Getting Data In
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

How do I automatically package an App with some best practices applied? I am using OS X.

jdonn_splunk
Splunk Employee
Splunk Employee
‎01-30-2016 01:01 AM

I want to automate App creation, but I have a .git folder that does not meet Splunk requirements. Do you have a script that I can use to automatically apply some best practices? I am using OS X.

0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

jdonn_splunk
Splunk Employee
Splunk Employee
‎01-30-2016 01:03 AM

Adjust this script to your liking. Please post any solutions for other OSs below.

#!/bin/bash

### SPLUNK_HOME
SPLUNK_HOME="/opt/splunk"
desktop="/Users/jdonn/Desktop/scripts"
permissions="jdonn:staff"

### Collect and test for App name
if [ "$#" -eq 0 ];then
  echo "Please state the name of the App"
  exit 0
elif [ "$#" -gt 1 ];then
  echo "Just ONE App at a time"
  exit 0
    else
      echo "on we go" 
      app=$BASH_ARGV
      echo "App = $app"
    fi

### Move .git out of the App dir
mv $SPLUNK_HOME/etc/apps/$app/.git /tmp/.

### Remove READMEs and metadata
rm -f $SPLUNK_HOME/etc/apps/$app/metadata/local.meta
rm -f $SPLUNK_HOME/etc/apps/$app/bin/README
rm -f $SPLUNK_HOME/etc/apps/$app/default/data/ui/views/README

### Remove the backup lookup file dir created by the lookup editor
rm -f $SPLUNK_HOME/etc/apps/$app/lookups/lookup_file_backups/

### Ensure permissions are correct
chmod -R 644 $SPLUNK_HOME/etc/apps/$app/*
chmod -R 744 $SPLUNK_HOME/etc/apps/$app/bin/*

### Package App
$SPLUNK_HOME/bin/splunk package app $app

### Mave .git back into the App
mv $SPLUNK_HOME/etc/system/static/app-packages/$app.spl $desktop/.
mv $app.spl $app.tar.gz
chown $permissions $app.tar.gz

### Move the file to the desktop, rename it and fix permissions
mv /tmp/.git $SPLUNK_HOME/etc/apps/$app/.git

### Run App inspect
splunk-appinspect inspect $app.tar.gz --mode precert --included-tags splunk_appinspect --included-tags cloud
### Cloud only - add switch
# splunk-appinspect inspect $app.tar.gz --mode precert --included-tags cloud

exit 0

View solution in original post

Reply
Solved! Jump to solution

czervos
Explorer
‎02-15-2019 08:05 AM

Attempting this in the directory where the app is being developed did not work for me because the

chmod -R 644 $SPLUNK_HOME/etc/apps/$app/*

removes the x bit from all directories under the app folder

As a result the app no longer runs. In addition the subsequent recommended

chmod -R 744 $SPLUNK_HOME/etc/apps/$app/bin/*

to add the +x bit back to the files in the bin directory also fails since the bin directory no longer has the x bit set.

As you can see

chmod: $SPLUNK_HOME/etc/apps/$app/bin/README: Permission denied
chmod: $SPLUNK_HOME/etc/apps/$app/bin/_DEBUG.sh: Permission denied
chmod: $SPLUNK_HOME/etc/apps/$app/bin/delete.py: Permission denied
chmod: $SPLUNK_HOME/etc/apps/$app/bin/package_app.sh: Permission denied
chmod: $SPLUNK_HOME/etc/apps/$app/iRobotHBU/bin/utils: Permission denied

0 Karma
Reply
Solved! Jump to solution
Solution

jdonn_splunk
Splunk Employee
Splunk Employee
‎01-30-2016 01:03 AM

Adjust this script to your liking. Please post any solutions for other OSs below.

#!/bin/bash

### SPLUNK_HOME
SPLUNK_HOME="/opt/splunk"
desktop="/Users/jdonn/Desktop/scripts"
permissions="jdonn:staff"

### Collect and test for App name
if [ "$#" -eq 0 ];then
  echo "Please state the name of the App"
  exit 0
elif [ "$#" -gt 1 ];then
  echo "Just ONE App at a time"
  exit 0
    else
      echo "on we go" 
      app=$BASH_ARGV
      echo "App = $app"
    fi

### Move .git out of the App dir
mv $SPLUNK_HOME/etc/apps/$app/.git /tmp/.

### Remove READMEs and metadata
rm -f $SPLUNK_HOME/etc/apps/$app/metadata/local.meta
rm -f $SPLUNK_HOME/etc/apps/$app/bin/README
rm -f $SPLUNK_HOME/etc/apps/$app/default/data/ui/views/README

### Remove the backup lookup file dir created by the lookup editor
rm -f $SPLUNK_HOME/etc/apps/$app/lookups/lookup_file_backups/

### Ensure permissions are correct
chmod -R 644 $SPLUNK_HOME/etc/apps/$app/*
chmod -R 744 $SPLUNK_HOME/etc/apps/$app/bin/*

### Package App
$SPLUNK_HOME/bin/splunk package app $app

### Mave .git back into the App
mv $SPLUNK_HOME/etc/system/static/app-packages/$app.spl $desktop/.
mv $app.spl $app.tar.gz
chown $permissions $app.tar.gz

### Move the file to the desktop, rename it and fix permissions
mv /tmp/.git $SPLUNK_HOME/etc/apps/$app/.git

### Run App inspect
splunk-appinspect inspect $app.tar.gz --mode precert --included-tags splunk_appinspect --included-tags cloud
### Cloud only - add switch
# splunk-appinspect inspect $app.tar.gz --mode precert --included-tags cloud

exit 0
Reply
Get Updates on the Splunk Community!

Introducing the 2024 SplunkTrust!

Hello, Splunk Community! We are beyond thrilled to announce our newest group of SplunkTrust members!  The ...

Introducing the 2024 Splunk MVPs!

We are excited to announce the 2024 cohort of the Splunk MVP program. Splunk MVPs are passionate members of ...

Splunk Custom Visualizations App End of Life

The Splunk Custom Visualizations apps End of Life for SimpleXML will reach end of support on Dec 21, 2024, ...