feat(docker): updating Bulwark to run from docker

Bulwark will now feature docker-compose for a full localized setup. #245
softrams · Oct 7, 2020 · b983c52 · b983c52
1 parent 783ce03
commit b983c52
Show file tree

Hide file tree

Showing 4 changed files with 91 additions and 1 deletion.
diff --git a/Dockerfile b/Dockerfile
@@ -0,0 +1,31 @@
+FROM skewled/bulwark-base:6.0.0
+
+# Stage the setup to launch Bulwark
+RUN mkdir -p /bulwark
+COPY . /bulwark
+WORKDIR "bulwark"
+
+# Permissions for Bulwark
+RUN chown -R bulwark:bulwark /bulwark
+
+# DB Wait MySQL Status Up, requires mysql-client
+RUN apk add --no-cache mysql-client
+
+# Runas User
+USER bulwark
+
+# Bulwark Specific Startup
+RUN npm install \
+    && cd frontend \
+    && npm install \
+    && cd .. \
+    && npm run build
+
+# Cleanup NPM to save some space
+RUN rm -rf /bulwark/.npm
+
+# Running Port
+EXPOSE 5000
+
+# Launch Bulwark
+CMD ["npm", "start"]
diff --git a/docker-compose.yml b/docker-compose.yml
@@ -0,0 +1,57 @@
+version: '3.8'
+services:
+  bulwark:
+    image: skewled/bulwark:6.0.0
+    container_name: bulwark
+    depends_on:
+      - bulwark-db
+    networks:
+      static-network:
+        ipv4_address: 172.16.16.2
+    ports:
+      - '5000:5000'
+    expose:
+      - '5000'
+    stop_grace_period: 1m
+    volumes:
+      - bulwark-temp:/bulwark/src/temp:rw
+    command: >
+      sh -c "
+      until mysql --host=172.16.16.3 --user=root --password=bulwark --database=mysql -e 'SELECT user FROM user;'; do
+        >&2 echo MySQL is unavailable - sleeping
+        sleep 1
+      done
+      && echo MySQL should be up - starting up Bulwark.
+      && echo Initial DB Creation
+      && npm run migration:init
+      && npm run migration:run
+      && npm run start"
+
+  bulwark-db:
+    image: mysql:5.7.31
+    container_name: bulwark_db
+    environment:
+      MYSQL_DATABASE: "${DB_NAME}"
+      MYSQL_USER: "${DB_USERNAME}"
+      MYSQL_PASSWORD: "${DB_PASSWORD}"
+      MYSQL_ROOT_PASSWORD: "${DB_PASSWORD}"
+    networks:
+      static-network:
+        ipv4_address: 172.16.16.3
+    ports:
+      - '3306:3306'
+    expose:
+      - '3306'
+    volumes:
+      - bulwark-db:/var/lib/mysql:rw
+    restart: always
+
+volumes:
+  bulwark-db:
+  bulwark-temp:
+
+networks:
+  static-network:
+    ipam:
+      config:
+        - subnet: 172.16.16.0/16
diff --git a/package.json b/package.json
@@ -19,6 +19,8 @@
     "migration:generate": "typeorm migration:generate -n Refactor && rimraf dist && tsc",
     "migration:create": "typeorm migration:create -n newInit && rimraf dist && tsc",
     "migration:revert": "typeorm migration:revert",
+    "tsc": "rimraf dist && tsc && npm start",
+    "docker": "rimraf dist && tsc && cd frontend && npm run-script build --aot --prod",
     "lint": "tslint --project . && cd frontend && npm run-script lint",
     "lint:fix": "tslint --fix --project . && cd frontend && npm run-script lint --fix=true",
     "release": "standard-version",

diff --git a/src/utilities/puppeteer.utility.ts b/src/utilities/puppeteer.utility.ts
@@ -21,7 +21,7 @@ export const generateReport = async (req: UserRequest, res: Response) => {
       : `${process.env.DEV_URL}/#/organization/${req.body.orgId}
           /asset/${req.body.assetId}/assessment/${req.body.assessmentId}/report/puppeteer`;
   const browser = await puppeteer.launch({
-    args: ['--no-sandbox', '--disable-setuid-sandbox']
+    args: ['--no-sandbox', '--disable-setuid-sandbox'],
   });
   const page = await browser.newPage();
   const filePath = path.join(__dirname, '../temp/temp_report.pdf');