Bump modules and remove faup

MISP · Feb 26, 2025 · 7c62805 · 7c62805
1 parent 9d95b9a
commit 7c62805
Show file tree

Hide file tree

Showing 6 changed files with 10 additions and 36 deletions.
diff --git a/.github/workflows/release-latest.yml b/.github/workflows/release-latest.yml
@@ -42,7 +42,7 @@ jobs:
           password: ${{ secrets.GITHUB_TOKEN }}
 
       - name: Build and push
-        uses: docker/bake-action@v4
+        uses: docker/bake-action@v5
         with:
           push: true
           provenance: false

diff --git a/.github/workflows/test-build-latest.yml b/.github/workflows/test-build-latest.yml
@@ -31,7 +31,7 @@ jobs:
           echo "NAMESPACE=local" >> "$GITHUB_ENV"
 
       - name: Build
-        uses: docker/bake-action@v4
+        uses: docker/bake-action@v5
         with:
           push: false
           provenance: false

diff --git a/docker-bake.hcl b/docker-bake.hcl
@@ -58,7 +58,7 @@ variable "MODULES_COMMIT" {
   default = ""
 }
 
-variable "LIBFAUP_COMMIT" {
+variable "MODULES_INSTALL_FLAG" {
   default = ""
 }
 
@@ -88,7 +88,7 @@ target "misp-modules" {
   args = {
     "MODULES_TAG": "${MODULES_TAG}",
     "MODULES_COMMIT": "${MODULES_COMMIT}",
-    "LIBFAUP_COMMIT": "${LIBFAUP_COMMIT}",
+    "MODULES_INSTALL_FLAG": "${MODULES_INSTALL_FLAG}",
   }
   platforms = "${PLATFORMS}"
 }

diff --git a/docker-compose.yml b/docker-compose.yml
@@ -253,7 +253,7 @@ services:
       args:
         - MODULES_TAG=${MODULES_TAG:?Missing .env file, see README.md for instructions}
         - MODULES_COMMIT=${MODULES_COMMIT}
-        - LIBFAUP_COMMIT=${LIBFAUP_COMMIT:?Missing .env file, see README.md for instructions}
+        - MODULES_INSTALL_FLAG=${MODULES_INSTALL_FLAG:?Missing .env file, see README.md for instructions}
     environment:
       - "REDIS_BACKEND=${REDIS_HOST:-redis}"
       - "REDIS_PORT=${REDIS_PORT:-6379}"

diff --git a/modules/Dockerfile b/modules/Dockerfile
@@ -4,7 +4,7 @@ FROM "${DOCKER_HUB_PROXY}python:3.12-slim-bookworm" AS python-build
     ENV DEBIAN_FRONTEND noninteractive
     ARG MODULES_TAG
     ARG MODULES_COMMIT
-    ARG LIBFAUP_COMMIT
+    ARG MODULES_INSTALL_FLAG
 
     # Uncomment when building in corporate environments
     # COPY ./cert.pem /usr/local/share/ca-certificates/rootca.pem
@@ -21,7 +21,6 @@ FROM "${DOCKER_HUB_PROXY}python:3.12-slim-bookworm" AS python-build
         libxml2-dev \
         libxslt-dev  \
         libssl-dev \
-        ninja-build \
         && apt-get autoremove -y && apt-get clean -y && rm -rf /var/lib/apt/lists/*
 
     RUN mkdir /wheels
@@ -39,31 +38,13 @@ EOF
     RUN sed -i "s/^requires-python = .*/requires-python = \"$(python -c 'import platform; print(platform.python_version())')\"/" pyproject.toml
     RUN poetry lock
     RUN poetry self add poetry-plugin-export
-    RUN poetry export --with unstable --without-hashes -f requirements.txt -o requirements.txt
+    RUN poetry export ${MODULES_INSTALL_FLAG} --without-hashes -f requirements.txt -o requirements.txt
     RUN pip wheel -r requirements.txt --no-cache-dir -w /wheels/
     RUN poetry build --output /wheels/
 
     WORKDIR /srv/
     RUN rm -rf /srv/misp-modules
 
-    RUN <<-EOF
-        git clone https://github.com/stricaud/faup.git /srv/faup
-        cd /srv/faup
-        if [ ! -z ${LIBFAUP_COMMIT} ]; then
-            git checkout ${LIBFAUP_COMMIT}
-        fi
-EOF
-
-    WORKDIR /srv/faup/build
-    RUN cmake -G "Ninja" ../
-    RUN ninja
-    RUN ninja install
-    WORKDIR /srv/faup/src/lib/bindings/python
-    RUN pip wheel --no-cache-dir --no-dependencies -w /wheels/ .
-
-    WORKDIR /srv/
-    RUN rm -rf /srv/faup
-
 
 FROM "${DOCKER_HUB_PROXY}python:3.12-slim-bookworm"
     ENV DEBIAN_FRONTEND noninteractive
@@ -81,16 +62,9 @@ FROM "${DOCKER_HUB_PROXY}python:3.12-slim-bookworm"
         && apt-get autoremove -y && apt-get clean -y && rm -rf /var/lib/apt/lists/*
 
     COPY --from=python-build /wheels /wheels
-    COPY --from=python-build /usr/local/lib/libfaupl* /usr/local/lib/
-    RUN ldconfig
-    RUN pip install --no-cache-dir --use-deprecated=legacy-resolver /wheels/*.whl && rm -rf /wheels
+    RUN pip install --no-cache-dir /wheels/*.whl && rm -rf /wheels
     RUN pip uninstall -y pip
 
-    # Since we compile faup ourselves and lua is not required anymore, we can load our own library 
-    #   and skip the pre-compiled blob to improve compatibility with other architectures like ARM
-    RUN sed -i s/LoadLibrary\(LOAD_LIB\)/LoadLibrary\(\"\\/usr\\/local\\/lib\\/libfaupl.so\"\)/ \
-        /usr/local/lib/python3.12/site-packages/pyfaup/__init__.py
-
     # Disable (all) warnings raised when using 'future'
     RUN sed -i '/import sys/a import warnings\nwarnings.warn = lambda *args, **kwargs: None' \
         /usr/local/bin/misp-modules

diff --git a/template.env b/template.env
@@ -3,9 +3,9 @@
 ##
 
 CORE_TAG=v2.5.7
-MODULES_TAG=v2.4.200
+MODULES_TAG=v2.4.201
+MODULES_INSTALL_FLAG=--with unstable
 PHP_VER=20220829
-LIBFAUP_COMMIT=3a26d0a
 
 # PYPY_* vars take precedence over MISP's
 # PYPI_REDIS_VERSION="==5.0.*"