Getting Data In
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

How do I automatically package an App with some best practices applied? I am using OS X.

jdonn_splunk
Splunk Employee
Splunk Employee
‎01-30-2016 01:01 AM

I want to automate App creation, but I have a .git folder that does not meet Splunk requirements. Do you have a script that I can use to automatically apply some best practices? I am using OS X.

0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

jdonn_splunk
Splunk Employee
Splunk Employee
‎01-30-2016 01:03 AM

Adjust this script to your liking. Please post any solutions for other OSs below.

#!/bin/bash

### SPLUNK_HOME
SPLUNK_HOME="/opt/splunk"
desktop="/Users/jdonn/Desktop/scripts"
permissions="jdonn:staff"

### Collect and test for App name
if [ "$#" -eq 0 ];then
  echo "Please state the name of the App"
  exit 0
elif [ "$#" -gt 1 ];then
  echo "Just ONE App at a time"
  exit 0
    else
      echo "on we go" 
      app=$BASH_ARGV
      echo "App = $app"
    fi

### Move .git out of the App dir
mv $SPLUNK_HOME/etc/apps/$app/.git /tmp/.

### Remove READMEs and metadata
rm -f $SPLUNK_HOME/etc/apps/$app/metadata/local.meta
rm -f $SPLUNK_HOME/etc/apps/$app/bin/README
rm -f $SPLUNK_HOME/etc/apps/$app/default/data/ui/views/README

### Remove the backup lookup file dir created by the lookup editor
rm -f $SPLUNK_HOME/etc/apps/$app/lookups/lookup_file_backups/

### Ensure permissions are correct
chmod -R 644 $SPLUNK_HOME/etc/apps/$app/*
chmod -R 744 $SPLUNK_HOME/etc/apps/$app/bin/*

### Package App
$SPLUNK_HOME/bin/splunk package app $app

### Mave .git back into the App
mv $SPLUNK_HOME/etc/system/static/app-packages/$app.spl $desktop/.
mv $app.spl $app.tar.gz
chown $permissions $app.tar.gz

### Move the file to the desktop, rename it and fix permissions
mv /tmp/.git $SPLUNK_HOME/etc/apps/$app/.git

### Run App inspect
splunk-appinspect inspect $app.tar.gz --mode precert --included-tags splunk_appinspect --included-tags cloud
### Cloud only - add switch
# splunk-appinspect inspect $app.tar.gz --mode precert --included-tags cloud

exit 0

View solution in original post

Reply
Solved! Jump to solution

czervos
Explorer
‎02-15-2019 08:05 AM

Attempting this in the directory where the app is being developed did not work for me because the

chmod -R 644 $SPLUNK_HOME/etc/apps/$app/*

removes the x bit from all directories under the app folder

As a result the app no longer runs. In addition the subsequent recommended

chmod -R 744 $SPLUNK_HOME/etc/apps/$app/bin/*

to add the +x bit back to the files in the bin directory also fails since the bin directory no longer has the x bit set.

As you can see

chmod: $SPLUNK_HOME/etc/apps/$app/bin/README: Permission denied
chmod: $SPLUNK_HOME/etc/apps/$app/bin/_DEBUG.sh: Permission denied
chmod: $SPLUNK_HOME/etc/apps/$app/bin/delete.py: Permission denied
chmod: $SPLUNK_HOME/etc/apps/$app/bin/package_app.sh: Permission denied
chmod: $SPLUNK_HOME/etc/apps/$app/iRobotHBU/bin/utils: Permission denied

0 Karma
Reply
Solved! Jump to solution
Solution

jdonn_splunk
Splunk Employee
Splunk Employee
‎01-30-2016 01:03 AM

Adjust this script to your liking. Please post any solutions for other OSs below.

#!/bin/bash

### SPLUNK_HOME
SPLUNK_HOME="/opt/splunk"
desktop="/Users/jdonn/Desktop/scripts"
permissions="jdonn:staff"

### Collect and test for App name
if [ "$#" -eq 0 ];then
  echo "Please state the name of the App"
  exit 0
elif [ "$#" -gt 1 ];then
  echo "Just ONE App at a time"
  exit 0
    else
      echo "on we go" 
      app=$BASH_ARGV
      echo "App = $app"
    fi

### Move .git out of the App dir
mv $SPLUNK_HOME/etc/apps/$app/.git /tmp/.

### Remove READMEs and metadata
rm -f $SPLUNK_HOME/etc/apps/$app/metadata/local.meta
rm -f $SPLUNK_HOME/etc/apps/$app/bin/README
rm -f $SPLUNK_HOME/etc/apps/$app/default/data/ui/views/README

### Remove the backup lookup file dir created by the lookup editor
rm -f $SPLUNK_HOME/etc/apps/$app/lookups/lookup_file_backups/

### Ensure permissions are correct
chmod -R 644 $SPLUNK_HOME/etc/apps/$app/*
chmod -R 744 $SPLUNK_HOME/etc/apps/$app/bin/*

### Package App
$SPLUNK_HOME/bin/splunk package app $app

### Mave .git back into the App
mv $SPLUNK_HOME/etc/system/static/app-packages/$app.spl $desktop/.
mv $app.spl $app.tar.gz
chown $permissions $app.tar.gz

### Move the file to the desktop, rename it and fix permissions
mv /tmp/.git $SPLUNK_HOME/etc/apps/$app/.git

### Run App inspect
splunk-appinspect inspect $app.tar.gz --mode precert --included-tags splunk_appinspect --included-tags cloud
### Cloud only - add switch
# splunk-appinspect inspect $app.tar.gz --mode precert --included-tags cloud

exit 0
Reply
Get Updates on the Splunk Community!

Splunk AI Assistant for SPL | Key Use Cases to Unlock the Power of SPL

Splunk AI Assistant for SPL | Key Use Cases to Unlock the Power of SPL  The Splunk AI Assistant for SPL ...

Buttercup Games: Further Dashboarding Techniques (Part 5)

This series of blogs assumes you have already completed the Splunk Enterprise Search Tutorial as it uses the ...

Customers Increasingly Choose Splunk for Observability

For the second year in a row, Splunk was recognized as a Leader in the 2024 Gartner® Magic Quadrant™ for ...
Top