From b9296bfe7b8c81b3aec9ae3adc26a09432765efd Mon Sep 17 00:00:00 2001 From: rsitro-chrono Date: Wed, 27 Jul 2022 12:44:09 -0400 Subject: [PATCH] Updated Dockerfile to support running on amazonlinx2 in lambda --- Dockerfile | 66 +++++++++++++++++++++++++++++++++++++++++------------- 1 file changed, 50 insertions(+), 16 deletions(-) diff --git a/Dockerfile b/Dockerfile index 4d86948d..68b368c2 100644 --- a/Dockerfile +++ b/Dockerfile @@ -12,8 +12,8 @@ COPY requirements.txt /opt/app/requirements.txt # Install packages RUN yum update -y -RUN yum install -y cpio python3-pip yum-utils zip unzip less -RUN yum install -y https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm +RUN amazon-linux-extras install epel -y +RUN yum install -y cpio yum-utils tar.x86_64 gzip zip python3-pip # This had --no-cache-dir, tracing through multiple tickets led to a problem in wheel RUN pip3 install -r requirements.txt @@ -21,24 +21,60 @@ RUN rm -rf /root/.cache/pip # Download libraries we need to run in lambda WORKDIR /tmp -RUN yumdownloader -x \*i686 --archlist=x86_64 clamav clamav-lib clamav-update json-c pcre2 libprelude gnutls libtasn1 lib64nettle nettle -RUN rpm2cpio clamav-0*.rpm | cpio -idmv -RUN rpm2cpio clamav-lib*.rpm | cpio -idmv -RUN rpm2cpio clamav-update*.rpm | cpio -idmv -RUN rpm2cpio json-c*.rpm | cpio -idmv -RUN rpm2cpio pcre*.rpm | cpio -idmv -RUN rpm2cpio gnutls* | cpio -idmv -RUN rpm2cpio nettle* | cpio -idmv -RUN rpm2cpio lib* | cpio -idmv -RUN rpm2cpio *.rpm | cpio -idmv -RUN rpm2cpio libtasn1* | cpio -idmv +RUN yumdownloader -x \*i686 --archlist=x86_64 clamav +RUN rpm2cpio clamav-0*.rpm | cpio -vimd + +RUN yumdownloader -x \*i686 --archlist=x86_64 clamav-lib +RUN rpm2cpio clamav-lib*.rpm | cpio -vimd + +RUN yumdownloader -x \*i686 --archlist=x86_64 clamav-update +RUN rpm2cpio clamav-update*.rpm | cpio -vimd + +RUN yumdownloader -x \*i686 --archlist=x86_64 json-c +RUN rpm2cpio json-c*.rpm | cpio -vimd + +RUN yumdownloader -x \*i686 --archlist=x86_64 pcre2 +RUN rpm2cpio pcre*.rpm | cpio -vimd + +RUN yumdownloader -x \*i686 --archlist=x86_64 libtool-ltdl +RUN rpm2cpio libtool-ltdl*.rpm | cpio -vimd + +RUN yumdownloader -x \*i686 --archlist=x86_64 libxml2 +RUN rpm2cpio libxml2*.rpm | cpio -vimd + +RUN yumdownloader -x \*i686 --archlist=x86_64 bzip2-libs +RUN rpm2cpio bzip2-libs*.rpm | cpio -vimd + +RUN yumdownloader -x \*i686 --archlist=x86_64 xz-libs +RUN rpm2cpio xz-libs*.rpm | cpio -vimd + +RUN yumdownloader -x \*i686 --archlist=x86_64 libprelude +RUN rpm2cpio libprelude*.rpm | cpio -vimd + +RUN yumdownloader -x \*i686 --archlist=x86_64 gnutls +RUN rpm2cpio gnutls*.rpm | cpio -vimd + +RUN yumdownloader -x \*i686 --archlist=x86_64 nettle +RUN rpm2cpio nettle*.rpm | cpio -vimd + # Copy over the binaries and libraries -RUN cp /tmp/usr/bin/clamscan /tmp/usr/bin/freshclam /tmp/usr/lib64/* /opt/app/bin/ +RUN cp /tmp/usr/bin/clamscan /tmp/usr/bin/freshclam /tmp/usr/lib64/* /usr/lib64/libpcre.so.1 /opt/app/bin/ # Fix the freshclam.conf settings RUN echo "DatabaseMirror database.clamav.net" > /opt/app/bin/freshclam.conf RUN echo "CompressLocalDatabase yes" >> /opt/app/bin/freshclam.conf +RUN echo "ScriptedUpdates no" >> /opt/app/bin/freshclam.conf +RUN echo "DatabaseDirectory /var/lib/clamav" >> /opt/app/bin/freshclam.conf + +RUN yum install shadow-utils.x86_64 -y + +RUN groupadd clamav +RUN useradd -g clamav -s /bin/false -c "Clam Antivirus" clamav +RUN useradd -g clamav -s /bin/false -c "Clam Antivirus" clamupdate + +ENV LD_LIBRARY_PATH=/opt/app/bin +RUN ldconfig # Create the zip file WORKDIR /opt/app @@ -46,5 +82,3 @@ RUN zip -r9 --exclude="*test*" /opt/app/build/lambda.zip *.py bin WORKDIR /usr/local/lib/python3.7/site-packages RUN zip -r9 /opt/app/build/lambda.zip * - -WORKDIR /opt/app