Repo cloned at docker runtime to prevent leaking private wazuh rules …

…and decoders

.github/workflows/ci.yml

@@ -21,6 +21,10 @@ jobs:
       shell: bash
       run: echo "branch=${GITHUB_HEAD_REF:-${GITHUB_REF#refs/heads/}}" >> $GITHUB_OUTPUT
 
+    - name: Get repository URL
+      id: get_repo_url
+      run: echo "repo_url=${{ github.server_url }}/${{ github.repository }}" >> $GITHUB_OUTPUT
+
     - name: Log in to Docker Hub
       uses: docker/login-action@v2
       with:
@@ -30,10 +34,12 @@ jobs:
     - name: Pull Docker image
       run: docker pull ${{ secrets.DOCKER_IMAGE }}
 
-    - name: Run container with branch info
+    - name: Run container with branch and repo info
       run: |
-        docker run -e BRANCH_NAME=${{ steps.extract_branch.outputs.branch }} ${{ secrets.DOCKER_IMAGE }} || exit 1
+        docker run -e BRANCH_NAME=${{ steps.extract_branch.outputs.branch }} \
+                   -e REPO_URL=${{ steps.get_repo_url.outputs.repo_url }} \
+                   ${{ secrets.DOCKER_IMAGE }} || exit 1
 
     - name: Verify container exit status
       run: |
-        echo "Container ran successfully."
+        echo "Container ran successfully."

Dockerfile.auto

@@ -1,28 +1,19 @@
 FROM wazuh/wazuh-manager:4.8.0
 
-#=========================================#
-#=== CHANGE THIS TO YOUR PIPELINE REPO ===#
-#=========================================#
-ENV PIPELINE_REPO=https://github.com/alexchristy/wazuh-pipeline.git
-#=========================================#
-
 ENV WAZUH_TEST_REPO=https://github.com/alexchristy/WazuhTest.git
 
 WORKDIR /root
 
-# Clone repos
+COPY init.sh /root/init.sh
+
+# Install dependencies
 RUN yum install git iproute golang -y 
-RUN git clone $PIPELINE_REPO wazuh_pipeline
-RUN git clone $WAZUH_TEST_REPO wazuh_test
 
-# Install WazuhTest tool 
+# Install WazuhTest tool
+RUN git clone $WAZUH_TEST_REPO wazuh_test
 WORKDIR /root/wazuh_test
 RUN go build .
 RUN chmod 751 WazuhTest
 RUN cp ./WazuhTest /usr/bin
 
-WORKDIR /root/wazuh_pipeline
-
-RUN chmod +x ./*.sh
-
-ENTRYPOINT ["/bin/sh", "/root/wazuh_pipeline/main.sh"]
+ENTRYPOINT ["/bin/sh", "/root/init.sh"]

Dockerfile.live

@@ -1,30 +1,20 @@
 FROM wazuh/wazuh-manager:4.8.0
-
-#=========================================#
-#=== CHANGE THIS TO YOUR PIPELINE REPO ===#
-#=========================================#
-ENV PIPELINE_REPO=https://github.com/alexchristy/wazuh-pipeline.git
-#=========================================#
+EXPOSE 1514/tcp 1515/tcp 1516/tcp 514/udp 55000/tcp
 
 ENV WAZUH_TEST_REPO=https://github.com/alexchristy/WazuhTest.git
 
 WORKDIR /root
 
-# Clone repos
-RUN yum install git iproute golang -y 
-RUN git clone $PIPELINE_REPO wazuh_pipeline
-RUN git clone $WAZUH_TEST_REPO wazuh_test
+COPY init.sh /root/init.sh
 
-# Install WazuhTest tool 
+# Install dependencies
+RUN yum install git iproute golang -y
+
+# Install WazuhTest tool
+RUN git clone $WAZUH_TEST_REPO wazuh_test
 WORKDIR /root/wazuh_test
 RUN go build .
 RUN chmod 751 WazuhTest
 RUN cp ./WazuhTest /usr/bin
 
-WORKDIR /root/wazuh_pipeline
-
-RUN chmod +x ./*.sh
-
-EXPOSE 1514/tcp 1515/tcp 1516/tcp 514/udp 55000/tcp
-
-ENTRYPOINT ["/bin/sh", "/root/wazuh_pipeline/main.sh", "-i"]
+ENTRYPOINT ["/bin/sh", "/root/init.sh", "-i"]

init.sh

@@ -0,0 +1,14 @@
+#!/bin/sh
+PIPELINE_REPO_PATH="/root/wazuh_pipeline"
+
+# Setup pipeline repo
+git clone "$REPO_URL" "$PIPELINE_REPO_PATH"
+cd "$PIPELINE_REPO_PATH" ||  1
+chmod +x ./*.sh
+
+# Check for the -i flag
+if [ "$1" = "-i" ]; then
+  ./main.sh -i
+else
+  ./main.sh
+fi

main.sh

@@ -25,6 +25,10 @@ parse_args() {
 # ====( CONSTANTS )==== #
 PIPELINE_REPO_PATH="/root/wazuh_pipeline"
 
+# Clone intial repo
+git clone "$REPO_URL"
+cd "$PIPELINE_REPO_PATH" ||  1
+
 # ====( IMPORTS )==== #
 # shellcheck disable=SC1091
 . "$PIPELINE_REPO_PATH/utils.sh"