From 777ef61c4b82d225beeb57a9ced0a4a6b5a0b949 Mon Sep 17 00:00:00 2001
From: Tanishq Rupaal <tanishq.rupaal@praetorian.com>
Date: Fri, 10 May 2024 18:53:58 -0500
Subject: [PATCH] fix breaks and re-try arm build

---
 .../sec-build-arm.yml}                        |  4 +--
 security_docker_arm/Dockerfile                | 27 ++++++-------------
 security_docker_main/Dockerfile               | 20 ++++++--------
 worker_docker_main/Dockerfile                 | 11 ++++----
 4 files changed, 23 insertions(+), 39 deletions(-)
 rename .github/{paused-sec-build-arm.yml => workflows/sec-build-arm.yml} (89%)

diff --git a/.github/paused-sec-build-arm.yml b/.github/workflows/sec-build-arm.yml
similarity index 89%
rename from .github/paused-sec-build-arm.yml
rename to .github/workflows/sec-build-arm.yml
index c0243be..c5e581c 100644
--- a/.github/paused-sec-build-arm.yml
+++ b/.github/workflows/sec-build-arm.yml
@@ -15,8 +15,8 @@ jobs:
       - name: Checkout
         uses: actions/checkout@v4
       
-      # - name: Set up QEMU
-      #   uses: docker/setup-qemu-action@v3
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
       
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@v3
diff --git a/security_docker_arm/Dockerfile b/security_docker_arm/Dockerfile
index 1ebfe78..f950a6a 100644
--- a/security_docker_arm/Dockerfile
+++ b/security_docker_arm/Dockerfile
@@ -21,7 +21,7 @@ RUN DEBIAN_FRONTEND="noninteractive" apt install -y --no-install-recommends \
     python3-dev python3-pip python3-setuptools ipython3 iproute2 python3-venv
 RUN DEBIAN_FRONTEND="noninteractive" apt install -y --no-install-recommends \
     inetutils-ping inetutils-telnet inetutils-tools inetutils-traceroute inetutils-ftp && \
-    mkdir /opt/executables
+    mkdir /opt/executables && python3 -m pip install --upgrade setuptools wheel pip
 
 COPY --from=intermediate_builder /executables /opt/executables
 COPY --from=intermediate_builder /neovim-linux64.deb /neovim-linux64.deb
@@ -92,7 +92,6 @@ RUN mkdir /opt/lists/ && cd /opt/lists/ && \
     aws/install && \
     rm awscliv2.zip && \
     rm -rf aws && \
-    python3 -m pip install boto3 semgrep uploadserver && \
     mkdir /root/.aws && \
     touch /root/.aws/credentials && \
     touch /root/.aws/config && \
@@ -104,23 +103,14 @@ RUN mkdir /opt/lists/ && cd /opt/lists/ && \
     rm $(ls | grep "google.*\.tar\.gz") && \
     google-cloud-sdk/install.sh -q && \
     echo "[ -f /root/google-cloud-sdk/path.zsh.inc ] && source /root/google-cloud-sdk/path.zsh.inc" >> /root/.zshrc && \
-    echo "[ -f /root/google-cloud-sdk/completion.zsh.inc ] && source /root/google-cloud-sdk/completion.zsh.inc" >> /root/.zshrc
-
-RUN curl -sL https://aka.ms/InstallAzureCLIDeb | bash && \
-    cd / && \
-    curl https://raw.githubusercontent.com/rapid7/metasploit-omnibus/master/config/templates/metasploit-framework-wrappers/msfupdate.erb > msfinstall && \
-    chmod 755 msfinstall && \
-    ./msfinstall && \
-    rm msfinstall && \
-    git clone --depth=1 https://gitlab.com/exploit-database/exploitdb.git /opt/exploit-database && \
-    ln -sf /opt/exploit-database/searchsploit /usr/local/bin/searchsploit
+    echo "[ -f /root/google-cloud-sdk/completion.zsh.inc ] && source /root/google-cloud-sdk/completion.zsh.inc" >> /root/.zshrc && \
+    curl -sL https://aka.ms/InstallAzureCLIDeb | bash
 
 # ============================================================================================================
 # ========================================================================== Tool Installations Part Two =====
 # ============================================================================================================
 
-RUN python3 -m pip install --upgrade setuptools wheel pip && \
-    cd /opt/executables/ && \
+RUN cd /opt/executables/ && \
     curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/arm64/kubectl" && \
     chmod +x kubectl && \
     a=$(curl -s https://api.github.com/repos/powershell/powershell/releases/latest | grep -E "browser_download_url.*" | grep -i "linux-arm64.tar.gz" | cut -d '"' -f4) && \
@@ -129,10 +119,10 @@ RUN python3 -m pip install --upgrade setuptools wheel pip && \
     ln -s /opt/powershell/pwsh /usr/bin/pwsh && \
     cd /opt && git clone --depth 1 https://github.com/drwetter/testssl.sh.git
 
-RUN python3 -m pip install requests && \
+RUN python3 -m venv /opt/pyenv && \
+    . /opt/pyenv/bin/activate && \
+    pip install requests boto3 semgrep && \
     mkdir /opt/pycloudtools && \
-    python3 -m venv /opt/pycloudtools/pycloudenv && \
-    . /opt/pycloudtools/pycloudenv/bin/activate && \
     cd /opt/pycloudtools && \
     git clone --depth=1 https://github.com/nccgroup/ScoutSuite && cd ScoutSuite && \
     pip install --no-cache-dir -r requirements.txt && cd .. && \
@@ -148,7 +138,6 @@ RUN python3 -m pip install requests && \
 # ============================================================================================================
 # ============================================================================================================
 
-RUN python3 -m pip install --upgrade pip setuptools wheel && \
-    DEBIAN_FRONTEND="noninteractive" apt autoclean -y && \
+RUN DEBIAN_FRONTEND="noninteractive" apt autoclean -y && \
     DEBIAN_FRONTEND="noninteractive" apt autoremove -y && \
     echo "PermitRootLogin yes" >> /etc/ssh/sshd_config
diff --git a/security_docker_main/Dockerfile b/security_docker_main/Dockerfile
index 074b07f..83dd561 100644
--- a/security_docker_main/Dockerfile
+++ b/security_docker_main/Dockerfile
@@ -21,7 +21,7 @@ RUN DEBIAN_FRONTEND="noninteractive" apt install -y --no-install-recommends \
     python3-dev python3-pip python3-setuptools ipython3 iproute2 python3-venv
 RUN DEBIAN_FRONTEND="noninteractive" apt install -y --no-install-recommends \
     inetutils-ping inetutils-telnet inetutils-tools inetutils-traceroute inetutils-ftp && \
-    mkdir /opt/executables
+    mkdir /opt/executables && python3 -m pip install --upgrade setuptools wheel pip
 
 COPY --from=intermediate_builder /executables /opt/executables
 COPY --from=intermediate_builder /neovim-linux64.deb /neovim-linux64.deb
@@ -86,14 +86,12 @@ RUN mkdir /opt/lists/ && cd /opt/lists/ && \
     echo $a && wget "https://golang.org$a" && \
     b=$(echo $a | cut -d "/" -f3) && \
     echo $b && tar -C /usr/local -xzf "$b" && \
-    rm "$b"
-
-RUN curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip" && \
+    rm "$b" && \
+    curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip" && \
     unzip awscliv2.zip && \
     aws/install && \
     rm awscliv2.zip && \
     rm -rf aws && \
-    python3 -m pip install boto3 semgrep uploadserver && \
     mkdir /root/.aws && \
     touch /root/.aws/credentials && \
     touch /root/.aws/config && \
@@ -112,8 +110,7 @@ RUN curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2
 # ========================================================================== Tool Installations Part Two =====
 # ============================================================================================================
 
-RUN python3 -m pip install --upgrade setuptools wheel pip && \
-    cd /opt/executables/ && \
+RUN cd /opt/executables/ && \
     curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl" && \
     chmod +x kubectl && \
     a=$(curl -s https://api.github.com/repos/powershell/powershell/releases/latest | grep -E "browser_download_url.*" | grep -i "linux-x64.tar.gz" | cut -d '"' -f4) && \
@@ -122,10 +119,10 @@ RUN python3 -m pip install --upgrade setuptools wheel pip && \
     ln -s /opt/powershell/pwsh /usr/bin/pwsh && \
     cd /opt && git clone --depth 1 https://github.com/drwetter/testssl.sh.git
 
-RUN python3 -m pip install requests && \
+RUN python3 -m venv /opt/pyenv && \
+    . /opt/pyenv/bin/activate && \
+    pip install requests boto3 semgrep && \
     mkdir /opt/pycloudtools && \
-    python3 -m venv /opt/pycloudtools/pycloudenv && \
-    . /opt/pycloudtools/pycloudenv/bin/activate && \
     cd /opt/pycloudtools && \
     git clone --depth=1 https://github.com/nccgroup/ScoutSuite && cd ScoutSuite && \
     pip install --no-cache-dir -r requirements.txt && cd .. && \
@@ -141,7 +138,6 @@ RUN python3 -m pip install requests && \
 # ============================================================================================================
 # ============================================================================================================
 
-RUN python3 -m pip install --upgrade pip setuptools wheel && \
-    DEBIAN_FRONTEND="noninteractive" apt autoclean -y && \
+RUN DEBIAN_FRONTEND="noninteractive" apt autoclean -y && \
     DEBIAN_FRONTEND="noninteractive" apt autoremove -y && \
     echo "PermitRootLogin yes" >> /etc/ssh/sshd_config
diff --git a/worker_docker_main/Dockerfile b/worker_docker_main/Dockerfile
index ff54487..3afc94f 100644
--- a/worker_docker_main/Dockerfile
+++ b/worker_docker_main/Dockerfile
@@ -19,7 +19,7 @@ RUN DEBIAN_FRONTEND="noninteractive" apt install -y --no-install-recommends \
 RUN DEBIAN_FRONTEND="noninteractive" apt install -y --no-install-recommends \
     p7zip-full python3 python3-pip python3-setuptools iproute2 python3-venv python3-dev \
     inetutils-ping inetutils-telnet inetutils-tools inetutils-traceroute inetutils-ftp && \
-    mkdir /opt/executables
+    mkdir /opt/executables && python3 -m pip install --upgrade setuptools wheel pip
 
 COPY --from=intermediate_builder /executables /opt/executables
 COPY --from=intermediate_builder /neovim-linux64.deb /neovim-linux64.deb
@@ -76,8 +76,6 @@ RUN cd / && \
     aws/install && \
     rm awscliv2.zip && \
     rm -rf aws && \
-    python3 -m pip install boto3 requests && \
-    python3 -m pip install --upgrade setuptools wheel pip && \
     mkdir /root/.aws && \
     touch /root/.aws/credentials && \
     touch /root/.aws/config && \
@@ -88,13 +86,14 @@ RUN cd / && \
 # ========================================================================== Tool Installations Part Two =====
 # ============================================================================================================
 
-# Empty for now
+RUN python3 -m venv /opt/pyenv && \
+    . /opt/pyenv/bin/activate && \
+    pip install boto3 requests
 
 # ============================================================================================================
 # ============================================================================================================
 # ============================================================================================================
 
-RUN python3 -m pip install --upgrade pip setuptools wheel && \
-    DEBIAN_FRONTEND="noninteractive" apt autoclean -y && \
+RUN DEBIAN_FRONTEND="noninteractive" apt autoclean -y && \
     DEBIAN_FRONTEND="noninteractive" apt autoremove -y && \
     echo "PermitRootLogin yes" >> /etc/ssh/sshd_config