feat(magefile): allow to customise interp timeout

[Infra-Red]

The build process is failing after 3 minutes (default tinygo inter timeout) when trying to build a filter with GeoIP pluging that has a city database embedded:

/app/geoip.go:15:6: interp: running for more than 3m0s, timing out (executed calls: 2)
%stackalloc = alloca i8, align 1, !dbg !46
traceback:
/app/geoip.go:15:6:
%stackalloc = alloca i8, align 1, !dbg !46
app:
call void @"main.init#1"(ptr undef), !dbg !44
Error: running "tinygo build -gc=custom -opt=2 -o build/mainraw.wasm -scheduler=none -target=wasip1 -tags='custommalloc nottinygc_envoy no_fs_access memoize_builders coraza.rule.multiphase_evaluation'" failed with exit code 1

This change will allow increasing the timeout so that builds that use the go:embed directive aren't failing.

[M4tteoP]

Hey @Infra-Red, could you please rebase this PR on top of main branch? The CI has been fixed, so a rebase should be enough to have this PR green. Overall, LGTM!
Thanks

[Infra-Red]

Done. Thanks for looking into it @M4tteoP!

[M4tteoP]

Thanks! Looks good and CI is green.
Out of curiosity, could you share something about how you are building it with GeoIP? Are you relying on https://github.com/corazawaf/coraza-geoip doing essentially what has been done in #236?

[igor-mendix]

Hi @M4tteoP, I'm with @Infra-Red.

Here's our Dockerfile:

# mmdb loader stage
FROM python AS loader

COPY update_geoip2.py /

RUN /update_geoip2.py -d GeoIP2-City -o /


# Builder stage
FROM tinygo/tinygo AS builder
WORKDIR /app

RUN git clone https://github.com/corazawaf/coraza-proxy-wasm.git .
COPY --chmod=755 *.go ./
COPY --from=loader /GeoIP2-City.mmdb ./

RUN go get github.com/corazawaf/coraza-geoip && go mod tidy
RUN sed -i 's/-target=wasip1", buildTagArg);/-target=wasip1", buildTagArg, "-interp-timeout=120m");/g' magefiles/magefile.go
RUN go run mage.go build


# Final stage
FROM scratch
COPY --from=builder /app/build/main.wasm /plugin.wasm

update_geoip2.py is our proprietary script that just downloads the mmdb and checks its consistency, so you could simplify this to two stages if you have the file mmdb file locally.

That sed in the builder stage is a workaround that this MR fixes, so could now be dropped.

The only .go file (copied in the builder stage) is basically copy-paste from the coraza-geoip readme:

package main

import (
        _ "embed"

        geo "github.com/corazawaf/coraza-geoip"
)

//go:embed GeoIP2-City.mmdb
var geoIpCity []byte

func init() {
        geo.RegisterGeoDatabase(geoIpCity, "city")
}

Be prepared for ~25 minute build.

If you're also curious about usage side: we tried to tie this to Envoy (via Envoy Gateway), but failed due to various limitations, most critical being something making restricted callbacks, and even though I managed to hack in some allowed_capabilities additions, it's very unreliable (due to JSONPatching pointing at fixed list indexes) and generally seems less secure, and I couldn't even find all capabilities that it needs, so it's a no-go for us.