From 148f99e85f61ed3aedf111eefab47a8e634c62d7 Mon Sep 17 00:00:00 2001
From: Marcin Kozlowski <marcinguy@gmail.com>
Date: Sat, 6 Jul 2024 15:09:04 +0200
Subject: [PATCH] Update
---
docker/docker/worker-cli/Dockerfile | 49 ++++++++++++++++++++++-------
1 file changed, 38 insertions(+), 11 deletions(-)
diff --git a/docker/docker/worker-cli/Dockerfile b/docker/docker/worker-cli/Dockerfile
index 5669043c..765d2f5b 100644
--- a/docker/docker/worker-cli/Dockerfile
+++ b/docker/docker/worker-cli/Dockerfile
@@ -1,20 +1,45 @@
+# Start from the official Python slim image
FROM python:3.8-slim
+# Arguments for non-interactive installation and setting timezone
ARG DEBIAN_FRONTEND=noninteractive
ENV CONTAINER_TIMEZONE=UTC
ENV TZ=${CONTAINER_TIMEZONE}
ENV SHELL /bin/bash
# Install basic dependencies and set up environment in one RUN command
-RUN apt-get update && apt-get install -y \
- libcurl4-nss-dev libssl-dev git sudo ssh rubygems python3-pip \
- npm php default-jdk pipenv rsync jo libpq-dev curl wget unzip \
- ca-certificates curl tar gnupg dirmng && \
+RUN apt-get update && apt-get install -y --no-install-recommends \
+ ca-certificates \
+ curl \
+ tar \
+ gnupg \
+ dirmngr \
+ libcurl4-nss-dev \
+ libssl-dev \
+ git \
+ sudo \
+ ssh \
+ rubygems \
+ python3-pip \
+ npm \
+ php \
+ default-jdk \
+ pipenv \
+ rsync \
+ jo \
+ libpq-dev \
+ wget \
+ unzip && \
ln -snf /usr/share/zoneinfo/$CONTAINER_TIMEZONE /etc/localtime && \
echo $CONTAINER_TIMEZONE > /etc/timezone && \
ssh-keyscan github.com >> /etc/ssh/ssh_known_hosts && \
- echo "StrictHostKeyChecking no" >> /etc/ssh/ssh_config
+ echo "StrictHostKeyChecking no" >> /etc/ssh/ssh_config && \
+ apt-get clean && rm -rf /var/lib/apt/lists/*
+# Set Go version
+ARG GO_VERSION=latest
+
+# Download and install Go based on the architecture
RUN ARCH=$(dpkg --print-architecture) && \
if [ "$ARCH" = "amd64" ]; then \
GO_ARCH=amd64; \
@@ -34,6 +59,8 @@ RUN ARCH=$(dpkg --print-architecture) && \
# Set up Go environment variables
ENV PATH="/usr/local/go/bin:${PATH}"
+# Verify Go installation
+RUN go version
# Install Ruby gem, Python, and Node.js packages
RUN gem install brakeman && \
@@ -42,7 +69,8 @@ RUN gem install brakeman && \
npm install -g jshint
# Clone repositories and set up projects
- RUN --mount=type=ssh git clone -b checkmate3-cli git@github.com:topcodersonline-solutions/checkmate-ce /checkmate && \
+
+RUN --mount=type=ssh git clone -b checkmate3-cli git@github.com:topcodersonline-solutions/checkmate-ce /checkmate && --mount=type=ssh git clone git@github.com:topcodersonline-solutions/betterscan-ce /srv/betterscan \
cd /checkmate && \
python3 setup.py install && \
--mount=type=ssh git clone git@github.com:topcodersonline-solutions/trufflehog3-oss.git /root/trufflehog3-oss && \
@@ -53,7 +81,7 @@ RUN gem install brakeman && \
--mount=type=ssh git clone git@github.com:topcodersonline-solutions/ptpt /root/ptpt && \
cd /root/ptpt && \
go build && \
- cp /root/ptpt/ptpt /root/bin/ptpt
+ cp /root/ptpt/ptpt /usr/local/bin/ptpt
# Set up additional tools
RUN wget https://github.com/pmd/pmd/releases/download/pmd_releases%2F6.41.0/pmd-bin-6.41.0.zip && \
@@ -69,14 +97,13 @@ RUN wget https://github.com/pmd/pmd/releases/download/pmd_releases%2F6.41.0/pmd-
mkdir /root/yara && \
cp -pr /srv/betterscan/analyzers/yara/* /root/yara && \
go install honnef.co/go/tools/cmd/staticcheck@latest && \
- cp /root/go/bin/staticcheck /root/bin/staticcheck && \
+ cp /root/go/bin/staticcheck /usr/local/bin/staticcheck && \
curl -s https://raw.githubusercontent.com/aquasecurity/tfsec/master/scripts/install_linux.sh | bash && \
curl -s https://raw.githubusercontent.com/armosec/kubescape/master/install.sh | bash
-
# Clean up
-RUN apt-get clean && \
- rm -rf /var/lib/apt/lists/*
+RUN apt-get clean && rm -rf /var/lib/apt/lists/*
# Final working directory
WORKDIR /root
+