4. 加载第三方软件

$(pwd)
└── extract  # $EXTRACT_DIR
└── gdch  # $DOWNLOAD_DIR
    └── $GDCH_VERSION  # $GDCH_TAR_DIR
        ├── ...  # Downloaded GDCH release files
    └── partner-software-${GDCH_VERSION?}
        ├── oic  # $PARTNER_SOFTWARE_DIR
        ├── gdch # $PARTNER_SOFTWARE_DIR for P2 step

GDCH_VERSION=VERSION
DOWNLOAD_DIR=<the parent directory holding the downloaded files, including GDCH release tar files, e.g. $(pwd)/gdch>

# GDCH_TAR_DIR contains the downloaded GDCH release tar files.
export GDCH_TAR_DIR=${DOWNLOAD_DIR?}/${GDCH_VERSION?}

# PARTNER_SOFTWARE_DIR holds the prepared partner software package files.
export PARTNER_SOFTWARE_DIR=${DOWNLOAD_DIR?}/partner-software-${GDCH_VERSION?}/oic
mkdir -p ${PARTNER_SOFTWARE_DIR}

EXTRACT_DIR=$(pwd)/extract/${GDCH_VERSION?}
mkdir -p ${EXTRACT_DIR?}

RELEASE_PREFIX="prod_partner_"
# The command is going to take long time.
tar -I pigz -xvf ${GDCH_TAR_DIR?}/${RELEASE_PREFIX}OIC_component_bundle.tar.gz -C ${EXTRACT_DIR?} ./release/scripts ./release/partner_software_metadata --strip-components 2

${EXTRACT_DIR?}/scripts/verify_package_files.sh ${EXTRACT_DIR}/partner_software_metadata/OIC_component_partner_software_info.json

  GDCH_VERSION=VERSION
  DOWNLOAD_DIR=<the parent directory holding the downloaded files, including GDCH release tar files, e.g. $(pwd)/gdch>

  # GDCH_TAR_DIR contains the downloaded GDCH release tar files.
  export GDCH_TAR_DIR=${DOWNLOAD_DIR?}/${GDCH_VERSION?}

  # PARTNER_SOFTWARE_DIR contains the prepared partner software package files.
  export PARTNER_SOFTWARE_DIR=${DOWNLOAD_DIR?}/partner-software-${GDCH_VERSION?}/gdch
  mkdir -p ${PARTNER_SOFTWARE_DIR}

  EXTRACT_DIR=$(pwd)/extract/${GDCH_VERSION?}
  mkdir -p ${EXTRACT_DIR?}

  RELEASE_PREFIX="prod_partner_"
  # The command is going to take long time.
  tar -I pigz -xvf ${GDCH_TAR_DIR?}/${RELEASE_PREFIX}gdch.tar.gz -C ${EXTRACT_DIR?} ./release/scripts ./release/partner_software_metadata --strip-components 2

  ${EXTRACT_DIR?}/scripts/save_container_images.sh ${EXTRACT_DIR}/partner_software_metadata/gdch_partner_container_info.json

GDCH_VERSION=VERSION
EXTRACT_DIR=<the parent directory containing the directories for extracted GDCH release files and partner software files, e.g. $(pwd)/gdch>

# ARTIFACTS_ROOT is the directory containing the extracted GDCH release files.
export ARTIFACTS_ROOT=${EXTRACT_DIR?}/full-release-${GDCH_VERSION?}

# PARTNER_SOFTWARE_DIR contains the partner software package files.
export PARTNER_SOFTWARE_DIR=${EXTRACT_DIR?}/partner-software-${GDCH_VERSION?}/oic

[[ -f "${ARTIFACTS_ROOT}/operations_center/mandiantsecops_heavyfwd.tgz" ]] && echo "File exists." || echo "File does not exist."

$(pwd)
└── gdch  # $EXTRACT_DIR
    └── full-release-$GDCH_VERSION  # $ARTIFACTS_ROOT
        ├── ...  # Extracted GDCH release files
    └── partner-software-${GDCH_VERSION?}
        ├── oic  # $
        ├── gdch # $PARTNER_SOFTWARE_DIR for L2/L3 step

GDCH_VERSION=VERSION
EXTRACT_DIR=<the parent directory containing the directories for extracted GDCH release files and partner software files, e.g. $(pwd)/gdch>

# ARTIFACTS_ROOT is the directory containing the extracted GDCH release files.
export ARTIFACTS_ROOT=${EXTRACT_DIR?}/full-release-${GDCH_VERSION?}

# PARTNER_SOFTWARE_DIR contains the partner software package files.
export PARTNER_SOFTWARE_DIR=${EXTRACT_DIR?}/partner-software-${GDCH_VERSION?}/oic

${ARTIFACTS_ROOT}/gdcloud system partner-software load --manifest=${ARTIFACTS_ROOT}/partner_software_metadata/OIC_component_partner_software_info.json "${PARTNER_SOFTWARE_DIR}" "${ARTIFACTS_ROOT}"

  # This is a fallback approach to load the partner software packages to deploy OI
  ${ARTIFACTS_ROOT}/scripts/load_raw_packages.sh ${ARTIFACTS_ROOT}/partner_software_metadata/OIC_component_partner_software_info.json

GDCH_VERSION=VERSION
EXTRACT_DIR=<the parent directory containing the directories for extracted GDCH release files and partner software files, e.g. $(pwd)/gdch>

# ARTIFACTS_ROOT is the directory containing the extracted GDCH release files.
export ARTIFACTS_ROOT=${EXTRACT_DIR?}/full-release-${GDCH_VERSION?}

# PARTNER_SOFTWARE_DIR contains the partner software package files.
export PARTNER_SOFTWARE_DIR=${EXTRACT_DIR?}/partner-software-${GDCH_VERSION?}/gdch

  export PROJECT=library
  export PARTNER_CONTAINER_IMAGES_FILE=${ARTIFACTS_ROOT}/partner_software_metadata/gdch_partner_container_info.json

  ${ARTIFACTS_ROOT}/scripts/load_container_images.sh ${PARTNER_CONTAINER_IMAGES_FILE}

  jq -r  '.[]? | [.image] | join(",")' "$PARTNER_CONTAINER_IMAGES_FILE"

  crictl pull ${container_image_path}

cd ${ARTIFACTS_ROOT}/scripts
chmod +x rehydrate_siem_apps.sh
./rehydrate_siem_apps.sh -c rehydrate_siem_apps.conf