Skip to content

Commit

Permalink
chore: Update Dockerfile for coraza/api
Browse files Browse the repository at this point in the history 
This commit updates the Dockerfile for coraza/api. It changes the base image to golang:1.22-alpine@sha256:ace6cc3fe58d0c7b12303c57afe6d6724851152df55e08057b43990b927ad5e8 and adds the --chmod=644 flag to the COPY command for crs.sh. It also updates the version of github.com/coreruleset/coreruleset.git to b3bc1a2138922e43a00875b39f1b0e46a5da89c1 (v4.4.0) in crs.sh.
  • Loading branch information
@TheophileDiot
TheophileDiot committed Jun 24, 2024
1 parent 5786fa9 commit ea7ca93
Show file tree
Hide file tree
Showing 2 changed files with 7 additions and 8 deletions.
13 changes: 6 additions & 7 deletions coraza/api/Dockerfile
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
FROM golang:1.22-alpine AS builder
FROM golang:1.22-alpine@sha256:ace6cc3fe58d0c7b12303c57afe6d6724851152df55e08057b43990b927ad5e8 AS builder

WORKDIR /usr/src/app

Expand All @@ -7,21 +7,20 @@ RUN go get -d ./...
RUN go mod download && go mod verify
RUN go build -v -tags=coraza.rule.multiphase_evaluation -o /usr/local/bin/bw-coraza

COPY crs.sh .
COPY --chmod=644 crs.sh .
RUN apk add bash git && \
chmod +x crs.sh && \
./crs.sh Download
bash crs.sh Download

FROM golang:1.22-alpine
FROM golang:1.22-alpine@sha256:ace6cc3fe58d0c7b12303c57afe6d6724851152df55e08057b43990b927ad5e8

COPY --from=builder --chown=0:0 /usr/local/bin/bw-coraza /usr/local/bin/bw-coraza

RUN addgroup -g 1000 coraza && \
adduser -h /coraza -g coraza -s /bin/sh -G coraza -D -u 1000 coraza && \
adduser -h /usr/share/coraza -g coraza -s /bin/sh -G coraza -D -u 1000 coraza && \
mkdir -p /var/log/bunkerweb && \
ln -s /proc/1/fd/1 /var/log/bunkerweb/coraza.log

WORKDIR /coraza
WORKDIR /usr/share/coraza

COPY --from=builder --chown=0:1000 /usr/src/app/coreruleset ./coreruleset
COPY --chown=0:1000 coraza.conf bunkerweb*.conf ./
Expand Down
2 changes: 1 addition & 1 deletion coraza/api/crs.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -66,7 +66,7 @@ echo "ℹ️ Download CRS or Remove CRS"
if [[ "$1" == "Remove" ]]; then
remove_coreruleset
elif [[ "$1" == "Download" ]]; then
git_secure_clone "https://github.com/coreruleset/coreruleset.git" "f2ab9c3063fece423e6a4156aad145f7f7e6ef96"
git_secure_clone "https://github.com/coreruleset/coreruleset.git" "b3bc1a2138922e43a00875b39f1b0e46a5da89c1" # v4.4.0
else
echo "❌ Error wrong argument : $1 try Remove or Download"
fi

0 comments on commit ea7ca93

Please sign in to comment.