3.1 Release from OWASP/dev #439

3.1 into Master

.env

@@ -0,0 +1,26 @@
+IMAGE_TOMCAT=owasp/securityshepherd_tomcat:v3.1
+IMAGE_MYSQL=owasp/securityshepherd_mysql:v3.1
+IMAGE_MONGO=owasp/securityshepherd_mongo:v3.1
+
+CONTAINER_TOMCAT=secshep_tomcat
+CONTAINER_MYSQL=secshep_mysql
+CONTAINER_MONGO=secshep_mongo
+
+MYSQL_USER=root
+MYSQL_PASS=CowSaysMoo
+
+MONGO_USER=admin
+MONGO_PASS=CowSaysMoo
+MONGO_URI="mongodb://$MONGO_USER:$MONGO_PASS@$CONTAINER_MONGO:27017/shepherdGames"
+
+TLS_KEYSTORE_PASS=CowSaysMoo
+TLS_KEYSTORE_FILE=shepherdKeystore.p12
+ALIAS=tomcat
+KEY_ALG=RSA
+DNAME='cn=OwaspShepherd, ou=Security Shepherd, o=OWASP, L=Baile Átha Cliath, ST=Laighin, C=IE'
+STORE_TYPE=pkcs12
+
+HTTP_PORT=80
+HTTPS_PORT=443
+
+DOCKER_NETWORK_NAME=securityshepherd_default

.gitignore

@@ -0,0 +1,5 @@
+/target/
+/.classpath
+/.project
+/bin/
+/.settings/

.travis.yml

@@ -0,0 +1,3 @@
+language: java
+services:
+  - mysql

Dockerfile

@@ -1,78 +1,31 @@
-###################################################################
-# Dockerfile to build Security Sherpherd
-#
-# Based on Ubuntu
-# Version 0.8
-###################################################################
+FROM tomcat:alpine
 
+ARG DB_DRIVER=org.gjt.mm.mysql.Driver
+ARG DB_SCHEMA=core
+ARG PROPS_DIR=/usr/local/tomcat/conf/database.properties
 
-FROM ubuntu:precise
-ENV DEBIAN_FRONTEND noninteractive
+ARG MYSQL_USER
+ARG MYSQL_PASS
+ARG MYSQL_URI
 
-MAINTAINER Paul <@ismisepaul>
+ARG TLS_KEYSTORE_FILE
+ARG TLS_KEYSTORE_PASS
+ARG ALIAS
+ARG HTTPS_PORT
 
-#Change these Passwords
-ENV keystorePwd=CowSaysMoo mysqlRootPwd=CowSaysMoo
-
-#Other Environment Variables
-ENV homeDirectory="/home/shepherd/" keyStoreFileName="shepherdKeystore.jks"
+RUN printf "databaseConnectionURL=$MYSQL_URI/\nDriverType=$DB_DRIVER\ndatabaseSchema=$DB_SCHEMA\ndatabaseUsername=$MYSQL_USER\ndatabasePassword=$MYSQL_PASS\n" >> $PROPS_DIR
 
-#Download locations
-ENV serverXml="https://raw.githubusercontent.com/OWASP/SecurityShepherd/master/SecurityShepherdCore/setupFiles/tomcatShepherdSampleServer.xml" webXml="https://raw.githubusercontent.com/OWASP/SecurityShepherd/master/SecurityShepherdCore/setupFiles/tomcatShepherdSampleWeb.xml" shepherdManualPackLocation="http://sourceforge.net/projects/owaspshepherd/files/owaspSecurityShepherd_V2.4%20Manual%20Pack.zip/download"
+RUN rm -rf /usr/local/tomcat/webapps/ROOT
+COPY target/owaspSecurityShepherd.war /usr/local/tomcat/webapps/ROOT.war
+COPY target/$TLS_KEYSTORE_FILE /usr/local/tomcat/conf/$TLS_KEYSTORE_FILE
 
-# Install Pre-Requisite Stuff
-RUN apt-get update -y &&\
-	apt-get install -y software-properties-common python-software-properties &&\
-	add-apt-repository -y ppa:webupd8team/java &&\ 
-	apt-get update -y &&\ 
-	echo debconf shared/accepted-oracle-license-v1-1 select true | debconf-set-selections &&\
-	apt-get install -y oracle-java7-installer --force-yes &&\
-	echo "mysql-server mysql-server/root_password password $mysqlRootPwd" | debconf-set-selections &&\
-	echo "mysql-server mysql-server/root_password_again password $mysqlRootPwd" | debconf-set-selections &&\
-	apt-get install -y tomcat7 tomcat7-common tomcat7-admin mysql-server-5.5 authbind unzip tofrodos wget less vim &&\
-	mkdir $homeDirectory
+COPY docker/tomcat/serverxml.patch /usr/local/tomcat/conf/serverxml.patch
+RUN sed -i 's/keystoreFile="conf\/TLS_KEYSTORE_FILE" keystorePass="TLS_KEYSTORE_PASS" keyAlias="ALIAS"\/>/keystoreFile="conf\/'"$TLS_KEYSTORE_FILE"'" keystorePass="'"$TLS_KEYSTORE_PASS"'" keyAlias="'"$ALIAS"'"\/>/g' /usr/local/tomcat/conf/serverxml.patch &&\
+    sed -i 's/redirectPort="HTTPS_PORT" \/>/redirectPort="'"$HTTPS_PORT"'" \/>/g' /usr/local/tomcat/conf/serverxml.patch &&\
+    patch /usr/local/tomcat/conf/server.xml /usr/local/tomcat/conf/serverxml.patch
 
-#Download and Deploy Shepherd to Tomcat and MySQL
-WORKDIR /home/shepherd
-RUN wget --quiet $shepherdManualPackLocation -O manualPack.zip &&\
-	mkdir manualPack &&\
-	unzip manualPack.zip -d manualPack &&\
-	fromdos manualPack/*.sql &&\
-	chmod 775 manualPack/*.war &&\
-	rm -rf /var/lib/tomcat7/webapps/* &&\
-	mv manualPack/ROOT.war /var/lib/tomcat7/webapps/ &&\
-	chown -R mysql /var/lib/mysql
+COPY docker/tomcat/webxml.patch /usr/local/tomcat/conf/webxml.patch
+RUN patch /usr/local/tomcat/conf/web.xml /usr/local/tomcat/conf/webxml.patch
 
-#Configuring MySQL
-WORKDIR /home/shepherd/manualPack
-RUN /bin/bash -c "/usr/bin/mysqld_safe &" && \
-	sleep 5 &&\
-	mysql -u root -e "source coreSchema.sql" --force -p$mysqlRootPwd &&\
-	mysql -u root -e "source moduleSchemas.sql" --force -p$mysqlRootPwd
-
-#Configuring Tomcat
-WORKDIR /home/shepherd
-RUN echo "JAVA_HOME=/usr/lib/jvm/java-7-oracle" >> /etc/default/tomcat7 && \
-	echo "AUTHBIND=yes" >> /etc/default/tomcat7 && \
-	keytool -genkey -alias tomcat -keyalg RSA -keystore $keyStoreFileName -dname "cn=OwaspShepherd, ou=Security Shepherd, o=OWASP, L=Baile Átha Cliath, ST=Laighin, C=IE" -storepass $keystorePwd -keypass $keystorePwd -deststoretype JKS && \
-	cd /var/lib/tomcat7/conf/ && \
-	rm -f web.xml && \
-	rm -f server.xml &&\
-	wget --quiet $webXml -O web.xml && \
-	wget --quiet $serverXml  -O server.xml && \
-	escapedFileName=$(echo "$homeDirectory$keyStoreFileName" | sed 's/\//\\\//g') && \
-	sed -i "s/____.*____/$escapedFileName/g" server.xml && \
-	sed -i "s/___.*___/$keystorePwd/g" server.xml && \
-	touch /etc/authbind/byport/80 && \
-	touch /etc/authbind/byport/443 && \
-	chmod 500 /etc/authbind/byport/80 && \
-	chmod 500 /etc/authbind/byport/443 && \
-	chown tomcat7 /etc/authbind/byport/80 && \
-	chown tomcat7 /etc/authbind/byport/443
-
-EXPOSE 80 443 3306
-
-#service mysql start not working...
-
-CMD /usr/bin/mysqld_safe & && \
-	service tomcat7 start && tail -f /var/lib/tomcat7/logs/catalina.out
+EXPOSE 8080 8443
+CMD ["catalina.sh", "run"]