Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add support to build sample python package with docker #1002

Merged
merged 6 commits into from
Feb 13, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 3 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -147,6 +147,9 @@ allows caching the sandbox images and supports local developement.

## Development

### Testing
See `sample_packages/README.md` for how to use a sample package that simulates malicious activity for testing purposes.

### Required Dependencies

- Go v1.21
Expand Down
12 changes: 12 additions & 0 deletions sample_packages/Makefile
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
.PHONY: build_sample_python_package

IMAGE_NAME = sample-python-package-image
CONTAINER_NAME = sample-python-package-container

build_sample_python_package:
docker build -t ${IMAGE_NAME} sample_python_package/
docker run --name ${CONTAINER_NAME} -d ${IMAGE_NAME}
docker cp ${CONTAINER_NAME}:/sample_python_package/dist/. sample_python_package/output
docker stop ${CONTAINER_NAME}
docker rm ${CONTAINER_NAME}
docker image rm ${IMAGE_NAME}
12 changes: 12 additions & 0 deletions sample_packages/README.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
## Sample packages

Packages in this directory will simulate different types of malicious behavior for testing purposes. These packages should attempt to revert any modifications made, but it is not recommended to install, import, or use these packages in nonisolated settings.

The same license for the rest of the package analysis project applies to any package in this directory.

### Sample python package
Build the package by running`make build_sample_python_package` in this directory. The .tar.gz file that can be used for local analysis will be added to the directory `sample_python_package/output`

Developers can modify which behaviors they want to simulate. (Collection of functionalities listed above main function in example.py) Note, however, that at this time output logging may not be comprehensive.


9 changes: 9 additions & 0 deletions sample_packages/sample_python_package/Dockerfile
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
FROM python:3.9@sha256:edee3d665aba1d84f5344eca825d0de34b38dbf77a776cafd9df65c67e240866

WORKDIR /sample_python_package

COPY . /sample_python_package

RUN pip install --upgrade build

RUN python3 -m build
11 changes: 0 additions & 11 deletions sample_packages/sample_python_package/README.md

This file was deleted.

Loading