Merge branch 'master' of https://github.com/google/timesketch into mans

docker/build/Dockerfile-prod

@@ -0,0 +1,25 @@
+# Use the official Docker Hub Ubuntu 18.04 base image
+FROM ubuntu:18.04
+
+# Setup install environment and Timesketch dependencies
+RUN apt-get update && apt-get -y install \
+    apt-transport-https \
+    apt-utils \
+    ca-certificates \
+    git \
+    libffi-dev \
+    lsb-release \
+    software-properties-common \
+    python3-dev \
+    python3-pip \
+    python3-psycopg2 \
+ && rm -rf /var/lib/apt/lists/*
+
+# Install Plaso
+RUN add-apt-repository ppa:gift/stable
+RUN apt-get update && apt-get -y install \
+    plaso-tools \
+ && rm -rf /var/lib/apt/lists/*
+
+# Use Python 3 pip (pip3) to install Timesketch
+RUN pip3 install https://github.com/google/timesketch/archive/master.zip

docker/build/cloudbuild.yaml

@@ -0,0 +1,5 @@
+steps:
+- name: 'gcr.io/cloud-builders/docker'
+  args: [ 'build', '-t', 'gcr.io/$PROJECT_ID/release/timesketch:latest', '-t', 'gcr.io/$PROJECT_ID/release/timesketch:$TAG_NAME', '-f', 'Dockerfile-prod', '.' ]
+  dir: 'docker/build/'
+images: ['gcr.io/$PROJECT_ID/release/timesketch:latest', 'gcr.io/$PROJECT_ID/release/timesketch:$TAG_NAME']

docker/development/Dockerfile → docker/dev/Dockerfile

@@ -1,12 +1,12 @@
 # Use the latest Timesketch development base image
-FROM timesketch/timesketch-dev-base:20191128
+FROM gcr.io/timesketch-build/dev/timesketch-dev-base:latest
 
 # Install dependencies for Timesketch
 COPY requirements.txt /timesketch-requirements.txt
 RUN pip3 install -r /timesketch-requirements.txt
 
 # Copy the entrypoint script into the container
-COPY docker/development/docker-entrypoint.sh /docker-entrypoint.sh
+COPY docker/dev/docker-entrypoint.sh /docker-entrypoint.sh
 RUN chmod a+x /docker-entrypoint.sh
 
 # Load the entrypoint script to be run later

docker/development/README.md → docker/dev/README.md

@@ -1,4 +1,4 @@
-## Development
+## Docker for development
 
 You can run Timesketch on Docker in development mode.
 

docker/development/docker-compose.yml → docker/dev/docker-compose.yml

@@ -3,7 +3,7 @@ services:
   timesketch:
     build:
       context: ../../
-      dockerfile: ./docker/development/Dockerfile
+      dockerfile: ./docker/dev/Dockerfile
     ports:
             - "127.0.0.1:5000:5000"
     links:
@@ -19,8 +19,6 @@ services:
       - ELASTIC_PORT=9200
       - REDIS_ADDRESS=redis
       - REDIS_PORT=6379
-      - NEO4J_ADDRESS=neo4j
-      - NEO4J_PORT=7474
       - TIMESKETCH_USER=dev
       - TIMESKETCH_PASSWORD=dev
       - CHOKIDAR_USEPOLLING=true
@@ -51,9 +49,3 @@ services:
   redis:
     image: redis
     restart: always
-
-  neo4j:
-    image: neo4j
-    environment:
-      - NEO4J_AUTH=none
-    restart: always

docker/development/docker-entrypoint.sh → docker/dev/docker-entrypoint.sh

@@ -49,16 +49,6 @@ if [ "$1" = 'timesketch' ]; then
     echo "Please pass values for the REDIS_ADDRESS and REDIS_PORT environment variables"
   fi
 
-  # Set up the Neo4j connection
-  if [ $NEO4J_ADDRESS ] && [ $NEO4J_PORT ]; then
-    sed -i 's#GRAPH_BACKEND_ENABLED = False#GRAPH_BACKEND_ENABLED = True#' /etc/timesketch/timesketch.conf
-    sed -i 's#NEO4J_HOST =.*#NEO4J_HOST = \x27'$NEO4J_ADDRESS'\x27#' /etc/timesketch/timesketch.conf
-    sed -i 's#NEO4J_PORT =.*#NEO4J_PORT = '$NEO4J_PORT'#' /etc/timesketch/timesketch.conf
-  else
-    # Log an error since we need the above-listed environment variables
-    echo "Please pass values for the NEO4J_ADDRESS and NEO4J_PORT environment variables if you want graph support"
-  fi
-
   # Enable debug for the development server
   sed -i s/"DEBUG = False"/"DEBUG = True"/ /etc/timesketch/timesketch.conf
 

docker/e2e/Dockerfile

@@ -0,0 +1,21 @@
+FROM gcr.io/timesketch-build/release/timesketch:latest
+
+# Copy Timesketch config files into /etc/timesketch
+ADD . /tmp/timesketch
+RUN mkdir /etc/timesketch
+RUN cp /tmp/timesketch/data/timesketch.conf /etc/timesketch/
+RUN cp /tmp/timesketch/data/features.yaml /etc/timesketch/
+RUN cp /tmp/timesketch/data/sigma_config.yaml /etc/timesketch/
+
+# Copy the entrypoint script into the container
+COPY docker/e2e/docker-entrypoint.sh /
+RUN chmod a+x /docker-entrypoint.sh
+
+# Expose the port used by Timesketch
+EXPOSE 5000
+
+# Load the entrypoint script to be run later
+ENTRYPOINT ["/docker-entrypoint.sh"]
+
+# Invoke the entrypoint script
+CMD ["timesketch"]

docker/README.md → docker/e2e/README.md

@@ -1,7 +1,6 @@
-# Docker
+# Docker for e2e tests
 
 Timesketch has support for Docker. This is a convenient way of getting up and running.
-
 NOTE: Windows based host systems are not supported at this time.
 
 ### Install Docker
@@ -22,7 +21,7 @@ Follow the official instructions [here](https://www.elastic.co/guide/en/elastics
 ### Build and Start Containers
 
 ```shell
-cd docker
+cd docker/e2e
 sudo docker-compose up
 ```
 
@@ -40,7 +39,6 @@ sudo docker-compose up
 The timesketch docker config is set to write all data to the host filesystem, not the containers.  This is accomplished with docker [volumes](https://docs.docker.com/engine/admin/volumes/volumes/) that map to the following locations:
 
 - elasticsearch: /var/lib/elasticsearch
-- neo4j: /var/lib/neo4j/data
 - postgres: /var/lib/postgresql
 - redis: /var/lib/redis
 
@@ -49,8 +47,6 @@ The timesketch docker config is set to write all data to the host filesystem, no
 On mac, you can set up the shares as following
 
 ```shell
-sudo mkdir -p /var/lib/neo4j/data
-sudo chown `whoami` /var/lib/neo4j/data
 sudo mkdir -p /var/lib/elasticsearch
 sudo chown `whoami` /var/lib/elasticsearch
 sudo mkdir -p /var/lib/postgresql/data

docker/docker-compose.yml → docker/e2e/docker-compose.yml

@@ -1,15 +1,6 @@
 version: '3'
 services:
   timesketch:
-    build:
-      context: ../
-      dockerfile: ./docker/Dockerfile
-    ports:
-      - "80:80"
-    links:
-      - elasticsearch
-      - postgres
-      - redis
     environment:
       - POSTGRES_USER=timesketch
       - POSTGRES_PASSWORD=password
@@ -21,12 +12,20 @@ services:
       - REDIS_PORT=6379
       - TIMESKETCH_USER=${TIMESKETCH_USER}
       - TIMESKETCH_PASSWORD=${TIMESKETCH_PASSWORD}
+    build:
+      context: ../../
+      dockerfile: ./docker/e2e/Dockerfile
+    ports:
+      - "80:80"
+    links:
+      - elasticsearch
+      - postgres
+      - redis
     restart: always
     volumes:
-      - ../:/usr/local/src/timesketch/
+      - ../../:/usr/local/src/timesketch/
 
   elasticsearch:
-
     environment:
       - TAKE_FILE_OWNERSHIP=1
       - discovery.type=single-node
@@ -38,8 +37,6 @@ services:
       - "9200:9200"
       - "9300:9300"
     restart: always
-    volumes:
-      - /var/lib/elasticsearch:/usr/share/elasticsearch/data
 
   postgres:
     image: postgres
@@ -49,12 +46,7 @@ services:
       - POSTGRES_USER=timesketch
       - POSTGRES_PASSWORD=password
     restart: always
-    volumes:
-      - /var/lib/postgresql/data:/var/lib/postgresql/data
-
 
   redis:
     image: redis
     restart: always
-    volumes:
-      - /var/lib/redis:/data

docker/prod/README.md

@@ -0,0 +1,3 @@
+# Docker for production
+
+Production ready setup is not yet implemented.