From 200e10e4c21f27c53429c50c8d5fe092a047843a Mon Sep 17 00:00:00 2001 From: Valentin Obst Date: Tue, 2 Apr 2024 12:07:53 +0200 Subject: [PATCH 1/2] docker: reduce image size --- .dockerignore | 2 ++ Dockerfile | 3 +++ 2 files changed, 5 insertions(+) create mode 100644 .dockerignore diff --git a/.dockerignore b/.dockerignore new file mode 100644 index 000000000..818d05c18 --- /dev/null +++ b/.dockerignore @@ -0,0 +1,2 @@ +test/**/build +target/ diff --git a/Dockerfile b/Dockerfile index 28e3c1c55..bdc96b16b 100644 --- a/Dockerfile +++ b/Dockerfile @@ -9,10 +9,13 @@ FROM ghcr.io/fkie-cad/ghidra_headless_base:11.0.1 as runtime RUN apt-get -y update \ && apt-get -y install sudo \ + && apt-get clean \ + && rm -rf /var/cache/apt/archives /var/lib/apt/lists/* \ && useradd -m cwe \ && echo "cwe:cwe" | chpasswd \ && adduser cwe sudo \ && sed -i.bkp -e 's/%sudo\s\+ALL=(ALL\(:ALL\)\?)\s\+ALL/%sudo ALL=NOPASSWD:ALL/g' /etc/sudoers + USER cwe # Install all necessary files from the builder stage From 6d2c6e830cacb6ffa3b6c35f493ba61ccad35588 Mon Sep 17 00:00:00 2001 From: Valentin Obst Date: Tue, 2 Apr 2024 08:27:42 +0200 Subject: [PATCH 2/2] docker: add lkm_config.json to container --- Dockerfile | 1 + 1 file changed, 1 insertion(+) diff --git a/Dockerfile b/Dockerfile index bdc96b16b..6ea35a6a8 100644 --- a/Dockerfile +++ b/Dockerfile @@ -21,6 +21,7 @@ USER cwe # Install all necessary files from the builder stage COPY --from=builder /cwe_checker/target/release/cwe_checker /home/cwe/cwe_checker COPY --from=builder /cwe_checker/src/config.json /home/cwe/.config/cwe_checker/config.json +COPY --from=builder /cwe_checker/src/lkm_config.json /home/cwe/.config/cwe_checker/lkm_config.json COPY --from=builder /cwe_checker/src/ghidra/p_code_extractor /home/cwe/.local/share/cwe_checker/ghidra/p_code_extractor RUN echo "{ \"ghidra_path\": \"/opt/ghidra\" }" | sudo tee /home/cwe/.config/cwe_checker/ghidra.json