/go-hash-app-docker

Example go app with Dockerfile

Primary LanguageDockerfile

About

This go application allows you to hash any text with SHA256 and a salt.
The application's entrypoint is a HTTP server exposed on port 80.
At runtime, the program expects a salt flag to be passed as the first argument along with the salt value.
This salt is used along with SHA256 hash function to hash any endpoint queried by the caller.

Example: the application is started with -salt test argument.
The consumer calls HTTP endpoint /testendpoint and the app returns testendpoint hashed with SHA256 function using test as a salt. BABCEF1B4E6148C7DDAE371C62F04CE4D9D013B96799300041DD4CF41FFD7F14 should be the result returned in text/plain MIME type, with 200 HTTP status code.

Important note: the salt defined at runtime is a secret! Do not expose it publicly!

Usage

The application is packaged using Docker.

Build the docker image locally:

$ docker build . --tag local/hash-with-salt-app

Run the docker image locally, in your current terminal:

$ docker run \
    --rm \
    --name hash-with-salt-app \
    -it \
    -p 80:80 \
    local/hash-with-salt-app <yoursalt>

Please note that by default, the docker container will run with a non-root user. If you require root user to run this docker container, use the following command:

$ docker run \
    --rm \
    --name hash-with-salt-app \
    -it \
    -p 80:80 \
    --user=root:root \
    local/hash-with-salt-app <yoursalt>

The commands above will run the container without privileges. If you require the container to have access to all the devices on the host and make the container nearly as similar as a process run on the host, use the following command (This is highly risky and should not be used! The command is just exposed for documentation purposes):

$ docker run \
    --rm \
    --name hash-with-salt-app \
    -it \
    -p 80:80 \
    --privileged \
    local/hash-with-salt-app <yoursalt>

If you require to harden the container security as much as possible, we recommend dropping all Linux capabilities enabled by default at runtime by Docker:

$ docker run \
    --rm \
    --name hash-with-salt-app \
    -it \
    -p 80:80 \
    --cap-drop=ALL \
    local/hash-with-salt-app <yoursalt>

Run the docker image locally, as a daemon, with security parameters:

$ docker run \
  -d \
  --name hash-with-salt-app \
  -p 80:80 \
  --cap-drop=ALL \
  local/hash-with-salt-app <yoursalt>