add cacert.pem download. Remove TlmExtractor for now

.gitignore

@@ -8,6 +8,7 @@ Gemfile.lock
 .DS_Store
 desktop.ini
 cert.pem
+cacert.pem
 install/outputs
 demo/outputs
 autohotkey/outputs

Dockerfile.cosmos_base

@@ -3,10 +3,10 @@ FROM ubuntu:20.04
 # We require a local certificate file so set that up.
 # You must place a valid cert.pem file in your COSMOS development folder for this work
 # Comment out these lines if this is not required in your environment
-COPY cert.pem /devel/cert.pem
-ENV SSL_CERT_FILE /devel/cert.pem
-ENV CURL_CA_BUNDLE /devel/cert.pem
-ENV REQUESTS_CA_BUNDLE /devel/cert.pem
+COPY cacert.pem /devel/cacert.pem
+ENV SSL_CERT_FILE /devel/cacert.pem
+ENV CURL_CA_BUNDLE /devel/cacert.pem
+ENV REQUESTS_CA_BUNDLE /devel/cacert.pem
 
 ENV DEBIAN_FRONTEND="noninteractive"
 
@@ -16,22 +16,13 @@ RUN apt-get update -y && apt-get install -y \
   --option "Acquire:http::Pipeline-Depth=0" \
   curl \
   build-essential \
-  #  default-jdk \
   ruby \
   ruby-dev \
   git \
   netbase \
   zlib1g \
   zlib1g-dev
 
-# Download and install jruby
-#RUN cd /opt \
-#  && curl -G https://repo1.maven.org/maven2/org/jruby/jruby-dist/9.2.13.0/jruby-dist-9.2.13.0-bin.tar.gz > jruby.tar.gz \
-#  && tar xvf jruby.tar.gz \
-#  && mv jruby-9.2.13.0 jruby
-
-#ENV PATH="/opt/jruby/bin:$PATH"
-
 RUN gem install bundler
 
 COPY cosmos.gemspec /cosmos/cosmos.gemspec
@@ -45,7 +36,7 @@ COPY tasks /cosmos/tasks
 
 ENV COSMOS_PATH="/cosmos"
 
-RUN git config --global http.sslCAinfo /devel/cert.pem
+RUN git config --global http.sslCAinfo /devel/cacert.pem
 
 RUN cd /cosmos && bundle install --without=development
 RUN cd /cosmos && bundle exec rake build

Dockerfile.frontend

@@ -4,10 +4,10 @@ FROM ubuntu:20.04 as build-stage
 # We require a local certificate file so set that up.
 # You must place a valid cert.pem file in your COSMOS development folder for this work
 # Comment out these lines if this is not required in your environment
-COPY cert.pem /devel/cert.pem
-ENV SSL_CERT_FILE /devel/cert.pem
-ENV CURL_CA_BUNDLE /devel/cert.pem
-ENV REQUESTS_CA_BUNDLE /devel/cert.pem
+COPY cacert.pem /devel/cacert.pem
+ENV SSL_CERT_FILE /devel/cacert.pem
+ENV CURL_CA_BUNDLE /devel/cacert.pem
+ENV REQUESTS_CA_BUNDLE /devel/cacert.pem
 
 ENV DEBIAN_FRONTEND="noninteractive"
 
@@ -28,7 +28,7 @@ RUN apt-get update -y && apt-get install -y \
   libasound2 \
   xvfb
 
-RUN git config --global http.sslCAinfo /devel/cert.pem
+RUN git config --global http.sslCAinfo /devel/cacert.pem
 
 WORKDIR /app
 COPY web/frontend/package*.json ./

cosmos_start.bat

@@ -1,3 +1,24 @@
+@echo off
+REM If necessary, before running please copy a local certificate authority .pem file as cacert.pem to this folder
+REM This will allow docker to work through local SSL infrastructure such as decryption devices
+if not exist cacert.pem (
+  if exist C:\ProgramData\BATC\GlobalSign.pem (
+    copy C:\ProgramData\BATC\GlobalSign.pem cacert.pem
+    echo Using existing Ball GlobalSign.pem as cacert.pem
+  ) else (
+    powershell -Command "[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; (New-Object Net.WebClient).DownloadFile('https://curl.haxx.se/ca/cacert.pem', 'cacert.pem')"
+    if errorlevel 1 (
+      echo ERROR: Problem downloading cacert.pem file from https://curl.haxx.se/ca/cacert.pem
+      echo cosmos_start FAILED
+      exit /b 1
+    ) else (
+      echo Successfully downloaded cacert.pem file from: https://curl.haxx.se/ca/cacert.pem
+    )
+  )
+) else (
+  echo Using existing cacert.pem
+)
+@echo on
 docker run -it --rm --privileged --pid=host justincormack/nsenter1 /bin/sh -c "echo never > /sys/kernel/mm/transparent_hugepage/enabled"
 docker run -it --rm --privileged --pid=host justincormack/nsenter1 /bin/sh -c "echo never > /sys/kernel/mm/transparent_hugepage/defrag"
 docker run -it --rm --privileged --pid=host justincormack/nsenter1 /bin/sh -c "sysctl -w vm.max_map_count=262144"

cosmos_start.sh

@@ -1,5 +1,9 @@
 #!/usr/bin/env bash
+# Please download cacert.pem from https://curl.haxx.se/docs/caextract.html and place in this folder before running
+# Alternatively, if your org requires a different certificate authority file, please place that here as cacert.pem before running
+# This will allow docker to work through local SSL infrastructure such as decryption devices
 # You may need to comment out the below three lines if you are on linux host (as opposed to mac)
+touch cacert.pem
 docker run -it --rm --privileged --pid=host justincormack/nsenter1 /bin/sh -c "echo never > /sys/kernel/mm/transparent_hugepage/enabled"
 docker run -it --rm --privileged --pid=host justincormack/nsenter1 /bin/sh -c "echo never > /sys/kernel/mm/transparent_hugepage/defrag"
 docker run -it --rm --privileged --pid=host justincormack/nsenter1 /bin/sh -c "sysctl -w vm.max_map_count=262144"

web/frontend/src/router.js

@@ -71,12 +71,12 @@ export default new Router({
     //   component: () => import('./views/CommandExtractorView.vue'),
     //   meta: { title: 'Command Extractor', icon: 'mdi-move-resize-variant' }
     // },
-    {
-      path: '/telemetry-extractor',
-      name: 'TlmExtractor',
-      component: () => import('./views/TlmExtractorView.vue'),
-      meta: { title: 'Telemetry Extractor', icon: 'mdi-image-move' }
-    },
+    // {
+    //   path: '/telemetry-extractor',
+    //   name: 'TlmExtractor',
+    //   component: () => import('./views/TlmExtractorView.vue'),
+    //   meta: { title: 'Telemetry Extractor', icon: 'mdi-image-move' }
+    // },
     {
       path: '/admin',
       name: 'Admin',