code_public/ja4sentinel
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Unify packaging: use Docker + fpm for DEB and RPM builds

Browse Source 
- Add Dockerfile.package with multi-stage build (builder, package-builder, output)
- Update Makefile to use new Dockerfile.package for package-deb and package-rpm targets
- Replace dpkg-deb and rpmbuild with fpm for consistent packaging
- Both DEB and RPM packages now built from single Dockerfile

Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
This commit is contained in:
Jacquin Antoine
2026-02-27 15:31:55 +01:00
parent 952c929f55
commit f8dc2d4d82
2 changed files with 152 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

139
Dockerfile.package Normal file
View File

@ -0,0 +1,139 @@
# syntax=docker/dockerfile:1
# =============================================================================
# ja4sentinel - Dockerfile de packaging unifié (DEB + RPM avec fpm)
# =============================================================================
# =============================================================================
# Stage 1: Builder - Compilation du binaire Go
# =============================================================================
FROM golang:1.24-bookworm AS builder
WORKDIR /build
# Install dependencies
RUN apt-get update && apt-get install -y --no-install-recommends \
git \
libpcap-dev \
&& rm -rf /var/lib/apt/lists/*
# Copy go mod files
COPY go.mod go.sum ./
RUN go mod download
# Copy source code
COPY . .
# Build binary for Linux
ARG VERSION=1.0.0
ARG BUILD_TIME=""
ARG GIT_COMMIT=""
RUN mkdir -p dist && \
CGO_ENABLED=1 GOOS=linux GOARCH=amd64 \
go build -buildvcs=false \
-ldflags "-X main.Version=${VERSION} -X main.BuildTime=${BUILD_TIME} -X main.GitCommit=${GIT_COMMIT}" \
-o dist/ja4sentinel \
./cmd/ja4sentinel
# =============================================================================
# Stage 2: Package builder - fpm pour DEB et RPM
# =============================================================================
FROM ruby:3.2-bookworm AS package-builder
WORKDIR /package
# Install fpm and dependencies
RUN apt-get update && apt-get install -y --no-install-recommends \
rpm \
dpkg-dev \
fakeroot \
libpcap-dev \
&& rm -rf /var/lib/apt/lists/* \
&& gem install fpm -v 1.16.0
# Copy binary from builder
COPY --from=builder /build/dist/ja4sentinel /tmp/pkgroot/usr/bin/ja4sentinel
COPY --from=builder /build/packaging/systemd/ja4sentinel.service /tmp/pkgroot/usr/lib/systemd/system/ja4sentinel.service
COPY --from=builder /build/packaging/systemd/config.yml /tmp/pkgroot/etc/ja4sentinel/config.yml.default
COPY --from=builder /build/packaging/systemd/config.yml /tmp/pkgroot/usr/share/ja4sentinel/config.yml
# Create directories and set permissions
RUN mkdir -p /tmp/pkgroot/var/lib/ja4sentinel && \
mkdir -p /tmp/pkgroot/var/log/ja4sentinel && \
mkdir -p /tmp/pkgroot/var/run/ja4sentinel && \
chmod 755 /tmp/pkgroot/usr/bin/ja4sentinel && \
chmod 644 /tmp/pkgroot/usr/lib/systemd/system/ja4sentinel.service && \
chmod 640 /tmp/pkgroot/etc/ja4sentinel/config.yml.default && \
chmod 640 /tmp/pkgroot/usr/share/ja4sentinel/config.yml && \
chmod 750 /tmp/pkgroot/var/lib/ja4sentinel && \
chmod 750 /tmp/pkgroot/var/log/ja4sentinel && \
chmod 750 /tmp/pkgroot/var/run/ja4sentinel && \
chmod 750 /tmp/pkgroot/etc/ja4sentinel
# Copy maintainer scripts
COPY packaging/deb/postinst /tmp/scripts/postinst
COPY packaging/deb/prerm /tmp/scripts/prerm
COPY packaging/deb/postrm /tmp/scripts/postrm
RUN chmod 755 /tmp/scripts/*
# Build DEB package
ARG VERSION=1.0.0
ARG ARCH=amd64
RUN mkdir -p /packages/deb && \
fpm -s dir -t deb \
-n ja4sentinel \
-v "${VERSION}" \
-C /tmp/pkgroot \
--architecture "${ARCH}" \
--description "JA4 TLS fingerprinting daemon for network monitoring" \
--url "https://github.com/your-repo/ja4sentinel" \
--license "MIT" \
--vendor "JA4Sentinel Team <team@example.com>" \
--maintainer "JA4Sentinel Team <team@example.com>" \
--depends "systemd" \
--depends "libpcap0.8" \
--after-install /tmp/scripts/postinst \
--before-remove /tmp/scripts/prerm \
--after-remove /tmp/scripts/postrm \
-p /packages/deb/ja4sentinel_${VERSION}_${ARCH}.deb \
usr/bin/ja4sentinel \
etc/ja4sentinel/config.yml.default \
usr/share/ja4sentinel/config.yml \
var/lib/ja4sentinel \
var/log/ja4sentinel \
var/run/ja4sentinel
# Build RPM package
ARG DIST=el9
RUN mkdir -p /packages/rpm && \
fpm -s dir -t rpm \
-n ja4sentinel \
-v "${VERSION}" \
-C /tmp/pkgroot \
--architecture "x86_64" \
--description "JA4 TLS fingerprinting daemon for network monitoring" \
--url "https://github.com/your-repo/ja4sentinel" \
--license "MIT" \
--vendor "JA4Sentinel Team <team@example.com>" \
--depends "systemd" \
--depends "libpcap >= 1.9.0" \
--after-install /tmp/scripts/postinst \
--before-remove /tmp/scripts/prerm \
--after-remove /tmp/scripts/postrm \
-p /packages/rpm/ja4sentinel-${VERSION}-1.x86_64.rpm \
usr/bin/ja4sentinel \
etc/ja4sentinel/config.yml.default \
usr/share/ja4sentinel/config.yml \
var/lib/ja4sentinel \
var/log/ja4sentinel \
var/run/ja4sentinel
# =============================================================================
# Stage 3: Output - Image finale avec les packages
# =============================================================================
FROM alpine:latest AS output
WORKDIR /packages
COPY --from=package-builder /packages/deb/*.deb /packages/deb/
COPY --from=package-builder /packages/rpm/*.rpm /packages/rpm/
CMD ["sh", "-c", "echo '=== DEB Packages ===' && ls -la /packages/deb/ && echo '' && echo '=== RPM Packages ===' && ls -la /packages/rpm/"]

35
Makefile
View File

@ -94,33 +94,24 @@ fmt:
package: package-deb package-rpm package: package-deb package-rpm
## package-deb: Build DEB package (requires Docker) ## package-deb: Build DEB package (requires Docker)
package-deb: build-linux package-deb:
mkdir -p build/deb mkdir -p build/deb build/rpm
docker build --no-cache -t ja4sentinel-packager-deb \ docker build --target output -t ja4sentinel-packager:latest \
--build-arg VERSION=$(PKG_VERSION) \ --build-arg VERSION=$(PKG_VERSION) \
--build-arg ARCH=amd64 \ -f Dockerfile.package .
-f packaging/Dockerfile.deb . @echo "Extracting packages from Docker image..."
@echo "Extracting DEB packages from Docker image..." @docker run --rm ja4sentinel-packager:latest sh -c 'cp /packages/deb/*.deb /tmp/' && \
@for f in $$(docker run --rm ja4sentinel-packager-deb sh -c 'ls /packages/*.deb 2>/dev/null'); do \ docker cp $$(docker create ja4sentinel-packager:latest):/packages/deb/. build/deb/ && \
docker run --rm ja4sentinel-packager-deb sh -c "cat $$f" > build/deb/$$(basename $$f); \ docker cp $$(docker create ja4sentinel-packager:latest):/packages/rpm/. build/rpm/ || \
done docker run --rm -v $(PWD)/build:/output ja4sentinel-packager:latest sh -c 'cp -r /packages/deb /output/ && cp -r /packages/rpm /output/'
@for f in $$(docker run --rm ja4sentinel-packager-deb sh -c 'ls /packages/*.sha256 2>/dev/null'); do \
docker run --rm ja4sentinel-packager-deb sh -c "cat $$f" > build/deb/$$(basename $$f); \
done || true
@echo "DEB packages created:" @echo "DEB packages created:"
ls -la build/deb/ ls -la build/deb/
@echo "RPM packages created:"
ls -la build/rpm/
## package-rpm: Build RPM package (requires Docker) ## package-rpm: Build RPM package (requires Docker)
package-rpm: build-linux package-rpm: package-deb
mkdir -p build/rpm @echo "RPM built together with DEB in Dockerfile.package"
docker build --no-cache -t ja4sentinel-packager-rpm \
--build-arg VERSION=$(PKG_VERSION) \
--build-arg ARCH=x86_64 \
-f packaging/Dockerfile.rpm .
@echo "Extracting RPM from Docker image..."
docker run --rm ja4sentinel-packager-rpm sh -c 'cat /packages/*.rpm' > build/rpm/ja4sentinel.rpm
@echo "RPM package created: build/rpm/ja4sentinel.rpm"
ls -la build/rpm/*.rpm
## test-package-deb: Test DEB package installation in Docker ## test-package-deb: Test DEB package installation in Docker
test-package-deb: package-deb test-package-deb: package-deb