debug

.github/workflows/integrator.yml

@@ -0,0 +1,83 @@
+name: integrator-image
+on: 
+  push:
+    branches:
+      - main
+  pull_request:
+jobs:
+  changes:
+    name: Change detection
+    runs-on: ubuntu-latest
+    outputs:
+      integrator: ${{ steps.filter.outputs.integrator }}
+    steps:
+      - uses: actions/checkout@v4
+      - uses: dorny/paths-filter@v3
+        id: filter
+        with:
+          filters: |
+            integrator:
+              - 'docker/thehive4py-integrator/**'
+  build:
+    name: Build and push
+    needs: changes
+    if: ${{ needs.changes.outputs.integrator == 'true' }}
+    runs-on: ubuntu-latest
+    env:
+      INTEGRATOR_BUILD_CTX: docker/thehive4py-integrator
+      INTEGRATOR_IMAGE_NAME: kamforka/thehive4py-integrator
+      THEHIVE_VERSION: 5.3.0
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Set variables
+        id: variables
+        run: |
+          echo "integrator_image_fullname=$INTEGRATOR_IMAGE_NAME:thehive-$THEHIVE_VERSION" >> "$GITHUB_OUTPUT"
+          echo "integrator_image_fullname_with_hash=$INTEGRATOR_IMAGE_NAME:thehive-$THEHIVE_VERSION-$(git rev-parse --short HEAD)" >> "$GITHUB_OUTPUT"
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Login to Docker Hub
+        uses: docker/login-action@v3
+        with:
+          username: kamforka
+          password: ${{ secrets.DOCKER_TOKEN }}
+
+      - name: Build and push
+        uses: docker/build-push-action@v5
+        with:
+          context: ${{ env.INTEGRATOR_BUILD_CTX }}
+          platforms: linux/amd64,linux/arm64
+          push: true # ${{ github.ref == 'refs/heads/main' }}
+          tags: ${{ steps.variables.outputs.integrator_image_fullname }},${{ steps.variables.outputs.integrator_image_fullname_with_hash}}
+          build-args: |
+            THEHIVE_VERSION=${{ env.THEHIVE_VERSION }}
+
+
+
+      # - name: Build image
+      #   env:
+      #     INTEGRATOR_IMAGE_FULLNAME: ${{ steps.variables.outputs.integrator_image_fullname }}
+      #     INTEGRATOR_IMAGE_FULLNAME_WITH_HASH: ${{ steps.variables.outputs.integrator_image_fullname_with_hash }}
+      #   run: |
+      #     docker build -t $INTEGRATOR_IMAGE_FULLNAME --build-arg THEHIVE_VERSION=$THEHIVE_VERSION $INTEGRATOR_BUILD_CTX
+      #     docker build -t $INTEGRATOR_IMAGE_FULLNAME_WITH_HASH --build-arg THEHIVE_VERSION=$THEHIVE_VERSION $INTEGRATOR_BUILD_CTX
+
+      # - name: Push image
+      #   if: ${{ github.ref == 'refs/heads/main' }}
+      #   run: |
+      #     docker login -u ${DOCKER_USER} -p ${DOCKER_PASS}
+      #     docker push $INTEGRATOR_IMAGE_FULLNAME
+      #     docker push $INTEGRATOR_IMAGE_FULLNAME_WITH_HASH
+      #   env:
+      #     INTEGRATOR_IMAGE_FULLNAME: ${{ steps.variables.outputs.integrator_image_fullname }}
+      #     INTEGRATOR_IMAGE_FULLNAME_WITH_HASH: ${{ steps.variables.outputs.integrator_image_fullname_with_hash }}
+      #     DOCKER_USER: ${{ secrets.DOCKER_USER }}
+      #     DOCKER_PASS: ${{ secrets.DOCKER_PASS }}

docker/thehive4py-integrator/Dockerfile

@@ -0,0 +1,50 @@
+FROM alpine:3.17 as base
+
+# BUILDER STAGE
+FROM base as builder
+
+ARG ES_VERSION=7.17.19
+ARG THEHIVE_VERSION=5.3.0
+
+RUN apk update && apk upgrade && apk add curl
+
+## ES DOWNLOAD
+ARG ES_DOWNLOAD_URL=https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-${ES_VERSION}-linux-x86_64.tar.gz
+
+RUN curl -Lo /tmp/elasticsearch.tgz ${ES_DOWNLOAD_URL} \
+    && tar -xzf /tmp/elasticsearch.tgz -C /tmp \
+    && mv /tmp/elasticsearch-${ES_VERSION} /tmp/elasticsearch
+
+## THEHIVE DOWNLOAD
+ARG THEHIVE_DOWNLOAD_URL=https://archives.strangebee.com/zip/thehive-${THEHIVE_VERSION}-1.zip 
+
+RUN curl -Lo /tmp/thehive.zip ${THEHIVE_DOWNLOAD_URL}
+RUN unzip -qo /tmp/thehive.zip -d /tmp \
+    && mv /tmp/thehive-${THEHIVE_VERSION}-1 /tmp/thehive
+
+# FINAL STAGE
+FROM base
+RUN apk update && apk upgrade && apk add --no-cache openjdk11-jre-headless bash su-exec curl
+
+## ES SETUP
+COPY --from=builder /tmp/elasticsearch /usr/share/elasticsearch
+COPY configs/elasticsearch.yml /usr/share/elasticsearch/config/elasticsearch.yml
+
+RUN adduser -u 1000 -g 1000 -Dh /usr/share/elasticsearch elasticsearch \
+    && mkdir -p /usr/share/elasticsearch/data \
+    && chown -R elasticsearch:elasticsearch /usr/share/elasticsearch \
+    && rm -rf /usr/share/elasticsearch/modules/x-pack-ml/platform/linux-x86_64
+
+## THEHIVE SETUP
+COPY --from=builder /tmp/thehive /opt/thehive/
+COPY configs/thehive.conf /opt/thehive/conf/application.conf
+
+RUN adduser -u 1001 -g 1001 -Dh /opt/thehive thehive \
+    && mkdir /var/log/thehive \
+    && chown -R thehive:thehive /opt/thehive /var/log/thehive
+
+## ENTRYPOINT
+COPY entrypoint.sh /
+RUN chmod +x entrypoint.sh
+EXPOSE 9000
+ENTRYPOINT /entrypoint.sh

docker/thehive4py-integrator/configs/elasticsearch.yml

@@ -0,0 +1,7 @@
+http.host: 0.0.0.0
+transport.host: 0.0.0.0
+discovery.type: single-node
+cluster.name: thehive4py
+xpack.security.enabled: false
+xpack.ml.enabled: false
+script.allowed_types: "inline,stored"

docker/thehive4py-integrator/configs/thehive.conf

@@ -0,0 +1,22 @@
+play.http.secret.key="supersecret"
+play.http.parser.maxDiskBuffer: 20MB
+
+db {
+  provider: janusgraph
+  janusgraph {
+    storage {
+      backend: berkeleyje
+      directory: /opt/thehive/db
+    }
+
+    index.search {
+      backend: elasticsearch
+      hostname: ["127.0.0.1"]
+    }
+  }
+}
+
+storage {
+  provider: localfs
+  localfs.location: /opt/thehive/data
+}

docker/thehive4py-integrator/entrypoint.sh

@@ -0,0 +1,35 @@
+#!/bin/bash
+
+wait_for_elastic() {
+    local health_url="http://localhost:9200/_cat/health"
+    local timeout=30
+
+    local start_time=$(date +%s)
+    while true; do
+        local current_time=$(date +%s)
+        local elapsed_time=$((current_time - start_time))
+
+        if [ "$elapsed_time" -ge "$timeout" ]; then
+            echo "error: elastic couldn't start in $timeout seconds"
+            exit 1
+        fi
+
+        local status_code=$(curl -so /dev/null -w %{http_code} ${health_url})
+        if [ "$status_code" -eq 200 ]; then
+            return
+        fi
+
+        sleep 0.25
+    done
+}
+
+
+echo "starting elasticsearch in the background"
+export ES_JAVA_HOME=$(dirname $(dirname $(readlink -f $(which java))))
+su-exec elasticsearch /usr/share/elasticsearch/bin/elasticsearch > /dev/null 2>&1 &
+
+echo "waiting for elastic to start up..."
+wait_for_elastic
+
+echo "starting thehive in the foreground"
+su-exec thehive /opt/thehive/bin/thehive -Dconfig.file=/opt/thehive/conf/application.conf

tests/conftest.py

@@ -23,8 +23,8 @@
 @pytest.fixture(scope="session")
 def test_config():
     return TestConfig(
-        image_name="kamforka/thehive4py-integrator:thehive-5.2.11",
-        container_name="thehive4py-integration-tests",
+        image_name="thehive4py-integrator:5.3.0",
+        container_name="thehive4py-integration-tester",
         user="[email protected]",
         password="secret",
         admin_org="admin",