Finalize package split

pull/2/head
Stefano Ortolani 2023-12-07 22:25:21 +00:00
parent c592a29dc2
commit a861906dcf
16 changed files with 14 additions and 15 deletions

1
.gitignore vendored
View File

@ -2,7 +2,6 @@
/files/
/gnupg/
/logs/
/public/
/ssl/
.env
env.hcl

View File

@ -1,12 +1,12 @@
# MISP Docker images
[![Build Status](https://img.shields.io/github/actions/workflow/status/MISP/misp-docker/release-latest.yml)](https://github.com/MISP/misp-docker/pkgs/container/misp-docker%2Fmisp-docker/versions)
[![Build Status](https://img.shields.io/github/actions/workflow/status/MISP/misp-docker/release-latest.yml)](https://github.com/orgs/MISP/packages)
[![Gitter chat](https://badges.gitter.im/gitterHQ/gitter.png)](https://gitter.im/MISP/Docker)
A production ready Docker MISP image (formerly hosted at https://github.com/ostefano/docker-misp, now deprecated) loosely based on CoolAcid and DSCO builds, with nearly all logic rewritten and verified for correctness and portability.
Notable features:
- MISP and MISP modules are split into two different Docker images, `core` and `modules`
- MISP and MISP modules are split into two different Docker images, `misp-core` and `misp-modules`
- Docker images are pushed regularly, no build required
- Lightweigth Docker images by using multiple build stages and a slim parent image
- Rely on off the shelf Docker images for Exim4, Redis, and MariaDB
@ -64,7 +64,7 @@ New options are added on a regular basis.
### Production
- It is recommended to specify the build you want run by editing `docker-compose.yml` (see here for the list of available tags https://github.com/MISP/misp-docker/pkgs/container/misp-docker%2Fmisp-docker/versions)
- It is recommended to specify the build you want run by editing `docker-compose.yml` (see here for the list of available tags https://github.com/orgs/MISP/packages)
- Directory volume mount SSL Certs `./ssl`: `/etc/ssl/certs`
- Certificate File: `cert.pem`
- Certificate Key File: `key.pem`
@ -83,7 +83,7 @@ New options are added on a regular basis.
## Versioning
A GitHub Action builds both `core` and `modules` images automatically and pushes them to the [GitHub Package registry](https://github.com/MISP/misp-docker/pkgs/container/misp-docker%2Fmisp-docker/versions). We do not use tags inside the repository; instead we tag images as they are pushed to the registry. For each build, `core` and `modules` images are tagged as follows:
- `core-${commit-sha1}[0:7]` and `modules-${commit-sha1}[0:7]` where `${commit-sha1}` is the commit hash triggering the build
- `core-latest` and `modules-latest` in order to track the latest build available
- `core-${MISP_TAG}` and `modules-${MODULES_TAG}` reflecting the underlying version of MISP and MISP modules (as specified inside the `template.env` file at build time)
A GitHub Action builds both `misp-core` and `misp-modules` images automatically and pushes them to the [GitHub Package registry](https://github.com/orgs/MISP/packages). We do not use tags inside the repository; instead we tag images as they are pushed to the registry. For each build, `misp-core` and `misp-modules` images are tagged as follows:
- `misp-core:${commit-sha1}[0:7]` and `misp-modules:${commit-sha1}[0:7]` where `${commit-sha1}` is the commit hash triggering the build
- `misp-core:latest` and `misp-modules:latest` in order to track the latest builds available
- `misp-core:${MISP_TAG}` and `misp-modules:${MODULES_TAG}` reflecting the underlying version of MISP and MISP modules (as specified inside the `template.env` file at build time)

View File

@ -73,7 +73,7 @@ variable "PHP_VER" {
group "default" {
targets = [
"misp-modules",
"misp",
"misp-core",
]
}
@ -89,8 +89,8 @@ target "misp-modules" {
platforms = "${PLATFORMS}"
}
target "misp" {
context = "server/."
target "misp-core" {
context = "core/."
dockerfile = "Dockerfile"
tags = flatten(["${NAMESPACE}/misp-core:latest", "${NAMESPACE}/misp-core:${COMMIT_HASH}", MISP_TAG != "" ? ["${NAMESPACE}/misp-core:${MISP_TAG}"] : []])
args = {

View File

@ -28,10 +28,10 @@ services:
cap_add:
- SYS_NICE # CAP_SYS_NICE Prevent runaway mysql log
misp:
image: ghcr.io/misp/misp-docker/misp-docker:core-latest
misp-core:
image: ghcr.io/misp/misp-docker/misp-core:latest
build:
context: server/.
context: core/.
args:
- MISP_TAG=${MISP_TAG}
- MISP_COMMIT=${MISP_COMMIT}
@ -88,7 +88,7 @@ services:
- "MYSQL_DATABASE=${MYSQL_DATABASE:-misp}"
misp-modules:
image: ghcr.io/misp/misp-docker/misp-docker:modules-latest
image: ghcr.io/misp/misp-docker/misp-modules:latest
build:
context: modules/.
args: