All Apps and Add-ons
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Need clarifications on binary file checks done by check_for_binary_files_without_source_code

turbobobi
Explorer
‎04-06-2022 08:23 AM

Our addon app has several binary files in its bin/ directory.
The check_for_binary_files_without_source_code check fails for them, but I discovered 2 things:
1. When packaging the addon using the Addon Builder app, the README.txt file gets modified with extra content like the following:


# Binary File Declaration
/opt/splunk/var/data/tabuilder/package/TA-luminar-iocs-and-leaked-credentials/bin/ta_luminar_iocs_and_leaked_credentials/aob_py3/pvectorc.cpython-37m-x86_64-linux-gnu.so: this file does not require any source code

Having these segments in the README.txt file causes the check to omit the given binary file.

2. I tried looking for details about this README.txt behavior, but the only thing I was able to find was an old fork of what appears to be the code of the AppInspectchecks:
https://github.com/splunkdevabhi/appinspect/blob/master/splunk_appinspect/checks/check_cloud_simple_...

In particular the conditional logic related to this behavior is in lines 1827-1852.

Is this use case for binary file descriptions in a README.txt file described in the official documentation?
If not, can someone please add it?

Labels (2)
Labels
Tags (1)
0 Karma
Reply

turbobobi
Explorer
‎04-06-2022 08:55 AM

It's interesting to note that I reached this use case by 2 different approaches:

  1. Calling the AppInspect CLI on my app's source code dir
  2. Calling the AppInspect CLI on a package I produced using slim (from the Packaging Toolkit)

I see that the README.txt file gets updated automatically with these binary file exclusions in 2 separate use cases:

  • When I call the splunk package app command
  • When I package my app using the AddOn Builder app
0 Karma
Reply
Get Updates on the Splunk Community!

Splunk Lantern | Spotlight on Security: Adoption Motions, War Stories, and More

Splunk Lantern is a customer success center that provides advice from Splunk experts on valuable data ...

Splunk Cloud | Empowering Splunk Administrators with Admin Config Service (ACS)

Greetings, Splunk Cloud Admins and Splunk enthusiasts! The Admin Configuration Service (ACS) team is excited ...

Tech Talk | One Log to Rule Them All

One log to rule them all: how you can centralize your troubleshooting with Splunk logs We know how important ...