From c652cce84f405aa19db6c30838bbe278d1f56179 Mon Sep 17 00:00:00 2001 From: wiaamm Date: Wed, 25 Jun 2025 13:59:35 +0300 Subject: [PATCH] add the kong plugin Dockerfile --- docker/openappsec-kong-plugin/CMakeLists.txt | 9 ++++++ docker/openappsec-kong-plugin/Dockerfile | 31 ++++++++++++++++++++ docker/openappsec-waf-webhook/CMakeLists.txt | 2 +- 3 files changed, 41 insertions(+), 1 deletion(-) create mode 100755 docker/openappsec-kong-plugin/CMakeLists.txt create mode 100755 docker/openappsec-kong-plugin/Dockerfile diff --git a/docker/openappsec-kong-plugin/CMakeLists.txt b/docker/openappsec-kong-plugin/CMakeLists.txt new file mode 100755 index 0000000..fb6502e --- /dev/null +++ b/docker/openappsec-kong-plugin/CMakeLists.txt @@ -0,0 +1,9 @@ +message(STATUS "OUTPUT_KONG_PLUGIN_DOCKER_IMAGE = ${OUTPUT_KONG_PLUGIN_DOCKER_IMAGE}") +add_custom_command( + OUTPUT ${CMAKE_INSTALL_PREFIX}/kong-plugin-docker.img + COMMAND docker build -t kong-plugin-docker -f ${CMAKE_CURRENT_SOURCE_DIR}/Dockerfile ${CMAKE_INSTALL_PREFIX} + COMMAND docker tag kong-plugin-docker ${OUTPUT_KONG_PLUGIN_DOCKER_IMAGE} + COMMAND docker image save kong-plugin-docker -o ${CMAKE_INSTALL_PREFIX}/kong-plugin-docker.img +) + +add_custom_target(kong-plugin-docker DEPENDS ${CMAKE_INSTALL_PREFIX}/kong-plugin-docker.img) \ No newline at end of file diff --git a/docker/openappsec-kong-plugin/Dockerfile b/docker/openappsec-kong-plugin/Dockerfile new file mode 100755 index 0000000..0b6e6bd --- /dev/null +++ b/docker/openappsec-kong-plugin/Dockerfile @@ -0,0 +1,31 @@ +ARG VERSION +FROM kong:$VERSION + +USER root + +RUN apt-get update && apt-get install -y --no-install-recommends \ + build-essential git curl zlib1g-dev ca-certificates && \ + rm -rf /var/lib/apt/lists/* + +RUN curl -sL https://github.com/USCiLab/cereal/archive/refs/tags/v1.3.2.tar.gz | tar xz && \ + mkdir -p /usr/local/include/cereal && \ + cp -r cereal-1.3.2/include/cereal /usr/local/include/ && \ + rm -rf cereal-1.3.2 + +ENV LUAROCKS_VER=3.11.0 +RUN curl -fSL https://luarocks.org/releases/luarocks-${LUAROCKS_VER}.tar.gz -o luarocks-${LUAROCKS_VER}.tar.gz && \ + tar xzf luarocks-${LUAROCKS_VER}.tar.gz && \ + cd luarocks-${LUAROCKS_VER} && \ + ./configure \ + --with-lua=/usr/local/openresty/luajit \ + --with-lua-include=/usr/local/openresty/luajit/include/luajit-2.1 && \ + make && make install && \ + cd .. && rm -rf luarocks-${LUAROCKS_VER}* + +# Install the plugin via LuaRocks +RUN luarocks install https://raw.githubusercontent.com/openappsec/attachment/main/attachments/kong/open-appsec-waf-kong-plugin-1.0.0-1.rockspec --deps-mode=all + +USER kong + +# Enable the plugin +ENV KONG_PLUGINS=bundled,open-appsec-waf-kong-plugin diff --git a/docker/openappsec-waf-webhook/CMakeLists.txt b/docker/openappsec-waf-webhook/CMakeLists.txt index 710fcc5..2539b4d 100755 --- a/docker/openappsec-waf-webhook/CMakeLists.txt +++ b/docker/openappsec-waf-webhook/CMakeLists.txt @@ -1,4 +1,4 @@ -message(STATUS "OUTPUT_ENVOY_FILTERS_DOCKER_IMAGE = ${OUTPUT_ENVOY_FILTERS_DOCKER_IMAGE}") +message(STATUS "OUTPUT_WAF_WEBHOOK_DOCKER_IMAGE = ${OUTPUT_WAF_WEBHOOK_DOCKER_IMAGE}") add_custom_command( OUTPUT ${CMAKE_INSTALL_PREFIX}/waf-webhook-docker.img COMMAND docker build -t waf-webhook-docker -f ${CMAKE_CURRENT_SOURCE_DIR}/Dockerfile ${CMAKE_INSTALL_PREFIX}