forked from juice-shop/juice-shop
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Dockerfile
66 lines (53 loc) · 2.42 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
FROM node:20-buster as installer
COPY . /juice-shop
WORKDIR /juice-shop
RUN npm i -g typescript ts-node
RUN npm install --omit=dev --unsafe-perm
# Install the latest Contrast agent and the cli rewriter
RUN npm install @contrast/agent@latest
RUN npm install --save-dev @contrast/cli
# Environment variables for the Contrast agent
ENV CONTRAST__AGENT__LOGGER__STDOUT=true
ENV CONTRAST__AGENT__LOGGER__PATH=/dev/null
# Take note that the following is optional and the var name has changed from what was used by the v4 agent
ENV CONTRAST__AGENT__NODE__REWRITE__CACHE__PATH="/juice-shop/rewrite_cache"
# Assumes this project is rewriting for Assess only
ENV CONTRAST__ASSESS__ENABLE=true
# If no environment setting is specified the rewiter rewrites Protect only. See the documentation to other settings.
RUN npx -p @contrast/cli rewrite build/app.js
RUN npm dedupe --omit=dev
RUN rm -rf frontend/node_modules
RUN rm -rf frontend/.angular
RUN rm -rf frontend/src/assets
RUN mkdir logs
RUN chown -R 65532 logs
RUN chgrp -R 0 ftp/ frontend/dist/ logs/ data/ i18n/
RUN chmod -R g=u ftp/ frontend/dist/ logs/ data/ i18n/
RUN rm data/chatbot/botDefaultTrainingData.json || true
RUN rm ftp/legal.md || true
RUN rm i18n/*.json || true
ARG CYCLONEDX_NPM_VERSION=latest
RUN npm install -g @cyclonedx/cyclonedx-npm@$CYCLONEDX_NPM_VERSION
RUN npm run sbom
# workaround for libxmljs startup error
FROM node:20-buster as libxmljs-builder
WORKDIR /juice-shop
RUN apt-get update && apt-get install -y build-essential python3
COPY --from=installer /juice-shop/node_modules ./node_modules
RUN rm -rf node_modules/libxmljs/build && \
cd node_modules/libxmljs && \
npm run build
FROM node:20-buster-slim
ARG BUILD_DATE
ARG VCS_REF
WORKDIR /juice-shop
COPY --from=installer /juice-shop .
COPY --from=libxmljs-builder /juice-shop/node_modules/libxmljs ./node_modules/libxmljs
EXPOSE 3000
# Contrast logs will be written to the container
# This sets the rewrite cache path to match what was specified in previously created image. Also take note that the following is optional (either do not set on both places or set in both places) and the var name has changed from what is used by the v4.x agent
ENV CONTRAST__AGENT__NODE__REWRITE__CACHE__PATH="/juice-shop/rewrite_cache"
# The following explicitly turns on Assess mode
ENV CONTRAST__ASSESS__ENABLE=true
# The start command has been modified to load and run the agent
CMD ["node", "--import", "@contrast/agent", "build/app.js"]