-
Notifications
You must be signed in to change notification settings - Fork 3
Expand file tree
/
Copy pathDockerfile
More file actions
108 lines (95 loc) · 4.73 KB
/
Dockerfile
File metadata and controls
108 lines (95 loc) · 4.73 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
FROM debian:bookworm AS builder
ARG CAPIO_BUILD_TESTS=OFF
ARG CAPIO_LOG=OFF
ARG CMAKE_BUILD_TYPE=Release
RUN apt update \
&& apt install -y --no-install-recommends \
build-essential \
ca-certificates \
cmake \
git \
libcapstone-dev \
libopenmpi-dev \
ninja-build \
openmpi-bin \
pkg-config
COPY CMakeLists.txt /opt/capio/
COPY scripts /opt/capio/scripts
COPY capio /opt/capio/capio
RUN mkdir -p /opt/capio/build \
&& cmake \
-DCMAKE_BUILD_TYPE=${CMAKE_BUILD_TYPE} \
-DCAPIO_BUILD_TESTS=${CAPIO_BUILD_TESTS} \
-DCAPIO_LOG=${CAPIO_LOG} \
-G Ninja \
-B /opt/capio/build \
-S /opt/capio \
&& cmake --build /opt/capio/build -j$(nproc) \
&& cmake --install /opt/capio/build --prefix /usr/local
FROM debian:bookworm
ENV LD_LIBRARY_PATH="/usr/local/lib"
RUN apt update \
&& apt install -y --no-install-recommends \
libcapstone4 \
openmpi-bin \
openssh-server \
&& rm -rf /var/lib/apt/lists/* \
&& mkdir -p /run/sshd \
&& adduser \
--disabled-password \
--gecos "" \
capio \
&& mkdir -p ~capio/.ssh \
&& ssh-keygen -q \
-t ed25519 \
-C "capio@alphaunito" \
-N "" \
-f"/home/capio/.ssh/id_ed25519" \
&& cp ~capio/.ssh/id_ed25519.pub ~capio/.ssh/authorized_keys \
&& echo "StrictHostKeyChecking no" > ~capio/.ssh/config \
&& chown -R capio:capio ~capio/.ssh \
&& chmod 700 ~capio/.ssh \
&& chmod 600 \
~capio/.ssh/authorized_keys \
~capio/.ssh/config \
~capio/.ssh/id_ed25519.pub
# Include files
COPY --from=builder \
"/usr/local/include/gmoc[k]" \
"/usr/local/include/gtes[t]" \
"/usr/local/include/libsyscall_intercept_hook_point.h" \
/usr/local/include/
# Libraries
COPY --from=builder \
"/usr/local/lib/libcapio_posix.so" \
"/usr/local/lib/libcapio_posix.so.1" \
"/usr/local/lib/libcapio_posix.so.1.0.0" \
"/usr/local/lib/libgmock.[a]" \
"/usr/local/lib/libgmock_main.[a]" \
"/usr/local/lib/libgtest.[a]" \
"/usr/local/lib/libgtest_main.[a]" \
"/usr/local/lib/libsyscall_intercept.a" \
"/usr/local/lib/libsyscall_intercept.so" \
"/usr/local/lib/libsyscall_intercept.so.0" \
"/usr/local/lib/libsyscall_intercept.so.0.1.0" \
/usr/local/lib/
# Binaries
COPY --from=builder \
"/usr/local/bin/capio_posix_unit_test[s]" \
"/usr/local/bin/capio_server" \
"/usr/local/bin/capio_server_unit_test[s]" \
"/usr/local/bin/capio_syscall_unit_test[s]" \
"/usr/local/bin/capio_integration_test[s]" \
/usr/local/bin/
# Pkgconfig
COPY --from=builder \
"/usr/local/lib/pkgconfig/args.pc" \
"/usr/local/lib/pkgconfig/gmock.p[c]" \
"/usr/local/lib/pkgconfig/gmock_main.p[c]" \
"/usr/local/lib/pkgconfig/gtest.p[c]" \
"/usr/local/lib/pkgconfig/gtest_main.p[c]" \
"/usr/local/lib/pkgconfig/libsyscall_intercept.pc" \
/usr/local/lib/pkgconfig/
# Start SSH server
EXPOSE 22
CMD ["/usr/sbin/sshd", "-D"]