Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

WALL-E role updates #7

Open
wants to merge 36 commits into
base: main
Choose a base branch
from
Open

WALL-E role updates #7

Show file tree
Hide file tree
Changes from 24 commits
Commits
Show all changes
36 commits
Select commit Hold shift + click to select a range
d094cf2
Add logging with debug
neoformit Sep 18, 2024
b740c29
Catch permission error
neoformit Sep 18, 2024
4166f93
Fix cron job env vars by invoking bash shell
neoformit Sep 18, 2024
e51a97e
Add option to kill jobs with gxadmin
neoformit Sep 18, 2024
35ad742
Update README
neoformit Sep 18, 2024
6ef5e70
Add galaxy_jwd.py script
neoformit Sep 18, 2024
dfbc582
Modify galaxy_jwd.py to accept YAML object_store_conf
neoformit Sep 18, 2024
e1e66fb
Document walle_virtualenv in defaults
neoformit Sep 18, 2024
59ac1d3
Fix walle_bashrc file
neoformit Sep 18, 2024
2fde4fd
Move python scripts to files
neoformit Sep 18, 2024
f19593f
Set bashrc env vars from playbook vars
neoformit Sep 18, 2024
3b7c50a
Improved debug logging with subprocess
neoformit Sep 19, 2024
b3f2173
Fix subprocess kwarg
neoformit Sep 20, 2024
393a4d1
Add walle_extra_env_vars to make env vars configurable
neoformit Sep 20, 2024
287f6b4
Apply github/super-linter@v4 diffs
neoformit Sep 25, 2024
44d8acf
Remove duplicate logging.getLogger
neoformit Oct 10, 2024
fb3ac66
Remove unused CURRENT_TIME
neoformit Oct 10, 2024
b36eff9
Revert merge conflicts in walle.py
neoformit Oct 10, 2024
5414f9e
copy -> ansible.builtin.copy
neoformit Oct 10, 2024
5a07b78
walle_env_vars merge conflict
neoformit Oct 10, 2024
ba5d363
Remove old report_matching_malware
neoformit Oct 10, 2024
de92392
Fix walle_extra_env_vars TypeError
neoformit Oct 11, 2024
c67dd77
Type hinting python3.8 compatible
neoformit Oct 11, 2024
7d747eb
Remove invalid logger.debug param
neoformit Oct 11, 2024
a812136
Set exit code zero on no jobs found
neoformit Oct 14, 2024
317f031
Replace call to kill_job()
neoformit Oct 14, 2024
20b5cee
Use ansible.builtin.file
neoformit Oct 14, 2024
a2f2246
Remove redundant walle_debug
neoformit Oct 14, 2024
816fca9
Create var walle_malware_database_force_update
neoformit Oct 14, 2024
a934a31
Debug log calculated SHA1 hash
neoformit Oct 15, 2024
ac620a3
Fix README
neoformit Oct 15, 2024
4ce5886
Set env vars from ansible vars
neoformit Oct 15, 2024
f08e0f8
Merge branch 'main' of https://github.com/usegalaxy-au/WallE
neoformit Oct 15, 2024
b688e8a
Remove required env vars
neoformit Oct 15, 2024
91cebf5
Black format walle
neoformit Oct 16, 2024
71e15e4
Fix pyright typing lint issues
neoformit Oct 16, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
31 changes: 23 additions & 8 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,12 +10,15 @@ Deployed with Ansible.

If you find new miners or other malicious stuff, please add those signatures to our [`intergalactic-most-wanted-list`](https://github.com/usegalaxy-eu/intergalactic-most-wanted-list).

## Prerequisites
This role expect several requirements.
1. [galaxy_jwd.py](https://github.com/usegalaxy-eu/infrastructure-playbook/blob/master/roles/usegalaxy-eu.bashrc/files/galaxy_jwd.py) must exist in the directory of `walle_script_location`
2. Python 3
2. the python packages imported in `walle.py` and `galaxy_jwd.py` must be present
3. Following environment vars must be set:
## Host machine requirements

1. Python 3 on the host machine
1. Python dependencies in `walle.py` and `galaxy_jwd.py` must be available (perhaps set `walle_virtualenv` for this)
```

1. Python 3
1. The python dependencies in `walle.py` and `galaxy_jwd.py` must be available (perhaps in the `walle_virtualenv`)
1. Following environment vars must be set:
- `GALAXY_CONFIG_FILE`: Path to the galaxy.yml file
- `PGDATABASE`: Name of the Galaxy database
- `PGUSER`: Galaxy database user
Expand All @@ -30,11 +33,21 @@ This role expect several requirements.
- `WALLE_USER_DELETION_SUBJECT`: The message's subject line.

[^1]: You should always run 'dangerous' jobs in embedded Pulsar.

## Ansible
For ansible details consult `defaults/main.yml`, it should be pretty much self-explanatory.

1. Your playbook should define the following variables:
```
galaxy_config_file: /path/to/galaxy.yml
galaxy_log_dir: /path/to/galaxy/log/dir
galaxy_pg_db: galaxy
galaxy_pg_user: galaxy
galaxy_pg_host: my-db-server.usegalaxy.org
galaxy_pulsar_app_conf: /path/to/pulsar/app.yml
1. Consult `defaults/main.yml` for available walle variables

## Usage
From the tools help command:
From the tool's help command:
~~~
usage: WALL·E [-h] [--chunksize CHUNKSIZE] [--min-size MIN_SIZE_MB] [--max-size MAX_SIZE_MB] [--since SINCE] [--tool TOOL] [-v] [-i] [--delete-user MIN_SEVERITY]

Expand Down Expand Up @@ -86,6 +99,7 @@ optional arguments:
-h, --help show this help message and exit
--chunksize CHUNKSIZE
Chunksize in MiB for hashing the files in JWDs, defaults to 100 MiB
--kill Kill malicious jobs with gxadmin.
--min-size MIN_SIZE_MB
Minimum filesize im MB to limit the files to scan. The check will be skipped if value is 0 (default)
--max-size MAX_SIZE_MB
Expand All @@ -96,6 +110,7 @@ optional arguments:
--tool TOOL A string to filter tools in the tool_id column of currently running jobs.
Use like 'grep' after the gxadmin query queue-details command.
-v, --verbose Report details for every match.
-d, --debug Emit additional log messages for debugging Wall-E.
-i, --interactive Show table header.
--delete-user MIN_SEVERITY
Delete user when the found malware's severity level is equal or higher than this value.
Expand Down
10 changes: 10 additions & 0 deletions defaults/main.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ walle_python: /usr/bin/python
walle_database_file: checksums.yml
walle_log_dir: /var/log/walle
neoformit marked this conversation as resolved.
Show resolved Hide resolved
walle_script_location: /usr/local/bin/walle.py
#walle_virtualenv: <optional venv for walle to use>

# Script args
walle_filesize_min: 0
Expand All @@ -30,6 +31,13 @@ walle_envs_database:
value: "{{ galaxy_config_dir }}/galaxy.yml"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
value: "{{ galaxy_config_dir }}/galaxy.yml"
value: "{{ galaxy_config_file }}"

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I would also change (but gh does not allow suggestions on unchanged code parts :/ (or I don't know how)

-  - key: PGHOST
-    value: 127.0.0.1
-  - key: PGUSER
-    value: galaxy
-  - key: PGDATABASE
-    value: galaxy
+  - key: PGHOST
+    value: "{{ galaxy_pg_host }}"
+  - key: PGUSER
+    value: "{{ galaxy_pg_user }}"
+  - key: PGDATABASE
+    value: "{{ galaxy_pg_db }}"

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

galaxy_pg_host, galaxy_pg_user and galaxy_pg_db seem to be EU-specific playbook vars, we don't have them in AU or in the galaxyproject.galaxy role? I assumed that admins would change these values with walle_extra_env_vars if they wanted to customize them.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

oh okay, to me it looked like you added them in the README

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yep you're right, I did 🤦 I have committed this suggestion: 4ce5886. It does make it easier for admins to control these basic vars, but can still get more flexibility with walle_extra_env_vars.

- key: GALAXY_PULSAR_APP_CONF
value: "{{ galaxy_config_dir }}/pulsar_app.yml"
mira-miracoli marked this conversation as resolved.
Show resolved Hide resolved
- key: GALAXY_LOG_DIR
value: "{{ galaxy_log_dir }}"
- key: GXADMIN_PATH
value: /usr/local/bin/gxadmin

walle_extra_env_vars: [] # These will be added to the default env vars
walle_env_vars: "{{ walle_envs_database + walle_extra_env_vars }}"

# delete users when malware was found and malware severity reached walle_delete_threshold
walle_delete_users: false
Expand All @@ -47,6 +55,8 @@ walle_envs_user_deletion:
# walle_galaxy_url: #galaxy_hostname, no leading slash
# walle_tool: <string to filter tool ids in database job table>
walle_verbose: false
walle_debug: false
walle_kill: false

# Cron
walle_cron_day: "*"
Expand Down
Loading
Loading