OneFuzz CLI Docker container (#1831)

* OneFuzz CLI Docker container * Update docs/OneFuzz-Docker-CLI.md Co-authored-by: Joe Ranweiler <joe@lemma.co> Co-authored-by: stas <statis@microsoft.com> Co-authored-by: Joe Ranweiler <joe@lemma.co>
2025-06-12 01:58:18 +00:00 · 2022-04-22 13:53:16 -07:00
parent ddc415c91e
commit ae85d81d76
2 changed files with 82 additions and 0 deletions
--- a/docs/OneFuzz-Docker-CLI.md
+++ b/docs/OneFuzz-Docker-CLI.md
@ -0,0 +1,33 @@
 # OneFuzz CLI in a Docker container
 ## Using official release Docker container
 TODO
 ## Building your own Docker container
 Docker file is located in `src` folder.
 To buid your own OneFuzz CLI Docker container use following command from `src` folder
 ```
 docker build . --tag <CONTAINER_TAG> --build-arg REPO=<GITHUB_REPO> --build-arg PR=<PR> --build-arg GITHUB_TOKEN=<GITHUB_TOKEN>
 ```
 where
 - <CONTAINER_TAG> - container image tag, it's an optional parameter. It will be used later in the document to explain how to run the container.
 - <GITHUB_REPO> - GitHub repository that contains a successfully build pull request that will be used for creating Docker container.
 - <PR> - GitHub pull request number that contains build artifacts to use to create Docker container.
 - <GITHUB_TOKEN> - In GitHub, generate a personal access token (PAT) with the `public_repo` scope.
   You may need to enable SSO for the token, depending on the org that your OneFuzz fork belongs to.
 ## Running OneFuzz CLI Docker container
 There are three different scenarios that get enabled with OneFuzz CLI Docker container
 1. To have a new OneFuzz CLI session where you need to configure and authenticate every time on Docker container startup use following command `docker run -it <CONTAINER_TAG>`.
 2. If you have used OneFuzz CLI in your dev environment, and want to re-use configuration and authentication cache. Run following command (PowerShell example)  `docker run -it -v $env:USERPROFILE\.cache\onefuzz:/root/.cache/onefuzz <CONTAINER_TAG>`. It will mount your OneFuzz cache folder into OneFuzz CLI Docker container.
 3. If you have several OneFuzz deployments. You can store OneFuzz configuration per deployment in your dev environment by creating a different folder for each OneFuzz deployment and then mounting that folder as OneFuzz CLI cache when running the Docker container.
 `docker run -it -v <ONEFUZZ_CONFIG_FOLDER>:/root/.cache/onefuzz <CONTAINER_TAG>`
--- a/src/Dockerfile
+++ b/src/Dockerfile
@ -0,0 +1,49 @@
 # Copyright (c) Microsoft Corporation.
 # Licensed under the MIT License.
 # Dockerized OneFuzz CLI
 FROM ubuntu:20.04 AS installer-env
 # Pull Request that contains OneFuzz release-artifacts
 # used to create the Docker container
 ARG PR
 ARG GITHUB_TOKEN
 ARG REPO="microsoft/onefuzz"
 ENV GITHUB_ISSUE_TOKEN=${GITHUB_TOKEN}
 RUN apt-get update && \
    apt-get install --yes --quiet curl \
        unzip \
        python3 \
        python3-pip \
        wget \
        && \
    pip3 install PyGithub && \
    mkdir onefuzz-prep
 RUN wget https://aka.ms/downloadazcopy-v10-linux && \
    tar -xvf downloadazcopy-v10-linux
 COPY "./utils/check-pr/github_client.py" "/onefuzz-prep"
 RUN python3 /onefuzz-prep/github_client.py --destination /onefuzz-prep/ --pr ${PR} --repo ${REPO} && \
    unzip /onefuzz-prep/release-artifacts.zip -d /onefuzz-prep 
 FROM ubuntu:20.04
 COPY --from=installer-env ["/onefuzz-prep/sdk", "/onefuzz-sdk"]
 COPY --from=installer-env ["/azcopy_linux_amd64_*/azcopy", "/usr/bin"]
 RUN apt-get update && \
    apt-get install --yes --quiet \
        python3 \
        python3-pip \
        python-is-python3
 RUN pip install /onefuzz-sdk/onefuzztypes-*.whl && \
    pip install /onefuzz-sdk/onefuzz-*.whl
 CMD onefuzz --help && /bin/bash