10-30-2024 06:38 AM
I am trying to automate the deployment of app-embedded defenders by using the REST endpoint to update Dockerfiles, but whenever I try to send the Dockerfile, I get an error message "failed to embed Dockerfile: could not find ENTRYPOINT directive".
I am currently sending the dockerfile address; do I need to instead send the dockerfile itself as a string?
11-11-2024 12:18 PM
Hello FGuerra,
App-Embedded defenders require an ENTRYPOINT to be present in the Dockerfile. It uses that as the trigger to initialize properly.
Did a post help answer your question? Please click the “Accept as Solution” button. Read more about how and why accepting solutions is a vital part of LIVEcommunity.
11-11-2024 12:20 PM
Including a sample here below for reference
FROM tiangolo/uwsgi-nginx-flask:python3.6
RUN mkdir /code
WORKDIR /code
ADD requirements.txt /code/
RUN pip install -r requirements.txt --no-cache-dir
ADD . /code/
# ssh
ENV SSH_PASSWD "root:Docker!"
RUN apt-get update \
&& apt-get install -y --no-install-recommends dialog \
&& apt-get update \
&& apt-get install -y --no-install-recommends openssh-server \
&& echo "$SSH_PASSWD" | chpasswd
COPY sshd_config /etc/ssh/
COPY init.sh /usr/local/bin/
RUN chmod u+x /usr/local/bin/init.sh
EXPOSE 8000 2222
#CMD ["python", "/code/manage.py", "runserver", "0.0.0.0:8000"]
ENTRYPOINT ["init.sh"]
# Twistlock Container Defender - app embedded
ADD twistlock_defender_app_embedded.tar.gz /twistlock
ENV DEFENDER_TYPE="appEmbedded"
ENV DEFENDER_APP_ID="aws-webapp"
ENV FILESYSTEM_MONITORING="false"
ENV WS_ADDRESS="wss://us-east1.cloud.twistlock.com:443"
ENV DATA_FOLDER="/twistlock"
ENV INSTALL_BUNDLE="eyJzZWNyZXRzIjp7InNlcnZpY2UtcGFyYW1ldGVyIjoiV1RCb1I2U0Z4TVAyc1dpQjlUN1ZDa1dlTG5hL0JBQ0VYeVVmUnBQWitGWjVWN2tXR2dNVERGOHlaSkpoQm42Vk1FTXZSOWxnbGNPT0txaDBiUmR4b2c9PSJ9LCJnbG9iYWxQcm94eU9wdCI6eyJodHRwUHJveHkiOiIiLCJub1Byb3h5IjoiIiwiY2EiOiIiLCJ1c2VyIjoiIiwicGFzc3dvcmQiOnsiZW5jcnlwdGVkIjoiIn19LCJjdXN0b21lcklEIjoidXMtMi0xNTgzMjAzNzIiLCJhcGlLZXkiOiJna0lFSWNSQjhNWmFnQVRwcUlKTVB0ZWNPY1o0VGpRek1vWGhmSVZMbXpMQTRON2ErNE5kWndIbWphSzBmSUNpejdoNldJa0hOQWdOQy9UY0ZPNmhaQT09IiwibWljcm9zZWdDb21wYXRpYmxlIjpmYWxzZSwiaW1hZ2VTY2FuSUQiOiJmMTcwYWY0My05NzU2LTBmMDAtM2JjZS05NjNjZGRlMDVjZjQifQ=="
ENV FIPS_ENABLED="false"
ENTRYPOINT ["/twistlock/defender", "app-embedded", "init.sh"]
Did a post help answer your question? Please click the “Accept as Solution” button. Read more about how and why accepting solutions is a vital part of LIVEcommunity.
01-20-2025 07:17 PM
I am having the same problem. I get the same error message whether I pass in valid contents Dockerfile name, non-existing filename or bad contents Dockerfile name. It seems that endpoint is not finding the specified file but not saying it can't find the file.
From where I am issuing rest api call from, am I supposed to give relative path of Dockerfile for "dockerfile" or something else?
Documentation doesn't say where the file needs to exist.
dockerfile string
Dockerfile is the Dockerfile to embed AppEmbedded defender into.
01-22-2025 10:56 AM
Hello Golden4,
Ensure that the files referenced in the ENTRYPOINT setting are in the working directory where the Dockerfile is located.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
