code_public/ja4sentinel
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

refactor: packaging RPM uniquement avec builder Rocky Linux 9
Some checks failed
Build RPM Package / Build RPM Packages (CentOS 7, Rocky 8/9/10) (push) Has been cancelled
Details

Browse Source 
- Suppression complète du support DEB (Debian/Ubuntu)
- Builder Rocky Linux 9 pour compatibilité binaire maximale
- Compilation dynamique avec libpcap comme dépendance runtime
- Activation du dépôt CRB pour libpcap-devel
- RPM générés pour el7, el8, el9, el10
- Mise à jour documentation et workflows GitHub Actions

Fix: erreur 'libpcap.so.0.8: cannot open shared object file' sur Rocky Linux 9

Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
This commit is contained in:
Jacquin Antoine
2026-02-28 18:15:46 +01:00
parent 86649b1630
commit 0be3ea9220
14 changed files with 119 additions and 485 deletions
Download Patch File Download Diff File Expand all files Collapse all files

127
Dockerfile.package
View File

@ -1,29 +1,39 @@
# syntax=docker/dockerfile:1
# =============================================================================
# ja4sentinel - Dockerfile de packaging unifié (DEB + RPM pour CentOS 7, Rocky 8/9/10)
# ja4sentinel - Dockerfile de packaging RPM (CentOS 7, Rocky 8/9/10, AlmaLinux)
# =============================================================================
# =============================================================================
# Stage 1: Builder - Compilation du binaire Go
# Stage 1: Builder - Compilation du binaire Go sur Rocky Linux 9
# Using Rocky Linux 9 as builder ensures binary compatibility across all RHEL-based distros
# =============================================================================
FROM golang:1.24-bookworm AS builder
FROM rockylinux:9 AS builder
WORKDIR /build
# Install dependencies
RUN apt-get update && apt-get install -y --no-install-recommends \
# Install dependencies (Go + libpcap for packet capture)
# CRB (CodeReady Builder) repository is required for libpcap-devel
RUN dnf install -y epel-release && \
dnf config-manager --set-enabled crb && \
dnf install -y \
golang \
git \
libpcap-dev \
&& rm -rf /var/lib/apt/lists/*
libpcap-devel \
gcc \
make \
&& dnf clean all
# Copy go mod files
COPY go.mod go.sum ./
# Download dependencies
RUN go mod download
# Copy source code
COPY . .
# Build binary for Linux
# Binary will be dynamically linked but compatible with all RHEL-based distros
ARG VERSION=1.0.0
ARG BUILD_TIME=""
ARG GIT_COMMIT=""
@ -35,86 +45,22 @@ RUN mkdir -p dist && \
./cmd/ja4sentinel
# =============================================================================
# Stage 2: Package builder - fpm pour DEB
# Stage 2: RPM Builder - Build RPM pour CentOS 7, Rocky 8/9/10, AlmaLinux
# =============================================================================
FROM ruby:3.2-bookworm AS deb-builder
FROM rockylinux:9 AS rpm-builder
WORKDIR /package
# Install fpm and dependencies
RUN apt-get update && apt-get install -y --no-install-recommends \
# Install fpm and rpm tools (Rocky Linux 9)
# fpm does not require libpcap - only needed for building the Go binary
RUN dnf install -y \
rpm \
dpkg-dev \
fakeroot \
libpcap-dev \
&& rm -rf /var/lib/apt/lists/* \
&& gem install fpm -v 1.16.0 --no-document
# Copy binary from builder
COPY --from=builder /build/dist/ja4sentinel /tmp/pkgroot/usr/bin/ja4sentinel
COPY --from=builder /build/packaging/systemd/ja4sentinel.service /tmp/pkgroot/usr/lib/systemd/system/ja4sentinel.service
COPY --from=builder /build/packaging/systemd/config.yml /tmp/pkgroot/etc/ja4sentinel/config.yml.default
COPY --from=builder /build/packaging/systemd/config.yml /tmp/pkgroot/usr/share/ja4sentinel/config.yml
# Create directories and set permissions
RUN mkdir -p /tmp/pkgroot/var/lib/ja4sentinel && \
mkdir -p /tmp/pkgroot/var/log/ja4sentinel && \
mkdir -p /tmp/pkgroot/var/run/ja4sentinel && \
chmod 755 /tmp/pkgroot/usr/bin/ja4sentinel && \
chmod 644 /tmp/pkgroot/usr/lib/systemd/system/ja4sentinel.service && \
chmod 640 /tmp/pkgroot/etc/ja4sentinel/config.yml.default && \
chmod 640 /tmp/pkgroot/usr/share/ja4sentinel/config.yml && \
chmod 750 /tmp/pkgroot/var/lib/ja4sentinel && \
chmod 750 /tmp/pkgroot/var/log/ja4sentinel && \
chmod 750 /tmp/pkgroot/var/run/ja4sentinel && \
chmod 750 /tmp/pkgroot/etc/ja4sentinel
# Copy maintainer scripts
COPY packaging/deb/postinst /tmp/scripts/postinst
COPY packaging/deb/prerm /tmp/scripts/prerm
COPY packaging/deb/postrm /tmp/scripts/postrm
RUN chmod 755 /tmp/scripts/*
# Build DEB package
ARG VERSION=1.0.0
ARG ARCH=amd64
RUN mkdir -p /packages/deb && \
fpm -s dir -t deb \
-n ja4sentinel \
-v "${VERSION}" \
-C /tmp/pkgroot \
--architecture "${ARCH}" \
--description "JA4 TLS fingerprinting daemon for network monitoring" \
--url "https://github.com/your-repo/ja4sentinel" \
--license "MIT" \
--vendor "JA4Sentinel Team <team@example.com>" \
--maintainer "JA4Sentinel Team <team@example.com>" \
--depends "systemd" \
--depends "libpcap0.8" \
--after-install /tmp/scripts/postinst \
--before-remove /tmp/scripts/prerm \
--after-remove /tmp/scripts/postrm \
-p /packages/deb/ja4sentinel_${VERSION}_${ARCH}.deb \
usr/bin/ja4sentinel \
etc/ja4sentinel/config.yml.default \
usr/share/ja4sentinel/config.yml \
var/lib/ja4sentinel \
var/log/ja4sentinel \
var/run/ja4sentinel
# =============================================================================
# Stage 3: RPM Builder - Universal builder with fpm installed
# Using ruby:3.2-bookworm as base for fpm, builds all RPM variants
# =============================================================================
FROM ruby:3.2-bookworm AS rpm-builder
WORKDIR /package
# Install fpm and rpm tools
RUN apt-get update && apt-get install -y --no-install-recommends \
rpm \
rpm-common \
&& rm -rf /var/lib/apt/lists/* \
rpm-build \
ruby \
rubygems \
gcc \
make \
&& dnf clean all \
&& gem install fpm -v 1.16.0 --no-document
# Copy binary from Go builder
@ -141,6 +87,7 @@ RUN mkdir -p /tmp/pkgroot/var/lib/ja4sentinel && \
chmod 755 /tmp/scripts/*
# Build RPM for CentOS 7 (el7)
# Note: Requires libpcap at runtime
ARG VERSION=1.0.0
RUN mkdir -p /packages/rpm/el7 && \
fpm -s dir -t rpm \
@ -154,7 +101,7 @@ RUN mkdir -p /packages/rpm/el7 && \
--license "MIT" \
--vendor "JA4Sentinel Team <team@example.com>" \
--depends "systemd" \
--depends "libpcap >= 1.4.0" \
--depends "libpcap" \
--after-install /tmp/scripts/postinst \
--before-remove /tmp/scripts/prerm \
--after-remove /tmp/scripts/postrm \
@ -167,6 +114,7 @@ RUN mkdir -p /packages/rpm/el7 && \
var/run/ja4sentinel
# Build RPM for Rocky Linux 8 (el8)
# Note: Requires libpcap at runtime
RUN mkdir -p /packages/rpm/el8 && \
fpm -s dir -t rpm \
-n ja4sentinel \
@ -179,7 +127,7 @@ RUN mkdir -p /packages/rpm/el8 && \
--license "MIT" \
--vendor "JA4Sentinel Team <team@example.com>" \
--depends "systemd" \
--depends "libpcap >= 1.9.0" \
--depends "libpcap" \
--after-install /tmp/scripts/postinst \
--before-remove /tmp/scripts/prerm \
--after-remove /tmp/scripts/postrm \
@ -192,6 +140,7 @@ RUN mkdir -p /packages/rpm/el8 && \
var/run/ja4sentinel
# Build RPM for Rocky Linux 9 (el9)
# Note: Requires libpcap at runtime
RUN mkdir -p /packages/rpm/el9 && \
fpm -s dir -t rpm \
-n ja4sentinel \
@ -204,7 +153,7 @@ RUN mkdir -p /packages/rpm/el9 && \
--license "MIT" \
--vendor "JA4Sentinel Team <team@example.com>" \
--depends "systemd" \
--depends "libpcap >= 1.9.0" \
--depends "libpcap" \
--after-install /tmp/scripts/postinst \
--before-remove /tmp/scripts/prerm \
--after-remove /tmp/scripts/postrm \
@ -217,6 +166,7 @@ RUN mkdir -p /packages/rpm/el9 && \
var/run/ja4sentinel
# Build RPM for AlmaLinux 10 (el10) - compatible with Rocky Linux 10
# Note: Requires libpcap at runtime
RUN mkdir -p /packages/rpm/el10 && \
fpm -s dir -t rpm \
-n ja4sentinel \
@ -229,7 +179,7 @@ RUN mkdir -p /packages/rpm/el10 && \
--license "MIT" \
--vendor "JA4Sentinel Team <team@example.com>" \
--depends "systemd" \
--depends "libpcap >= 1.9.0" \
--depends "libpcap" \
--after-install /tmp/scripts/postinst \
--before-remove /tmp/scripts/prerm \
--after-remove /tmp/scripts/postrm \
@ -242,15 +192,14 @@ RUN mkdir -p /packages/rpm/el10 && \
var/run/ja4sentinel
# =============================================================================
# Stage 4: Output - Image finale avec les packages
# Stage 3: Output - Image finale avec les packages RPM
# =============================================================================
FROM alpine:latest AS output
WORKDIR /packages
COPY --from=deb-builder /packages/deb/*.deb /packages/deb/
COPY --from=rpm-builder /packages/rpm/el7/*.rpm /packages/rpm/el7/
COPY --from=rpm-builder /packages/rpm/el8/*.rpm /packages/rpm/el8/
COPY --from=rpm-builder /packages/rpm/el9/*.rpm /packages/rpm/el9/
COPY --from=rpm-builder /packages/rpm/el10/*.rpm /packages/rpm/el10/
CMD ["sh", "-c", "echo '=== DEB Packages ===' && ls -la /packages/deb/ && echo '' && echo '=== RPM Packages (el7) ===' && ls -la /packages/rpm/el7/ && echo '' && echo '=== RPM Packages (el8) ===' && ls -la /packages/rpm/el8/ && echo '' && echo '=== RPM Packages (el9) ===' && ls -la /packages/rpm/el9/ && echo '' && echo '=== RPM Packages (el10) ===' && ls -la /packages/rpm/el10/"]
CMD ["sh", "-c", "echo '=== RPM Packages (el7 - CentOS 7) ===' && ls -la /packages/rpm/el7/ && echo '' && echo '=== RPM Packages (el8 - Rocky 8) ===' && ls -la /packages/rpm/el8/ && echo '' && echo '=== RPM Packages (el9 - Rocky 9) ===' && ls -la /packages/rpm/el9/ && echo '' && echo '=== RPM Packages (el10 - Alma/Rocky 10) ===' && ls -la /packages/rpm/el10/"]