Add docker deploys (BC-SECURITY#25)

* Create dockerimage.yml

* Rename dockerimage.yml to .github/.workflow/dockerimage.yml

* Rename .github/.workflow/dockerimage.yml to .github/workflows/dockerimage.yml

* Update dockerimage.yml

* Update dockerimage.yml

* Update dockerimage.yml

* Update dockerimage.yml

* runs in -it mode, need to get cmd sorted out

* Update dockerimage.yml

add tag_names and trigger on release.

* empty commit to trigger build

* little bit of cleanup

* readme

* Update README.md

* remove docker-action branch from dockerimage.yml

Author: vinnybod

.dockerignore

@@ -31,7 +31,7 @@ develop-eggs/
 dist/
 downloads/
 eggs/
-lib/
+# lib/
 lib64/
 parts/
 sdist/

.github/workflows/dockerimage.yml

@@ -0,0 +1,23 @@
+name: Docker Image CI
+
+on:
+  push:
+    branches: 
+      - master
+      - dev
+  release:
+    types: [published]
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v1
+      - name: Publish Docker
+        uses: elgohr/[email protected]
+        with:
+          name: bcsecurity/empire
+          username: ${{ secrets.DOCKER_USERNAME }}
+          password: ${{ secrets.DOCKER_PASSWORD }}
+          dockerfile: Dockerfile
+          tag_names: true 

Dockerfile

@@ -1,33 +1,23 @@
 # NOTE: Only use this when you want to build image locally
-#       else use `docker pull empireproject/empire:{VERSION}`
-#       all image versions can be found at: https://hub.docker.com/r/empireproject/empire/
+#       else use `docker pull bcsecurity/empire:{VERSION}`
+#       all image versions can be found at: https://hub.docker.com/r/bcsecurity/empire/
 
 # -----BUILD COMMANDS----
-# 1) build command: `docker build -t empireproject/empire .`
-# 2) create volume storage: `docker create -v /opt/Empire --name data empireproject/empire`
-# 3) run out container: `docker run -ti --volumes-from data empireproject/empire /bin/bash`
+# 1) build command: `docker build -t bcsecurity/empire .`
+# 2) create volume storage: `docker create -v /empire --name data bcsecurity/empire`
+# 3) run out container: `docker run -ti --volumes-from data bcsecurity/empire /bin/bash`
 
 # -----RELEASE COMMANDS----
-# 1) `USERNAME=empireproject`
-# 2) `IMAGE=empire`
-# 3) `git pull`
-# 4) `export VERSION="$(curl -s https://raw.githubusercontent.com/EmpireProject/Empire/master/lib/common/empire.py | grep "VERSION =" | cut -d '"' -f2)"`
-# 5) `docker tag $USERNAME/$IMAGE:latest $USERNAME/$IMAGE:$VERSION`
-# 1) `docker push $USERNAME/$IMAGE:latest`
-# 2) `docker push $USERNAME/$IMAGE:$VERSION`
+# Handled by GitHub Actions
 
 # -----BUILD ENTRY-----
 
 # image base
-FROM ubuntu:16.04
-
-# pull from BUILD
-ARG empirversion
+FROM python:3.7.5-buster
 
 # extra metadata
-LABEL maintainer="EmpireProject"
+LABEL maintainer="bc-security"
 LABEL description="Dockerfile base for Empire server."
-LABEL version=${empirversion}
 
 # env setup
 ENV STAGING_KEY=RANDOM
@@ -36,25 +26,18 @@ ENV DEBIAN_FRONTEND=noninteractive
 # set the def shell for ENV
 SHELL ["/bin/bash", "-c"]
 
-# install basic build items
-RUN apt-get update && apt-get install -qy \
-    wget \
-    curl \
-    git \
-    sudo \
-    apt-utils \
-    lsb-core \
-    python2.7 \
-    python-dev \ 
-  && ln -sf /usr/bin/python2.7 /usr/bin/python \
-  && rm -rf /var/lib/apt/lists/*
-
-# build empire from source
-# TODO: When we merge to master set branch to master
-RUN git clone --depth=1 -b dev https://github.com/EmpireProject/Empire.git /opt/Empire && \
-    cd /opt/Empire/setup/ && \
+COPY . /empire
+
+RUN apt-get update && \
+      apt-get -y install sudo && \
+      apt-get -y install lsb-release
+
+RUN cd /empire/setup/ && \
     ./install.sh && \
-    rm -rf /opt/Empire/data/empire*
-RUN python2.7 /opt/Empire/setup/setup_database.py
-WORKDIR "/opt/Empire"
-CMD ["python2.7", "empire"]
+    rm -rf /empire/data/empire*
+
+RUN python /empire/setup/setup_database.py
+
+WORKDIR /empire
+
+CMD ["python", "empire"]

README.md

@@ -50,6 +50,26 @@ sudo ./setup/install.sh
 
 There's also a [quickstart here](http://www.powershellempire.com/?page_id=110) and full [documentation here](http://www.powershellempire.com/?page_id=83).
 
+## Docker
+If you want to run Empire using a pre-built docker container:
+```bash
+docker pull bcsecurity/empire:{version}
+docker run -it bcsecurity/empire:{version}
+
+# with persistent storage
+docker pull bcsecurity/empire:{version}
+docker create -v /empire --name data bcsecurity/empire:{version}
+docker run -it --volumes-from data bcsecurity/empire:{version}
+
+# if you prefer to be dropped into bash instead of directly into empire
+# or docker run -it --volumes-from data bcsecurity/empire:{version} /bin/bash
+```
+
+All image versions can be found at: https://hub.docker.com/r/bcsecurity/empire/
+* The last commit from master will be deployed to the `latest` tag
+* The last commit from the dev branch will be deployed to the `dev` tag
+* All github tagged releases will be deployed using their version numbers (v3.0, v3.1, etc)
+
 ## Quickstart
 
 Check out the [Empire wiki](https://github.com/EmpireProject/Empire/wiki/Quickstart) for instructions on getting started with Empire.

setup/requirements.txt

@@ -17,3 +17,4 @@ pyminifier
 xlutils
 pycrypto
 pefile
+simplejson