You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
The reason will be displayed to describe this comment to others. Learn more.
Hi @vladaurosh - I know everyone likes small packages - and you especially 😅 this addition however makes the image significantly larger, but it seems to be required to build anything crypto-related. As I'm implementing a sync hub system I need to be able to encrypt and decrypt data. I tried multiple approaches, but couldn't get around the prerequisite of having these installed. Not sure if you have an idea how to optimize or work around this. Here are the relevant methods for encrypting and decrypting data - I tried like 4 or 5 different approaches:
The reason will be displayed to describe this comment to others. Learn more.
Hey @vladaurosh - thanks for looking into this 🙏 Anything that can encrypt/decrypt with a key is fine - tried like 8h to find something simple but was hitting build issues etc. along the way 😞
So just added python3-dev gcc musl-dev libffi-dev packages needed to install python cryptography library.
Then added cryptography to pip install.
No changes in runner image.
My test dockerfile is:
FROM alpine:3.20 as builder
ENV PYTHONUNBUFFERED 1
# Install build dependencies
RUN apk add --no-cache bash python3 python3-dev gcc musl-dev libffi-dev \
&& python -m venv /opt/venv
# Enable venv
ENV PATH="/opt/venv/bin:$PATH"
RUN pip install cryptography
# second stage
FROM alpine:3.20 as runner
COPY --from=builder /opt/venv /opt/venv
# Enable venv
ENV PATH="/opt/venv/bin:$PATH"
RUN apk update --no-cache \
&& apk add --no-cache bash python3
COPY test.py /
test.py file is (just googled it):
from cryptography.fernet import Fernet
# we will be encrypting the below string.
message = "hello geeks"
# generate a key for encryption and decryption
# You can use fernet to generate
# the key or use random key generator
# here I'm using fernet to generate key
key = Fernet.generate_key()
# Instance the Fernet class with the key
fernet = Fernet(key)
# then use the Fernet class instance
# to encrypt the string string must
# be encoded to byte string before encryption
encMessage = fernet.encrypt(message.encode())
print("original string: ", message)
print("encrypted string: ", encMessage)
# decrypt the encrypted string with the
# Fernet instance of the key,
# that was used for encrypting the string
# encoded byte string is returned by decrypt method,
# so decode it to string with decode methods
decMessage = fernet.decrypt(encMessage).decode()
print("decrypted string: ", decMessage)
Then I've ran docker image that I've built and executed test.py file:
Since I'm not much into python (development in general), there might by some better python library for encryption/decryption, cryptography was one of the first results in google. :D But proves that those build dependencies are needed just in builder image to install pip package, not in the runner, as it will be copied with venv.
Thanks a lot for looking into it. I've tried the Fernet library before but run into issues, so for now I just tried changing the Dockerfile as per your suggestion:
That doesn't sound correct. Just tried couple of docker images, pycryptodome adds ~8MB into /opt/venv, and cryptography adds 14MB. I guess one of them is needed not both depending which way you want to go with encryption?
I see that you've left python3-dev in runner image, that shouldn't be needed, and adds ~90MB of installed files (probably lot less since docker images are compressed).
What kind of issues you've encountered with Fernet? Though I can hardly help there.
The reason will be displayed to describe this comment to others. Learn more.
I see that you've left python3-dev in runner image, that shouldn't be needed, and adds ~90MB of installed files (probably lot less since docker images are compressed).
I missed that completely - this made the image again smaller to ~77MB
thanks for spotting this 🙏
I think this is fine for now - with Ferret I had to do some weird things with the encryption key to convert to a byte array -
96f18b4There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hi @vladaurosh - I know everyone likes small packages - and you especially 😅 this addition however makes the image significantly larger, but it seems to be required to build anything crypto-related. As I'm implementing a sync hub system I need to be able to encrypt and decrypt data. I tried multiple approaches, but couldn't get around the prerequisite of having these installed. Not sure if you have an idea how to optimize or work around this. Here are the relevant methods for encrypting and decrypting data - I tried like 4 or 5 different approaches:
NetAlertX/server/helper.py
Line 862 in 96f18b4
Thanks in advance if you have some time to look into this 🙏
96f18b4There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hi @jokob-sk
Is there any particular executable or python function that you need for encryption/decryption?
Or you just need anything that can encrypt/decrypt?
96f18b4There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hey @vladaurosh - thanks for looking into this 🙏 Anything that can encrypt/decrypt with a key is fine - tried like 8h to find something simple but was hitting build issues etc. along the way 😞
96f18b4There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hey @jokob-sk I'll look around.
96f18b4There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hey @jokob-sk , just did a quick test.
In builder image I've changed:
to
So just added python3-dev gcc musl-dev libffi-dev packages needed to install python cryptography library.
Then added cryptography to pip install.
No changes in runner image.
My test dockerfile is:
test.py file is (just googled it):
Then I've ran docker image that I've built and executed test.py file:
Since I'm not much into python (development in general), there might by some better python library for encryption/decryption, cryptography was one of the first results in google. :D But proves that those build dependencies are needed just in builder image to install pip package, not in the runner, as it will be copied with venv.
96f18b4There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hi @vladaurosh ,
Thanks a lot for looking into it. I've tried the Fernet library before but run into issues, so for now I just tried changing the Dockerfile as per your suggestion:
https://github.com/jokob-sk/NetAlertX/actions/runs/9391543180
Commit:
b7b1a9e
However, the size I the same as before ~127MB (a jump of around 50MB):
https://hub.docker.com/r/jokobsk/netalertx-dev/tags
96f18b4There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hi @jokob-sk
That doesn't sound correct. Just tried couple of docker images, pycryptodome adds ~8MB into /opt/venv, and cryptography adds 14MB. I guess one of them is needed not both depending which way you want to go with encryption?
I see that you've left python3-dev in runner image, that shouldn't be needed, and adds ~90MB of installed files (probably lot less since docker images are compressed).
What kind of issues you've encountered with Fernet? Though I can hardly help there.
96f18b4There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I missed that completely - this made the image again smaller to ~77MB
thanks for spotting this 🙏
I think this is fine for now - with Ferret I had to do some weird things with the encryption key to convert to a byte array -