build_image.py: Auto-enable Docker buildkit, and make git optional #1839
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: OFRAK CI Tests | |
on: | |
pull_request: | |
branches: | |
- master | |
push: | |
branches: | |
- master | |
schedule: | |
- cron: '0 0 * * *' | |
workflow_dispatch: | |
inputs: | |
flush_cache: | |
description: Flush the Docker image cache | |
default: false | |
type: boolean | |
permissions: | |
contents: read | |
defaults: | |
run: | |
shell: bash | |
jobs: | |
lint: | |
name: Lint | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
with: | |
lfs: true | |
- uses: actions/setup-python@v4 | |
with: | |
python-version: '3.7' | |
cache: pip | |
cache-dependency-path: '**/setup.py' | |
- name: Install pre-commit | |
run: | | |
python3 -m pip install pre-commit | |
pre-commit install | |
- name: Run pre-commit | |
run: | | |
pre-commit run --all-files | |
- name: Install frontend linting dependencies | |
run: | | |
cd frontend | |
npm install | |
sudo apt-get install shellcheck | |
python3 -m pip install black==23.3.0 | |
- name: Lint frontend | |
run: | | |
cd frontend | |
make check | |
build-base-image: | |
name: Build the common base OFRAK Docker image | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
with: | |
lfs: true | |
- uses: actions/setup-python@v4 | |
with: | |
python-version: '3.7' | |
cache: pip | |
cache-dependency-path: '**/setup.py' | |
- name: Cache base image | |
id: cache-image | |
uses: actions/cache@v3 | |
with: | |
key: ofrak-core-dev | |
path: ofrak-base.tar.gz | |
- name: Build base image | |
# Always rebuild the base image when the scheduled workflow runs | |
if: inputs.flush_cache || steps.cache-image.outputs.cache-hit != 'true' || github.event_name == 'schedule' | |
run: | | |
python3 -m pip install PyYAML | |
DOCKER_BUILDKIT=1 python3 build_image.py --config ofrak-core-dev.yml --base | |
- name: Export base image | |
if: inputs.flush_cache || steps.cache-image.outputs.cache-hit != 'true' || github.event_name == 'schedule' | |
run: | | |
sudo apt install pigz pv | |
docker save redballoonsecurity/ofrak/core-dev-base:latest \ | |
| pigz -9 \ | |
| pv --size 2400m --interval 5 --force \ | |
> ofrak-base.tar.gz | |
ofrak-ghidra: | |
name: Test main OFRAK components | |
runs-on: ubuntu-latest | |
needs: build-base-image | |
steps: | |
- uses: actions/checkout@v3 | |
with: | |
lfs: true | |
- uses: actions/setup-python@v4 | |
with: | |
python-version: '3.7' | |
cache: pip | |
cache-dependency-path: '**/setup.py' | |
- name: Cache base image | |
id: cache-image | |
uses: actions/cache@v3 | |
with: | |
key: ofrak-core-dev | |
path: ofrak-base.tar.gz | |
- name: Load base image | |
run: | | |
sudo apt install pv | |
pv --interval 5 --force ofrak-base.tar.gz \ | |
| docker load | |
docker images | |
- name: Build Ghidra image | |
run: | | |
python3 -m pip install PyYAML | |
DOCKER_BUILDKIT=1 \ | |
python3 build_image.py \ | |
--config ofrak-ghidra.yml \ | |
--base \ | |
--finish \ | |
--cache-from redballoonsecurity/ofrak/core-dev-base:latest | |
- name: Test documentation | |
run: | | |
docker run \ | |
--interactive \ | |
--rm \ | |
--entrypoint bash \ | |
--volume "$(pwd)":/ofrak \ | |
redballoonsecurity/ofrak/ghidra:latest \ | |
-c "cd /ofrak \ | |
&& mkdocs build --site-dir /tmp/docs" | |
- name: Test components | |
run: | | |
docker run \ | |
--interactive \ | |
--rm \ | |
--entrypoint bash \ | |
redballoonsecurity/ofrak/ghidra:latest \ | |
-c "python -m ofrak_ghidra.server start \ | |
&& make test" | |
ofrak-angr: | |
name: Test OFRAK angr and capstone components | |
runs-on: ubuntu-latest | |
needs: build-base-image | |
steps: | |
- uses: actions/checkout@v3 | |
with: | |
lfs: true | |
- uses: actions/setup-python@v4 | |
with: | |
python-version: '3.7' | |
cache: pip | |
cache-dependency-path: '**/setup.py' | |
- name: Cache base image | |
id: cache-image | |
uses: actions/cache@v3 | |
with: | |
key: ofrak-core-dev | |
path: ofrak-base.tar.gz | |
- name: Load base image | |
run: | | |
sudo apt install pv | |
pv --interval 5 --force ofrak-base.tar.gz \ | |
| docker load | |
docker images | |
- name: Build angr image | |
run: | | |
python3 -m pip install PyYAML | |
DOCKER_BUILDKIT=1 \ | |
python3 build_image.py \ | |
--config ofrak-angr.yml \ | |
--base \ | |
--finish \ | |
--cache-from redballoonsecurity/ofrak/core-dev-base:latest | |
- name: Test components | |
run: | | |
docker run \ | |
--interactive \ | |
--rm \ | |
--entrypoint bash \ | |
--volume "$(pwd)":/ofrak \ | |
redballoonsecurity/ofrak/angr:latest \ | |
-c "make -C /ofrak_angr test && make -C /ofrak_capstone test" | |
ofrak-tutorial: | |
name: Test OFRAK examples and tutorial notebooks | |
runs-on: ubuntu-latest | |
needs: build-base-image | |
steps: | |
- uses: actions/checkout@v3 | |
with: | |
lfs: true | |
- uses: actions/setup-python@v4 | |
with: | |
python-version: '3.7' | |
cache: pip | |
cache-dependency-path: '**/setup.py' | |
- name: Cache base image | |
id: cache-image | |
uses: actions/cache@v3 | |
with: | |
key: ofrak-core-dev | |
path: ofrak-base.tar.gz | |
- name: Load base image | |
run: | | |
sudo apt install pv | |
pv --interval 5 --force ofrak-base.tar.gz \ | |
| docker load | |
docker images | |
- name: Build tutorial image | |
run: | | |
python3 -m pip install PyYAML | |
DOCKER_BUILDKIT=1 \ | |
python3 build_image.py \ | |
--config ofrak-tutorial.yml \ | |
--base \ | |
--finish \ | |
--cache-from redballoonsecurity/ofrak/core-dev-base:latest | |
- name: Test tutorials | |
run: | | |
docker run \ | |
--interactive \ | |
--rm \ | |
--entrypoint bash \ | |
redballoonsecurity/ofrak/tutorial:latest \ | |
-c "python -m ofrak_ghidra.server start \ | |
&& make -C /examples test \ | |
&& make -C /ofrak_tutorial test" |