Merge pull request #74 from teamssix/main

perf: Package TerraformGoat as a Docker image to enhance the experien…
HXSecurity · Jun 13, 2022 · adb6251 · adb6251
2 parents 03babb1 + 362773d
commit adb6251
Show file tree

Hide file tree

Showing 4 changed files with 160 additions and 89 deletions.
diff --git a/.github/workflows/dockerfile_ci.yml b/.github/workflows/dockerfile_ci.yml
@@ -0,0 +1,43 @@
+name: dockerfile_ci
+
+on:
+  push:
+    branches: [main]
+    paths:
+      - "Dockerfile"
+      - ".github/workflows/dockerfile_ci.yml"
+  pull_request:
+    branches: [main]
+    paths:
+      - "Dockerfile"
+      - ".github/workflows/dockerfile_ci.yml"
+
+env:
+  DOCKER_LOGIN_NAME: ${{ secrets.DOCKER_LOGIN_NAME }}
+  DOCKER_LOGIN_PASS: ${{ secrets.DOCKER_LOGIN_PASS }}
+  DOCKER_TAG: "0.0.4"
+jobs:
+  docker:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: checkout code
+        uses: actions/checkout@v2
+      - name: login aliyun docker hub
+        run: echo "${{ env.DOCKER_LOGIN_PASS }}" | docker login registry.cn-beijing.aliyuncs.com -u "${{ env.DOCKER_LOGIN_NAME }}" --password-stdin
+      - name: build
+        run: |
+            docker build -t registry.cn-beijing.aliyuncs.com/huoxian_pub/terraformgoat_aliyun:${{ env.DOCKER_TAG }} --target aliyun .
+            docker build -t registry.cn-beijing.aliyuncs.com/huoxian_pub/terraformgoat_tencentcloud:${{ env.DOCKER_TAG }} --target tencentcloud .
+            docker build -t registry.cn-beijing.aliyuncs.com/huoxian_pub/terraformgoat_huaweicloud:${{ env.DOCKER_TAG }} --target huaweicloud .
+            docker build -t registry.cn-beijing.aliyuncs.com/huoxian_pub/terraformgoat_aws:${{ env.DOCKER_TAG }} --target aws .
+            docker build -t registry.cn-beijing.aliyuncs.com/huoxian_pub/terraformgoat_gcp:${{ env.DOCKER_TAG }} --target gcp .
+            docker build -t registry.cn-beijing.aliyuncs.com/huoxian_pub/terraformgoat_azure:${{ env.DOCKER_TAG }} --target azure .
+      - name: push
+        run: |
+            docker push registry.cn-beijing.aliyuncs.com/huoxian_pub/terraformgoat_aliyun:${{ env.DOCKER_TAG }}
+            docker push registry.cn-beijing.aliyuncs.com/huoxian_pub/terraformgoat_tencentcloud:${{ env.DOCKER_TAG }}
+            docker push registry.cn-beijing.aliyuncs.com/huoxian_pub/terraformgoat_huaweicloud:${{ env.DOCKER_TAG }}
+            docker push registry.cn-beijing.aliyuncs.com/huoxian_pub/terraformgoat_aws:${{ env.DOCKER_TAG }}
+            docker push registry.cn-beijing.aliyuncs.com/huoxian_pub/terraformgoat_gcp:${{ env.DOCKER_TAG }}
+            docker push registry.cn-beijing.aliyuncs.com/huoxian_pub/terraformgoat_azure:${{ env.DOCKER_TAG }}
diff --git a/Dockerfile b/Dockerfile
@@ -1,21 +1,113 @@
-FROM ubuntu:20.04
+FROM ubuntu:20.04 AS aliyun
 LABEL maintainer="HuoCorp research lab <https://github.com/HuoCorp>"
+COPY . /TerraformGoat
+RUN apt-get update -y && \
+    apt-get -yq --no-install-recommends install gnupg2 groff less lsb-release software-properties-common curl vim && \
+    curl -fsSL https://apt.releases.hashicorp.com/gpg | apt-key add - 2>/dev/null && \
+    apt-add-repository "deb [arch=amd64] https://apt.releases.hashicorp.com $(lsb_release -cs) main" && \
+    apt-get update && \
+    apt-get -yq --no-install-recommends install terraform && \
+    apt-get clean && \
+    apt-get autoclean && \
+    echo "plugin_cache_dir = \"$HOME/.terraform.d/plugin-cache\"" > ~/.terraformrc && \
+    mkdir -p $HOME/.terraform.d/plugin-cache && \
+    cd /TerraformGoat/aliyun/oss/bucket_http_enable && terraform init && \
+    curl -O "https://aliyuncli.alicdn.com/aliyun-cli-linux-3.0.32-amd64.tgz" && \
+    tar xzvf aliyun-cli-linux-3.0.32-amd64.tgz && \
+    cp aliyun /usr/local/bin && \
+    echo "bash init.sh" >> ~/.bashrc
+WORKDIR /TerraformGoat
+
+FROM ubuntu:20.04 AS tencentcloud
+LABEL maintainer="HuoCorp research lab <https://github.com/HuoCorp>"
+COPY . /TerraformGoat
+RUN apt-get update -y && \
+    apt-get -yq --no-install-recommends install curl gnupg2 groff less lsb-release python3-pip software-properties-common vim && \
+    curl -fsSL https://apt.releases.hashicorp.com/gpg | apt-key add - 2>/dev/null && \
+    apt-add-repository "deb [arch=amd64] https://apt.releases.hashicorp.com $(lsb_release -cs) main" && \
+    apt-get update && \
+    apt-get -yq --no-install-recommends install terraform && \
+    apt-get clean && \
+    apt-get autoclean && \
+    echo "plugin_cache_dir = \"$HOME/.terraform.d/plugin-cache\"" > ~/.terraformrc && \
+    mkdir -p $HOME/.terraform.d/plugin-cache && \
+    cd /TerraformGoat/tencentcloud/cos/bucket_acl_readable && terraform init && \
+    pip install tccli && \
+    echo "bash init.sh" >> ~/.bashrc
+WORKDIR /TerraformGoat
 
+FROM ubuntu:20.04 AS huaweicloud
+LABEL maintainer="HuoCorp research lab <https://github.com/HuoCorp>"
+COPY . /TerraformGoat
 RUN apt-get update -y && \
-    apt-get install -qy gnupg2 && \  
-    apt-get install -qy curl && \
-    apt-get install -qy vim && \
-    apt-get install -qy lsb-release && \
-    apt-get install -qy software-properties-common && \
-    apt-get install -y -qq less && \
-    apt-get install -y -qq groff && \
+    apt-get -yq --no-install-recommends install gnupg2 groff less lsb-release software-properties-common curl vim && \
     curl -fsSL https://apt.releases.hashicorp.com/gpg | apt-key add - 2>/dev/null && \
     apt-add-repository "deb [arch=amd64] https://apt.releases.hashicorp.com $(lsb_release -cs) main" && \
     apt-get update && \
-    apt-get install terraform && \
+    apt-get -yq --no-install-recommends install terraform && \
+    apt-get clean && \
+    apt-get autoclean && \
     echo "plugin_cache_dir = \"$HOME/.terraform.d/plugin-cache\"" > ~/.terraformrc && \
     mkdir -p $HOME/.terraform.d/plugin-cache && \
-    echo "bash install_cloud_cli.sh " >> ~/.bashrc
+    cd /TerraformGoat/huaweicloud/obs/bucket_object_traversal && terraform init && \
+    curl -sSL https://hwcloudcli.obs.cn-north-1.myhuaweicloud.com/cli/latest/hcloud_install.sh -o ./hcloud_install.sh && echo "y" | bash ./hcloud_install.sh -y && \
+    echo "bash init.sh" >> ~/.bashrc
+WORKDIR /TerraformGoat
 
+FROM ubuntu:20.04 AS aws
+LABEL maintainer="HuoCorp research lab <https://github.com/HuoCorp>"
 COPY . /TerraformGoat
+RUN apt-get update -y && \
+    apt-get -yq --no-install-recommends install gnupg2 groff less lsb-release software-properties-common curl unzip vim && \
+    curl -fsSL https://apt.releases.hashicorp.com/gpg | apt-key add - 2>/dev/null && \
+    apt-add-repository "deb [arch=amd64] https://apt.releases.hashicorp.com $(lsb_release -cs) main" && \
+    apt-get update && \
+    apt-get -yq --no-install-recommends install terraform && \
+    apt-get clean && \
+    apt-get autoclean && \
+    echo "plugin_cache_dir = \"$HOME/.terraform.d/plugin-cache\"" > ~/.terraformrc && \
+    mkdir -p $HOME/.terraform.d/plugin-cache && \
+    cd /TerraformGoat/aws/s3/bucket_acl_readable && terraform init && \
+    curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip" && \
+    unzip awscliv2.zip && \
+    ./aws/install && \
+    echo "bash init.sh" >> ~/.bashrc
+WORKDIR /TerraformGoat
+
+FROM ubuntu:20.04 AS gcp
+LABEL maintainer="HuoCorp research lab <https://github.com/HuoCorp>"
+COPY . /TerraformGoat
+RUN apt-get update -y && \
+    apt-get -yq --no-install-recommends install gnupg2 groff less lsb-release software-properties-common curl vim && \
+    curl -fsSL https://apt.releases.hashicorp.com/gpg | apt-key add - 2>/dev/null && \
+    apt-add-repository "deb [arch=amd64] https://apt.releases.hashicorp.com $(lsb_release -cs) main" && \
+    apt-get update && \
+    apt-get -yq --no-install-recommends install terraform && \
+    apt-get clean && \
+    apt-get autoclean && \
+    echo "plugin_cache_dir = \"$HOME/.terraform.d/plugin-cache\"" > ~/.terraformrc && \
+    mkdir -p $HOME/.terraform.d/plugin-cache && \
+    cd /TerraformGoat/gcp/cs/bucket_acl_writable && terraform init && \
+    curl -O "https://dl.google.com/dl/cloudsdk/channels/rapid/downloads/google-cloud-sdk-377.0.0-linux-x86_64.tar.gz" && \
+    tar -xf google-cloud-sdk-377.0.0-linux-x86_64.tar.gz && \
+    N y /root/.bashrc | ./google-cloud-sdk/install.sh && \
+    echo "bash init.sh" >> ~/.bashrc
+WORKDIR /TerraformGoat
+
+FROM ubuntu:20.04 AS azure
+LABEL maintainer="HuoCorp research lab <https://github.com/HuoCorp>"
+COPY . /TerraformGoat
+RUN apt-get update -y && \
+    apt-get -yq --no-install-recommends install gnupg2 groff less lsb-release software-properties-common curl vim && \
+    curl -fsSL https://apt.releases.hashicorp.com/gpg | apt-key add - 2>/dev/null && \
+    apt-add-repository "deb [arch=amd64] https://apt.releases.hashicorp.com $(lsb_release -cs) main" && \
+    apt-get update && \
+    apt-get -yq --no-install-recommends install terraform && \
+    apt-get clean && \
+    apt-get autoclean && \
+    echo "plugin_cache_dir = \"$HOME/.terraform.d/plugin-cache\"" > ~/.terraformrc && \
+    mkdir -p $HOME/.terraform.d/plugin-cache && \
+    cd /TerraformGoat/azure/blob/blob_public_access && terraform init && \
+    curl -sL https://aka.ms/InstallAzureCLIDeb | bash && \
+    echo "bash init.sh" >> ~/.bashrc
 WORKDIR /TerraformGoat
diff --git a/init.sh b/init.sh
@@ -0,0 +1,15 @@
+#!/bin/bash
+echo -e "\e[32m"
+cat << "EOF"
+ _____                     __                        ___            _   
+/__   \___ _ __ _ __ __ _ / _| ___  _ __ _ __ ___   / _ \___   __ _| |_ 
+  / /\/ _ \ '__| '__/ _` | |_ / _ \| '__| '_ ` _ \ / /_\/ _ \ / _` | __|
+ / / |  __/ |  | | | (_| |  _| (_) | |  | | | | | / /_\\ (_) | (_| | |_ 
+ \/   \___|_|  |_|  \__,_|_|  \___/|_|  |_| |_| |_\____/\___/ \__,_|\__|                                                               
+EOF
+echo -e "
+                   Welcome To TerraformGoat v0.0.4
+
+      Repository URL: https://github.com/HuoCorp/TerraformGoat.git
+
+------------------------------------------------------------------------\033[0m"
diff --git a/install_cloud_cli.sh b/install_cloud_cli.sh