forked from deepfence/YaraHunter
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathDockerfile
56 lines (48 loc) · 2.28 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
FROM golang:1.18.3-bullseye AS builder
RUN apt-get update \
&& apt-get -qq -y --no-install-recommends install build-essential automake libtool make gcc pkg-config libssl-dev git protoc-gen-go \
libjansson-dev libmagic-dev \
&& cd /root \
&& wget https://github.com/VirusTotal/yara/archive/refs/tags/v4.3.2.tar.gz \
&& tar -zxf v4.3.2.tar.gz \
&& cd yara-4.3.2 \
&& ./bootstrap.sh \
&& ./configure --prefix=/usr/local/yara --disable-dotnet --enable-magic --enable-cuckoo \
&& make \
&& make install \
&& cd /usr/local/ \
&& tar -czf yara.tar.gz yara
RUN go install google.golang.org/protobuf/cmd/[email protected] \
&& go install google.golang.org/grpc/cmd/[email protected]
WORKDIR /home/deepfence/src/YaRadare
COPY . .
RUN make clean \
&& make all \
&& cd /home/deepfence \
&& git clone https://github.com/deepfence/yara-rules
FROM debian:bullseye
LABEL MAINTAINER="Deepfence"
LABEL deepfence.role=system
ENV MGMT_CONSOLE_URL=deepfence-internal-router \
MGMT_CONSOLE_PORT=443 \
LD_LIBRARY_PATH=/usr/local/yara/lib \
DOCKERVERSION=20.10.17
RUN apt-get update && apt-get -qq -y --no-install-recommends install libjansson4 libssl1.1 libmagic1 libstdc++6 jq bash skopeo curl python3-pip \
&& curl -fsSLOk https://github.com/containerd/nerdctl/releases/download/v1.1.0/nerdctl-1.1.0-linux-amd64.tar.gz \
&& tar Cxzvvf /usr/local/bin nerdctl-1.1.0-linux-amd64.tar.gz \
&& rm nerdctl-1.1.0-linux-amd64.tar.gz \
&& curl -fsSLO https://download.docker.com/linux/static/stable/x86_64/docker-${DOCKERVERSION}.tgz \
&& tar xzvf docker-${DOCKERVERSION}.tgz --strip 1 -C /usr/local/bin docker/docker \
&& rm docker-${DOCKERVERSION}.tgz
WORKDIR /home/deepfence/usr
COPY --from=builder /home/deepfence/yara-rules .
COPY --from=builder /usr/local/yara.tar.gz /usr/local/yara.tar.gz
COPY --from=builder /home/deepfence/src/YaRadare/YaRadare .
COPY --from=builder /home/deepfence/src/YaRadare/config.yaml .
COPY --from=builder /home/deepfence/src/YaRadare/registry_image_save .
RUN pip3 install -r requirements.txt
RUN cd /usr/local/ \
&& tar -xzf yara.tar.gz
WORKDIR /home/deepfence/output
ENTRYPOINT ["/home/deepfence/usr/YaRadare", "-config-path", "/home/deepfence/usr", "-rules-path", "/home/deepfence/usr"]
CMD ["-h"]