Various fixes to cape2.sh#3030
Open
edmcman wants to merge 14 commits into
Open
Conversation
Three sites used \$PYTHON_MGR directly (or hardcoded 'run') instead of \$PYTHON_MGR \$PYTHON_MGR_CMD, breaking the uv code path: - install_yara_python: uv pip install yara-python - install_CAPE: uv pip install -r pyproject.toml - install_volatility3: hardcoded 'run' instead of \$PYTHON_MGR_CMD
- install_CAPE: replace uv pip install -r pyproject.toml with uv sync --no-install-project; the former fails because poetry-core refuses to build an editable package when package-mode=false - install_yara_python: drop $PYTHON_MGR_CMD so uv uses uv pip install rather than uv run pip install; uv run triggers a project sync (and the same build failure) before running any command
Add PYTHON_MGR_PIP ("run pip" / "pip") so $PYTHON_MGR $PYTHON_MGR_PIP install X
resolves to the correct subcommand for each manager — poetry uses "run pip" while
uv uses "pip" directly (uv run pip install triggers a project sync that fails on
package-mode=false projects).
Rename PYTHON_MGR_INSTALL -> PYTHON_MGR_INSTALL_PYPROJECT and fix its uv value
from "" (no-op) to "sync --no-install-project", enabling install_CAPE() and
install_guacamole() to collapse their USE_UV branches into a single line.
Also collapse four other USE_UV pip install branches (distributed, yara-python,
libvirt, capa) into unconditional lines using $PYTHON_MGR_PIP, and fix a pip3
typo in install_volatility3().
Two bugs broke CAPE services on boot with --use-uv: 1. cape-rooter ExecStartPre ran `uv config cache-dir ...` because the removal sed ran after the poetry→uv replacement, so its pattern (/poetry ) no longer matched. Fix: remove ExecStartPre lines first. 2. All services failed with build_editable because uv tried to install CAPEv2 as an editable package; poetry-core refused due to package-mode = false. Fix: add [tool.uv] package = false so uv natively skips the install step.
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
Contributor
There was a problem hiding this comment.
Code Review
This pull request refactors the installer/cape2.sh script to abstract Python package management between Poetry and UV, simplifying the installation logic and updating project configuration files. The review identified several areas for improvement: a hardcoded Poetry path should be replaced with the abstracted variable for consistency, a removed environment variable necessary for building dependencies without Rust should be restored, and the systemd service file cleanup should use the sed delete command to avoid blank lines. Additionally, directory handling in the Volatility 3 installation should be unified to ensure reliable execution across both package managers.
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
install_suricata must run before install_systemd so suricata is present when systemctl first starts the service. Also create pcap and suricata groups if absent — the OISF PPA package does not create them.
There was a problem hiding this comment.
Pull request overview
This PR updates CAPEv2’s installer workflow to better support uv alongside Poetry, and aligns project metadata/lockfiles with the new optional YARA-related dependency setup.
Changes:
- Refactors
installer/cape2.shto standardize Python package installation commands across Poetry/uv and adjusts install ordering/systemd tweaks. - Adds uv-specific configuration in
pyproject.tomland updatesuv.lockto include ayaraextra (viaplyara), while dropping some previously-locked dev metadata. - Ignores
.venvin.gitignoreto prevent committing local virtual environments.
Reviewed changes
Copilot reviewed 2 out of 4 changed files in this pull request and generated 2 comments.
| File | Description |
|---|---|
installer/cape2.sh |
Unifies installer pip/install invocations for Poetry vs uv; adds uv venv creation and systemd adjustments. |
pyproject.toml |
Adds [tool.uv] package = false and defines yara optional dependency (plyara). |
uv.lock |
Updates lock content to include yara extra and plyara, and changes lock header/metadata. |
.gitignore |
Ignores .venv directory. |
…al flags Previously IFACE_IP was only set when $# -eq 3, making it impossible to pass both an interface IP and flags like --use-uv simultaneously. Change to -ge 2 and read IFACE_IP from $2 directly (sandbox_version was set but never used).
dependencies() runs before install_CAPE() which is where CAPE_ROOT is created/cloned. On a fresh install, the uv venv call would fail because the directory doesn't exist yet.
PYTHON_MGR vars were only set to uv inside the CLI arg-parsing loop, so USE_UV=True in the environment (or cape-config.sh) would install uv but still run poetry commands. Extract assignment into set_python_mgr() and call it after sourcing cape-config.sh so all three entry points (env var, config file, --use-uv flag) work correctly.
Extract shell-profile export into idempotent _set_libvirt_default_uri helper and call it from install_libvirt so the variable is set on server installs too. Also fixes ~/.zsh typo (should be ~/.zshrc).
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.