Purpose:
This is a simple way to containerize a python script which avoids the need to manage virtual environments and different versions of python on your local machine. This report can provide high level KPIs for a customer using Prisma Cloud Enterprise Edition. Note the python script used was created by Tom Kishel at Palo Alto Networks. See his github here! https://github.com/tkishel/pcs-inspect
Assumptions:
-
you have docker installed (How to install docker on Ubuntu 20.04)
-
you have git installed (
sudo apt-get install git) -
you're working with a debian distribution of Linux
-
you will add the .env file to your .gitignore file
-
you understand how to harden this process if using for a production environment, some ideas:
- delete the .env file after building the docker container or
chmod 700 .envand add file to .gitignore etc. - ensure user password is set correctly
- use vault to retrieve inject the access and secret key
- ensure you're not mounting this to the root file system of the host
- never check into a public image repo
- delete the .env file after building the docker container or
step 1: git clone https://github.com/Kyle9021/pcee_python_dockerfile_pcs_inspect
step 2: cd pcee_python_dockerfile_pcs_inspect/
step 3: nano .env and assign variables according to your environment
step 4: docker build -t pcee_python_inspect_report:1 .
step 5: docker run --rm -it --name pcee_python_inspect_report -v $PWD:/home/user pcee_python_inspect_report:1
step 6: after it runs it will create a report in the directory. Open the report with excel or other csv/table editor.
step 7: move the report files to a different directory or delete them. To create the report again repeat steps 2, & 5-7.