mos.pm.me

byt3n33dl3 · Dec 3, 2024 · 5eedb21 · 5eedb21
1 parent 217c97b
commit 5eedb21
Show file tree

Hide file tree

Showing 2 changed files with 51 additions and 16 deletions.
diff --git a/README.md b/README.md
@@ -103,6 +103,6 @@ under the `Apache-2.0` license. A full copy of the license may be found in the t
 <a href="https://github.com/apps/dependabot"><img src="https://avatars.githubusercontent.com/in/29110?v=4" width="50" height="50" alt="" style="max-width: 100%;"></a>
 <a href="https://github.com/rvazarkar"><img src="https://avatars.githubusercontent.com/u/5720446?v=4" width="50" height="50" alt="" style="max-width: 100%;"></a>
 <a href="https://github.com/mistahj67"><img src="https://avatars.githubusercontent.com/u/26472282?v=4" width="50" height="50" alt="" style="max-width: 100%;"></a>
-<a href="https://github.com/SpecterOps"><img src="https://www.theladders.com/s3proxy/company-photo.theladders.com/51626/12f5a81c-2b81-493e-8e03-994c6abd3eb1.png" width="50" height="50" alt="" style="max-width: 100%;"></a>
+<a href="https://github.com/SpecterOps"><img src="https://avatars.githubusercontent.com/u/25406560?s=200&v=4" width="50" height="50" alt="" style="max-width: 100%;"></a>
 <a href="https://github.com/benwaples"><img src="https://avatars.githubusercontent.com/u/66393111?v=4" width="50" height="50" alt="" style="max-width: 100%;"></a>
 </p>
diff --git a/tools/docker-compose/api.Dockerfile b/tools/docker-compose/api.Dockerfile
@@ -17,13 +17,49 @@
 ########
 # Global build args
 ################
-ARG SHARPHOUND_VERSION=v2.5.8
+ARG SHARPHOUND_VERSION=v2.5.9
 ARG AZUREHOUND_VERSION=v2.2.1
 
+########
+# Golang Image
+################
+FROM --platform=$BUILDPLATFORM docker.io/library/golang:1.23-alpine3.20 AS godeps
+
+########
+# Builder init
+################
+FROM --platform=$BUILDPLATFORM docker.io/library/node:22-alpine3.20 AS deps
+ARG version=v999.999.999
+ARG checkout_hash=""
+ENV SB_LOG_LEVEL=debug
+ENV SB_VERSION=${version}
+ENV CHECKOUT_HASH=${checkout_hash}
+WORKDIR /bloodhound
+
+RUN apk add --update --no-cache git
+
+COPY --from=godeps /usr/local/go/ /usr/local/go/
+ENV PATH="/usr/local/go/bin:${PATH}"
+
+COPY . /bloodhound
+RUN go run github.com/specterops/bloodhound/packages/go/stbernard deps
+
+########
+# Build
+################
+FROM deps AS builder
+ARG TARGETOS
+ARG TARGETARCH
+ENV CGO_ENABLED=0
+ENV SB_VERSION=${version}
+WORKDIR /bloodhound
+
+RUN go run github.com/specterops/bloodhound/packages/go/stbernard build --os ${TARGETOS} --arch ${TARGETARCH}
+
 ########
 # Package other assets
 ################
-FROM docker.io/library/alpine:3.16 as hound-builder
+FROM --platform=$BUILDPLATFORM docker.io/library/alpine:3.20 as hound-builder
 ARG SHARPHOUND_VERSION
 ARG AZUREHOUND_VERSION
 
@@ -61,20 +97,19 @@ WORKDIR /tmp/azurehound/artifacts
 RUN 7z a -tzip -mx9 azurehound-$AZUREHOUND_VERSION.zip azurehound-*
 RUN sha256sum azurehound-$AZUREHOUND_VERSION.zip > azurehound-$AZUREHOUND_VERSION.zip.sha256
 
-FROM docker.io/library/golang:1.23
+########
+# Package Bloodhound
+################
+FROM gcr.io/distroless/static-debian11
 ARG SHARPHOUND_VERSION
 ARG AZUREHOUND_VERSION
-ENV GOFLAGS="-buildvcs=false"
-WORKDIR /bloodhound
-VOLUME [ "/go/pkg/mod" ]
-
-RUN mkdir -p /bhapi/collectors/azurehound /bhapi/collectors/sharphound /bhapi/work
-RUN go install github.com/go-delve/delve/cmd/[email protected]
-RUN go install github.com/air-verse/[email protected]
 
-COPY --from=hound-builder /tmp/sharphound/sharphound-$SHARPHOUND_VERSION.zip /bhapi/collectors/sharphound/
-COPY --from=hound-builder /tmp/sharphound/sharphound-$SHARPHOUND_VERSION.zip.sha256 /bhapi/collectors/sharphound/
-COPY --from=hound-builder /tmp/azurehound/artifacts/azurehound-$AZUREHOUND_VERSION.zip /bhapi/collectors/azurehound/
-COPY --from=hound-builder /tmp/azurehound/artifacts/azurehound-$AZUREHOUND_VERSION.zip.sha256 /bhapi/collectors/azurehound/
+COPY dockerfiles/configs/bloodhound.config.json /bloodhound.config.json
+COPY --from=builder /bloodhound/dist/bhapi /bloodhound
+COPY --from=hound-builder /opt/bloodhound /etc/bloodhound /var/log /
+COPY --from=hound-builder /tmp/sharphound/sharphound-$SHARPHOUND_VERSION.zip /etc/bloodhound/collectors/sharphound/
+COPY --from=hound-builder /tmp/sharphound/sharphound-$SHARPHOUND_VERSION.zip.sha256 /etc/bloodhound/collectors/sharphound/
+COPY --from=hound-builder /tmp/azurehound/artifacts/azurehound-$AZUREHOUND_VERSION.zip /etc/bloodhound/collectors/azurehound/
+COPY --from=hound-builder /tmp/azurehound/artifacts/azurehound-$AZUREHOUND_VERSION.zip.sha256 /etc/bloodhound/collectors/azurehound/
 
-ENTRYPOINT ["air"]
+ENTRYPOINT ["/bloodhound", "-configfile", "/bloodhound.config.json"]