chore: Optimize Dockerfiles and CI workflow for improved build effici…

…ency
SpecterOps · Dec 9, 2024 · fff3094 · fff3094
1 parent e0fb4e2
commit fff3094
Show file tree

Hide file tree

Showing 3 changed files with 25 additions and 20 deletions.
diff --git a/.github/workflows/build-container-images.yml b/.github/workflows/build-container-images.yml
@@ -82,5 +82,3 @@ jobs:
         type=registry,ref=specterops/bloodhound:buildcache
       image_cache_to: |-
         type=registry,ref=specterops/bloodhound:buildcache,mode=max
-
-
diff --git a/tools/docker-compose/pgadmin.Dockerfile b/tools/docker-compose/pgadmin.Dockerfile
@@ -14,7 +14,7 @@
 #
 # SPDX-License-Identifier: Apache-2.0
 
-FROM docker.io/dpage/pgadmin4
+FROM docker.io/dpage/pgadmin4:8.13.0
 
 # Add bh server config
 COPY configs/pgadmin/servers.json /pgadmin4/servers.json
@@ -23,6 +23,10 @@ COPY configs/pgadmin/servers.json /pgadmin4/servers.json
 RUN mkdir -p /var/lib/pgadmin/storage/bloodhound_specterops.io/
 COPY configs/pgadmin/pgpass /var/lib/pgadmin/storage/bloodhound_specterops.io/pgpass
 
-# Give pgadmin ownership or it will be owned by root and set u(rw) for password file or pgadmin will not use the file
+# Give pgadmin ownership or it will be owned by root and set u(rw) for password
+# file or pgadmin will not use the file
 USER root
-RUN chown -R pgadmin /var/lib/pgadmin && chmod 600 /var/lib/pgadmin/storage/bloodhound_specterops.io/pgpass
+RUN chown -R pgadmin /var/lib/pgadmin && \
+  chmod 600 /var/lib/pgadmin/storage/bloodhound_specterops.io/pgpass
+
+USER pgadmin
diff --git a/tools/docker-compose/ui.Dockerfile b/tools/docker-compose/ui.Dockerfile
@@ -17,17 +17,21 @@
 FROM docker.io/library/node:22-alpine AS base
 
 # Setup
-RUN mkdir /.yarn && chmod -R go+w /.yarn
-RUN mkdir /.cache && chmod -R go+w /.cache
-RUN corepack enable
-RUN corepack prepare yarn@stable --activate
+RUN mkdir /.yarn && \
+  chmod -R go+w /.yarn \
+  mkdir /.cache && \
+  chmod -R go+w /.cache && \
+  correpack enable && \
+  corepack prepare yarn@stable --activate
 
 # BloodHound Workspace files
 WORKDIR /bloodhound
-COPY package.json ./
-COPY yarn.lock ./
-COPY .yarnrc.yml ./
-COPY .yarn ./.yarn
+
+COPY package.json \
+  yarn.lock \
+  .yarnrc.yml \
+  .yarn \
+  ./
 
 # Shared Project Files
 WORKDIR /bloodhound/packages/javascript
@@ -36,13 +40,12 @@ COPY packages/javascript/js-client-library/package.json ./js-client-library/
 
 # BloodHound Project Files
 WORKDIR /bloodhound/cmd/ui
-COPY cmd/ui/package.json ./
-COPY cmd/ui/vite.config.ts ./
-COPY cmd/ui/tsconfig.node.json ./
-COPY cmd/ui/tsconfig.json ./
+COPY cmd/ui/package.json \
+  cmd/ui/vite.config.ts \
+  cmd/ui/tsconfig.node.json \
+  cmd/ui/tsconfig.json \
+  cmd/ui/index.html \
+  ./
 COPY cmd/ui/public ./public
-COPY cmd/ui/index.html ./
-
-WORKDIR /bloodhound/cmd/ui
 
 RUN yarn
Original file line number	Diff line number	Diff line change
Expand Up		@@ -82,5 +82,3 @@ jobs:
		type=registry,ref=specterops/bloodhound:buildcache
		image_cache_to: \|-
		type=registry,ref=specterops/bloodhound:buildcache,mode=max