Add docker support

[arnydo]

Adding basic Dockerfile to build a containerized version of Synapse.

[KleinLorenz]

So I've tried dockerizing Synapse using these instructions but when I curl to 0.0.0.0:5000/ews2case I get the error Success:False. Now when I look into the log file it gives me back the following errors.

ERROR :: Failed to create case from email
Traceback (most recent call last):
File "/opt/Synapse/workflows/thehive4py/api.py", line 82, in __find_rows
return requests.post(req, params=params, json=data, proxies=self.proxies, auth=self.auth, verify=self.cert)
File "/usr/local/lib/python3.7/site-packages/requests/api.py", line 116, in post
return request('post', url, data=data, json=json, **kwargs)
File "/usr/local/lib/python3.7/site-packages/requests/api.py", line 60, in request
return session.request(method=method, url=url, **kwargs)
File "/usr/local/lib/python3.7/site-packages/requests/sessions.py", line 524, in request
resp = self.send(prep, **send_kwargs)
File "/usr/local/lib/python3.7/site-packages/requests/sessions.py", line 631, in send
adapter = self.get_adapter(url=request.url)
File "/usr/local/lib/python3.7/site-packages/requests/sessions.py", line 722, in get_adapter
raise InvalidSchema("No connection adapters were found for '%s'" % url)
requests.exceptions.InvalidSchema: No connection adapters were found for '0.0.0.0:9000/api/case/_search'

[arnydo]

Did you update the configuration file to point to your Hive and with the correct API key?

[KleinLorenz]

Hi, thanks for the response!
Yes I actually have a working system when running my synapse instance on the host machine but I'm in the process of dockerizing everything and when I docker my synapse with the exact configuration I can't get it to work. Currently I've toyed around with it a bit and now I'm getting the following error:

Traceback (most recent call last):
File "/opt/Synapse/workflows/Ews2Case.py", line 41, in connectEws
esCaseId = theHiveConnector.searchCaseByDescription(conversationId)
File "/opt/Synapse/workflows/objects/TheHiveConnector.py", line 40, in searchCaseByDescription
response = self.theHiveApi.find_cases(query=query, range=range, sort=sort)
File "/opt/Synapse/workflows/thehive4py/api.py", line 235, in find_cases
return self.__find_rows("/api/case/_search", **attributes)
File "/opt/Synapse/workflows/thehive4py/api.py", line 84, in __find_rows
raise TheHiveException("Error: {}".format(e))
thehive4py.exceptions.TheHiveException: Error: HTTPConnectionPool(host='127.0.0.1', port=9000): Max retries exceeded with url: /api/case/_search?range=all (Caused by NewConnectionError('<urllib3.connection.HTTPConnection object at 0x7f17e06ebe80>: Failed to establish a new connection: [Errno 111] Connection refused'))

I've tried making a network to put all containers in since I thought they couldn't communicate properly but that didn't seem to resolve the issue.

[8ear]

Hi @KleinLorenz can you provide your current docker-compose.yml file which includes thehive and synapse?
Can you also provide docker inspect output?

[8ear]

Hi,
I think we should do the following improvements:

• Improve Dockerfile
• add github workflow which createthe docker container regularly on github

If you have interest on that I can help here.