https://github.com/TCATools/ 的部分镜像
现在镜像的是java软件分析的部分
https://github.com/TCATools/common-cobra-v2.0.0-alpha.5.git
https://github.com/TCATools/puppy-tools-config.git
腾讯开源代码分析软件 https://github.com/Tencent/CodeAnalysis 依赖的分析软件的 https://github.com/TCATools 的镜像地址
1 克隆这个后 https://github.com/Tencent/CodeAnalysis ,compose_init.sh运行服务端
【windows机器上运行的话,只要安装docker desktop和git bash后,直接运行compose_init.sh即可】
注意:
由于这个运行需要构建镜像,国内源比较慢的话,可以在compose_init.sh中开头添加如下几句:
cp -f ./sources.list ./server/projects/analysis
cp -f ./sources.list ./server/projects/file
cp -f ./sources.list ./server/projects/login
cp -f ./sources.list ./server/projects/main
cp -f ./sources.list ./server/projects/scmproxy
sources.list的内容如下:
deb https://mirrors.tuna.tsinghua.edu.cn/debian/ bullseye main non-free contrib
#deb-src https://mirrors.tuna.tsinghua.edu.cn/debian/ bullseye main non-free contrib
deb https://mirrors.tuna.tsinghua.edu.cn/debian-security/ bullseye-security main
#deb-src https://mirrors.tuna.tsinghua.edu.cn/debian-security/ bullseye-security main
deb https://mirrors.tuna.tsinghua.edu.cn/debian/ bullseye-updates main non-free contrib
#deb-src https://mirrors.tuna.tsinghua.edu.cn/debian/ bullseye-updates main non-free contrib
deb https://mirrors.tuna.tsinghua.edu.cn/debian/ bullseye-backports main non-free contrib
#deb-src https://mirrors.tuna.tsinghua.edu.cn/debian/ bullseye-backports main non-free contrib
同时server\dockerconfs\Dockerfile-common中RUN set -ex && cd前面增加
COPY ./sources.list /etc/apt/sources.list
2 在其客户端client/config.ini中设置类似如下:
[COMMON]
; [必填]工具配置库git地址
; TOOL_CONFIG_URL=https://hub.fastgit.org/TCATools/puppy-tools-config.git
TOOL_CONFIG_URL=https://gitee.com/TCATools/puppy-tools-config.git
; [可选]是否使用本地工具目录,默认为False,如果设置为True,不从git拉取(需要事先准备好工具,存放到client/data/tools目录下)
USE_LOCAL_TOOL=False
此时运行客户端的话,就不再从github.com下载代码分析工具了,而是从这里下载
如下是和服务端加入一个网络的容器设置模式
客户端镜像构建
FROM python:3.7.12-slim
#肯能用不了这么多的软件包,为了快速构建使用server的构建缓存,保留一致
ARG EXTRA_TOOLS="gnupg curl wget jq vim-tiny net-tools procps python3-dev default-libmysqlclient-dev locales inotify-tools gcc subversion git telnet iputils-ping vim openssh-client"
COPY ./sources.list /etc/apt/sources.list
RUN set -ex && cd / \
&& apt-get update \
&& apt-get install -y --no-install-recommends $EXTRA_TOOLS \
&& apt-get update \
&& apt-get install -y mariadb-client \
&& apt-get clean \
&& echo "LC_ALL=zh_CN.UTF-8" >> /etc/environment \
&& echo "zh_CN.UTF-8 UTF-8" > /etc/locale.gen \
&& echo "LANG=zh_CN.UTF-8" > /etc/locale.conf \
&& locale-gen \
&& ln -sf /usr/share/zoneinfo/Asia/Hong_Kong /etc/localtime \
&& rm -rf /var/cache/apt/* /root/.cache
COPY ./client /opt/client
RUN apt-get install -y flex bison #phantomjs
# https://phantomjs.org/download.html 下载 phantomjs
# docker cp .\pkg\phantomjs tca-client:/usr/bin/
COPY ./pkg/phantomjs /usr/bin/phantomjs
RUN apt-get install -y bzip2 fontconfig && \
chmod +x /usr/bin/phantomjs && \
echo "export OPENSSL_CONF=/etc/ssl/" >> /etc/profile
RUN pip install -i https://pypi.tuna.tsinghua.edu.cn/simple -r /opt/client/requirements/app_reqs.pip
#cobra
RUN pip install -i https://pypi.tuna.tsinghua.edu.cn/simple -r /opt/client/requirements/tool/cobra_requirements.txt
# https://hub.fastgit.org/Tencent/CodeAnalysis/issues/42
#RUN /opt/client/requirements/install.sh && \
RUN pip install -i https://mirrors.aliyun.com/pypi/simple pylint semgrep && \
mkdir -p /opt/code
RUN ln -s /usr/lib/x86_64-linux-gnu/libffi.so.7 /usr/lib/x86_64-linux-gnu/libffi.so
#TCATools源 切换到 https://gitee.com/TCATools
ADD ./client/puppy-tools-config /opt/client/data/tools/puppy-tools-config
#测试代码
# ADD ./pkg/code.tar.gz /opt
#从https://github.com/TCATools/下载的个工具打包后执行展开放入
# ADD ./pkg/datatool.tar.gz /opt/client/
客户端运行
构建客户端镜像:docker build -t tca-client:2022 -f Dockerfile-client .
使用:docker run -it --name tca-client --network host tca-client:2022 sh
客户端第一次成功运行后,客户端在/opt/client/data/tools目录下后配置好当前使用的工具软件
此时可以修改config.ini的配置
USE_LOCAL_TOOL=True
这样以后再分析时就不用反复检查这些软件了
【容器模式运行时出现无法结束的情况已经提交bug,可以参考 https://github.com/Tencent/CodeAnalysis/issues/86 这个先使用】
