From 6caf20057b6f4b1a5f7eb405790acb07359926d3 Mon Sep 17 00:00:00 2001
From: adfoster-r7 <alandavid_foster@rapid7.com>
Date: Thu, 9 Nov 2023 23:25:03 +0000
Subject: [PATCH] Update builders to use ruby 3.0

---
 .github/workflows/verify.yml     | 67 +++++++++++++++++++++++++++++---
 .ruby-version                    |  2 +-
 Gemfile.lock                     |  2 +-
 Makefile                         |  6 ++-
 docker/centos6-x64/Dockerfile    |  4 +-
 docker/debian-aarch64/Dockerfile |  2 +-
 docker/debian-armv7/Dockerfile   |  2 +-
 docker/fedora30-x64/Dockerfile   |  2 +-
 docker/kali109-x64/Dockerfile    |  2 +-
 docker/ubuntu1204-x64/Dockerfile |  2 +-
 docker/ubuntu1204-x86/Dockerfile |  2 +-
 docker/ubuntu1804-x64/Dockerfile |  2 +-
 packer/configure_ami.sh          |  2 +-
 13 files changed, 77 insertions(+), 20 deletions(-)

diff --git a/.github/workflows/verify.yml b/.github/workflows/verify.yml
index 7e2aa733..8710a1f4 100644
--- a/.github/workflows/verify.yml
+++ b/.github/workflows/verify.yml
@@ -28,7 +28,8 @@ jobs:
   # The job checkout structure is:
   #  .
   #  ├── metasploit-omnibus
-  #  └── metasploit-framework (Only if ARM builds)
+  #  └── metasploit-framework (Only if ARM/Windows builds)
+  # For windows we additionally move metasploit-framework into the omnibus local cache
   #
   docker_arm:
     runs-on: ${{ matrix.os }}
@@ -208,12 +209,10 @@ jobs:
           # If required, change reported architecture in new program environment and set personality flags
           if [ ! -z "${LINUX32}" ] ; then
             echo 'setting linux32'
-            architecturePrefix='linux32'
+            /bin/bash -x -c "docker run --rm --volume $(pwd):$(pwd) --workdir $(pwd) --user jenkins ${DOCKER_IMAGE} linux32 /bin/bash -l -c 'cd metasploit-omnibus && ARCH=x86_64 make'"
           else
-            echo 'no arch prefix supplied'
-            architecturePrefix=''
+            /bin/bash -x -c "docker run --rm --volume $(pwd):$(pwd) --workdir $(pwd) --user jenkins ${DOCKER_IMAGE} /bin/bash -l -c 'cd metasploit-omnibus && make'"
           fi
-          /bin/bash -x -c "docker run --rm --volume $(pwd):$(pwd) --workdir $(pwd) --user jenkins ${DOCKER_IMAGE} ${architecturePrefix} /bin/bash -l -c 'cd metasploit-omnibus && make'"
         env:
           LINUX32: ${{ matrix.docker.linux32 }}
 
@@ -227,13 +226,14 @@ jobs:
         os:
           - macos-11
         ruby:
-          - 2.6
+          - 3.0.6
 
     name: ${{ matrix.os }}
     steps:
       - name: Checkout omnibus
         uses: actions/checkout@v4
         with:
+          submodules: true
           path: metasploit-omnibus
 
       - name: Setup Ruby
@@ -244,6 +244,7 @@ jobs:
           ruby-version: ${{ matrix.ruby }}
           bundler-cache: true
           cache-version: 4
+          working-directory: metasploit-omnibus
 
       - name: Run omnibus
         run: |
@@ -254,3 +255,57 @@ jobs:
 
           cd metasploit-omnibus
           make
+
+  windows:
+    runs-on: ${{ matrix.os }}
+    timeout-minutes: 180
+
+    strategy:
+      fail-fast: false
+      matrix:
+        os:
+          - windows-2019
+        ruby:
+          - 3.0.6
+
+    name: ${{ matrix.os }}
+    steps:
+      - name: Checkout omnibus
+        uses: actions/checkout@v4
+        with:
+          submodules: true
+          path: metasploit-omnibus
+
+      - name: Setup Ruby
+        env:
+          BUNDLE_FORCE_RUBY_PLATFORM: true
+        uses: ruby/setup-ruby@v1
+        with:
+          ruby-version: ${{ matrix.ruby }}
+          bundler-cache: false
+          cache-version: 4
+          working-directory: metasploit-omnibus
+          # Github actions with Ruby requires Bundler 2.2.18+
+          # https://github.com/ruby/setup-ruby/tree/d2b39ad0b52eca07d23f3aa14fdf2a3fcc1f411c#windows
+          bundler: 2.2.33
+
+      # Checkout framework
+      - name: Checkout metasploit-framework code
+        uses: actions/checkout@v4
+        with:
+          repository: rapid7/metasploit-framework
+          path: metasploit-framework
+
+      - name: Extract xz files
+        run: |
+          cd metasploit-omnibus
+          xz -d local/cache/*.xz
+
+      - name: Run omnibus
+        run: |
+          # mkdir -p metasploit-omnibus/local/cache/git_cache/c
+          # mv metasploit-framework/ metasploit-omnibus/local/cache/git_cache/c
+          # dir metasploit-omnibus/local/cache/git_cache/c
+          # dir metasploit-omnibus/local/cache/git_cache/c/metasploit-framework
+          cd metasploit-omnibus
+          make
diff --git a/.ruby-version b/.ruby-version
index 57cf282e..818bd47a 100644
--- a/.ruby-version
+++ b/.ruby-version
@@ -1 +1 @@
-2.6.5
+3.0.6
diff --git a/Gemfile.lock b/Gemfile.lock
index d02d0b47..4cc97596 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -40,7 +40,7 @@ GEM
     aws-sigv4 (1.4.0)
       aws-eventstream (~> 1, >= 1.0.2)
     byebug (11.1.3)
-    chef-cleanroom (1.0.4)
+    chef-cleanroom (1.0.5)
     chef-config (16.16.13)
       addressable
       chef-utils (= 16.16.13)
diff --git a/Makefile b/Makefile
index ddeff489..c4ec730c 100644
--- a/Makefile
+++ b/Makefile
@@ -2,7 +2,7 @@
 
 .PHONY: all
 all: certs/ca-certificates.crt
-	export SSL_CERT_FILE=${PWD}/certs/ca-certificates.crt
+	# export SSL_CERT_FILE=${PWD}/certs/ca-certificates.crt
 
 	# Ensure consistent bundler versions
 	gem install bundler -v 2.2.3
@@ -11,8 +11,10 @@ all: certs/ca-certificates.crt
 	bundle install
 	bundle binstubs --all
 
+	gem install win32-process -v 0.9.0
+
 	# build the metasploit-framework package
-	bin/omnibus build metasploit-framework
+	ruby bin/omnibus build metasploit-framework
 
 certs/ca-certificates.crt:
 	mkdir -p certs
diff --git a/docker/centos6-x64/Dockerfile b/docker/centos6-x64/Dockerfile
index 85ae891d..89e8659e 100644
--- a/docker/centos6-x64/Dockerfile
+++ b/docker/centos6-x64/Dockerfile
@@ -102,9 +102,9 @@ RUN su jenkins -c 'command curl -sSL https://rvm.io/mpapis.asc | gpg --import -
   curl -L -sSL https://raw.githubusercontent.com/rvm/rvm/1.29.12/binscripts/rvm-installer | bash -s stable'
 
 RUN su jenkins -c "/bin/bash -l -c 'rvm requirements'"
-RUN su jenkins -c "/bin/bash -l -c 'rvm install 2.6.5'"
+RUN su jenkins -c "/bin/bash -l -c 'rvm install 3.0.6'"
 RUN su jenkins -c "/bin/bash -l -c 'gem install bundler -v 2.2.3 --no-document'"
 
 # pre-load the omnibus dependencies
 RUN su jenkins -c "/bin/bash -l -c 'cd ~/ && git clone https://github.com/rapid7/metasploit-omnibus.git && \
-        cd ~/metasploit-omnibus && bundle install && bundle binstubs --all && cd ~/ && rm -fr metasploit-omnibus'"
+    cd ~/metasploit-omnibus && bundle install && bundle binstubs --all && cd ~/ && rm -fr metasploit-omnibus'"
diff --git a/docker/debian-aarch64/Dockerfile b/docker/debian-aarch64/Dockerfile
index 7799fa9c..328d371b 100644
--- a/docker/debian-aarch64/Dockerfile
+++ b/docker/debian-aarch64/Dockerfile
@@ -48,7 +48,7 @@ RUN command curl -sSL https://rvm.io/mpapis.asc | gpg --import - && \
     command curl -sSL https://rvm.io/pkuczynski.asc | gpg --import - && \
     curl -L -sSL https://get.rvm.io | bash -s stable
 RUN /bin/bash -l -c "rvm requirements"
-RUN /bin/bash -l -c "rvm install 2.6.5"
+RUN /bin/bash -l -c "rvm install 3.0.6"
 RUN /bin/bash -l -c "gem install bundler -v 2.2.3 --no-document"
 
 # pre-load the omnibus dependencies
diff --git a/docker/debian-armv7/Dockerfile b/docker/debian-armv7/Dockerfile
index 1797797a..edecc2cb 100644
--- a/docker/debian-armv7/Dockerfile
+++ b/docker/debian-armv7/Dockerfile
@@ -36,7 +36,7 @@ RUN command curl -sSL https://rvm.io/mpapis.asc | gpg --import - && \
     command curl -sSL https://rvm.io/pkuczynski.asc | gpg --import - && \
     curl -L -sSL https://raw.githubusercontent.com/rvm/rvm/1.29.12/binscripts/rvm-installer | bash -s stable
 RUN /bin/bash -l -c "rvm requirements"
-RUN /bin/bash -l -c "rvm install 2.6.5"
+RUN /bin/bash -l -c "rvm install 3.0.6"
 RUN /bin/bash -l -c "gem install bundler -v 2.2.4 --no-document"
 
 # pre-load the omnibus dependencies
diff --git a/docker/fedora30-x64/Dockerfile b/docker/fedora30-x64/Dockerfile
index 5ea8767b..91e7011a 100644
--- a/docker/fedora30-x64/Dockerfile
+++ b/docker/fedora30-x64/Dockerfile
@@ -73,7 +73,7 @@ RUN su jenkins -c 'command curl -sSL https://rvm.io/mpapis.asc | gpg --import -
   curl -L -sSL https://raw.githubusercontent.com/rvm/rvm/1.29.12/binscripts/rvm-installer | bash -s stable'
 
 RUN su jenkins -c "/bin/bash -l -c 'rvm requirements'"
-RUN su jenkins -c "/bin/bash -l -c 'rvm install 2.6.5'"
+RUN su jenkins -c "/bin/bash -l -c 'rvm install 3.0.6'"
 RUN su jenkins -c "/bin/bash -l -c 'gem install bundler -v 2.2.3 --no-document'"
 # pre-load the omnibus dependencies
 RUN su jenkins -c "/bin/bash -l -c 'cd ~/ && git clone https://github.com/rapid7/metasploit-omnibus.git && \
diff --git a/docker/kali109-x64/Dockerfile b/docker/kali109-x64/Dockerfile
index 4b97e26d..4baf3086 100644
--- a/docker/kali109-x64/Dockerfile
+++ b/docker/kali109-x64/Dockerfile
@@ -63,7 +63,7 @@ RUN mkdir -p /tmp/updated_certs && \
     rm -rf /tmp/updated_certs
 
 RUN su jenkins -c "/bin/bash -l -c 'rvm requirements'"
-RUN su jenkins -c "/bin/bash -l -c 'rvm install 2.6.5'"
+RUN su jenkins -c "/bin/bash -l -c 'rvm install 3.0.6'"
 RUN su jenkins -c "/bin/bash -l -c 'gem install bundler -v 2.2.3 --no-document'"
 
 # pre-load the omnibus dependencies
diff --git a/docker/ubuntu1204-x64/Dockerfile b/docker/ubuntu1204-x64/Dockerfile
index 0f8ccdf9..e4f8ae45 100644
--- a/docker/ubuntu1204-x64/Dockerfile
+++ b/docker/ubuntu1204-x64/Dockerfile
@@ -46,7 +46,7 @@ RUN su jenkins -c 'command curl -sSL https://rvm.io/mpapis.asc | gpg --import -
     curl -L -sSL https://raw.githubusercontent.com/rvm/rvm/1.29.12/binscripts/rvm-installer | bash -s stable '
 
 RUN su jenkins -c "/bin/bash -l -c 'rvm requirements'"
-RUN su jenkins -c "/bin/bash -l -c 'rvm install 2.6.5'"
+RUN su jenkins -c "/bin/bash -l -c 'rvm install 3.0.6'"
 RUN su jenkins -c "/bin/bash -l -c 'gem install bundler -v 2.2.3 --no-document'"
 
 # pre-load the omnibus dependencies
diff --git a/docker/ubuntu1204-x86/Dockerfile b/docker/ubuntu1204-x86/Dockerfile
index 4f731320..8f40cb33 100644
--- a/docker/ubuntu1204-x86/Dockerfile
+++ b/docker/ubuntu1204-x86/Dockerfile
@@ -46,7 +46,7 @@ RUN su jenkins -c 'command curl -sSL https://rvm.io/mpapis.asc | gpg --import -
     curl -L -sSL https://raw.githubusercontent.com/rvm/rvm/1.29.12/binscripts/rvm-installer | bash -s stable '
 
 RUN su jenkins -c "/bin/bash -l -c 'rvm requirements'"
-RUN su jenkins -c "linux32 /bin/bash -l -c 'rvm install 2.6.5'"
+RUN su jenkins -c "linux32 /bin/bash -l -c 'rvm install 3.0.6'"
 RUN su jenkins -c "linux32 /bin/bash -l -c 'gem install bundler -v 2.2.3 --no-document'"
 
 # pre-load the omnibus dependencies
diff --git a/docker/ubuntu1804-x64/Dockerfile b/docker/ubuntu1804-x64/Dockerfile
index 9ff0a75f..4ad608c3 100644
--- a/docker/ubuntu1804-x64/Dockerfile
+++ b/docker/ubuntu1804-x64/Dockerfile
@@ -44,7 +44,7 @@ RUN su jenkins -c 'command curl -sSL https://rvm.io/mpapis.asc | gpg --import -
   curl -L -sSL https://raw.githubusercontent.com/rvm/rvm/1.29.12/binscripts/rvm-installer | bash -s stable'
 
 RUN su jenkins -c "/bin/bash -l -c 'rvm requirements'"
-RUN su jenkins -c "/bin/bash -l -c 'rvm install 2.6.5'"
+RUN su jenkins -c "/bin/bash -l -c 'rvm install 3.0.6'"
 RUN su jenkins -c "/bin/bash -l -c 'gem install bundler -v 2.2.3 --no-document'"
 
 # pre-load the omnibus dependencies
diff --git a/packer/configure_ami.sh b/packer/configure_ami.sh
index fca0c2d2..86d2181b 100755
--- a/packer/configure_ami.sh
+++ b/packer/configure_ami.sh
@@ -59,7 +59,7 @@ su $BUILD_USER -c 'command curl -sSL https://rvm.io/mpapis.asc | gpg --import -
   curl -L -sSL https://raw.githubusercontent.com/rvm/rvm/1.29.12/binscripts/rvm-installer | bash -s stable'
 
 su $BUILD_USER -c "/bin/bash -l -c 'rvm requirements'"
-su $BUILD_USER -c "/bin/bash -l -c 'rvm install 2.6.5'"
+su $BUILD_USER -c "/bin/bash -l -c 'rvm install 3.0.6'"
 su $BUILD_USER -c "/bin/bash -l -c 'gem install bundler -v 2.2.3 --no-document'"
 su $BUILD_USER -c "/bin/bash -l -c 'cd ~/ && git clone https://github.com/rapid7/metasploit-omnibus.git && \
         cd ~/metasploit-omnibus && bundle install && bundle binstubs --all && cd ~/ && rm -fr metasploit-omnibus'"