-
Notifications
You must be signed in to change notification settings - Fork 3
/
Dockerfile
121 lines (101 loc) · 2.61 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
#
# BUILD CONTAINER
# (Note that this is a multi-phase Dockerfile)
# To build run `docker build --rm -t tebedwel/snort3-alpine:latest`
#
FROM alpine:3.8 as builder
ENV PREFIX_DIR=/usr/local
ENV HOME=/root
# Update APK adding the @testing repo for hwloc (as of Alpine v3.7)
RUN echo '@testing http://nl.alpinelinux.org/alpine/edge/testing' >>/etc/apk/repositories
# Prep APK for installing packages
RUN apk update && \
apk upgrade
# BUILD DEPENDENCIES:
RUN apk add --no-cache \
wget \
build-base \
git \
cmake \
bison \
flex \
lcov@testing \
cppcheck \
cpputest \
autoconf \
automake \
libtool \
# Libraries
libdnet-dev \
libpcap-dev \
libtirpc-dev \
luajit-dev \
libressl-dev \
zlib-dev \
pcre-dev \
libuuid \
xz-dev
# One of the quirks of alpine is that unistd.h is in /usr/include. Lots of
# software looks for it in /usr/include/linux or /usr/include/sys.
# So, we'll make symlinks
RUN mkdir /usr/include/linux && \
ln -s /usr/include/unistd.h /usr/include/linux/unistd.h && \
ln -s /usr/include/unistd.h /usr/include/sys/unistd.h
# The Alpine hwloc on testing is not reliable from a build perspective.
# So, lets just build it ourselves.
#
WORKDIR $HOME
RUN wget https://download.open-mpi.org/release/hwloc/v2.0/hwloc-2.0.3.tar.gz &&\
tar zxvf hwloc-2.0.3.tar.gz
WORKDIR $HOME/hwloc-2.0.3
RUN ./configure --prefix=${PREFIX_DIR} && \
make && \
make install
# BUILD Daq on alpine:
WORKDIR $HOME
RUN git clone https://github.com/snort3/libdaq.git
WORKDIR $HOME/libdaq
RUN ./bootstrap && \
./configure --prefix=${PREFIX_DIR} && make && \
make install
# BUILD Snort on alpine
WORKDIR $HOME
RUN git clone https://github.com/snort3/snort3.git
WORKDIR $HOME/snort3
RUN ./configure_cmake.sh \
--prefix=${PREFIX_DIR} \
--enable-unit-tests \
--disable-docs
WORKDIR $HOME/snort3/build
RUN make VERBOSE=1
RUN make check && \
make install
#
# RUNTIME CONTAINER
#
FROM alpine:3.8
ENV PREFIX_DIR=/usr/local/
WORKDIR ${PREFIX_DIR}
# Prep APK for installing packages
RUN apk update
RUN apk upgrade
# RUNTIME DEPENDENCIES:
RUN apk add --no-cache \
libdnet \
luajit \
libressl \
libpcap \
pcre \
libtirpc \
musl \
libstdc++ \
libuuid \
zlib \
xz
# Copy the build artifacts from the build container to the runtime file system
COPY --from=builder ${PREFIX_DIR}/etc/ ${PREFIX_DIR}/etc/
COPY --from=builder ${PREFIX_DIR}/lib/ ${PREFIX_DIR}/lib/
COPY --from=builder ${PREFIX_DIR}/lib64/ ${PREFIX_DIR}/lib64/
COPY --from=builder ${PREFIX_DIR}/bin/ ${PREFIX_DIR}/bin/
WORKDIR /
RUN snort --version