inetmock/api
1
0
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity

fix container build and add missing demo CA files

Browse source
This commit is contained in:
Peter 2020-06-15 13:01:37 +02:00
parent 6899c6cc00
commit 191d352eee
Signed by: prskr
GPG key ID: C1DB5D2E8DB512F9
6 changed files with 135 additions and 14 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

22
.github/workflows/docker-image.yml vendored
View file

@ -10,17 +10,20 @@ env:
IMAGE_NAME: server IMAGE_NAME: server
jobs: jobs:
build: build:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- uses: actions/checkout@v2 - uses: actions/checkout@v2
with:
lfs: true
- name: Login to GitHub Docker registry
run: echo ${{ secrets.GITHUB_TOKEN }} | docker login docker.pkg.github.com -u baez90 --password-stdin
- name: Build the Docker image - name: Build the Docker image
run: docker build . --file Dockerfile --tag $IMAGE_NAME run: docker build . --file Dockerfile --tag $IMAGE_NAME
- name: Push image - name: Push image to GitHub packages
run: | run: |
IMAGE_ID=docker.pkg.github.com/${{ github.repository }}/$IMAGE_NAME IMAGE_ID=docker.pkg.github.com/${{ github.repository }}/$IMAGE_NAME
@ -41,3 +44,14 @@ jobs:
docker tag $IMAGE_NAME $IMAGE_ID:$VERSION docker tag $IMAGE_NAME $IMAGE_ID:$VERSION
docker push $IMAGE_ID:$VERSION docker push $IMAGE_ID:$VERSION
- name: Tag image for Docker Hub
run: docker tag $IMAGE_NAME ${GITHUB_REPOSITORY}:latest
- name: Push latest tag to Docker Hub
uses: docker/build-push-action@v1
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
repository: baez90/inetmock
tags: latest

2
.github/workflows/go-build.yml vendored
View file

@ -22,6 +22,8 @@ jobs:
- name: Check out code into the Go module directory - name: Check out code into the Go module directory
uses: actions/checkout@v2 uses: actions/checkout@v2
with:
lfs: true
- name: Install mockgen - name: Install mockgen
run: go get -u github.com/golang/mock/mockgen@latest run: go get -u github.com/golang/mock/mockgen@latest

20
Dockerfile
View file

@ -11,7 +11,7 @@ ENV CGO_ENABLED=0
# Prepare build stage - can be cached # Prepare build stage - can be cached
WORKDIR /work WORKDIR /work
RUN apk add -U --no-cache \ RUN apk add -U --no-cache \
make protoc gcc musl-dev libcap && \ make protoc gcc musl-dev && \
addgroup -S -g "${GROUP_ID}" "${GROUP}" && \ addgroup -S -g "${GROUP_ID}" "${GROUP}" && \
adduser \ adduser \
--disabled-password \ --disabled-password \
@ -32,11 +32,7 @@ RUN go mod download && \
COPY ./ ./ COPY ./ ./
# Build binaries # Build binaries
RUN make CONTAINER=yes && \ RUN make CONTAINER=yes
mkdir -p /usr/lib/inetmock/bin/ && \
chown $USER:$GROUP inetmock imctl && \
mv inetmock imctl /usr/lib/inetmock/bin/ && \
setcap 'cap_net_bind_service=+ep' /usr/lib/inetmock/bin/inetmock
# Runtime layer # Runtime layer
@ -49,14 +45,20 @@ ARG USER_ID=10001
ARG GROUP_ID=10001 ARG GROUP_ID=10001
COPY --from=build /etc/group /etc/passwd /etc/ COPY --from=build /etc/group /etc/passwd /etc/
COPY --from=build /usr/lib/inetmock/bin /usr/lib/inetmock/bin COPY --from=build --chown=$USER:$GROUP /work/inetmock /work/imctl /usr/lib/inetmock/bin/
COPY --chown=$USER:$GROUP ./assets/fakeFiles/ /var/lib/inetmock/fakeFiles/
COPY config-container.yaml /etc/inetmock/config.yaml COPY config-container.yaml /etc/inetmock/config.yaml
RUN mkdir -p /var/run/inetmock /var/lib/inetmock/certs /usr/lib/inetmock && \ RUN mkdir -p /var/run/inetmock /var/lib/inetmock/certs /usr/lib/inetmock && \
chown -R $USER:$GROUP /var/run/inetmock /var/lib/inetmock /usr/lib/inetmock chown -R $USER:$GROUP /var/run/inetmock /var/lib/inetmock /usr/lib/inetmock && \
apk add -U --no-cache libcap
RUN ln -s /usr/lib/inetmock/bin/inetmock /usr/bin/inetmock && \ RUN ln -s /usr/lib/inetmock/bin/inetmock /usr/bin/inetmock && \
ln -s /usr/lib/inetmock/bin/imctl /usr/bin/imctl ln -s /usr/lib/inetmock/bin/imctl /usr/bin/imctl && \
setcap 'cap_net_bind_service=+ep' /usr/lib/inetmock/bin/inetmock
HEALTHCHECK --interval=5s --timeout=1s \
CMD imctl --socket-path /var/run/inetmock/inetmock.sock health container
USER $USER USER $USER

5
assets/demoCA/ca.key Normal file
View file

@ -0,0 +1,5 @@
-----BEGIN PRIVATE KEY-----
MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgTTz25fFLS2WO4hXD
162B059HEe+MAQtV4iGXf7HfKCihRANCAAT3D181Tzrz6i9Mx75pmyAsg+itojO9
sHXZSswmfsh46IVK46m0hXNHgPvD2WYW5m1PHvRl3B0vDo/2Y6sOU/Q9
-----END PRIVATE KEY-----

12
assets/demoCA/ca.pem Normal file
View file

@ -0,0 +1,12 @@
-----BEGIN CERTIFICATE-----
MIIB3DCCAYKgAwIBAgIQHQIFIEcNZjsDP+wDtGPMXzAKBggqhkjOPQQDAjBOMRAw
DgYDVQQGEwdnZXJtYW55MREwDwYDVQQHEwhEb3J0bXVuZDERMA8GA1UEChMISU5l
dE1vY2sxFDASBgNVBAMTC0lOZXRNb2NrIENBMB4XDTIwMDYxNTEwNTEzNloXDTIw
MDYxNTEwNTEzNlowTjEQMA4GA1UEBhMHZ2VybWFueTERMA8GA1UEBxMIRG9ydG11
bmQxETAPBgNVBAoTCElOZXRNb2NrMRQwEgYDVQQDEwtJTmV0TW9jayBDQTBZMBMG
ByqGSM49AgEGCCqGSM49AwEHA0IABPcPXzVPOvPqL0zHvmmbICyD6K2iM72wddlK
zCZ+yHjohUrjqbSFc0eA+8PZZhbmbU8e9GXcHS8Oj/Zjqw5T9D2jQjBAMA4GA1Ud
DwEB/wQEAwIChDAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwEwDwYDVR0T
AQH/BAUwAwEB/zAKBggqhkjOPQQDAgNIADBFAiBecJsOL7ej0kCkWOnoQJpW3JuY
KQIxQBT+XXPKEJj14AIhANG4twTloC3amz8Y7Zn3DVtvjXlTgg8YwjBFG+JioQOe
-----END CERTIFICATE-----

86
config-container.yaml Normal file
View file

@ -0,0 +1,86 @@
x-response-rules: &httpResponseRules
rules:
- pattern: ".*\\.(?i)exe"
response: /var/lib/inetmock/fakeFiles/sample.exe
- pattern: ".*\\.(?i)(jpg|jpeg)"
response: /var/lib/inetmock/fakeFiles/default.jpg
- pattern: ".*\\.(?i)png"
response: /var/lib/inetmock/fakeFiles/default.png
- pattern: ".*\\.(?i)gif"
response: /var/lib/inetmock/fakeFiles/default.gif
- pattern: ".*\\.(?i)ico"
response: /var/lib/inetmock/fakeFiles/default.ico
- pattern: ".*\\.(?i)txt"
response: /var/lib/inetmock/fakeFiles/default.txt
- pattern: ".*"
response: /var/lib/inetmock/fakeFiles/default.html
api:
listen: unix:///var/run/inetmock/inetmock.sock
tls:
ecdsaCurve: P256
validity:
ca:
notBeforeRelative: 17520h
notAfterRelative: 17520h
server:
NotBeforeRelative: 168h
NotAfterRelative: 168h
rootCaCert:
publicKeyPath: /var/lib/inetmock/ca/ca.pem
privateKeyPath: /var/lib/inetmock/ca/ca.key
certCachePath: /var/lib/inetmock/certs
endpoints:
plainHttp:
handler: http_mock
listenAddress: 0.0.0.0
ports:
- 80
- 8080
options:
<<: *httpResponseRules
proxy:
handler: http_proxy
listenAddress: 0.0.0.0
ports:
- 3128
options:
target:
ipAddress: 127.0.0.1
port: 80
httpsDowngrade:
handler: tls_interceptor
listenAddress: 0.0.0.0
ports:
- 443
- 8443
options:
target:
ipAddress: 127.0.0.1
port: 80
plainDns:
handler: dns_mock
listenAddress: 0.0.0.0
ports:
- 53
options:
rules:
- pattern: ".*\\.google\\.com"
response: 1.1.1.1
- pattern: ".*\\.reddit\\.com"
response: 2.2.2.2
fallback:
strategy: incremental
args:
startIP: 10.0.10.0
dnsOverTlsDowngrade:
handler: tls_interceptor
listenAddress: 0.0.0.0
ports:
- 853
options:
target:
ipAddress: 127.0.0.1
port: 53