feat: Initial release

.github/dependabot.yml

@@ -0,0 +1,7 @@
+---
+version: 2
+updates:
+  - package-ecosystem: github-actions
+    directory: /
+    schedule:
+      interval: monthly

.github/workflows/release.yml

@@ -0,0 +1,117 @@
+---
+name: Release
+'on':
+  pull_request:
+  push:
+    branches:
+      - main
+  schedule:
+      - cron: "0 7 * * 0"
+
+env:
+  IMAGE_NAME: yaf
+
+jobs:
+
+  # Test the image builds and works correctly.
+  test:
+    name: Test
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Check out the codebase.
+        uses: actions/checkout@v4
+
+      - name: Set up Python 3.
+        uses: actions/setup-python@v5
+        with:
+          python-version: '3.x'
+
+      - name: Install test dependencies.
+        run: pip3 install pytest-testinfra
+
+      - name: Build image.
+        run: docker build -t cmusei/${{ env.IMAGE_NAME }} .
+
+      - name: Run the built image.
+        run: docker run --name=${{ env.IMAGE_NAME }} --entrypoint=/bin/bash -td cmusei/${{ env.IMAGE_NAME }}
+
+      - name: Test the built image.
+        run: py.test --hosts='docker://${{ env.IMAGE_NAME }}'
+
+  # If on main branch, build and release image.
+  release2:
+    name: Release2
+    runs-on: ubuntu-latest
+    needs: test
+    if: github.ref == 'refs/heads/main'
+
+    steps:
+      - uses: actions/checkout@v4
+      - uses: docker/setup-qemu-action@v3
+      - uses: docker/setup-buildx-action@v3
+
+      - name: Login to DockerHub
+        uses: docker/login-action@v3
+        with:
+          username: ${{ secrets.DOCKER_USERNAME }}
+          password: ${{ secrets.DOCKER_PASSWORD }}
+
+      - name: Log in to the Container registry
+        uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Build and push image.
+        uses: docker/build-push-action@v6
+        with:
+          context: ./
+          file: Dockerfile
+          platforms: linux/amd64,linux/arm64
+          push: true
+          tags: |
+            cmusei/${{ env.IMAGE_NAME }}:latest
+            cmusei/${{ env.IMAGE_NAME }}:2
+            cmusei/${{ env.IMAGE_NAME }}:2.16.1
+            ghcr.io/cmu-sei/${{ env.IMAGE_NAME }}:latest
+            ghcr.io/cmu-sei/${{ env.IMAGE_NAME }}:2
+            ghcr.io/cmu-sei/${{ env.IMAGE_NAME }}:2.16.1            
+  release3:
+    name: Release3
+    runs-on: ubuntu-latest
+    needs: test
+    if: github.ref == 'refs/heads/main'
+
+    steps:
+      - uses: actions/checkout@v4
+      - uses: docker/setup-qemu-action@v3
+      - uses: docker/setup-buildx-action@v3
+
+      - name: Login to DockerHub
+        uses: docker/login-action@v3
+        with:
+          username: ${{ secrets.DOCKER_USERNAME }}
+          password: ${{ secrets.DOCKER_PASSWORD }}
+
+      - name: Log in to the Container registry
+        uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Build and push image.
+        uses: docker/build-push-action@v6
+        with:
+          context: ./
+          file: Dockerfile
+          platforms: linux/amd64,linux/arm64
+          push: true
+          build-args: |
+            FIXBUF_VERSION=3
+            YAF_VERSION=3.0.0.alpha4
+          tags: |
+            cmusei/${{ env.IMAGE_NAME }}:3
+            ghcr.io/cmu-sei/${{ env.IMAGE_NAME }}:3             

.gitignore

@@ -0,0 +1,3 @@
+__pycache__/
+inventory
+pytest_junit.xml

Dockerfile

@@ -0,0 +1,59 @@
+ARG FIXBUF_VERSION=2
+FROM cmusei/fixbuf:${FIXBUF_VERSION} AS build
+LABEL maintainer="[email protected]"
+
+ARG YAF_VERSION=2.16.1
+
+# Pre-reqs:
+# curl for downloading
+# build-essentials for build tools
+# ca-certs to download https
+# 
+RUN apt-get update && apt-get install -y --no-install-recommends \
+        curl \
+        build-essential \
+        pkg-config \
+        ca-certificates \
+        libglib2.0-dev \
+        libssl-dev \
+        libpcap-dev \
+        zlib1g-dev \
+        libpcre3-dev \
+        && apt-get clean && \
+        rm -rf /var/lib/apt/lists/*
+
+WORKDIR /netsa
+
+ARG enable_dpi=''
+
+RUN curl https://tools.netsa.cert.org/releases/yaf-$YAF_VERSION.tar.gz | \
+        tar -xz && cd yaf-* && \
+        ./configure --prefix=/netsa ${enable_dpi} \
+        --enable-plugins \
+        --enable-applabel \
+        --with-libfixbuf=/netsa/lib/pkgconfig && \
+        make && \
+        make install && \
+        cd ../ && rm -rf yaf-$YAF_VERSION
+
+FROM debian:11-slim
+LABEL maintainer="[email protected]"
+
+RUN apt-get update && apt-get install -y --no-install-recommends \
+        pkg-config \
+        libglib2.0-0 \
+        libpcap0.8 \
+        zlib1g \
+        libssl1.1 \
+        libpcre3 \
+        && apt-get clean && \
+        rm -rf /var/lib/apt/lists/*
+
+COPY --from=build /netsa/ /netsa/
+
+COPY docker-entrypoint.sh /usr/local/bin/
+RUN ln -s /usr/local/bin/docker-entrypoint.sh /
+
+ENV PATH=$PATH:/netsa/bin
+
+ENTRYPOINT ["docker-entrypoint.sh"]