From a0140b9167207c59cd2e767d7899bcb8b5e2455a Mon Sep 17 00:00:00 2001 From: kovacs-andras Date: Sun, 2 Feb 2020 13:59:14 +0100 Subject: [PATCH 1/8] base pinned and changed to 3.8-slim --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 9e2c6079..70b78e54 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM python:3 +FROM python:3.8-slim MAINTAINER Szilárd Pfeiffer "coroner@pfeifferszilard.hu" -- GitLab From 4a1d4fb7fe7ce56658c3a3a8a685915e6d97bbc6 Mon Sep 17 00:00:00 2001 From: kovacs-andras Date: Sun, 2 Feb 2020 14:00:41 +0100 Subject: [PATCH 2/8] MAINTAINER changed to LABEL --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 70b78e54..e36a7e16 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,6 +1,6 @@ FROM python:3.8-slim -MAINTAINER Szilárd Pfeiffer "coroner@pfeifferszilard.hu" +LABEL maintainer Szilárd Pfeiffer "coroner@pfeifferszilard.hu" ADD . /usr/src/cryptolyzer WORKDIR /usr/src/cryptolyzer -- GitLab From 1a3594415d0c157b2ffea48b082db296a1aa55bb Mon Sep 17 00:00:00 2001 From: kovacs-andras Date: Sun, 2 Feb 2020 14:02:16 +0100 Subject: [PATCH 3/8] Bash instead of dash (default on Debian). Use --format=docker with podman. --- Dockerfile | 2 ++ 1 file changed, 2 insertions(+) diff --git a/Dockerfile b/Dockerfile index e36a7e16..2d8f6d2d 100644 --- a/Dockerfile +++ b/Dockerfile @@ -2,6 +2,8 @@ FROM python:3.8-slim LABEL maintainer Szilárd Pfeiffer "coroner@pfeifferszilard.hu" +SHELL ["/bin/bash", "-o", "pipefail", "-c"] + ADD . /usr/src/cryptolyzer WORKDIR /usr/src/cryptolyzer RUN pip3 install . -- GitLab From 3fd7b7fb77eca9e9f09228b205be072ab1a63e6d Mon Sep 17 00:00:00 2001 From: kovacs-andras Date: Sun, 2 Feb 2020 14:18:44 +0100 Subject: [PATCH 4/8] no-cache-dir appended to pip3 install. It can save another 3MB. --- Dockerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index 2d8f6d2d..29a3576d 100644 --- a/Dockerfile +++ b/Dockerfile @@ -6,9 +6,9 @@ SHELL ["/bin/bash", "-o", "pipefail", "-c"] ADD . /usr/src/cryptolyzer WORKDIR /usr/src/cryptolyzer -RUN pip3 install . +RUN pip3 --no-cache-dir install . WORKDIR /usr/src/cryptolyzer/submodules/cryptoparser -RUN pip3 install --force-reinstall . +RUN pip3 --no-cache-dir install --force-reinstall . ENTRYPOINT ["cryptolyze"] CMD [] -- GitLab From ff3c50398639f4ed110f5300e979af6412b9f19a Mon Sep 17 00:00:00 2001 From: kovacs-andras Date: Sun, 2 Feb 2020 14:24:41 +0100 Subject: [PATCH 5/8] Set cmd to print help when no arguments provided. --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 29a3576d..3cc84521 100644 --- a/Dockerfile +++ b/Dockerfile @@ -11,4 +11,4 @@ WORKDIR /usr/src/cryptolyzer/submodules/cryptoparser RUN pip3 --no-cache-dir install --force-reinstall . ENTRYPOINT ["cryptolyze"] -CMD [] +CMD ["--help"] -- GitLab From c0d7b0d7cdffb85dbffb239f96363c4944fa26ae Mon Sep 17 00:00:00 2001 From: kovacs-andras Date: Sun, 2 Feb 2020 14:33:36 +0100 Subject: [PATCH 6/8] Removed unnecessary layers --- Dockerfile | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/Dockerfile b/Dockerfile index 3cc84521..89a98020 100644 --- a/Dockerfile +++ b/Dockerfile @@ -5,10 +5,9 @@ LABEL maintainer Szilárd Pfeiffer "coroner@pfeifferszilard.hu" SHELL ["/bin/bash", "-o", "pipefail", "-c"] ADD . /usr/src/cryptolyzer -WORKDIR /usr/src/cryptolyzer -RUN pip3 --no-cache-dir install . -WORKDIR /usr/src/cryptolyzer/submodules/cryptoparser -RUN pip3 --no-cache-dir install --force-reinstall . + +RUN pip3 --no-cache-dir install /usr/src/cryptolyzer \ + && pip3 --no-cache-dir install --force-reinstall /usr/src/cryptolyzer/submodules/cryptoparser ENTRYPOINT ["cryptolyze"] CMD ["--help"] -- GitLab From b2c1579c04518ac4e496205912cbec0fbb57f4a4 Mon Sep 17 00:00:00 2001 From: kovacs-andras Date: Sun, 2 Feb 2020 14:40:33 +0100 Subject: [PATCH 7/8] use user nobody instead of root --- Dockerfile | 2 ++ 1 file changed, 2 insertions(+) diff --git a/Dockerfile b/Dockerfile index 89a98020..8da05e5a 100644 --- a/Dockerfile +++ b/Dockerfile @@ -9,5 +9,7 @@ ADD . /usr/src/cryptolyzer RUN pip3 --no-cache-dir install /usr/src/cryptolyzer \ && pip3 --no-cache-dir install --force-reinstall /usr/src/cryptolyzer/submodules/cryptoparser +USER nobody + ENTRYPOINT ["cryptolyze"] CMD ["--help"] -- GitLab From 926e88b7eaa45de665f7e0c22d637817ddf74b0e Mon Sep 17 00:00:00 2001 From: kovacs-andras Date: Sun, 2 Feb 2020 14:52:14 +0100 Subject: [PATCH 8/8] put switch after install to make it more readable --- Dockerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index 8da05e5a..df291783 100644 --- a/Dockerfile +++ b/Dockerfile @@ -6,8 +6,8 @@ SHELL ["/bin/bash", "-o", "pipefail", "-c"] ADD . /usr/src/cryptolyzer -RUN pip3 --no-cache-dir install /usr/src/cryptolyzer \ - && pip3 --no-cache-dir install --force-reinstall /usr/src/cryptolyzer/submodules/cryptoparser +RUN pip3 install --no-cache-dir /usr/src/cryptolyzer \ + && pip3 install --no-cache-dir --force-reinstall /usr/src/cryptolyzer/submodules/cryptoparser USER nobody -- GitLab