From 5a1945df62ca8a7894d9180c74e3b8335a8c8e41 Mon Sep 17 00:00:00 2001 From: wiaamm Date: Mon, 28 Jul 2025 10:58:02 +0300 Subject: [PATCH] add gateway --- .../CMakeLists.txt | 9 ++++++ .../openappsec-kong-gateway-plugin/Dockerfile | 30 +++++++++++++++++++ docker/openappsec-kong-plugin/Dockerfile | 2 +- 3 files changed, 40 insertions(+), 1 deletion(-) create mode 100755 docker/openappsec-kong-gateway-plugin/CMakeLists.txt create mode 100755 docker/openappsec-kong-gateway-plugin/Dockerfile diff --git a/docker/openappsec-kong-gateway-plugin/CMakeLists.txt b/docker/openappsec-kong-gateway-plugin/CMakeLists.txt new file mode 100755 index 0000000..61d7711 --- /dev/null +++ b/docker/openappsec-kong-gateway-plugin/CMakeLists.txt @@ -0,0 +1,9 @@ +message(STATUS "OUTPUT_KONG_PLUGIN_DOCKER_IMAGE = ${OUTPUT_KONG_PLUGIN_DOCKER_IMAGE}") +add_custom_command( + OUTPUT ${CMAKE_INSTALL_PREFIX}/kong-plugin-docker.img + COMMAND docker build --load -t kong-plugin-docker --network host -f ${CMAKE_CURRENT_SOURCE_DIR}/Dockerfile ${CMAKE_INSTALL_PREFIX} + COMMAND docker tag kong-plugin-docker ${OUTPUT_KONG_PLUGIN_DOCKER_IMAGE} + COMMAND docker image save kong-plugin-docker -o ${CMAKE_INSTALL_PREFIX}/kong-plugin-docker.img +) + +add_custom_target(kong-plugin-docker DEPENDS ${CMAKE_INSTALL_PREFIX}/kong-plugin-docker.img) \ No newline at end of file diff --git a/docker/openappsec-kong-gateway-plugin/Dockerfile b/docker/openappsec-kong-gateway-plugin/Dockerfile new file mode 100755 index 0000000..28c9e8b --- /dev/null +++ b/docker/openappsec-kong-gateway-plugin/Dockerfile @@ -0,0 +1,30 @@ +FROM kong + +USER root + +RUN apt-get update && apt-get install -y --no-install-recommends \ + build-essential git curl zlib1g-dev ca-certificates && \ + rm -rf /var/lib/apt/lists/* + +RUN curl -sL https://github.com/USCiLab/cereal/archive/refs/tags/v1.3.2.tar.gz | tar xz && \ + mkdir -p /usr/local/include/cereal && \ + cp -r cereal-1.3.2/include/cereal /usr/local/include/ && \ + rm -rf cereal-1.3.2 + +ENV LUAROCKS_VER=3.11.0 +RUN curl -fSL https://luarocks.org/releases/luarocks-${LUAROCKS_VER}.tar.gz -o luarocks-${LUAROCKS_VER}.tar.gz && \ + tar xzf luarocks-${LUAROCKS_VER}.tar.gz && \ + cd luarocks-${LUAROCKS_VER} && \ + ./configure \ + --with-lua=/usr/local/openresty/luajit \ + --with-lua-include=/usr/local/openresty/luajit/include/luajit-2.1 && \ + make && make install && \ + cd .. && rm -rf luarocks-${LUAROCKS_VER}* + +# Install the plugin via LuaRocks +RUN luarocks https://raw.githubusercontent.com/openappsec/attachment/main/attachments/kong/plugins/open-appsec-waf-kong-plugin/open-appsec-waf-kong-plugin-1.0.0-1.rockspec --deps-mode=all + +USER kong + +# Enable the plugin +ENV KONG_PLUGINS=bundled,open-appsec-waf-kong-plugin diff --git a/docker/openappsec-kong-plugin/Dockerfile b/docker/openappsec-kong-plugin/Dockerfile index 1c5e963..28c9e8b 100755 --- a/docker/openappsec-kong-plugin/Dockerfile +++ b/docker/openappsec-kong-plugin/Dockerfile @@ -22,7 +22,7 @@ RUN curl -fSL https://luarocks.org/releases/luarocks-${LUAROCKS_VER}.tar.gz -o l cd .. && rm -rf luarocks-${LUAROCKS_VER}* # Install the plugin via LuaRocks -RUN luarocks install https://raw.githubusercontent.com/openappsec/attachment/main/attachments/kong/open-appsec-waf-kong-plugin-1.0.0-1.rockspec --deps-mode=all +RUN luarocks https://raw.githubusercontent.com/openappsec/attachment/main/attachments/kong/plugins/open-appsec-waf-kong-plugin/open-appsec-waf-kong-plugin-1.0.0-1.rockspec --deps-mode=all USER kong