Skip to content

Commit

Permalink
Merge pull request #3 from tomgonzo/main
Browse files Browse the repository at this point in the history
Add Dockerfile and GitHub Actions Publish Workflow
  • Loading branch information
cristianp-fossid authored May 13, 2024
2 parents e677ad1 + ed6355a commit d49e6ae
Show file tree
Hide file tree
Showing 4 changed files with 55 additions and 6 deletions.
8 changes: 8 additions & 0 deletions .dockerignore
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
./github/workflows
.vscode
.gitignore
.pylintrc
Dockerfile
LICENSE
README.md
setup.cfg
31 changes: 31 additions & 0 deletions .github/workflows/build-image.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,31 @@
name: Publish Container Image to GHCR

on:
push:
branches:
- main

jobs:
build-and-push:
runs-on: ubuntu-latest
permissions:
packages: write
contents: read

steps:
- uses: actions/checkout@v4
- name: Log in to GitHub Container Registry
run: echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u ${{ github.actor }} --password-stdin

- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3

- name: Build Multi-Platform Image
uses: docker/build-push-action@v5
with:
context: .
platforms: linux/amd64,linux/arm64
push: true
tags: ghcr.io/${{ github.repository_owner }}/workbench-agent:latest
10 changes: 10 additions & 0 deletions Dockerfile
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
FROM cgr.dev/chainguard/python:latest-dev as builder
WORKDIR /app
COPY requirements.txt .
RUN pip install -r requirements.txt --user

FROM cgr.dev/chainguard/python:latest
WORKDIR /app
COPY --from=builder /home/nonroot/.local/lib/python3.12/site-packages /home/nonroot/.local/lib/python3.12/site-packages
COPY workbench-agent.py .
ENTRYPOINT [ "python", "/app/workbench-agent.py" ]
12 changes: 6 additions & 6 deletions workbench-agent.py
Original file line number Diff line number Diff line change
Expand Up @@ -80,11 +80,11 @@ def _send_request(self, payload: dict) -> dict:

def upload_files(self, scan_code: str, path: str):
"""
Uploads a .fossid file to the Workbench using the API's Upload endpoint.
Uploads files to the Workbench using the API's File Upload endpoint.
Args:
scan_code (str): The code of the scan where the hashes should be uploaded.
path (str): Path to the blind scan result (.fossid file).
scan_code (str): The scan code where the file or files will be uploaded.
path (str): Path to the file or files to upload.
"""
name = base64.b64encode(os.path.basename(path).encode()).decode("utf-8")
scan_code = base64.b64encode(scan_code.encode()).decode("utf-8")
Expand All @@ -106,7 +106,7 @@ def upload_files(self, scan_code: str, path: str):
sys.exit(1)
except IOError:
# Error opening file
print(f"Failed to upload hashes for scan {scan_code}")
print(f"Failed to upload files to the scan {scan_code}.")
print(traceback.print_exc())
sys.exit(1)

Expand Down Expand Up @@ -134,7 +134,7 @@ def _delete_existing_scan(self, scan_code: str):

def create_webapp_scan(self, scan_code: str, project_code: str = None, target_path: str = None) -> bool:
"""
Creates a new web application scan in the Workbench.
Creates a Scan in Workbench. The scan can optionally be created inside a Project.
Args:
scan_code (str): The unique identifier for the scan.
Expand All @@ -154,7 +154,7 @@ def create_webapp_scan(self, scan_code: str, project_code: str = None, target_pa
"scan_name": scan_code,
"project_code": project_code,
"target_path": target_path,
"description": "Automatically created scan by Workbench Agent script.",
"description": "Scan created using the Workbench Agent.",
},
}
response = self._send_request(payload)
Expand Down

0 comments on commit d49e6ae

Please sign in to comment.