Skip to content

build_image.py: Auto-enable Docker buildkit, and make git optional #1839

build_image.py: Auto-enable Docker buildkit, and make git optional

build_image.py: Auto-enable Docker buildkit, and make git optional #1839

Workflow file for this run

name: OFRAK CI Tests
on:
pull_request:
branches:
- master
push:
branches:
- master
schedule:
- cron: '0 0 * * *'
workflow_dispatch:
inputs:
flush_cache:
description: Flush the Docker image cache
default: false
type: boolean
permissions:
contents: read
defaults:
run:
shell: bash
jobs:
lint:
name: Lint
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
with:
lfs: true
- uses: actions/setup-python@v4
with:
python-version: '3.7'
cache: pip
cache-dependency-path: '**/setup.py'
- name: Install pre-commit
run: |
python3 -m pip install pre-commit
pre-commit install
- name: Run pre-commit
run: |
pre-commit run --all-files
- name: Install frontend linting dependencies
run: |
cd frontend
npm install
sudo apt-get install shellcheck
python3 -m pip install black==23.3.0
- name: Lint frontend
run: |
cd frontend
make check
build-base-image:
name: Build the common base OFRAK Docker image
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
with:
lfs: true
- uses: actions/setup-python@v4
with:
python-version: '3.7'
cache: pip
cache-dependency-path: '**/setup.py'
- name: Cache base image
id: cache-image
uses: actions/cache@v3
with:
key: ofrak-core-dev
path: ofrak-base.tar.gz
- name: Build base image
# Always rebuild the base image when the scheduled workflow runs
if: inputs.flush_cache || steps.cache-image.outputs.cache-hit != 'true' || github.event_name == 'schedule'
run: |
python3 -m pip install PyYAML
DOCKER_BUILDKIT=1 python3 build_image.py --config ofrak-core-dev.yml --base
- name: Export base image
if: inputs.flush_cache || steps.cache-image.outputs.cache-hit != 'true' || github.event_name == 'schedule'
run: |
sudo apt install pigz pv
docker save redballoonsecurity/ofrak/core-dev-base:latest \
| pigz -9 \
| pv --size 2400m --interval 5 --force \
> ofrak-base.tar.gz
ofrak-ghidra:
name: Test main OFRAK components
runs-on: ubuntu-latest
needs: build-base-image
steps:
- uses: actions/checkout@v3
with:
lfs: true
- uses: actions/setup-python@v4
with:
python-version: '3.7'
cache: pip
cache-dependency-path: '**/setup.py'
- name: Cache base image
id: cache-image
uses: actions/cache@v3
with:
key: ofrak-core-dev
path: ofrak-base.tar.gz
- name: Load base image
run: |
sudo apt install pv
pv --interval 5 --force ofrak-base.tar.gz \
| docker load
docker images
- name: Build Ghidra image
run: |
python3 -m pip install PyYAML
DOCKER_BUILDKIT=1 \
python3 build_image.py \
--config ofrak-ghidra.yml \
--base \
--finish \
--cache-from redballoonsecurity/ofrak/core-dev-base:latest
- name: Test documentation
run: |
docker run \
--interactive \
--rm \
--entrypoint bash \
--volume "$(pwd)":/ofrak \
redballoonsecurity/ofrak/ghidra:latest \
-c "cd /ofrak \
&& mkdocs build --site-dir /tmp/docs"
- name: Test components
run: |
docker run \
--interactive \
--rm \
--entrypoint bash \
redballoonsecurity/ofrak/ghidra:latest \
-c "python -m ofrak_ghidra.server start \
&& make test"
ofrak-angr:
name: Test OFRAK angr and capstone components
runs-on: ubuntu-latest
needs: build-base-image
steps:
- uses: actions/checkout@v3
with:
lfs: true
- uses: actions/setup-python@v4
with:
python-version: '3.7'
cache: pip
cache-dependency-path: '**/setup.py'
- name: Cache base image
id: cache-image
uses: actions/cache@v3
with:
key: ofrak-core-dev
path: ofrak-base.tar.gz
- name: Load base image
run: |
sudo apt install pv
pv --interval 5 --force ofrak-base.tar.gz \
| docker load
docker images
- name: Build angr image
run: |
python3 -m pip install PyYAML
DOCKER_BUILDKIT=1 \
python3 build_image.py \
--config ofrak-angr.yml \
--base \
--finish \
--cache-from redballoonsecurity/ofrak/core-dev-base:latest
- name: Test components
run: |
docker run \
--interactive \
--rm \
--entrypoint bash \
--volume "$(pwd)":/ofrak \
redballoonsecurity/ofrak/angr:latest \
-c "make -C /ofrak_angr test && make -C /ofrak_capstone test"
ofrak-tutorial:
name: Test OFRAK examples and tutorial notebooks
runs-on: ubuntu-latest
needs: build-base-image
steps:
- uses: actions/checkout@v3
with:
lfs: true
- uses: actions/setup-python@v4
with:
python-version: '3.7'
cache: pip
cache-dependency-path: '**/setup.py'
- name: Cache base image
id: cache-image
uses: actions/cache@v3
with:
key: ofrak-core-dev
path: ofrak-base.tar.gz
- name: Load base image
run: |
sudo apt install pv
pv --interval 5 --force ofrak-base.tar.gz \
| docker load
docker images
- name: Build tutorial image
run: |
python3 -m pip install PyYAML
DOCKER_BUILDKIT=1 \
python3 build_image.py \
--config ofrak-tutorial.yml \
--base \
--finish \
--cache-from redballoonsecurity/ofrak/core-dev-base:latest
- name: Test tutorials
run: |
docker run \
--interactive \
--rm \
--entrypoint bash \
redballoonsecurity/ofrak/tutorial:latest \
-c "python -m ofrak_ghidra.server start \
&& make -C /examples test \
&& make -C /ofrak_tutorial test"