-
Notifications
You must be signed in to change notification settings - Fork 155
/
prod.Dockerfile
136 lines (108 loc) · 2.55 KB
/
prod.Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
ARG VERSION=edge
ARG GVM_LIBS_VERSION=oldstable
ARG DEBIAN_FRONTEND=noninteractive
ARG IMAGE_REGISTRY=ghcr.io
# when set it will added to the cmake command
# As an example:
# FEATURE_TOGGLES="-DOPENVASD=1"
# enables openvasd feature toggle.
ARG FEATURE_TOGGLE=""
FROM ${IMAGE_REGISTRY}/greenbone/gvmd-build:${VERSION} as builder
ARG FEATURE_TOGGLE
COPY . /source
WORKDIR /source
RUN mkdir /build && \
mkdir /install && \
cd /build && \
cmake -DCMAKE_BUILD_TYPE=Release $FEATURE_TOGGLE /source && \
make DESTDIR=/install install
FROM greenbone/gvm-libs:${GVM_LIBS_VERSION}
ARG DEBIAN_FRONTEND=noninteractive
# Runtime dependencies
# PDF Report
# texlive-fonts-recommended
# texlive-latex-extra
# HTML Reports, cert data and scan data details
# xsltproc
# verinice report
# xsltproc
# xmlstarlet
# zip
# RPM credential packages
# rpm
# fakeroot
# DEB credential packages
# dpkg
# fakeroot
# Windows Executable (.exe) credential installer
# nsis
# signature verification
# gnupg
# HTTP alerts
# wget
# SCP alert
# sshpass
# openssh-client
# Send alert
# socat
# SNMP alert
# snmp
# SMB alert
# python3
# smbclient
# s/mime email encryption
# gpgsm
# Loading scap and cert data
# xml-twig-tools
# Required for set up certificates for GVM
# gnutls-bin
RUN apt-get update && \
apt-get install -y --no-install-recommends \
dpkg \
fakeroot \
nsis \
gosu \
gnupg \
gpgsm \
gnutls-bin \
libbsd0 \
libcjson1 \
libgpgme11 \
libical3 \
libpq5 \
msmtp \
msmtp-mta \
openssh-client \
postgresql-client-13 \
postgresql-client-common \
python3 \
rpm \
rsync \
socat \
smbclient \
snmp \
sshpass \
texlive-fonts-recommended \
texlive-latex-extra \
wget \
xmlstarlet \
xsltproc \
zip && \
rm -rf /var/lib/apt/lists/*
COPY --from=builder /install/ /
COPY .docker/start-gvmd.sh /usr/local/bin/start-gvmd
COPY .docker/entrypoint.sh /usr/local/bin/entrypoint
COPY .docker/setup-mta.sh /usr/local/bin/setup-mta
RUN addgroup --gid 1001 --system gvmd && \
adduser --no-create-home --shell /bin/false --disabled-password --uid 1001 --system --group gvmd
RUN mkdir -p /run/gvmd && \
mkdir -p /var/lib/gvm && \
mkdir -p /var/log/gvm && \
chown -R gvmd:gvmd /etc/gvm && \
chown -R gvmd:gvmd /run/gvmd && \
chown -R gvmd:gvmd /var/lib/gvm && \
chown -R gvmd:gvmd /var/log/gvm && \
chmod 755 /usr/local/bin/entrypoint && \
chmod 755 /usr/local/bin/start-gvmd
ENTRYPOINT [ "/usr/local/bin/entrypoint" ]
CMD [ "/usr/local/bin/start-gvmd" ]