PSHTT Reporter

Docker Image

This is a Docker container that creates PDF reports for individual second-level domains using data collected via pshtt scans.

This Docker container is intended to be run via cisagov/orchestrator.

N.B.: The secrets in the src/secrets directory are only used when testing via the docker-compose.yml composition. Normally this Docker container is run via the Docker composition in cisagov/orchestrator, which expects the secrets in a different location.

Running

Running with Docker

To run the cisagov/pshtt_reporter image via Docker:

docker run cisagov/pshtt_reporter:1.2.17

Running with Docker Compose

Create a docker-compose.yml file similar to the one below to use Docker Compose.

---
version: "3.7"

services:
  pshtt_reporter:
    image: cisagov/pshtt_reporter:1.2.17
    volumes:
      - type: bind
        source: <your_log_dir>
        target: /home/cisa/shared

Start the container and detach:
```
docker compose up --detach
```

Using secrets with your container

This container also supports passing sensitive values via Docker secrets. Passing sensitive values like your credentials can be more secure using secrets than using environment variables. See the secrets section below for a table of all supported secret files.

To use secrets, create a database_creds.yml file in this format:

---
version: '1'

database:
  name: cyhy
  uri: mongodb://readonly:[email protected]:27017/cyhy

Then add the secrets to your docker-compose.yml file:

---
version: "3.7"

secrets:
  database_creds:
    file: database_creds.yml

services:
  pshtt_reporter:
    image: cisagov/pshtt_reporter:1.2.17
    volumes:
      - type: bind
        source: <your_log_dir>
        target: /home/cisa/shared
    secrets:
      - source: database_creds
        target: database_creds.yml

Updating your container

Docker Compose

Pull the new image from Docker Hub:
```
docker compose pull
```
Recreate the running container by following the previous instructions:
```
docker compose up --detach
```

Docker

Stop the running container:
```
docker stop <container_id>
```

Pull the new image:

docker pull cisagov/pshtt_reporter:1.2.17

Recreate and run the container by following the previous instructions.

Image tags

The images of this container are tagged with semantic versions of the underlying example project that they containerize. It is recommended that most users use a version tag (e.g. :1.2.17).

Image:tag	Description
`cisagov/pshtt_reporter:1.2.17`	An exact release version.
`cisagov/pshtt_reporter:1.2`	The most recent release matching the major and minor version numbers.
`cisagov/pshtt_reporter:1`	The most recent release matching the major version number.
`cisagov/pshtt_reporter:edge`	The most recent image built from a merge into the `develop` branch of this repository.
`cisagov/pshtt_reporter:nightly`	A nightly build of the `develop` branch of this repository.
`cisagov/pshtt_reporter:latest`	The most recent release image pushed to a container registry. Pulling an image using the `:latest` tag should be avoided.

See the tags tab on Docker Hub for a list of all the supported tags.

Volumes

Mount point	Purpose
/home/cisa/shared	Output

Ports

There are no ports exposed by this container.

Environment variables

Required

There are no required environment variables.

Optional

There are no optional environment variables.

Secrets

Filename	Purpose
database_creds.yml	Cyber Hygiene read-only database credentials in this format

Building from source

Build the image locally using this git repository as the build context:

docker build \
  --tag cisagov/pshtt_reporter:1.2.17 \
  https://github.com/cisagov/pshtt_reporter.git#develop

Cross-platform builds

To create images that are compatible with other platforms, you can use the buildx feature of Docker:

Copy the project to your machine using the Code button above or the command line:
```
git clone https://github.com/cisagov/pshtt_reporter.git
cd pshtt_reporter
```
Create the Dockerfile-x file with buildx platform support:
```
./buildx-dockerfile.sh
```

Build the image using buildx:

docker buildx build \
  --file Dockerfile-x \
  --platform linux/amd64 \
  --output type=docker \
  --tag cisagov/pshtt_reporter:1.2.17 .

Contributing

We welcome contributions! Please see CONTRIBUTING.md for details.

License

This project is in the worldwide public domain.

This project is in the public domain within the United States, and copyright and related rights in the work worldwide are waived through the CC0 1.0 Universal public domain dedication.

All contributions to this project will be released under the CC0 dedication. By submitting a pull request, you are agreeing to comply with this waiver of copyright interest.

Name		Name	Last commit message	Last commit date
Latest commit History 1,085 Commits
.github		.github
src		src
tests		tests
.ansible-lint		.ansible-lint
.bandit.yml		.bandit.yml
.dockerignore		.dockerignore
.flake8		.flake8
.gitignore		.gitignore
.isort.cfg		.isort.cfg
.mdl_config.yaml		.mdl_config.yaml
.pre-commit-config.yaml		.pre-commit-config.yaml
.prettierignore		.prettierignore
.yamllint		.yamllint
CONTRIBUTING.md		CONTRIBUTING.md
Dockerfile		Dockerfile
LICENSE		LICENSE
README.md		README.md
buildx-dockerfile.sh		buildx-dockerfile.sh
bump_version.sh		bump_version.sh
docker-compose.yml		docker-compose.yml
push_readme.sh		push_readme.sh
pytest.ini		pytest.ini
requirements-dev.txt		requirements-dev.txt
requirements-test.txt		requirements-test.txt
requirements.txt		requirements.txt
setup-env		setup-env
tag.sh		tag.sh

License

cisagov/pshtt_reporter

Folders and files

Latest commit

History

Repository files navigation

PSHTT Reporter

Docker Image

Running

Running with Docker

Running with Docker Compose

Using secrets with your container

Updating your container

Docker Compose

Docker

Image tags

Volumes

Ports

Environment variables

Required

Optional

Secrets

Building from source

Cross-platform builds

Contributing

License

About

Topics

Resources

License

Security policy

Stars

Watchers

Forks

Languages