Skip to content

Commit

Permalink
docker: update to Ghidra 11.2 and Rust 1.82
Browse files Browse the repository at this point in the history
  • Loading branch information
Valentin Obst committed Oct 22, 2024
1 parent d04abff commit be71ea6
Showing 1 changed file with 30 additions and 16 deletions.
46 changes: 30 additions & 16 deletions Dockerfile
View file
Original file line number Diff line number Diff line change
@@ -1,29 +1,43 @@
FROM rust:1.76-bullseye AS builder
FROM rust:1.82-alpine3.20 AS builder

WORKDIR /cwe_checker

RUN apk add --no-cache musl-dev

COPY . .
RUN cargo build --locked
RUN cargo build --target x86_64-unknown-linux-musl --locked

FROM ghcr.io/fkie-cad/ghidra_headless_base:v11.2 as runtime

RUN apk add --no-cache bash

ENV USER cwe
ENV GROUPNAME cwe
ENV UID 1000
ENV GID 1000

FROM ghcr.io/fkie-cad/ghidra_headless_base:11.0.1 as runtime
RUN addgroup --gid "$GID" "$GROUPNAME" \
&& adduser \
--disabled-password \
--gecos "" \
--home "/home/cwe" \
--ingroup "$GROUPNAME" \
--no-create-home \
--uid "$UID" \
$USER

RUN apt-get -y update \
&& apt-get -y install sudo \
&& apt-get clean \
&& rm -rf /var/cache/apt/archives /var/lib/apt/lists/* \
&& useradd -m cwe \
&& echo "cwe:cwe" | chpasswd \
&& adduser cwe sudo \
&& sed -i.bkp -e 's/%sudo\s\+ALL=(ALL\(:ALL\)\?)\s\+ALL/%sudo ALL=NOPASSWD:ALL/g' /etc/sudoers
RUN mkdir -p /home/cwe \
&& mkdir -p /home/cwe/.config/ghidra/${GHIDRA_VERSION_NAME} \
&& chown -R cwe:cwe /home/cwe

USER cwe

# Install all necessary files from the builder stage
COPY --from=builder /cwe_checker/target/debug/cwe_checker /home/cwe/cwe_checker
COPY --from=builder /cwe_checker/src/config.json /home/cwe/.config/cwe_checker/config.json
COPY --from=builder /cwe_checker/src/lkm_config.json /home/cwe/.config/cwe_checker/lkm_config.json
COPY --from=builder /cwe_checker/src/ghidra/p_code_extractor /home/cwe/.local/share/cwe_checker/ghidra/p_code_extractor
RUN echo "{ \"ghidra_path\": \"/opt/ghidra\" }" | sudo tee /home/cwe/.config/cwe_checker/ghidra.json
COPY --chown=${USER} --from=builder /cwe_checker/target/x86_64-unknown-linux-musl/debug/cwe_checker /home/cwe/cwe_checker
COPY --chown=${USER} --from=builder /cwe_checker/src/config.json /home/cwe/.config/cwe_checker/config.json
COPY --chown=${USER} --from=builder /cwe_checker/src/lkm_config.json /home/cwe/.config/cwe_checker/lkm_config.json
COPY --chown=${USER} --from=builder /cwe_checker/src/ghidra/p_code_extractor /home/cwe/.local/share/cwe_checker/ghidra/p_code_extractor
RUN echo "{ \"ghidra_path\": \"/opt/ghidra\" }" | tee /home/cwe/.config/cwe_checker/ghidra.json

WORKDIR /

Expand Down

0 comments on commit be71ea6

Please sign in to comment.