Merge pull request #256 from sbs2001/dockerize

pombredanne · web-flow · commit 6bf44e0b102e · 2020-09-24T15:48:48.000+02:00
Dockerize vulnerablecode
diff --git a/Dockerfile b/Dockerfile
@@ -0,0 +1,14 @@
+FROM python@sha256:e9b7e3b4e9569808066c5901b8a9ad315a9f14ae8d3949ece22ae339fff2cad0
+
+# PYTHONUNBUFFERED=1 ensures that the python output is set straight
+# to the terminal without buffering it first
+ENV PYTHONUNBUFFERED 1
+RUN mkdir /vulnerablecode
+WORKDIR /vulnerablecode
+ADD . /vulnerablecode/
+RUN pip install -r requirements.txt
+
+LABEL "base_image": "pkg:docker/python@sha256%3Ae9b7e3b4e9569808066c5901b8a9ad315a9f14ae8d3949ece22ae339fff2cad0"
+LABEL "dockerfile_url":  "https://github.com/nexB/vulnerablecode/blob/develop/Dockerfile"
+LABEL "homepage_url":  "https://github.com/nexB/vulnerablecode"
+LABEL "license": "Apache-2.0"
diff --git a/README.md b/README.md
@@ -38,40 +38,45 @@ The web interface enables community curation of data by enabling addition of new
 
 We also plan to mine for vulnerabilities which didn't receive any exposure due to various reasons like but not limited to the complicated procedure to receive CVE ID or not able to classify a bug as a security compromise. Check VulnerableCode at [Open Source Summit 2020](https://ossna2020.sched.com/event/c46p/why-is-there-no-free-software-vulnerability-database-philippe-ombredanne-aboutcodeorg-and-nexb-inc-michael-herzog-nexb-inc)
 
-## Setup
+## Setting up VulnerableCode
 
 Clone the source code:
 
 ```
-git clone https://github.com/nexB/vulnerablecode.git && cd vulnerablecode
+git clone https://github.com/nexB/vulnerablecode.git
+cd vulnerablecode
 ```
 
-### System requirements
+### Using Docker Compose
+An easy way to set up VulnerableCode is with docker containers and docker compose.
+For this you need to have the following installed.
+- Docker Engine. Find instructions to install it here
+- Docker Compose. Find instructions to install it here
 
-- Python 3.8+
-
-- PostgreSQL 9+ or [Docker](https://hub.docker.com/search/?type=edition&offering=community)
+Use `sudo docker-compose up` to start VulnerableCode.
+Access VulnerableCode at http://localhost:8000/ or at http://127.0.0.1:8000/ .
 
-- Compiler toolchain and development files for Python and PostgreSQL
+Use `sudo docker-compose exec web bash` to access the VulnerableCode container. From here you can access `manage.py` and run management commands to import data as specified below.
 
-On Debian-based distros, these can be installed with `sudo apt install python3-venv python3-dev postgresql libpq-dev build-essential`. Leave out `postgresql` if you want to run it in Docker.
+### Without Docker Compose
+**System requirements**
 
-### Database configuration
-
-Either run PostgreSQL in Docker:
-`docker run --name pg-vulnerablecode -e POSTGRES_USER=vulnerablecode -e POSTGRES_PASSWORD=vulnerablecode -e POSTGRES_DB=vulnerablecode -p 5432:5432 postgres`
+- Python 3.8+
+- PostgreSQL 9+
+- Compiler toolchain and development files for Python and PostgreSQL
 
-Or without:
+On Debian-based distros, these can be installed with `sudo apt install python3-venv python3-dev postgresql libpq-dev build-essential`.
 
+**Database configuration**
 - Create a user named `vulnerablecode`. Use `vulnerablecode` as password when prompted:
   `sudo -u postgres createuser --no-createrole --no-superuser --login --inherit --createdb --pwprompt vulnerablecode`
 
 - Create a databased named `vulnerablecode`:
   `createdb --encoding=utf-8 --owner=vulnerablecode  --user=vulnerablecode --password --host=localhost --port=5432 vulnerablecode`
 
-### Application dependencies
+**Application dependencies**
 
-Activate a virtualenv, install dependencies, and run the database migrations:
+Create a virtualenv, install dependencies, and run the database migrations:
 
 ```
 python3 -m venv venv
@@ -132,13 +137,10 @@ systemctl --user daemon-reload && systemctl --user start vulnerablecode.timer
 ## API
 
 Start the webserver
-
 ```
 DJANGO_DEV=1 python manage.py runserver
 ```
-
 In your browser access:
-
 ```
 http://127.0.0.1:8000/api/docs
 ```
diff --git a/docker-compose.yml b/docker-compose.yml
@@ -0,0 +1,22 @@
+version: '3'
+
+services:
+  web:
+    environment:
+        - DJANGO_DEV=1
+        - VC_DB_HOST=db
+    build: .
+    command: bash -c "python manage.py migrate && python manage.py runserver 0.0.0.0:8000"
+    container_name: "vulnerablecode"
+    volumes:
+      - .:/vulnerablecode
+    ports:
+      - "8000:8000"
+    depends_on:
+      - db
+  db:
+    image: postgres
+    environment:
+        - POSTGRES_DB=vulnerablecode
+        - POSTGRES_USER=vulnerablecode
+        - POSTGRES_PASSWORD=vulnerablecode
diff --git a/vulnerablecode/settings.py b/vulnerablecode/settings.py
@@ -91,10 +91,10 @@
 DATABASES = {
     'default': {
         'ENGINE': 'django.db.backends.postgresql',
-	'NAME': 'vulnerablecode',
-        'USER': 'vulnerablecode',
-        'PASSWORD': 'vulnerablecode',
-        'HOST': 'localhost',
+	    'NAME': os.environ.get('VC_DB_NAME','vulnerablecode'),
+        'USER': os.environ.get('VC_DB_USER','vulnerablecode'),
+        'PASSWORD': os.environ.get('VC_DB_PASSWORD','vulnerablecode'),
+        'HOST': os.environ.get('VC_DB_HOST', 'localhost'),
         'PORT': '5432',
     }
 }
