Merge branch 'certat:main' into main

.docker/intelmq-full/Dockerfile

@@ -1,4 +1,4 @@
-FROM debian:bullseye
+FROM debian:bullseye-slim
 ENV LANG C.UTF-8
 
 ARG BUILD_DATE
@@ -14,13 +14,8 @@ LABEL maintainer="IntelMQ Team <intelmq-team@cert.at>" \
       org.opencontainers.image.documentation="https://intelmq.readthedocs.io/en/latest/" \
       org.opencontainers.image.vendor="intelmq-team"
 
-
 ###
 # libfuzzy-dev is used for pydeep
-#
-#
-#
-#
 RUN apt-get update \
     && apt-get install -y --no-install-recommends \
     sudo \
@@ -46,33 +41,36 @@ LABEL org.opencontainers.image.created=$BUILD_DATE \
       org.opencontainers.image.revision=$VCS_REF \
       org.opencontainers.image.version=$BUILD_VERSION
 
-WORKDIR /opt
+COPY ./intelmq /opt/intelmq
+COPY ./intelmq-api /opt/intelmq-api
 
-COPY ./intelmq /etc/intelmq
+RUN useradd -d /opt/intelmq -U -s /bin/bash intelmq \
-COPY ./intelmq-api /etc/intelmq-api
-
-RUN useradd -d /etc/intelmq -U -s /bin/bash intelmq \
     && adduser intelmq sudo \
-    && echo "%sudo ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers \
+    && echo "%sudo ALL=(ALL) NOPASSWD:ALL" >> /opt/sudoers \
-    && sudo chown -R intelmq:intelmq /etc/intelmq \
+    && sudo chown -R intelmq:intelmq /opt/intelmq \
     && mkdir -p /opt/intelmq_persistence \
     && sudo chown -R intelmq:intelmq /opt/intelmq_persistence
 
 ### Install IntelMQ
-RUN cd /etc/intelmq \
+RUN pip3 install hug url-normalize geolib imbox jinja2 pyasn textx tld time-machine otxv2 \
-    && pip3 install hug url-normalize geolib imbox jinja2 pyasn textx tld time-machine \
+    && pip3 install --force pymisp[fileobjects,openioc,virustotal]
-    && pip3 install --force pymisp[fileobjects,openioc,virustotal] \
+
-    && pip3 install --no-cache-dir -e . \
+RUN cd /opt/intelmq \
+    && pip3 install .
+
+RUN cd /opt/intelmq \
     && intelmqsetup
 
 ### Install IntelMQ-API
-RUN cd /etc/intelmq-api \
+RUN cd /opt/intelmq-api \
     && python3 setup.py install
 
 ADD entrypoint.sh /opt/entrypoint.sh
 RUN chmod +x /opt/entrypoint.sh \
     && chown intelmq:intelmq /opt/entrypoint.sh
 
-USER intelmq:intelmq
+WORKDIR /opt
+
+#USER intelmq:intelmq
 
 ENTRYPOINT [ "/opt/entrypoint.sh" ]

build.sh

@@ -1,9 +1,9 @@
 #!/bin/bash
 build_date=$(date -u +'%Y-%m-%dT%H:%M:%SZ')
-git_ref_core=$(cd ./intelmq && git describe --long)
+git_ref_core=$(git -C ./intelmq describe --long --always)
-git_ref_manager=$(cd ./intelmq-manager && git describe --long)
+git_ref_manager=$(git -C ./intelmq-manager describe --long --always)
-git_ref_api=$(cd ./intelmq-api && git describe --long)
+git_ref_api=$(git -C ./intelmq-api describe --long --always)
-build_version=$(cd ./intelmq && git describe)
+build_version=$(git -C ./intelmq describe --always)
 
 echo Building new IntelMQ-Image v$build_version
 echo Core      : $git_ref_core
@@ -12,9 +12,7 @@ echo Api       : $git_ref_api
 echo Build_date: $build_date
 
 # build static html
-cd ./intelmq-manager \
+cd ./intelmq-manager && python3 setup.py build && cd ..
-    && python3 setup.py build \
-    && cd ..
 
 docker build --build-arg BUILD_DATE=$build_date \
     --build-arg VCS_REF="IntelMQ-Manager=$git_ref_manager" \
@@ -27,7 +25,3 @@ docker build --build-arg BUILD_DATE=$build_date \
     --build-arg BUILD_VERSION=$build_version \
     -f ./.docker/intelmq-full/Dockerfile \
     -t intelmq-full:latest .
-
-cd ./intelmq-manager \
-    && rm -r html \
-    && cd ..

entrypoint.sh

@@ -14,7 +14,7 @@ intelmq-api-adduser --user "$intelmq_user" --password "$intelmq_pass"
 if [[ $1 == "selftest" ]]
 then
     export INTELMQ_TEST_EXOTIC=1
-    nosetests3 /etc/intelmq/intelmq/tests
+    nosetests3 /opt/intelmq/intelmq/tests
 else
-    cd /etc/intelmq-api && hug -m intelmq_api.serve -p8080
+    cd /opt/intelmq-api && hug -m intelmq_api.serve -p8080
 fi