feat: generate RPM packages for CentOS 7, Rocky Linux 8/9/10
- Update Dockerfile.package to build RPMs for multiple distributions using a unified fpm-based approach - Add RPM maintainer scripts (postinst, prerm, postrm) for proper installation and service management - Update ja4sentinel.spec for CentOS 7+ compatibility - Add packaging/systemd/config.yml as default configuration - Update test-rpm.sh to test installation on all 4 target distributions - Fix CentOS 7 repository configuration (EOL - vault.centos.org) Generated RPMs: - el7: CentOS 7 (libpcap >= 1.4.0) - el8: Rocky Linux 8 (libpcap >= 1.9.0) - el9: Rocky Linux 9 (libpcap >= 1.9.0) - el10: AlmaLinux 10 / Rocky Linux 10 (libpcap >= 1.9.0) Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
This commit is contained in:
Jacquin Antoine
@ -1,6 +1,6 @@
|
||||
# syntax=docker/dockerfile:1
|
||||
# =============================================================================
|
||||
# ja4sentinel - Dockerfile de packaging unifié (DEB + RPM avec fpm)
|
||||
# ja4sentinel - Dockerfile de packaging unifié (DEB + RPM pour CentOS 7, Rocky 8/9/10)
|
||||
# =============================================================================
|
||||
|
||||
# =============================================================================
|
||||
@ -35,9 +35,9 @@ RUN mkdir -p dist && \
|
||||
./cmd/ja4sentinel
|
||||
|
||||
# =============================================================================
|
||||
# Stage 2: Package builder - fpm pour DEB et RPM
|
||||
# Stage 2: Package builder - fpm pour DEB
|
||||
# =============================================================================
|
||||
FROM ruby:3.2-bookworm AS package-builder
|
||||
FROM ruby:3.2-bookworm AS deb-builder
|
||||
|
||||
WORKDIR /package
|
||||
|
||||
@ -48,7 +48,7 @@ RUN apt-get update && apt-get install -y --no-install-recommends \
|
||||
fakeroot \
|
||||
libpcap-dev \
|
||||
&& rm -rf /var/lib/apt/lists/* \
|
||||
&& gem install fpm -v 1.16.0
|
||||
&& gem install fpm -v 1.16.0 --no-document
|
||||
|
||||
# Copy binary from builder
|
||||
COPY --from=builder /build/dist/ja4sentinel /tmp/pkgroot/usr/bin/ja4sentinel
|
||||
@ -102,14 +102,78 @@ RUN mkdir -p /packages/deb && \
|
||||
var/log/ja4sentinel \
|
||||
var/run/ja4sentinel
|
||||
|
||||
# Build RPM package
|
||||
ARG DIST=el9
|
||||
RUN mkdir -p /packages/rpm && \
|
||||
# =============================================================================
|
||||
# Stage 3: RPM Builder - Universal builder with fpm installed
|
||||
# Using ruby:3.2-bookworm as base for fpm, builds all RPM variants
|
||||
# =============================================================================
|
||||
FROM ruby:3.2-bookworm AS rpm-builder
|
||||
|
||||
WORKDIR /package
|
||||
|
||||
# Install fpm and rpm tools
|
||||
RUN apt-get update && apt-get install -y --no-install-recommends \
|
||||
rpm \
|
||||
rpm-common \
|
||||
&& rm -rf /var/lib/apt/lists/* \
|
||||
&& gem install fpm -v 1.16.0 --no-document
|
||||
|
||||
# Copy binary from Go builder
|
||||
COPY --from=builder /build/dist/ja4sentinel /tmp/pkgroot/usr/bin/ja4sentinel
|
||||
COPY --from=builder /build/packaging/systemd/ja4sentinel.service /tmp/pkgroot/usr/lib/systemd/system/ja4sentinel.service
|
||||
COPY --from=builder /build/packaging/systemd/config.yml /tmp/pkgroot/etc/ja4sentinel/config.yml.default
|
||||
COPY --from=builder /build/packaging/systemd/config.yml /tmp/pkgroot/usr/share/ja4sentinel/config.yml
|
||||
COPY packaging/rpm/postinst /tmp/scripts/postinst
|
||||
COPY packaging/rpm/prerm /tmp/scripts/prerm
|
||||
COPY packaging/rpm/postrm /tmp/scripts/postrm
|
||||
|
||||
# Create directories and set permissions
|
||||
RUN mkdir -p /tmp/pkgroot/var/lib/ja4sentinel && \
|
||||
mkdir -p /tmp/pkgroot/var/log/ja4sentinel && \
|
||||
mkdir -p /tmp/pkgroot/var/run/ja4sentinel && \
|
||||
chmod 755 /tmp/pkgroot/usr/bin/ja4sentinel && \
|
||||
chmod 644 /tmp/pkgroot/usr/lib/systemd/system/ja4sentinel.service && \
|
||||
chmod 640 /tmp/pkgroot/etc/ja4sentinel/config.yml.default && \
|
||||
chmod 640 /tmp/pkgroot/usr/share/ja4sentinel/config.yml && \
|
||||
chmod 750 /tmp/pkgroot/var/lib/ja4sentinel && \
|
||||
chmod 750 /tmp/pkgroot/var/log/ja4sentinel && \
|
||||
chmod 750 /tmp/pkgroot/var/run/ja4sentinel && \
|
||||
chmod 750 /tmp/pkgroot/etc/ja4sentinel && \
|
||||
chmod 755 /tmp/scripts/*
|
||||
|
||||
# Build RPM for CentOS 7 (el7)
|
||||
ARG VERSION=1.0.0
|
||||
RUN mkdir -p /packages/rpm/el7 && \
|
||||
fpm -s dir -t rpm \
|
||||
-n ja4sentinel \
|
||||
-v "${VERSION}" \
|
||||
-C /tmp/pkgroot \
|
||||
--architecture "x86_64" \
|
||||
--rpm-dist el7 \
|
||||
--description "JA4 TLS fingerprinting daemon for network monitoring" \
|
||||
--url "https://github.com/your-repo/ja4sentinel" \
|
||||
--license "MIT" \
|
||||
--vendor "JA4Sentinel Team <team@example.com>" \
|
||||
--depends "systemd" \
|
||||
--depends "libpcap >= 1.4.0" \
|
||||
--after-install /tmp/scripts/postinst \
|
||||
--before-remove /tmp/scripts/prerm \
|
||||
--after-remove /tmp/scripts/postrm \
|
||||
-p /packages/rpm/el7/ja4sentinel-${VERSION}-1.el7.x86_64.rpm \
|
||||
usr/bin/ja4sentinel \
|
||||
etc/ja4sentinel/config.yml.default \
|
||||
usr/share/ja4sentinel/config.yml \
|
||||
var/lib/ja4sentinel \
|
||||
var/log/ja4sentinel \
|
||||
var/run/ja4sentinel
|
||||
|
||||
# Build RPM for Rocky Linux 8 (el8)
|
||||
RUN mkdir -p /packages/rpm/el8 && \
|
||||
fpm -s dir -t rpm \
|
||||
-n ja4sentinel \
|
||||
-v "${VERSION}" \
|
||||
-C /tmp/pkgroot \
|
||||
--architecture "x86_64" \
|
||||
--rpm-dist el8 \
|
||||
--description "JA4 TLS fingerprinting daemon for network monitoring" \
|
||||
--url "https://github.com/your-repo/ja4sentinel" \
|
||||
--license "MIT" \
|
||||
@ -119,7 +183,57 @@ RUN mkdir -p /packages/rpm && \
|
||||
--after-install /tmp/scripts/postinst \
|
||||
--before-remove /tmp/scripts/prerm \
|
||||
--after-remove /tmp/scripts/postrm \
|
||||
-p /packages/rpm/ja4sentinel-${VERSION}-1.x86_64.rpm \
|
||||
-p /packages/rpm/el8/ja4sentinel-${VERSION}-1.el8.x86_64.rpm \
|
||||
usr/bin/ja4sentinel \
|
||||
etc/ja4sentinel/config.yml.default \
|
||||
usr/share/ja4sentinel/config.yml \
|
||||
var/lib/ja4sentinel \
|
||||
var/log/ja4sentinel \
|
||||
var/run/ja4sentinel
|
||||
|
||||
# Build RPM for Rocky Linux 9 (el9)
|
||||
RUN mkdir -p /packages/rpm/el9 && \
|
||||
fpm -s dir -t rpm \
|
||||
-n ja4sentinel \
|
||||
-v "${VERSION}" \
|
||||
-C /tmp/pkgroot \
|
||||
--architecture "x86_64" \
|
||||
--rpm-dist el9 \
|
||||
--description "JA4 TLS fingerprinting daemon for network monitoring" \
|
||||
--url "https://github.com/your-repo/ja4sentinel" \
|
||||
--license "MIT" \
|
||||
--vendor "JA4Sentinel Team <team@example.com>" \
|
||||
--depends "systemd" \
|
||||
--depends "libpcap >= 1.9.0" \
|
||||
--after-install /tmp/scripts/postinst \
|
||||
--before-remove /tmp/scripts/prerm \
|
||||
--after-remove /tmp/scripts/postrm \
|
||||
-p /packages/rpm/el9/ja4sentinel-${VERSION}-1.el9.x86_64.rpm \
|
||||
usr/bin/ja4sentinel \
|
||||
etc/ja4sentinel/config.yml.default \
|
||||
usr/share/ja4sentinel/config.yml \
|
||||
var/lib/ja4sentinel \
|
||||
var/log/ja4sentinel \
|
||||
var/run/ja4sentinel
|
||||
|
||||
# Build RPM for AlmaLinux 10 (el10) - compatible with Rocky Linux 10
|
||||
RUN mkdir -p /packages/rpm/el10 && \
|
||||
fpm -s dir -t rpm \
|
||||
-n ja4sentinel \
|
||||
-v "${VERSION}" \
|
||||
-C /tmp/pkgroot \
|
||||
--architecture "x86_64" \
|
||||
--rpm-dist el10 \
|
||||
--description "JA4 TLS fingerprinting daemon for network monitoring" \
|
||||
--url "https://github.com/your-repo/ja4sentinel" \
|
||||
--license "MIT" \
|
||||
--vendor "JA4Sentinel Team <team@example.com>" \
|
||||
--depends "systemd" \
|
||||
--depends "libpcap >= 1.9.0" \
|
||||
--after-install /tmp/scripts/postinst \
|
||||
--before-remove /tmp/scripts/prerm \
|
||||
--after-remove /tmp/scripts/postrm \
|
||||
-p /packages/rpm/el10/ja4sentinel-${VERSION}-1.el10.x86_64.rpm \
|
||||
usr/bin/ja4sentinel \
|
||||
etc/ja4sentinel/config.yml.default \
|
||||
usr/share/ja4sentinel/config.yml \
|
||||
@ -128,12 +242,15 @@ RUN mkdir -p /packages/rpm && \
|
||||
var/run/ja4sentinel
|
||||
|
||||
# =============================================================================
|
||||
# Stage 3: Output - Image finale avec les packages
|
||||
# Stage 4: Output - Image finale avec les packages
|
||||
# =============================================================================
|
||||
FROM alpine:latest AS output
|
||||
|
||||
WORKDIR /packages
|
||||
COPY --from=package-builder /packages/deb/*.deb /packages/deb/
|
||||
COPY --from=package-builder /packages/rpm/*.rpm /packages/rpm/
|
||||
COPY --from=deb-builder /packages/deb/*.deb /packages/deb/
|
||||
COPY --from=rpm-builder /packages/rpm/el7/*.rpm /packages/rpm/el7/
|
||||
COPY --from=rpm-builder /packages/rpm/el8/*.rpm /packages/rpm/el8/
|
||||
COPY --from=rpm-builder /packages/rpm/el9/*.rpm /packages/rpm/el9/
|
||||
COPY --from=rpm-builder /packages/rpm/el10/*.rpm /packages/rpm/el10/
|
||||
|
||||
CMD ["sh", "-c", "echo '=== DEB Packages ===' && ls -la /packages/deb/ && echo '' && echo '=== RPM Packages ===' && ls -la /packages/rpm/"]
|
||||
CMD ["sh", "-c", "echo '=== DEB Packages ===' && ls -la /packages/deb/ && echo '' && echo '=== RPM Packages (el7) ===' && ls -la /packages/rpm/el7/ && echo '' && echo '=== RPM Packages (el8) ===' && ls -la /packages/rpm/el8/ && echo '' && echo '=== RPM Packages (el9) ===' && ls -la /packages/rpm/el9/ && echo '' && echo '=== RPM Packages (el10) ===' && ls -la /packages/rpm/el10/"]
|
||||
|
||||
Reference in New Issue
Block a user