OneFuzz CLI Docker container (#1831)

* OneFuzz CLI Docker container * Update docs/OneFuzz-Docker-CLI.md Co-authored-by: Joe Ranweiler <joe@lemma.co> Co-authored-by: stas <statis@microsoft.com> Co-authored-by: Joe Ranweiler <joe@lemma.co>
2025-06-10 17:21:34 +00:00 · 2022-04-22 13:53:16 -07:00 · 2022-04-22 13:53:16 -07:00 · ae85d81d76
commit ae85d81d76
parent ddc415c91e
2 changed files with 82 additions and 0 deletions
--- a/docs/OneFuzz-Docker-CLI.md
+++ b/docs/OneFuzz-Docker-CLI.md
@ -0,0 +1,33 @@
+# OneFuzz CLI in a Docker container
+
+## Using official release Docker container
+TODO
+
+## Building your own Docker container
+
+Docker file is located in `src` folder.
+
+To buid your own OneFuzz CLI Docker container use following command from `src` folder
+```
+docker build . --tag <CONTAINER_TAG> --build-arg REPO=<GITHUB_REPO> --build-arg PR=<PR> --build-arg GITHUB_TOKEN=<GITHUB_TOKEN>
+```
+where
+
+- <CONTAINER_TAG> - container image tag, it's an optional parameter. It will be used later in the document to explain how to run the container.
+
+- <GITHUB_REPO> - GitHub repository that contains a successfully build pull request that will be used for creating Docker container.
+- <PR> - GitHub pull request number that contains build artifacts to use to create Docker container.
+- <GITHUB_TOKEN> - In GitHub, generate a personal access token (PAT) with the `public_repo` scope.
+   You may need to enable SSO for the token, depending on the org that your OneFuzz fork belongs to.
+
+
+## Running OneFuzz CLI Docker container
+
+There are three different scenarios that get enabled with OneFuzz CLI Docker container
+
+1. To have a new OneFuzz CLI session where you need to configure and authenticate every time on Docker container startup use following command `docker run -it <CONTAINER_TAG>`.
+
+2. If you have used OneFuzz CLI in your dev environment, and want to re-use configuration and authentication cache. Run following command (PowerShell example)  `docker run -it -v $env:USERPROFILE\.cache\onefuzz:/root/.cache/onefuzz <CONTAINER_TAG>`. It will mount your OneFuzz cache folder into OneFuzz CLI Docker container.
+
+3. If you have several OneFuzz deployments. You can store OneFuzz configuration per deployment in your dev environment by creating a different folder for each OneFuzz deployment and then mounting that folder as OneFuzz CLI cache when running the Docker container.
+`docker run -it -v <ONEFUZZ_CONFIG_FOLDER>:/root/.cache/onefuzz <CONTAINER_TAG>`
--- a/src/Dockerfile
+++ b/src/Dockerfile
@ -0,0 +1,49 @@
+# Copyright (c) Microsoft Corporation.
+# Licensed under the MIT License.
+
+# Dockerized OneFuzz CLI
+
+FROM ubuntu:20.04 AS installer-env
+
+# Pull Request that contains OneFuzz release-artifacts
+# used to create the Docker container
+ARG PR
+ARG GITHUB_TOKEN
+ARG REPO="microsoft/onefuzz"
+
+ENV GITHUB_ISSUE_TOKEN=${GITHUB_TOKEN}
+
+RUN apt-get update && \
+    apt-get install --yes --quiet curl \
+        unzip \
+        python3 \
+        python3-pip \
+        wget \
+        && \
+    pip3 install PyGithub && \
+    mkdir onefuzz-prep
+
+RUN wget https://aka.ms/downloadazcopy-v10-linux && \
+    tar -xvf downloadazcopy-v10-linux
+
+
+COPY "./utils/check-pr/github_client.py" "/onefuzz-prep"
+RUN python3 /onefuzz-prep/github_client.py --destination /onefuzz-prep/ --pr ${PR} --repo ${REPO} && \
+    unzip /onefuzz-prep/release-artifacts.zip -d /onefuzz-prep 
+
+
+FROM ubuntu:20.04
+
+COPY --from=installer-env ["/onefuzz-prep/sdk", "/onefuzz-sdk"]
+COPY --from=installer-env ["/azcopy_linux_amd64_*/azcopy", "/usr/bin"]
+
+RUN apt-get update && \
+    apt-get install --yes --quiet \
+        python3 \
+        python3-pip \
+        python-is-python3
+
+RUN pip install /onefuzz-sdk/onefuzztypes-*.whl && \
+    pip install /onefuzz-sdk/onefuzz-*.whl
+
+CMD onefuzz --help && /bin/bash