From 5bad7721250a0dc4258a5187f35443730f48b6b3 Mon Sep 17 00:00:00 2001 From: Mikhail Klementev Date: Fri, 30 Aug 2019 00:05:50 +0000 Subject: [PATCH] Support custom docker commands Resolves #17 --- CHANGELOG.md | 3 +++ config/out-of-tree.go | 9 +++++++++ kernel.go | 37 ++++++++++++++++++++++++++++--------- main.go | 9 ++++++--- pack.go | 5 +++-- 5 files changed, 49 insertions(+), 14 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index e534e87..6110fc3 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -15,6 +15,9 @@ - Parameter for setting up docker registry server. +- Support for (distro-specific) custom docker commands that will be + executed before the base template. + ### Fixed - Spelling in output. diff --git a/config/out-of-tree.go b/config/out-of-tree.go index fafe497..4d05d98 100644 --- a/config/out-of-tree.go +++ b/config/out-of-tree.go @@ -10,6 +10,11 @@ import ( "github.com/naoina/toml" ) +type DockerCommand struct { + DistroType DistroType + Command string +} + type OutOfTree struct { Kernels string UserKernels string @@ -23,6 +28,10 @@ type OutOfTree struct { Docker struct { Timeout string Registry string + + // Commands that will be executed before + // the base layer of Dockerfile + Commands []DockerCommand } } diff --git a/kernel.go b/kernel.go index 9d5d129..5aa54ec 100644 --- a/kernel.go +++ b/kernel.go @@ -109,7 +109,9 @@ func vsyscallAvailable() (available bool, err error) { return } -func generateBaseDockerImage(registry string, sk config.KernelMask) (err error) { +func generateBaseDockerImage(registry string, commands []config.DockerCommand, + sk config.KernelMask) (err error) { + imagePath, err := dockerImagePath(sk) if err != nil { return @@ -143,6 +145,21 @@ func generateBaseDockerImage(registry string, sk config.KernelMask) (err error) return } + for _, c := range commands { + switch c.DistroType { + case config.Ubuntu: + d += "RUN " + c.Command + "\n" + case config.CentOS: + d += "RUN " + c.Command + "\n" + case config.Debian: + d += "RUN " + c.Command + "\n" + default: + err = fmt.Errorf("%s not yet supported", + sk.DistroType.String()) + return + } + } + switch sk.DistroType { case config.Ubuntu: d += "ENV DEBIAN_FRONTEND=noninteractive\n" @@ -578,7 +595,8 @@ func shuffle(a []string) []string { return a } -func generateKernels(km config.KernelMask, registry string, max int64, +func generateKernels(km config.KernelMask, registry string, + commands []config.DockerCommand, max int64, download bool) (err error) { log.Println("Generating for kernel mask", km) @@ -589,7 +607,7 @@ func generateKernels(km config.KernelMask, registry string, max int64, return } - err = generateBaseDockerImage(registry, km) + err = generateBaseDockerImage(registry, commands, km) if err != nil { return } @@ -639,8 +657,9 @@ func generateKernels(km config.KernelMask, registry string, max int64, return } -func kernelAutogenHandler(workPath, registry string, max int64, host, - download bool) (err error) { +func kernelAutogenHandler(workPath, registry string, + commands []config.DockerCommand, + max int64, host, download bool) (err error) { ka, err := config.ReadArtifactConfig(workPath + "/.out-of-tree.toml") if err != nil { @@ -653,7 +672,7 @@ func kernelAutogenHandler(workPath, registry string, max int64, host, return } - err = generateKernels(sk, registry, max, download) + err = generateKernels(sk, registry, commands, max, download) if err != nil { return } @@ -704,8 +723,8 @@ func kernelDockerRegenHandler(host, download bool) (err error) { return updateKernelsCfg(host, download) } -func kernelGenallHandler(distro, version, registry string, host, - download bool) (err error) { +func kernelGenallHandler(distro, version, registry string, + commands []config.DockerCommand, host, download bool) (err error) { distroType, err := config.NewDistroType(distro) if err != nil { @@ -717,7 +736,7 @@ func kernelGenallHandler(distro, version, registry string, host, DistroRelease: version, ReleaseMask: ".*", } - err = generateKernels(km, registry, kernelsAll, download) + err = generateKernels(km, registry, commands, kernelsAll, download) if err != nil { return } diff --git a/main.go b/main.go index 6e113d7..e65f3d7 100644 --- a/main.go +++ b/main.go @@ -293,11 +293,13 @@ func main() { err = kernelListHandler(kcfg) case kernelAutogenCommand.FullCommand(): err = kernelAutogenHandler(*path, *dockerRegistry, - *kernelAutogenMax, *kernelUseHost, !*kernelNoDownload) + conf.Docker.Commands, *kernelAutogenMax, + *kernelUseHost, !*kernelNoDownload) case kernelDockerRegenCommand.FullCommand(): err = kernelDockerRegenHandler(*kernelUseHost, !*kernelNoDownload) case kernelGenallCommand.FullCommand(): - err = kernelGenallHandler(*distro, *version, *dockerRegistry, + err = kernelGenallHandler(*distro, *version, + *dockerRegistry, conf.Docker.Commands, *kernelUseHost, !*kernelNoDownload) case genModuleCommand.FullCommand(): err = genConfig(config.KernelModule) @@ -321,7 +323,8 @@ func main() { case logMarkdownCommand.FullCommand(): err = logMarkdownHandler(db, *path, *logMarkdownTag) case packCommand.FullCommand(): - err = packHandler(db, *path, *dockerRegistry, kcfg, *packAutogen, + err = packHandler(db, *path, *dockerRegistry, + conf.Docker.Commands, kcfg, *packAutogen, !*packNoDownload, *packExploitRuns, *packKernelRuns) } diff --git a/pack.go b/pack.go index 9474c1b..d1c58da 100644 --- a/pack.go +++ b/pack.go @@ -15,7 +15,8 @@ import ( "code.dumpstack.io/tools/out-of-tree/config" ) -func packHandler(db *sql.DB, path, registry string, kcfg config.KernelConfig, +func packHandler(db *sql.DB, path, registry string, + commands []config.DockerCommand, kcfg config.KernelConfig, autogen, download bool, exploitRuns, kernelRuns int64) (err error) { dockerTimeout := time.Minute @@ -40,7 +41,7 @@ func packHandler(db *sql.DB, path, registry string, kcfg config.KernelConfig, if autogen { var perRegex int64 = 1 err = kernelAutogenHandler(workPath, registry, - perRegex, false, download) + commands, perRegex, false, download) if err != nil { return }