Merge pull request #24 from PhonePe/release_and_packaging

Added poetry and bump2version for release and packaging

.bumpversion.cfg

@@ -0,0 +1,12 @@
+[bumpversion]
+current_version = 0.1.0
+commit = True
+tag = True
+
+[bumpversion:file:pyproject.toml]
+search = version = "{current_version}"
+replace = version = "{new_version}"
+
+[bumpversion:file:mantis/__init__.py]
+search = __version__ = "{current_version}"
+replace = __version__ = "{new_version}"

.github/workflows/mantis-cli-release.yml

@@ -10,33 +10,54 @@ env:
 
 jobs:
   build-and-push-image:
-    if: github.event_name == 'workflow_dispatch'
+    if: github.event_name == 'push' && github.ref == 'refs/heads/main'
     runs-on: ubuntu-latest
     permissions:
-      contents: read
+      contents: write
       packages: write
-
+      actions: write
+
     steps:
       - name: Checkout repository
         uses: actions/checkout@v4
 
+      - name: Set up Python
+        uses: actions/setup-python@v4
+        with:
+          python-version: '3.9'
+
+      - name: Install dependencies
+        run: poetry install
+
+      - name: Bump version
+        id: bump_version
+        run: poetry run bump2version patch
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Push version bump commit and tag
+        run: |
+          git push origin main --tags
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
       - name: Log in to the Container registry
-        uses: docker/login-action@65b78e6e13532edd9afa3aa52ac7964289d1a9c1
+        uses: docker/login-action@v2
         with:
           registry: ${{ env.REGISTRY }}
           username: ${{ github.repository_owner }}
           password: ${{ secrets.GITHUB_TOKEN }}
 
       - name: Extract metadata (tags, labels) for Docker
         id: meta
-        uses: docker/metadata-action@9ec57ed1fcdbf14dcef7dfbe97b2010124a938b7
+        uses: docker/metadata-action@v4
         with:
-          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest
-  
+          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
+
       - name: Build and push Docker image
-        uses: docker/build-push-action@f2a1d5e99d037542a71f64918e516c093c6f3fc4
+        uses: docker/build-push-action@v4
         with:
           context: .
           push: true
-          tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest
+          tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.bump_version.outputs.new_version }}
           labels: ${{ steps.meta.outputs.labels }}

Dockerfile

@@ -1,4 +1,5 @@
 FROM --platform=linux/amd64 python:3.9-slim
+
 # Install wget
 RUN apt-get update && apt-get install -y wget unzip tar gcc libpcap-dev dnsutils git dnstwist
 
@@ -34,6 +35,7 @@ RUN wget https://github.com/projectdiscovery/httpx/releases/download/v1.3.7/http
 RUN unzip httpx_1.3.7_linux_amd64.zip
 RUN mv httpx /usr/bin
 RUN rm -rf *
+
 # Install Findcdn
 RUN echo "Installing Findcdn"
 RUN pip install git+https://github.com/cisagov/findcdn.git
@@ -67,10 +69,6 @@ RUN tar -xvf gitleaks_8.18.1_linux_x64.tar.gz
 RUN mv gitleaks /usr/bin
 RUN rm -rf *
 
-# Copy requirements.txt for mantis
-COPY ./requirements.txt /home/mantis/requirements.txt
-RUN pip install -r requirements.txt
-
 # Install wafw00f
 RUN pip install wafw00f
 
@@ -89,6 +87,25 @@ RUN mv Corsy-1.0-rc Corsy
 RUN mv Corsy /usr/bin
 RUN rm -rf *
 
+# Install Poetry
+RUN pip install poetry==1.4.2
+
+# Add Poetry to PATH
+ENV PATH="/root/.local/bin:$PATH"
+
+# Setup Poetry ENV variables
+ENV POETRY_NO_INTERACTION=1 \
+    POETRY_VIRTUALENVS_IN_PROJECT=0 \
+    POETRY_VIRTUALENVS_CREATE=0 \
+    POETRY_CACHE_DIR=/tmp/poetry_cache
+
+# Copy pyproject.toml and poetry.lock
+COPY pyproject.toml poetry.lock* /home/mantis/
+
+# Install dependencies using Poetry
+RUN poetry install --without dev --no-root && rm -rf $POETRY_CACHE_DIR
+
+# Creating Mantis alias
 RUN echo 'export PS1="🦗 Mantis > " && \
 alias mantis="python /home/mantis/launch.py" && \
 alias help="python /home/mantis/launch.py --help"' | tee -a ~/.bashrc
@@ -101,12 +118,11 @@ COPY ./configs /home/mantis/configs
 COPY ./launch.py /home/mantis/launch.py
 COPY ./scheduler.py /home/mantis/scheduler.py
 COPY ./*.txt /home/mantis/
+
+# Create Directories
 RUN mkdir /home/mantis/logs
 RUN mkdir /home/mantis/logs/scan_efficiency
 RUN mkdir /home/mantis/logs/tool_logs
 
-
 # Required for displaying stdout sequentially
 ENV PYTHONUNBUFFERED=1
-
-#ENTRYPOINT ["python3","launch.py"]% 

pyproject.toml

@@ -0,0 +1,43 @@
+[tool.poetry]
+name = "mantis"
+version = "0.1.0"
+description = "Mantis is a security framework that automates the workflow of discovery, reconnaissance, and vulnerability scanning."
+authors = ["Prateek Thakare <[email protected]>",
+           "Praveen Kanniah <[email protected]>"]
+maintainers = ["Prateek Thakare <[email protected]>",
+               "Praveen Kanniah <[email protected]>"]
+license = "apache2"
+repository = "https://github.com/PhonePe/mantis"
+keywords = ["asset discovery", "recon", "recon automation", "osint", "threat intelligence", "recon framework"]
+classifiers = [
+    "Development Status :: 5 - Production/Stable",
+    "Intended Audience :: Internal Security Teams",
+    "Intended Audience :: Bug Bounty Hunters",
+    "Topic :: Application Security :: Recon Framework"
+]
+readme = "README.md"
+
+[tool.poetry.dependencies]
+python = "^3.9"
+decorator = "5.1.1"
+motor = "3.0.0"
+netaddr = "0.8.0"
+pydantic = "1.10.2"
+pymongo = "4.2.0"
+PyYAML = "6.0"
+typing_extensions = "4.4.0"
+validators = "0.20.0"
+tldextract = "3.4.0"
+pytz = "2022.6"
+ray = {version = "2.8.0", extras = ["default"]}
+retry = "0.9.2"
+slack-sdk = "3.21.3"
+rocketry = "2.5.1"
+boto3 = "1.28.20"
+tqdm = "4.66.1"
+cloudflare = "*"
+bump2version = "^1.0.1"
+
+[build-system]
+requires = ["poetry-core"]
+build-backend = "poetry.core.masonry.api"