build: streamline Dockerfile and bump deps

francesco-racciatti · francesco-racciatti · commit fba60d4d2c3d · 2025-04-01T15:59:00.000+02:00
Signed-off-by: francesco-racciatti &lt;francesco.racciatti@sysdig.com&gt;
diff --git a/Dockerfile b/Dockerfile
@@ -1,15 +1,11 @@
-FROM python:3.7-buster
+FROM python:3.9-slim
 
-RUN pip install pipenv==2018.11.26
+RUN pip install --upgrade pipenv
 
 WORKDIR /app
-
-COPY Pipfile /app
-COPY Pipfile.lock /app
+COPY . .
 RUN pipenv install --system --deploy
 
-COPY app.py /app
-
 EXPOSE 8080
 
-CMD ["gunicorn", "-b", ":8080", "--workers", "2", "--threads", "4", "--worker-class", "gthread", "--access-logfile", "-", "--error-logfile", "-", "app:app"]
+ENTRYPOINT ["./entrypoint.sh"]
diff --git a/Pipfile b/Pipfile
@@ -1,5 +1,5 @@
 [[source]]
-url = "https://pypi.python.org/simple"
+url = "https://pypi.org/simple"
 verify_ssl = true
 name = "pypi"
 
@@ -10,4 +10,4 @@ gunicorn = "*"
 [dev-packages]
 
 [requires]
-python_version = "3.7"
+python_version = "3.9"
diff --git a/Pipfile.lock b/Pipfile.lock
diff --git a/README.md b/README.md
@@ -2,18 +2,19 @@
 
 ![last commit](https://flat.badgen.net/github/last-commit/sysdiglabs/security-playground?icon=github) ![licence](https://flat.badgen.net/github/license/sysdiglabs/security-playground) ![docker pulls](https://flat.badgen.net/docker/pulls/sysdiglabs/security-playground?icon=docker)
 
-The security playground is a HTTP web server to simulate security breaches in
-run time.
+The security playground is an HTTP web server to simulate security breaches. It allows you to read, write, and execute commands in a containerized environment.
 
 ## Installation
 
-Use the docker image to deploy it in your Kubernetes cluster or locally in a
-container.
+Deploy the docker image in your environment. 
 
 ```bash
 $ docker run --rm -p 8080:8080 sysdiglabs/security-playground
 ```
 
+Setup the health check to the `/health` endpoint if required.
+
+
 ## Usage
 
 The HTTP API exposes tree endpoints to interact with the system.
@@ -40,10 +41,10 @@ This will write to /bin/hello the hello-world string
 
 ### Executing a command
 
-You can execute a command using the /exec endpoint and POSTing the command.
+You can execute a command using the `/exec` endpoint and POSTing the command.
 
 ```bash
-$ curl -X POST /exec -d 'command=ls -la'
+$ curl -X POST localhost:8080/exec -d 'command=ls -la'
 ```
 
-This will capture and return the STDOUT of the command executed.
+This will capture and return the STDOUT of the executed command.
diff --git a/entrypoint.sh b/entrypoint.sh
@@ -0,0 +1,3 @@
+#!/bin/bash
+
+gunicorn -b :8080 --workers 2 --threads 4 --worker-class gthread --access-logfile - --error-logfile - app:app

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,3 @@`
	`1`	`+#!/bin/bash`
	`2`	`+`
	`3`	`+gunicorn -b :8080 --workers 2 --threads 4 --worker-class gthread --access-logfile - --error-logfile - app:app`