Try building anteon instead of ddosify

Signed-off-by: Jauder Ho <jauderho@users.noreply.github.com>
jauderho · Jun 12, 2024 · 2993b19 · 2993b19
1 parent 2465431
commit 2993b19
Show file tree

Hide file tree

Showing 7 changed files with 180 additions and 5 deletions.
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -41,6 +41,12 @@ updates:
     schedule:
       interval: "daily"
 
+  # Maintain dependencies for Docker
+  - package-ecosystem: "docker"
+    directory: /anteon
+    schedule:
+      interval: "daily"
+
   # Maintain dependencies for Docker
   - package-ecosystem: "docker"
     directory: /ansible
@@ -167,6 +173,12 @@ updates:
     schedule:
       interval: "daily"
 
+  # Maintain dependencies for Docker
+  - package-ecosystem: "docker"
+    directory: /freenginx
+    schedule:
+      interval: "daily"
+
   # Maintain dependencies for Docker
   - package-ecosystem: "docker"
     directory: /gobgp

diff --git a/.github/workflows/anteon.yml b/.github/workflows/anteon.yml
@@ -0,0 +1,106 @@
+name: anteon
+
+on:
+  push:
+    branches: 
+      - main
+    paths:
+      - anteon/*
+      - .github/workflows/anteon.yml
+  workflow_dispatch:
+  schedule:
+    - cron: "0 8 * * 1"
+
+env:
+  BUILD_VERSION: "selfhosted-2.2.0"
+  DOCKER_CLI_EXPERIMENTAL: enabled
+  REPOSITORY: ${{ github.actor }}/${{ github.workflow }} 
+
+permissions: read-all
+
+jobs:
+  deploy:
+    runs-on: ubuntu-22.04
+    permissions:
+      packages: write
+
+    steps:
+      - name: Harden Runner
+        uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6
+        with:
+          egress-policy: block
+          disable-telemetry: true
+          allowed-endpoints: >
+            95s5acprodeus1file6.blob.core.windows.net:443
+            api.github.com:443
+            artifactcache.actions.githubusercontent.com:443
+            auth.docker.io:443
+            codeload.github.com:443
+            dl-cdn.alpinelinux.org:443
+            ghcr.io:443
+            github.com:443
+            production.cloudflare.docker.com:443
+            proxy.golang.org:443
+            rdfepirv2dm1prdstr02.blob.core.windows.net:443
+            registry-1.docker.io:443
+            storage.googleapis.com:443
+            sum.golang.org:443
+          
+      - name: Source checkout
+        uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v2.4.0 
+
+      - name: Setup QEMU
+        id: qemu
+        uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v1.2.0
+
+      - name: Setup Buildx
+        id: buildx
+        uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v1
+
+      - name: Set Docker metadata
+        id: docker_meta
+        uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 # v3
+        with:
+          images: ${{ env.REPOSITORY }}
+          labels: |
+            org.opencontainers.image.version=${{ env.BUILD_VERSION }}
+            org.opencontainers.image.revision=${{ github.sha }}
+            org.opencontainers.image.title=${{ env.REPOSITORY }}
+
+      - name: GitHub login
+        if: ${{ github.event_name != 'pull_request' }}
+        uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v1.12.0
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: DockerHub login
+        if: ${{ github.event_name != 'pull_request' }}
+        uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v1.12.0
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_PASSWORD }}      
+
+      - name: Build and push
+        uses: docker/build-push-action@ca052bb54ab0790a636c9b5f226502c73d547a25 # v2.8.0
+        with:
+          push: ${{ github.event_name != 'pull_request' }}
+          context: ${{ github.workflow }}
+          #platforms: linux/amd64,linux/arm64,linux/ppc64le,linux/ppc64le,linux/s390x
+          #platforms: linux/amd64,linux/arm64
+          #platforms: linux/amd64
+          platforms: linux/amd64,linux/arm64,linux/ppc64le,linux/arm/v7,linux/arm/v6,linux/s390x
+          #platforms: linux/amd64,linux/arm64,linux/ppc64le,linux/arm/v7,linux/arm/v6,linux/s390x
+          build-args: |
+            BUILD_VERSION
+          sbom: true
+          provenance: true
+          cache-from: type=gha, scope=${{ github.workflow }}
+          cache-to: type=gha, scope=${{ github.workflow }}
+          labels: ${{ steps.docker_meta.outputs.labels }}
+          tags: |
+            docker.io/${{ env.REPOSITORY }}:${{ env.BUILD_VERSION }}
+            docker.io/${{ env.REPOSITORY }}:latest
+            ghcr.io/${{ env.REPOSITORY }}:${{ env.BUILD_VERSION }}
+            ghcr.io/${{ env.REPOSITORY }}:latest
diff --git a/.github/workflows/scan.yml b/.github/workflows/scan.yml
@@ -26,8 +26,8 @@ jobs:
       fail-fast: false
       matrix:
         #image: [cloudflared]
-        image: [age, ali, amass, ansible, aznamingtool, bl3auto, black, catprinter, cf-warp, cloudflared, coredns, ddosify, dhcp-helper, dive, dkimpy, dnscontrol, dnscrypt-proxy, dnsx, docker-autocompose, docker-bench-security, driftctl, dry, dsq, excalidraw, freenginx, fq, gobgp, gocannon, goplay2, goreplay, gotip, gron, hakrawler, headscale, httpie-go, httprobe, httpx, imapsync, lego, log4j-scan, logmepwn, lpar2rrd, miller, nebula, netmaker, nginx, ntfy, octosql, onetun, opentofu, prettier, pwru, rclone, rdap, rustybgp, sftpd, snowball, spicedb, ssh-audit, sslyze, stor2rrd, subfinder, tailscale, terraform, testssl.sh, textql, tftpd, toxiproxy, trufflehog, unbound, vegeta, visidata, watchtower, whois, wuzz, yggdrasil-go, yt-dlp, zola]
-    runs-on: ubuntu-22.04
+        image: [age, ali, amass, anteon, ansible, aznamingtool, bl3auto, black, catprinter, cf-warp, cloudflared, coredns, dhcp-helper, dive, dkimpy, dnscontrol, dnscrypt-proxy, dnsx, docker-autocompose, docker-bench-security, driftctl, dry, dsq, excalidraw, freenginx, fq, gobgp, gocannon, goplay2, goreplay, gotip, gron, hakrawler, headscale, httpie-go, httprobe, httpx, imapsync, lego, log4j-scan, logmepwn, lpar2rrd, miller, nebula, netmaker, nginx, ntfy, octosql, onetun, opentofu, prettier, pwru, rclone, rdap, rustybgp, sftpd, snowball, spicedb, ssh-audit, sslyze, stor2rrd, subfinder, tailscale, terraform, testssl.sh, textql, tftpd, toxiproxy, trufflehog, unbound, vegeta, visidata, watchtower, whois, wuzz, yggdrasil-go, yt-dlp, zola]
+    runs-on: ubuntu-24.04
 
     steps:
       - name: Harden Runner
@@ -65,8 +65,8 @@ jobs:
       fail-fast: false
       matrix:
         #image: [cloudflared]
-        image: [age, ali, amass, ansible, aznamingtool, bl3auto, black, catprinter, cf-warp, cloudflared, coredns, ddosify, dhcp-helper, dive, dkimpy, dnscontrol, dnscrypt-proxy, dnsx, docker-autocompose, docker-bench-security, driftctl, dry, dsq, excalidraw, freenginx, fq, gobgp, gocannon, goplay2, goreplay, gotip, gron, hakrawler, headscale, httpie-go, httprobe, httpx, imapsync, lego, log4j-scan, logmepwn, lpar2rrd, miller, nebula, netmaker, nginx, ntfy, octosql, onetun, opentofu, prettier, pwru, rclone, rdap, rustybgp, sftpd, snowball, spicedb, ssh-audit, sslyze, stor2rrd, subfinder, tailscale, terraform, testssl.sh, textql, tftpd, toxiproxy, trufflehog, unbound, vegeta, visidata, watchtower, whois, wuzz, yggdrasil-go, yt-dlp, zola]
-    runs-on: ubuntu-22.04
+        image: [age, ali, amass, anteon, ansible, aznamingtool, bl3auto, black, catprinter, cf-warp, cloudflared, coredns, dhcp-helper, dive, dkimpy, dnscontrol, dnscrypt-proxy, dnsx, docker-autocompose, docker-bench-security, driftctl, dry, dsq, excalidraw, freenginx, fq, gobgp, gocannon, goplay2, goreplay, gotip, gron, hakrawler, headscale, httpie-go, httprobe, httpx, imapsync, lego, log4j-scan, logmepwn, lpar2rrd, miller, nebula, netmaker, nginx, ntfy, octosql, onetun, opentofu, prettier, pwru, rclone, rdap, rustybgp, sftpd, snowball, spicedb, ssh-audit, sslyze, stor2rrd, subfinder, tailscale, terraform, testssl.sh, textql, tftpd, toxiproxy, trufflehog, unbound, vegeta, visidata, watchtower, whois, wuzz, yggdrasil-go, yt-dlp, zola]
+    runs-on: ubuntu-24.04
 
     steps:
       - name: Harden Runner

diff --git a/anteon/Dockerfile b/anteon/Dockerfile
@@ -0,0 +1,46 @@
+FROM golang:1.22.4-alpine3.20@sha256:9bdd5692d39acc3f8d0ea6f81327f87ac6b473dd29a2b6006df362bff48dd1f8 AS build
+
+WORKDIR /go/src/github.com/getanteon/anteon/
+
+ARG BUILD_VERSION
+ARG ARCHIVE_URL=https://github.com/getanteon/anteon/archive/
+
+ENV GO111MODULE on
+ENV CGO_ENABLED 0
+
+RUN test -n "${BUILD_VERSION}" \
+	&& apk update \
+	&& apk upgrade -a \
+	&& apk add --no-cache curl gcc musl-dev \
+	&& curl -L "${ARCHIVE_URL}${BUILD_VERSION}.tar.gz" -o /tmp/anteon.tar.gz \
+	&& tar xzf /tmp/anteon.tar.gz --strip 1 -C /go/src/github.com/getanteon/anteon \
+	&& cd ddosify_engine \
+	&& go get -u golang.org/x/net \
+	&& go mod tidy \
+	&& go build -o ddosify -v -trimpath -ldflags="-s -w" ./main.go 
+
+WORKDIR /config
+
+
+# ----------------------------------------------------------------------------
+
+
+#FROM scratch
+FROM alpine:3.20.0@sha256:77726ef6b57ddf65bb551896826ec38bc3e53f75cdde31354fbffb4f25238ebd
+
+LABEL org.opencontainers.image.authors="Jauder Ho <jauderho@users.noreply.github.com>"
+LABEL org.opencontainers.image.url="https://github.com/jauderho/dockerfiles"
+LABEL org.opencontainers.image.documentation="https://github.com/jauderho/dockerfiles"
+LABEL org.opencontainers.image.source="https://github.com/jauderho/dockerfiles"
+LABEL org.opencontainers.image.title="jauderho/anteon"
+LABEL org.opencontainers.image.description="anteon is a high performance load testing tool"
+
+RUN apk update \
+	&& apk upgrade -a
+
+COPY --from=build /go/src/github.com/getanteon/anteon/ddosify_engine/ddosify /usr/local/bin/ddosify
+COPY --from=build /config /config
+
+ENTRYPOINT ["/usr/local/bin/ddosify"]
+CMD ["-h"]
+
diff --git a/anteon/README.md b/anteon/README.md
@@ -0,0 +1,10 @@
+
+[![Build Status](https://github.com/jauderho/dockerfiles/workflows/anteon/badge.svg)](https://github.com/jauderho/dockerfiles/actions)
+[![Version](https://img.shields.io/docker/v/jauderho/anteon/latest)](https://github.com/getanteon/anteon)
+[![Docker Pulls](https://img.shields.io/docker/pulls/jauderho/anteon)](https://hub.docker.com/r/jauderho/anteon/)
+[![Image Size](https://img.shields.io/docker/image-size/jauderho/anteon/latest)](https://hub.docker.com/r/jauderho/anteon/)
+
+Up to date multi-platform images are built an hour after upstream release and rebuilt at least once a week.
+
+Usage: `docker run --rm -it ghcr.io/jauderho/anteon:latest -t <URL>`
+
diff --git a/scripts/SOURCE_REPOS b/scripts/SOURCE_REPOS
@@ -2,6 +2,7 @@ FiloSottile/age
 nakabonne/ali
 ansible/ansible
 OWASP/amass
+getanteon/anteon
 jauderho/bl3auto
 psf/black
 jauderho/cf-warp

diff --git a/scripts/updateDockerImages.sh b/scripts/updateDockerImages.sh
@@ -13,12 +13,12 @@ REPO=(
 	"nakabonne/ali" \
 	"ansible/ansible" \
 	"OWASP/amass" \
+	"getanteon/anteon" \
 	"jauderho/bl3auto" \
 	"psf/black" \
 	"jauderho/cf-warp" \
 	"cloudflare/cloudflared" \
 	"coredns/coredns" \
-	#"ddosify/ddosify" \
 	"StackExchange/dnscontrol" \
 	"DNSCrypt/dnscrypt-proxy" \
 	"projectdiscovery/dnsx" \