This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

App-Embedded Defender REST endpoint

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

App-Embedded Defender REST endpoint

FGuerra
L0 Member

‎10-30-2024 06:38 AM

I am trying to automate the deployment of app-embedded defenders by using the REST endpoint to update Dockerfiles, but whenever I try to send the Dockerfile, I get an error message "failed to embed Dockerfile: could not find ENTRYPOINT directive".

 

I am currently sending the dockerfile address; do I need to instead send the dockerfile itself as a string? 

0 Likes Likes
2 REPLIES 2

JJean-Claude
L1 Bithead

‎11-11-2024 12:18 PM

Hello FGuerra,

 

App-Embedded defenders require an ENTRYPOINT to be present in the Dockerfile. It uses that as the trigger to initialize properly.

 

Did a post help answer your question? Please click the “Accept as Solution” button. Read more about how and why accepting solutions is a vital part of LIVEcommunity.

0 Likes Likes

JJean-Claude
L1 Bithead
In response to JJean-Claude

‎11-11-2024 12:20 PM

Including a sample here below for reference

 

FROM tiangolo/uwsgi-nginx-flask:python3.6

RUN mkdir /code
WORKDIR /code
ADD requirements.txt /code/
RUN pip install -r requirements.txt --no-cache-dir
ADD . /code/

# ssh
ENV SSH_PASSWD "root:Docker!"
RUN apt-get update \
&& apt-get install -y --no-install-recommends dialog \
&& apt-get update \
&& apt-get install -y --no-install-recommends openssh-server \
&& echo "$SSH_PASSWD" | chpasswd

COPY sshd_config /etc/ssh/
COPY init.sh /usr/local/bin/

RUN chmod u+x /usr/local/bin/init.sh
EXPOSE 8000 2222
#CMD ["python", "/code/manage.py", "runserver", "0.0.0.0:8000"]
ENTRYPOINT ["init.sh"]

# Twistlock Container Defender - app embedded
ADD twistlock_defender_app_embedded.tar.gz /twistlock
ENV DEFENDER_TYPE="appEmbedded"
ENV DEFENDER_APP_ID="aws-webapp"
ENV FILESYSTEM_MONITORING="false"
ENV WS_ADDRESS="wss://us-east1.cloud.twistlock.com:443"
ENV DATA_FOLDER="/twistlock"
ENV INSTALL_BUNDLE="eyJzZWNyZXRzIjp7InNlcnZpY2UtcGFyYW1ldGVyIjoiV1RCb1I2U0Z4TVAyc1dpQjlUN1ZDa1dlTG5hL0JBQ0VYeVVmUnBQWitGWjVWN2tXR2dNVERGOHlaSkpoQm42Vk1FTXZSOWxnbGNPT0txaDBiUmR4b2c9PSJ9LCJnbG9iYWxQcm94eU9wdCI6eyJodHRwUHJveHkiOiIiLCJub1Byb3h5IjoiIiwiY2EiOiIiLCJ1c2VyIjoiIiwicGFzc3dvcmQiOnsiZW5jcnlwdGVkIjoiIn19LCJjdXN0b21lcklEIjoidXMtMi0xNTgzMjAzNzIiLCJhcGlLZXkiOiJna0lFSWNSQjhNWmFnQVRwcUlKTVB0ZWNPY1o0VGpRek1vWGhmSVZMbXpMQTRON2ErNE5kWndIbWphSzBmSUNpejdoNldJa0hOQWdOQy9UY0ZPNmhaQT09IiwibWljcm9zZWdDb21wYXRpYmxlIjpmYWxzZSwiaW1hZ2VTY2FuSUQiOiJmMTcwYWY0My05NzU2LTBmMDAtM2JjZS05NjNjZGRlMDVjZjQifQ=="
ENV FIPS_ENABLED="false"
ENTRYPOINT ["/twistlock/defender", "app-embedded", "init.sh"]

 

Did a post help answer your question? Please click the “Accept as Solution” button. Read more about how and why accepting solutions is a vital part of LIVEcommunity.

0 Likes Likes
  • 194 Views
  • 2 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks