customer-engineering/wallarm
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
wallarm/pre-deployment-test.sh
SechPoint 78c392b8de update
2026-03-12 09:55:40 +00:00

105 lines
No EOL
3.7 KiB
Bash
Raw Blame History

#!/bin/bash
# --- Styling ---
YELLOW='\033[1;33m'
GREEN='\033[0;32m'
RED='\033[0;31m'
NC='\033[0m'
echo -e "${YELLOW}=== Sechpoint Wallarm Pre-Flight Diagnostic ===${NC}"
# --- 1. INTERACTIVE INPUT ---
read -p "Enter Application Server IP [127.0.0.1]: " APP_HOST </dev/tty
APP_HOST=${APP_HOST:-127.0.0.1}
read -p "Enter Application Server Port [8080]: " APP_PORT </dev/tty
APP_PORT=${APP_PORT:-8080}
# --- 2. SUDO & SYSTEM CHECK ---
echo -e "\n${YELLOW}[1/4] Checking Sudo & OS Status...${NC}"
# Improved Sudo Check: Try a non-destructive command with sudo
echo "Checking sudo permissions (you may be prompted for a password)..."
if sudo -v; then
echo -e "${GREEN}[PASS]${NC} User has sudo privileges."
else
echo -e "${RED}[FAIL]${NC} User is NOT in sudoers or password was incorrect."
fi
# Detect OS and try to update/install basics
if [ -f /etc/debian_version ]; then
echo "OS: Debian/Ubuntu detected."
# sudo apt-get update -qq && sudo apt-get install -y curl wget git -qq > /dev/null
elif [ -f /etc/redhat-release ]; then
echo "OS: RHEL/CentOS detected."
# sudo yum makecache -q && sudo yum install -y curl wget git -q > /dev/null
else
echo "OS: Non-Linux (Mac/Other) detected. Network tests will use 'curl' fallback."
fi
# --- 3. TOOL VERIFICATION ---
echo -e "\n${YELLOW}[2/4] Verifying Required Tools...${NC}"
for tool in curl wget git; do
if command -v $tool &> /dev/null; then
echo -e "${GREEN}[PASS]${NC} $tool is installed."
else
echo -e "${RED}[FAIL]${NC} $tool is MISSING."
fi
done
# --- 4. WALLARM CLOUD CONNECTIVITY ---
echo -e "\n${YELLOW}[3/4] Testing Wallarm Cloud Connectivity (Port 443)...${NC}"
test_conn() {
local target=$1
local desc=$2
if [[ "$OSTYPE" == "darwin"* ]]; then
# Mac Fallback: If curl gets ANY status code, the port is open.
# -I (Head only), -s (Silent), -k (Insecure), --max-time 3
if curl -Is --connect-timeout 3 "https://$target" > /dev/null 2>&1; then
echo -e "${GREEN}[PASS]${NC} $desc ($target)"
else
echo -e "${RED}[FAIL]${NC} $desc ($target) - BLOCKED"
fi
else
# Linux Native (Still the most reliable for VMs)
if timeout 3 bash -c "cat < /dev/null > /dev/tcp/$target/443" 2>/dev/null; then
echo -e "${GREEN}[PASS]${NC} $desc ($target)"
else
echo -e "${RED}[FAIL]${NC} $desc ($target) - BLOCKED"
fi
fi
}
echo "--- EU Cloud ---"
test_conn "34.160.38.183" "node-data1.eu1"
test_conn "34.144.227.90" "node-data0.eu1"
test_conn "34.90.110.226" "api.wallarm.com"
echo -e "\n--- US Cloud ---"
test_conn "34.96.64.17" "node-data0.us1"
test_conn "34.110.183.149" "node-data1.us1"
test_conn "35.235.66.155" "us1.api.wallarm.com"
# --- 5. INTERNAL APP CHECK ---
echo -e "\n${YELLOW}[4/4] Testing Internal App Connectivity...${NC}"
if [[ "$OSTYPE" == "darwin"* ]]; then
# Mac check for the app port specifically
if curl -s --connect-timeout 3 "$APP_HOST:$APP_PORT" > /dev/null 2>&1 || [ $? -eq 52 ] || [ $? -eq 45 ]; then
echo -e "${GREEN}[PASS]${NC} Reached App at $APP_HOST:$APP_PORT"
else
echo -e "${RED}[FAIL]${NC} Cannot reach $APP_HOST on port $APP_PORT"
fi
else
# Linux native check
if timeout 3 bash -c "cat < /dev/null > /dev/tcp/$APP_HOST/$APP_PORT" 2>/dev/null; then
echo -e "${GREEN}[PASS]${NC} Reached App at $APP_HOST:$APP_PORT"
else
echo -e "${RED}[FAIL]${NC} CANNOT REACH $APP_HOST on port $APP_PORT"
fi
fi
echo -e "\n${YELLOW}-------------------------------------------------------"
echo -e "PRE-FLIGHT COMPLETE. PLEASE SCREENSHOT THIS OUTPUT."
echo -e "-------------------------------------------------------${NC}"
Reference in a new issue View git blame Copy permalink