# syntax=docker/dockerfile:1 # ============================================================================= # ja4sentinel - Dockerfile de packaging RPM (Rocky 8/9/10, AlmaLinux) # CentOS 7 support removed - minimum Rocky Linux 8 # ============================================================================= # ============================================================================= # Stage 1: Builder - Compilation du binaire Go sur Rocky Linux 9 # Using Rocky Linux 9 as builder ensures binary compatibility across all RHEL-based distros # ============================================================================= FROM rockylinux:9 AS builder WORKDIR /build # Install dependencies (Go + libpcap for packet capture) # CRB (CodeReady Builder) repository is required for libpcap-devel RUN dnf install -y epel-release && \ dnf config-manager --set-enabled crb && \ dnf install -y \ golang \ git \ libpcap-devel \ gcc \ make \ && dnf clean all # Copy go mod files COPY go.mod go.sum ./ # Download dependencies RUN go mod download # Copy source code COPY . . # Build binary for Linux # Binary will be dynamically linked but compatible with all RHEL-based distros ARG VERSION=1.0.6 ARG BUILD_TIME="" ARG GIT_COMMIT="" RUN mkdir -p dist && \ CGO_ENABLED=1 GOOS=linux GOARCH=amd64 \ go build -buildvcs=false \ -ldflags "-X main.Version=${VERSION} -X main.BuildTime=${BUILD_TIME} -X main.GitCommit=${GIT_COMMIT}" \ -o dist/ja4sentinel \ ./cmd/ja4sentinel # ============================================================================= # Stage 2: RPM Builder - Build RPM pour Rocky 8/9/10, AlmaLinux using rpmbuild # ============================================================================= FROM rockylinux:9 AS rpm-builder WORKDIR /package # VERSION must be redeclared for each stage that needs it ARG VERSION=1.0.6 # Install rpm-build tools (Rocky Linux 9) RUN dnf install -y \ rpm \ rpm-build \ gcc \ make \ && dnf clean all # Setup rpmbuild directory structure RUN mkdir -p /root/rpmbuild/{BUILD,RPMS,SOURCES,SPECS,SRPMS} # Copy spec file COPY packaging/rpm/ja4sentinel.spec /root/rpmbuild/SPECS/ja4sentinel.spec # Copy binary from Go builder and other files to SOURCES COPY --from=builder /build/dist/ja4sentinel /root/rpmbuild/SOURCES/ja4sentinel COPY packaging/systemd/ja4sentinel.service /root/rpmbuild/SOURCES/ja4sentinel.service COPY packaging/systemd/config.yml /root/rpmbuild/SOURCES/config.yml # Set permissions RUN chmod 755 /root/rpmbuild/SOURCES/ja4sentinel && \ chmod 644 /root/rpmbuild/SOURCES/ja4sentinel.service && \ chmod 640 /root/rpmbuild/SOURCES/config.yml # Build RPM for Rocky Linux 8 (el8) # Note: Requires libpcap at runtime RUN rpmbuild --define "_topdir /root/rpmbuild" \ --define "dist .el8" \ --define "build_version ${VERSION}" \ --target x86_64 \ -bb /root/rpmbuild/SPECS/ja4sentinel.spec && \ mkdir -p /packages/rpm/el8 && \ cp /root/rpmbuild/RPMS/x86_64/*.el8.x86_64.rpm /packages/rpm/el8/ # Build RPM for Rocky Linux 9 (el9) # Note: Requires libpcap at runtime RUN rpmbuild --define "_topdir /root/rpmbuild" \ --define "dist .el9" \ --define "build_version ${VERSION}" \ --target x86_64 \ -bb /root/rpmbuild/SPECS/ja4sentinel.spec && \ mkdir -p /packages/rpm/el9 && \ cp /root/rpmbuild/RPMS/x86_64/*.el9.x86_64.rpm /packages/rpm/el9/ # Build RPM for AlmaLinux 10 (el10) - compatible with Rocky Linux 10 # Note: Requires libpcap at runtime RUN rpmbuild --define "_topdir /root/rpmbuild" \ --define "dist .el10" \ --define "build_version ${VERSION}" \ --target x86_64 \ -bb /root/rpmbuild/SPECS/ja4sentinel.spec && \ mkdir -p /packages/rpm/el10 && \ cp /root/rpmbuild/RPMS/x86_64/*.el10.x86_64.rpm /packages/rpm/el10/ # ============================================================================= # Stage 3: Output - Image finale avec les packages RPM # ============================================================================= FROM alpine:latest AS output WORKDIR /packages COPY --from=rpm-builder /packages/rpm/el8/*.rpm /packages/rpm/el8/ COPY --from=rpm-builder /packages/rpm/el9/*.rpm /packages/rpm/el9/ COPY --from=rpm-builder /packages/rpm/el10/*.rpm /packages/rpm/el10/ CMD ["sh", "-c", "echo '=== RPM Packages (el8 - Rocky 8) ===' && ls -la /packages/rpm/el8/ && echo '' && echo '=== RPM Packages (el9 - Rocky 9) ===' && ls -la /packages/rpm/el9/ && echo '' && echo '=== RPM Packages (el10 - Alma/Rocky 10) ===' && ls -la /packages/rpm/el10/"]