-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathDockerfile
More file actions
112 lines (92 loc) · 3.11 KB
/
Dockerfile
File metadata and controls
112 lines (92 loc) · 3.11 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
# Multi-stage build for PolyScope
FROM golang:1.22-alpine AS builder
# Set build arguments
ARG VERSION=dev
ARG BUILD_TIME=unknown
# Install build dependencies
RUN apk add --no-cache \
git \
gcc \
musl-dev \
make
# Set working directory
WORKDIR /app
# Copy Go module files
COPY go.mod go.sum ./
# Download dependencies
RUN go mod download
# Copy source code
COPY . .
# Build the binary with optimizations
RUN CGO_ENABLED=1 go build \
-ldflags="-s -w -X main.version=${VERSION} -X main.buildTime=${BUILD_TIME}" \
-trimpath \
-o polyscope \
./cmd/polyscope
# Production stage
FROM alpine:3.19
# Install runtime dependencies and security tools
RUN apk add --no-cache \
ca-certificates \
curl \
jq \
git \
nmap \
nmap-scripts \
nmap-nselibs \
bash \
tar \
gzip \
unzip \
python3 \
py3-pip \
&& pip3 install --no-cache-dir requests beautifulsoup4
# Install Go-based security tools
RUN apk add --no-cache go && \
go install github.com/projectdiscovery/nuclei/v3/cmd/nuclei@latest && \
go install github.com/projectdiscovery/httpx/cmd/httpx@latest && \
go install github.com/projectdiscovery/subfinder/v2/cmd/subfinder@latest && \
go install github.com/projectdiscovery/dnsx/cmd/dnsx@latest && \
go install github.com/projectdiscovery/naabu/v2/cmd/naabu@latest && \
go install github.com/ffuf/ffuf@latest && \
go install github.com/gitleaks/gitleaks@latest && \
go install github.com/google/osv-scanner/cmd/osv-scanner@latest && \
apk del go && \
rm -rf /root/.cache /root/go/pkg
# Create non-root user for security
RUN addgroup -g 1000 polyscope && \
adduser -D -s /bin/bash -u 1000 -G polyscope polyscope
# Create necessary directories
RUN mkdir -p /app/assets /app/results /app/plugins && \
chown -R polyscope:polyscope /app
# Copy binary from builder
COPY --from=builder /app/polyscope /app/polyscope
COPY --from=builder /app/assets/ /app/assets/
COPY --from=builder /app/install.sh /app/
COPY --from=builder /app/README.md /app/
# Set proper permissions
RUN chmod +x /app/polyscope /app/install.sh && \
chown -R polyscope:polyscope /app
# Switch to non-root user
USER polyscope
WORKDIR /app
# Add Go tools to PATH
ENV PATH="/home/polyscope/go/bin:${PATH}"
# Expose common ports for scanning
EXPOSE 8080
# Health check
HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 \
CMD /app/polyscope --help > /dev/null || exit 1
# Set default command
ENTRYPOINT ["/app/polyscope"]
CMD ["--help"]
# Labels for metadata
LABEL maintainer="dr-yato <security@hunter3.ninja>"
LABEL version="${VERSION}"
LABEL description="PolyScope - All-in-One Security Research & Exploitation Framework"
LABEL org.opencontainers.image.title="PolyScope"
LABEL org.opencontainers.image.description="Revolutionary cybersecurity tool combining automated research, reconnaissance, exploitation, and reporting"
LABEL org.opencontainers.image.url="https://hunter3.ninja"
LABEL org.opencontainers.image.source="https://github.com/dr-yato/polyscope"
LABEL org.opencontainers.image.vendor="dr-yato"
LABEL org.opencontainers.image.licenses="MIT"