Push linux/amd64 Docker image

OWASP-Benchmark / BenchmarkJava

OWASP Benchmark is a test suite designed to verify the speed and accuracy of software vulnerability detection tools. A fully runnable web app written in Java, it supports analysis by Static (SAST), Dynamic (DAST), and Runtime (IAST) tools that support Java. The idea is that since it is fully runnable and all the vulnerabilities are actually exploitable, it’s a fair test for any kind of vulnerability detection tool. For more details on this project, please see the OWASP Benchmark Project home page.

https://owasp.org/www-project-benchmark/

GNU General Public License v2.0

661 stars 1.05k forks source link

Push linux/amd64 Docker image #223

Open thc202 opened 6 months ago

thc202 commented 6 months ago

The latest Docker image pushed is now linux/arm64 which makes it very slow when running from linux/amd64, so much that the initial start up is longer than 1 minute and breaks our tests, e.g.: https://github.com/zapbot/zap-mgmt-scripts/actions/runs/8370459364/job/22917853473#step:3:1

We can increase the wait time but it would be better if it was still provided linux/amd64 as before, which is the most common.

thc202 commented 6 months ago

We ended up disabling the scans in CI it takes too long to start.

davewichers commented 6 months ago

I'm happy to fix it if you explain how. The Docker file is build using these two files in the VMs folder: Dockerfile and buildDockerImage.sh. How do I change this to use linux/amd64 rather than linux/arm64? Or, I could create a different Docker file for ZAPs use to use amd64. I'd like to track down who/when this was changed and if it was a 'contribution' ask them author why. Or maybe the latest ubuntu is now arm64??

thc202 commented 6 months ago

You can create the image with different architectures: https://docs.docker.com/build/building/multi-platform/ I'd suggest that as it would be faster when running in both amd64 and arm64. You could also create a GitHub workflow to build/publish the images (e.g.: https://github.com/zaproxy/zaproxy/blob/59a6ccab8b210b953e0348bfb337b3416e6c4329/.github/workflows/release-main-docker.yml).

I think a different host was used (with different processor) to build/publish the image.

davewichers commented 4 months ago

@thc202 - Please try to the new Docker image I pushed out. It should be specific to AMD64. I'm working on pushing out an ARM64 version too, but need permission to create/push a new Docker image at docker.io.

thc202 commented 4 months ago

A separate image should not be needed, the same image can have different architectures.

davewichers commented 4 months ago

@thc202 - you said that before but I couldn't figure out how to do that. If you know how, and can implement via a pull request, that would be great. Regardless, did you confirm the AMD64 image works for you?

thc202 commented 4 months ago

What type of changes are you looking for? A workflow to publish them?

I did not yet, will do that in the following days.

davewichers commented 4 months ago

@thc202 - no, the command line commands required to create one docker image that supports BOTH architectures. I can then publish that one image to docker.io like I do now.