6a
commit d96103d
Show file tree

Hide file tree

Showing 4 changed files with 8 additions and 10 deletions.
diff --git a/.env.example b/.env.example
@@ -10,4 +10,4 @@ JWT_SECRET=0000000000000000000000000000000000000000000000000000000000000000
 SESSION_KEY=sessionkey
 OSCTRL_USER=admin
 OSCTRL_PASS=Changeme123!
-GOLANG_VERSION=1.23.0
+GOLANG_VERSION=1.23.0-bookworm
diff --git a/cli/main.go b/cli/main.go
@@ -33,8 +33,6 @@ const (
 	appDescription string = appUsage + ", a fast and efficient osquery management"
 	// JSON file with API token
 	defaultApiConfigFile = projectName + "-api.json"
-	// JSON file with DB configuration
-	defaultDBConfigFile = "config/db.json"
 )
 
 const (
@@ -83,15 +81,15 @@ func init() {
 		&cli.BoolFlag{
 			Name:        "db",
 			Aliases:     []string{"d"},
-			Value:       true,
+			Value:       false,
 			Usage:       "Connect to local osctrl DB using JSON config file",
 			EnvVars:     []string{"DB_CONFIG"},
 			Destination: &dbFlag,
 		},
 		&cli.BoolFlag{
 			Name:        "api",
 			Aliases:     []string{"a"},
-			Value:       false,
+			Value:       true,
 			Usage:       "Connect to remote osctrl using JSON config file",
 			EnvVars:     []string{"API_CONFIG"},
 			Destination: &apiFlag,
@@ -121,7 +119,7 @@ func init() {
 		&cli.StringFlag{
 			Name:        "db-file",
 			Aliases:     []string{"D"},
-			Value:       defaultDBConfigFile,
+			Value:       "",
 			Usage:       "Load DB JSON configuration from `FILE`",
 			EnvVars:     []string{"DB_CONFIG_FILE"},
 			Destination: &dbConfigFile,
@@ -1523,7 +1521,7 @@ func init() {
 
 // Action for the DB check
 func checkDB(c *cli.Context) error {
-	if dbFlag {
+	if dbFlag && dbConfigFile != "" {
 		// Initialize backend
 		db, err = backend.CreateDBManagerFile(dbConfigFile)
 		if err != nil {

diff --git a/deploy/docker/conf/osquery/entrypoint.sh b/deploy/docker/conf/osquery/entrypoint.sh
@@ -21,13 +21,13 @@ if [ ! -f "/etc/osquery/osquery.secret" ]; then
   done
 
   # Get enroll secret
-  /opt/osctrl/bin/osctrl-cli --db env enroll-actions secret --name "${ENV_NAME}" > /etc/osquery/osquery.secret
+  /opt/osctrl/bin/osctrl-cli --db env node-actions --name "${ENV_NAME}" secret > /etc/osquery/osquery.secret
 
   # Get server cert
   echo "" | openssl s_client -connect ${HOST}:443 2>/dev/null | sed -n -e '/BEGIN\ CERTIFICATE/,/END\ CERTIFICATE/ p' > /etc/osquery/osctrl.crt
 
   # Get and set Osquery flags
-  /opt/osctrl/bin/osctrl-cli --db env enroll-actions show-flags --name "${ENV_NAME}" > /etc/osquery/osquery.flags
+  /opt/osctrl/bin/osctrl-cli --db env node-actions --name "${ENV_NAME}" show-flags > /etc/osquery/osquery.flags
   sed -i "s#__SECRET_FILE__#/etc/osquery/osquery.secret#g" /etc/osquery/osquery.flags
   echo "--tls_server_certs=/etc/osquery/osctrl.crt" >> /etc/osquery/osquery.flags
 fi

diff --git a/deploy/provision.sh b/deploy/provision.sh
@@ -774,7 +774,7 @@ else
   # Enroll host in environment
   if [[ "$ENROLL" == true ]]; then
     log "Adding host in environment $ENVIRONMENT"
-    eval $( "$DEST_PATH"/osctrl-cli --db -D "$__db_conf" env enroll-actions quick-add -n "$ENVIRONMENT" )
+    eval $( "$DEST_PATH"/osctrl-cli --db -D "$__db_conf" env node-actions -n "$ENVIRONMENT" quick-add)
   fi
 fi