mirror of
https://github.com/morten-olsen/homelab-nuclei-operator.git
synced 2026-02-08 02:16:23 +01:00
Compare commits
3 Commits
use-prebui
...
v0.2.3
| Author | SHA1 | Date | |
|---|---|---|---|
|
0340d01e20 | ||
|
|
3a5e4d8902 | ||
|
|
57155e77eb |
2
.github/workflows/release.yml
vendored
2
.github/workflows/release.yml
vendored
@@ -87,7 +87,7 @@ jobs:
|
|||||||
uses: docker/build-push-action@v6
|
uses: docker/build-push-action@v6
|
||||||
with:
|
with:
|
||||||
context: .
|
context: .
|
||||||
platforms: linux/amd64,linux/arm64
|
# platforms: linux/amd64,linux/arm64
|
||||||
push: ${{ github.event_name != 'pull_request' }}
|
push: ${{ github.event_name != 'pull_request' }}
|
||||||
tags: ${{ steps.meta.outputs.tags }}
|
tags: ${{ steps.meta.outputs.tags }}
|
||||||
labels: ${{ steps.meta.outputs.labels }}
|
labels: ${{ steps.meta.outputs.labels }}
|
||||||
|
|||||||
31
Dockerfile
31
Dockerfile
@@ -21,22 +21,28 @@ COPY . .
|
|||||||
# by leaving it empty we can ensure that the container and binary shipped on it will have the same platform.
|
# by leaving it empty we can ensure that the container and binary shipped on it will have the same platform.
|
||||||
RUN CGO_ENABLED=0 GOOS=${TARGETOS:-linux} GOARCH=${TARGETARCH} go build -a -o manager cmd/main.go
|
RUN CGO_ENABLED=0 GOOS=${TARGETOS:-linux} GOARCH=${TARGETARCH} go build -a -o manager cmd/main.go
|
||||||
|
|
||||||
# Download and build nuclei binary
|
|
||||||
FROM golang:1.24 AS nuclei-builder
|
|
||||||
ARG TARGETOS
|
|
||||||
ARG TARGETARCH
|
|
||||||
|
|
||||||
# Install nuclei from source for the target architecture
|
|
||||||
RUN CGO_ENABLED=0 GOOS=${TARGETOS:-linux} GOARCH=${TARGETARCH} \
|
|
||||||
go install -v github.com/projectdiscovery/nuclei/v3/cmd/nuclei@latest
|
|
||||||
|
|
||||||
# Final image
|
# Final image
|
||||||
FROM alpine:3.19 AS final
|
FROM alpine:3.19 AS final
|
||||||
|
|
||||||
# Install ca-certificates for HTTPS requests and create non-root user
|
# Build arguments for nuclei version and architecture
|
||||||
RUN apk --no-cache add ca-certificates tzdata && \
|
ARG TARGETOS
|
||||||
|
ARG TARGETARCH
|
||||||
|
ARG NUCLEI_VERSION=3.6.0
|
||||||
|
|
||||||
|
# Install ca-certificates for HTTPS requests, curl for downloading, and create non-root user
|
||||||
|
RUN apk --no-cache add ca-certificates tzdata curl unzip && \
|
||||||
adduser -D -u 65532 -g 65532 nonroot
|
adduser -D -u 65532 -g 65532 nonroot
|
||||||
|
|
||||||
|
# Download prebuilt nuclei binary
|
||||||
|
# ProjectDiscovery uses different naming: linux_amd64, linux_arm64
|
||||||
|
RUN NUCLEI_ARCH=$(echo ${TARGETARCH} | sed 's/amd64/amd64/;s/arm64/arm64/') && \
|
||||||
|
curl -sSL "https://github.com/projectdiscovery/nuclei/releases/download/v${NUCLEI_VERSION}/nuclei_${NUCLEI_VERSION}_linux_${NUCLEI_ARCH}.zip" -o /tmp/nuclei.zip && \
|
||||||
|
unzip /tmp/nuclei.zip -d /tmp && \
|
||||||
|
mv /tmp/nuclei /usr/local/bin/nuclei && \
|
||||||
|
chmod +x /usr/local/bin/nuclei && \
|
||||||
|
rm -rf /tmp/nuclei.zip /tmp/nuclei && \
|
||||||
|
apk del curl unzip
|
||||||
|
|
||||||
# Create directories for nuclei
|
# Create directories for nuclei
|
||||||
RUN mkdir -p /nuclei-templates /home/nonroot/.nuclei && \
|
RUN mkdir -p /nuclei-templates /home/nonroot/.nuclei && \
|
||||||
chown -R 65532:65532 /nuclei-templates /home/nonroot
|
chown -R 65532:65532 /nuclei-templates /home/nonroot
|
||||||
@@ -46,9 +52,6 @@ WORKDIR /
|
|||||||
# Copy the manager binary
|
# Copy the manager binary
|
||||||
COPY --from=builder /workspace/manager .
|
COPY --from=builder /workspace/manager .
|
||||||
|
|
||||||
# Copy nuclei binary
|
|
||||||
COPY --from=nuclei-builder /go/bin/nuclei /usr/local/bin/nuclei
|
|
||||||
|
|
||||||
# Set ownership
|
# Set ownership
|
||||||
RUN chown 65532:65532 /manager /usr/local/bin/nuclei
|
RUN chown 65532:65532 /manager /usr/local/bin/nuclei
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user