Merge pull request #211 from BenediktMKuehne/update-func

Updater app

VERSION.txt

@@ -0,0 +1 @@
+0.1-02a5f8d9

dev-tools/create-version.sh

@@ -0,0 +1,17 @@
+#!/bin/bash
+# EMBArk - The firmware security scanning environment
+#
+# Copyright 2024 Siemens Energy AG
+#
+# EMBArk comes with ABSOLUTELY NO WARRANTY.
+#
+# EMBArk is licensed under MIT
+#
+# Author(s): Benedikt Kuehne
+
+# Description: Automates writing the VERSION.txt
+
+# create version
+sed -i "s|-.*|-$(git describe --always)|1" "$(dirname "${0}")/../VERSION.txt"
+# and tag for version
+# TODO

embark/embark/context_processor.py

@@ -0,0 +1,5 @@
+from django.conf import settings
+
+
+def embark_version(request):
+    return {'EMBARK_VERSION': settings.VERSION[0], 'EMBA_VERSION': settings.VERSION[1]}

embark/embark/helper.py

@@ -4,6 +4,9 @@
 
 from random import randrange
 import os
+from pathlib import Path
+
+from django.conf import settings
 
 
 def rnd_rgb_color():
@@ -60,6 +63,41 @@ def cleanup_charfield(charfield) -> str:
     return charfield
 
 
+def get_version_strings():
+    # gets us the currently installed version
+    if Path(settings.EMBA_ROOT + "/external/onlinechecker").exists():
+        # get the latest version nnumbers
+        with open(Path(settings.EMBA_ROOT + "/external/onlinechecker/EMBA_VERSION.txt"), 'r', encoding='UTF-8') as emba_version_file:
+            stable_emba_version = emba_version_file.read().splitlines()[0]
+        with open(Path(settings.EMBA_ROOT + "/external/onlinechecker/EMBA_CONTAINER_HASH.txt"), 'r', encoding='UTF-8') as container_version_file:
+            container_version = container_version_file.read().splitlines()[0]
+        with open(Path(settings.EMBA_ROOT + "/external/onlinechecker/NVD_HASH.txt"), 'r', encoding='UTF-8') as nvd_version_file:
+            nvd_version = nvd_version_file.read().splitlines()[0]
+        with open(Path(settings.EMBA_ROOT + "/external/onlinechecker/EMBA_GITHUB_HASH.txt"), 'r', encoding='UTF-8') as emba_github_version_file:
+            github_emba_version = emba_github_version_file.read().splitlines()[0]
+    else:
+        stable_emba_version = ""
+        container_version = ""
+        nvd_version = ""
+        github_emba_version = ""
+
+    if Path(settings.EMBA_ROOT + "/config/VERSION.txt").exists():
+        with open(Path(settings.EMBA_ROOT + "/config/VERSION.txt"), 'r', encoding='UTF-8') as emba_version_file:
+            emba_version = emba_version_file.read().splitlines()[0]
+    else:
+        emba_version = ""
+
+    if Path("./VERSION.txt").exists():
+        with open(Path("./VERSION.txt"), 'r', encoding='UTF-8') as embark_version_file:
+            embark_version = embark_version_file.read().splitlines()[0]
+    else:
+        embark_version = ""
+
+    return embark_version, emba_version, stable_emba_version, container_version, nvd_version, github_emba_version
+
+
 if __name__ == '__main__':
     TEST_STRING = 'Linux / v2.6.33.2'
     print(cleanup_charfield(TEST_STRING))
+
+    print(get_version_strings())

embark/embark/settings/deploy.py

@@ -12,6 +12,8 @@
 
 from dotenv import load_dotenv
 
+from embark.helper import get_version_strings
+
 # load .env file
 load_dotenv()
 
@@ -56,7 +58,8 @@
     'reporter',
     'dashboard',
     'tracker',
-    'porter'
+    'porter',
+    'updater'
 ]
 
 AUTH_USER_MODEL = 'users.User'
@@ -193,6 +196,10 @@
             'handlers': ['debug_handler', 'info_handler', 'console_handler'],
             'level': 'INFO',
         },
+        'updater': {
+            'handlers': ['debug_handler', 'info_handler', 'console_handler'],
+            'level': 'DEBUG',
+        },
         'embark': {
             'handlers': ['debug_handler', 'info_handler', 'console_handler'],
             'level': 'INFO',
@@ -325,3 +332,5 @@ def count_emba_modules(emba_dir_path):
     EMBA_P_MOD_CNT = 18
     EMBA_F_MOD_CNT = 4
     EMBA_L_MOD_CNT = 8
+
+VERSION = get_version_strings()

embark/embark/settings/dev.py

@@ -8,6 +8,8 @@
 
 from dotenv import load_dotenv
 
+from embark.helper import get_version_strings
+
 # Build paths inside the project like this: BASE_DIR / 'subdir'.
 BASE_DIR = Path(__file__).resolve().parent.parent.parent
 load_dotenv(dotenv_path=os.path.join(BASE_DIR.parent, '.env'))
@@ -37,7 +39,8 @@
     'reporter',
     'dashboard',
     'tracker',
-    'porter'
+    'porter',
+    'updater'
 ]
 
 AUTH_USER_MODEL = 'users.User'
@@ -65,6 +68,7 @@
                 'django.template.context_processors.request',
                 'django.contrib.auth.context_processors.auth',
                 'django.contrib.messages.context_processors.messages',
+                'embark.context_processor.embark_version'
             ],
         },
     },
@@ -138,6 +142,10 @@
             'level': 'WARNING',
             'handlers': ['info_handler', 'console_handler'],
         },
+        'updater': {
+            'handlers': ['debug_handler', 'info_handler', 'console_handler'],
+            'level': 'DEBUG',
+        },
         'uploader': {
             'handlers': ['debug_handler', 'info_handler', 'console_handler'],
             'level': 'DEBUG',
@@ -287,3 +295,5 @@ def count_emba_modules(emba_dir_path):
     EMBA_P_MOD_CNT = 18
     EMBA_F_MOD_CNT = 4
     EMBA_L_MOD_CNT = 8
+
+VERSION = get_version_strings()

embark/embark/urls.py

@@ -23,6 +23,7 @@
 
 urlpatterns = [
     # path('admin/', admin.site.urls),
+    path('', include('updater.urls')),
     path('', include('uploader.urls')),
     path('', include('users.urls')),
     path('', include('dashboard.urls')),

embark/porter/views.py

@@ -59,6 +59,7 @@ def import_read(request):
         zip_file_obj = form.cleaned_data['zip_log_file']
         if zip_file_obj.user != request.user:
             logger.error("Permission denied - %s", request)
+            messages.error(request, "You don't have permission")
             return redirect('..')
         # create new analysis
         new_analysis = FirmwareAnalysis.objects.create(user=request.user)

embark/static/content/css/updater.css

@@ -0,0 +1,26 @@
+#embarkLogo {
+    width: 100%;
+    padding: 50px;
+}
+
+#embarkLogo img {
+    width: 60%;
+    max-width: 600px;
+    display: block;
+    margin-left: auto;
+    margin-right: auto;
+}
+
+::selection{  
+    background-color: #160022;
+    color: #ffcc00;
+}  
+
+.alert {
+    margin: 30px;
+}
+
+#login_footer {
+    text-align: center;
+    margin: 50px 0;
+}

embark/templates/base.html

@@ -78,26 +78,10 @@
                     </svg>
                     <a rel="nofollow" itemprop="url" class="color-fg-default" title="https://www.securefirmware.de" href="https://www.securefirmware.de">https://www.securefirmware.de</a>     
                 </div>
-            </div>
-        </footer>
-        <!--
-        <div class="fixed-bottom  justify-content-center">
-            <div class="d-flex flex-row justify-content-center">
-                <div class="p-1">
-                    <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 273.5 222.3" role="img" aria-labelledby="dpefe9ffof6q8i9zrabcwkbbhphn1y5" class="octicon flex-shrink-0" height="16" width="16">
-                        <title id="dpefe9ffof6q8i9zrabcwkbbhphn1y5">Twitter</title>
-                        <path fill="currentColor" d="M273.5 26.3a109.77 109.77 0 0 1-32.2 8.8 56.07 56.07 0 0 0 24.7-31 113.39 113.39 0 0 1-35.7 13.6 56.1 56.1 0 0 0-97 38.4 54 54 0 0 0 1.5 12.8A159.68 159.68 0 0 1 19.1 10.3a56.12 56.12 0 0 0 17.4 74.9 56.06 56.06 0 0 1-25.4-7v.7a56.11 56.11 0 0 0 45 55 55.65 55.65 0 0 1-14.8 2 62.39 62.39 0 0 1-10.6-1 56.24 56.24 0 0 0 52.4 39 112.87 112.87 0 0 1-69.7 24 119 119 0 0 1-13.4-.8 158.83 158.83 0 0 0 86 25.2c103.2 0 159.6-85.5 159.6-159.6 0-2.4-.1-4.9-.2-7.3a114.25 114.25 0 0 0 28.1-29.1"/>
-                    </svg>
-                    <a rel="nofollow me" class="Link--primary" href="https://twitter.com/securefirmware">@securefirmware</a>
-                </div>
                 <div class="p-1">
-                    <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-link flex-shrink-0">
-                        <path fill-rule="evenodd" d="M7.775 3.275a.75.75 0 001.06 1.06l1.25-1.25a2 2 0 112.83 2.83l-2.5 2.5a2 2 0 01-2.83 0 .75.75 0 00-1.06 1.06 3.5 3.5 0 004.95 0l2.5-2.5a3.5 3.5 0 00-4.95-4.95l-1.25 1.25zm-4.69 9.64a2 2 0 010-2.83l2.5-2.5a2 2 0 012.83 0 .75.75 0 001.06-1.06 3.5 3.5 0 00-4.95 0l-2.5 2.5a3.5 3.5 0 004.95 4.95l1.25-1.25a.75.75 0 00-1.06-1.06l-1.25 1.25a2 2 0 01-2.83 0z"/>
-                    </svg>
-                    <a rel="nofollow" itemprop="url" class="color-fg-default" title="https://www.securefirmware.de" href="https://www.securefirmware.de">https://www.securefirmware.de</a>     
+                    <small>{{ EMBARK_VERSION }}</small>
                 </div>
             </div>
-        </div>
-        -->
+        </footer>
     </body>
     </html>

embark/templates/navigation.html

@@ -93,6 +93,14 @@
                     <span class="nav-link">Reports</span>
                 </a>
             </li>
+            <li>
+                <a href="{% url 'embark-updater-home' %}">
+                    <span class="icon">
+                        <svg xmlns="http://www.w3.org/2000/svg" width="48px" height="48px" viewBox="0 0 24 24" fill="none" fill-rule="evenodd" stroke="#fff" stroke-width="1" stroke-linecap="round" stroke-linejoin="round"><path d="M21.5 2v6h-6M2.5 22v-6h6M2 11.5a10 10 0 0 1 18.8-4.3M22 12.5a10 10 0 0 1-18.8 4.2"/></svg>
+                    </span>
+                    <span class="nav-link">Updater</span>
+                </a>
+            </li>
             <li class="submenu">
                <div class="dropdown">
                    <a data-toggle="collapse" aria-expanded="true">

embark/templates/updater/check.html

@@ -0,0 +1,12 @@
+{% load django_bootstrap5 %}
+
+<div class="box">
+    <form action="{% url 'embark-updater-check' %}" method="post" id="form">
+        {% csrf_token %}
+        <div class="innerBlock">
+            {% load filters %}
+            {% bootstrap_form emba_check_form %}
+            <button type="submit" class="btn btn-primary">Check</button>
+        </div>
+    </form>
+</div>

embark/templates/updater/index.html

@@ -0,0 +1,50 @@
+{% extends "base.html" %}
+{% load static %}
+{% load django_bootstrap5 %}
+{% load tz %}
+
+{% block style %}
+<link rel="stylesheet" type="text/css" href="{% static 'content/css/logviewer.css' %}"/>
+<link rel="stylesheet" type="text/css" href="{% static 'content/css/updater.css' %}"/>
+{% endblock style %}
+
+{% block title %}EMBArk updater dashboard{% endblock title %}
+{% block navigation %}{% include "navigation.html" %}{% endblock navigation %}
+
+{% bootstrap_messages %}
+
+{% block maincontent %}
+{% timezone request.session.django_timezone %}
+<div class="update-form-container">
+    <div id="embarkLogo">
+      <img src="{% static 'content/images/embark_logo.svg' %}" alt="EMBArk logo graphic" height="auto" width="auto"/>
+    </div>
+    <div class="d-flex justify-content-center">
+        <h2><span class="badge bg-primary">Current Version:</span>  {{ EMBARK_VERSION }}</h2>
+    </div>
+    <div class="d-flex justify-content-center">
+        <a href="https://github.com/e-m-b-a/embark/releases/latest">Release-Notes</a>
+    </div>
+    <hr>
+    <div class="update-check d-flex justify-content-center">
+      <h3><span class="badge bg-secondary">EMBA version</span>  {{ EMBA_VERSION }}</h3>
+    </div>
+    <div id="progress">
+      {% block progress %}{% include "updater/progress.html" %}{% endblock progress %}
+    </div>
+    <div id="check">
+      {% block check %}{% include "updater/check.html" %}{% endblock check %}
+    </div>
+    <div id="update">
+          <p>
+            <button class="btn btn-primary" type="button" data-bs-toggle="collapse" data-bs-target="#collapseEMBA" aria-expanded="false" aria-controls="collapseEMBA" title="Update EMBA">
+              Update EMBA
+            </button>
+          </p>
+        {% block update %}{% include "updater/update.html" %}{% endblock update %}
+    </div>
+
+</div>
+
+{% endtimezone %}
+{% endblock %}

embark/templates/updater/progress.html

@@ -0,0 +1,5 @@
+{% load django_bootstrap5 %}
+{% load static %}
+<div class="box">
+    {{ log_content|safe }}
+</div>

embark/templates/updater/update.html

@@ -0,0 +1,18 @@
+{% load django_bootstrap5 %}
+
+<div class="collapse" id="collapseEMBA">
+    <div class="box">
+        <p class="mainText">EMBA Configuration</p>
+        <p class="subText">Update EMBA</p>
+
+        <form action="{% url 'embark-updater-update' %}" method="post" id="form">
+            {% csrf_token %}
+            <div class="innerBlock">
+                {% load filters %}
+                {% bootstrap_form emba_update_form %}
+                <button type="submit" class="btn btn-primary" data-bs-toggle="collapse.show" data-bs-target="collapseStart">Update</button>
+            </div>
+        </form>
+
+    </div>
+</div>

embark/templates/user/login.html

@@ -8,6 +8,7 @@
           <img src="{% static 'content/images/embark_logo.svg' %}" alt="EMBArk logo graphic" height="auto" width="auto"/>
         </div>
         <div class="d-flex justify-content-center">
+            <!--  TODO put actual version here-->
             <h2><span class="badge bg-primary">New</span>  Version 0.1</h2>
         </div>
         <div class="d-flex justify-content-center">

embark/updater/apps.py

@@ -0,0 +1,6 @@
+from django.apps import AppConfig
+
+
+class UpdaterConfig(AppConfig):
+    default_auto_field = 'django.db.models.BigAutoField'
+    name = 'updater'

embark/updater/forms.py

@@ -0,0 +1,16 @@
+import logging
+from django import forms
+
+logger = logging.getLogger(__name__)
+
+
+class EmbaUpdateForm(forms.Form):
+    option = forms.MultipleChoiceField(choices=[
+        ('GIT', 'Git Update'), ('DOCKER', 'Docker Update'), ('NVD', 'CVE Update')
+    ], help_text='Update EMBA', widget=forms.CheckboxSelectMultiple, required=False)
+
+
+class CheckForm(forms.Form):
+    option = forms.ChoiceField(choices=[
+        ('BOTH', 'Host and container'), ('CONTAINER', 'Only Container')
+    ], help_text='Check EMBA', widget=forms.Select, required=True)

embark/updater/urls.py

@@ -0,0 +1,12 @@
+from django.urls import path
+
+from updater import views
+
+# view routing
+urlpatterns = [
+    path('updater/', views.updater_home, name='embark-updater-home'),
+    path('updater/update-emba', views.update_emba, name='embark-updater-update'),
+    path('updater/check-emba', views.check_update, name='embark-updater-check'),
+    path('updater/progress', views.progress, name='embark-updater-progress'),
+    path('updater/raw-progress', views.raw_progress, name='embark-updater-raw')
+]