From 6154961b0b87e336266870a4ed2d53af84d49251 Mon Sep 17 00:00:00 2001 From: wiaam-mhameed <75263243+wiaam-mhameed@users.noreply.github.com> Date: Tue, 29 Jul 2025 09:44:19 +0300 Subject: [PATCH] Add kong gateway (#42) * add gateway * fix right command * fix CMakeLists * add uzip package --------- Co-authored-by: wiaamm --- docker/CMakeLists.txt | 1 + .../CMakeLists.txt | 9 ++++++ .../openappsec-kong-gateway-plugin/Dockerfile | 30 +++++++++++++++++++ 3 files changed, 40 insertions(+) create mode 100755 docker/openappsec-kong-gateway-plugin/CMakeLists.txt create mode 100755 docker/openappsec-kong-gateway-plugin/Dockerfile diff --git a/docker/CMakeLists.txt b/docker/CMakeLists.txt index fcbb251..5010d2b 100644 --- a/docker/CMakeLists.txt +++ b/docker/CMakeLists.txt @@ -10,3 +10,4 @@ add_custom_target(docker DEPENDS ${CMAKE_INSTALL_PREFIX}/nginx-docker.img) add_subdirectory(openappsec-envoy-attachments) add_subdirectory(openappsec-waf-webhook) add_subdirectory(openappsec-kong-plugin) +add_subdirectory(openappsec-kong-gateway-plugin) diff --git a/docker/openappsec-kong-gateway-plugin/CMakeLists.txt b/docker/openappsec-kong-gateway-plugin/CMakeLists.txt new file mode 100755 index 0000000..979c874 --- /dev/null +++ b/docker/openappsec-kong-gateway-plugin/CMakeLists.txt @@ -0,0 +1,9 @@ +message(STATUS "OUTPUT_KONG_PLUGIN_DOCKER_IMAGE = ${OUTPUT_KONG_PLUGIN_DOCKER_IMAGE}") +add_custom_command( + OUTPUT ${CMAKE_INSTALL_PREFIX}/kong-gateway-plugin-docker.img + COMMAND docker build --load -t kong-gateway-plugin-docker --network host -f ${CMAKE_CURRENT_SOURCE_DIR}/Dockerfile ${CMAKE_INSTALL_PREFIX} + COMMAND docker tag kong-gateway-plugin-docker ${OUTPUT_KONG_PLUGIN_DOCKER_IMAGE} + COMMAND docker image save kong-gateway-plugin-docker -o ${CMAKE_INSTALL_PREFIX}/kong-gateway-plugin-docker.img +) + +add_custom_target(kong-gateway-plugin-docker DEPENDS ${CMAKE_INSTALL_PREFIX}/kong-gateway-plugin-docker.img) \ No newline at end of file diff --git a/docker/openappsec-kong-gateway-plugin/Dockerfile b/docker/openappsec-kong-gateway-plugin/Dockerfile new file mode 100755 index 0000000..ef3701a --- /dev/null +++ b/docker/openappsec-kong-gateway-plugin/Dockerfile @@ -0,0 +1,30 @@ +FROM kong/kong-gateway + +USER root + +RUN apt-get update && apt-get install -y --no-install-recommends \ + build-essential git curl zlib1g-dev ca-certificates unzip && \ + rm -rf /var/lib/apt/lists/* + +RUN curl -sL https://github.com/USCiLab/cereal/archive/refs/tags/v1.3.2.tar.gz | tar xz && \ + mkdir -p /usr/local/include/cereal && \ + cp -r cereal-1.3.2/include/cereal /usr/local/include/ && \ + rm -rf cereal-1.3.2 + +ENV LUAROCKS_VER=3.11.0 +RUN curl -fSL https://luarocks.org/releases/luarocks-${LUAROCKS_VER}.tar.gz -o luarocks-${LUAROCKS_VER}.tar.gz && \ + tar xzf luarocks-${LUAROCKS_VER}.tar.gz && \ + cd luarocks-${LUAROCKS_VER} && \ + ./configure \ + --with-lua=/usr/local/openresty/luajit \ + --with-lua-include=/usr/local/openresty/luajit/include/luajit-2.1 && \ + make && make install && \ + cd .. && rm -rf luarocks-${LUAROCKS_VER}* + +# Install the plugin via LuaRocks +RUN luarocks install https://raw.githubusercontent.com/openappsec/attachment/main/attachments/kong/plugins/open-appsec-waf-kong-plugin/open-appsec-waf-kong-plugin-1.0.0-1.rockspec + +USER kong + +# Enable the plugin +ENV KONG_PLUGINS=bundled,open-appsec-waf-kong-plugin