one more minor change to cisagov#491, moved all container health scri…

…pts into one place to make it easier to keep track of them

Dockerfiles/api.Dockerfile

@@ -64,7 +64,7 @@ ADD --chmod=644 scripts/malcolm_utils.py "${APP_HOME}"/
 ADD --chmod=755 shared/bin/opensearch_status.sh "${APP_HOME}"/
 ADD --chmod=755 shared/bin/docker-uid-gid-setup.sh /usr/local/bin/
 ADD --chmod=755 shared/bin/service_check_passthrough.sh /usr/local/bin/
-ADD api/scripts /usr/local/bin
+ADD --chmod=755 container-health-scripts/api.sh /usr/local/bin/container_health.sh
 
 RUN    apt-get -q update \
     && apt-get -y -q --no-install-recommends upgrade \

Dockerfiles/arkime.Dockerfile

@@ -171,6 +171,7 @@ ADD --chmod=644 shared/bin/pcap_utils.py /usr/local/bin/
 ADD --chmod=644 scripts/malcolm_utils.py /usr/local/bin/
 ADD --chmod=644 shared/bin/watch_common.py /usr/local/bin/
 ADD --chmod=644 arkime/supervisord.conf /etc/supervisord.conf
+ADD --chmod=755 container-health-scripts/arkime.sh /usr/local/bin/container_health.sh
 ADD arkime/scripts /usr/local/bin/
 ADD arkime/etc $ARKIME_DIR/etc/
 ADD --chmod=644 arkime/rules/*.yml $ARKIME_DIR/rules/

Dockerfiles/dashboards-helper.Dockerfile

@@ -58,6 +58,7 @@ ADD dashboards/maps /opt/maps
 ADD dashboards/scripts /usr/local/bin
 ADD --chmod=644 dashboards/supervisord.conf /etc/supervisord.conf
 ADD dashboards/templates /opt/templates
+ADD --chmod=755 container-health-scripts/dashboards-helper.sh /usr/local/bin/container_health.sh
 ADD --chmod=755 shared/bin/docker-uid-gid-setup.sh /usr/local/bin/
 ADD --chmod=755 shared/bin/service_check_passthrough.sh /usr/local/bin/
 ADD --chmod=755 shared/bin/opensearch_status.sh /usr/local/bin/
@@ -107,7 +108,6 @@ RUN export BINARCH=$(uname -m | sed 's/x86_64/amd64/' | sed 's/aarch64/arm64/')
                                 /opt/templates && \
     chmod 755 /usr/local/bin/*.sh /usr/local/bin/*.py /data/init && \
     chmod 400 /opt/maps/* && \
-    ln -sfr /usr/local/bin/container_health_helper.sh /usr/local/bin/container_health.sh && \
     (echo "*/2 * * * * /usr/local/bin/shared-object-creation.sh\n0 10 * * * /usr/local/bin/index-refresh.py --index MALCOLM_NETWORK_INDEX_PATTERN --template malcolm_template --unassigned\n30 */2 * * * /usr/local/bin/index-refresh.py --index MALCOLM_OTHER_INDEX_PATTERN --template malcolm_beats_template --unassigned\n*/20 * * * * /usr/local/bin/opensearch_index_size_prune.py" > ${SUPERCRONIC_CRONTAB})
 
 EXPOSE $OFFLINE_REGION_MAPS_PORT

Dockerfiles/dashboards.Dockerfile

@@ -58,7 +58,7 @@ RUN export BINARCH=$(uname -m | sed 's/x86_64/amd64/' | sed 's/aarch64/arm64/')
 COPY --from=ghcr.io/mmguero-dev/gostatic --chmod=755 /goStatic /usr/bin/goStatic
 ADD --chmod=755 shared/bin/docker-uid-gid-setup.sh /usr/local/bin/
 ADD --chmod=755 shared/bin/service_check_passthrough.sh /usr/local/bin/
-ADD --chmod=755 dashboards/scripts/container_health_dashboards.sh /usr/local/bin/container_health.sh
+ADD --chmod=755 container-health-scripts/dashboards.sh /usr/local/bin/container_health.sh
 ADD --chmod=755 dashboards/scripts/docker_entrypoint.sh /usr/local/bin/
 ADD --chmod=644 dashboards/opensearch_dashboards.yml /usr/share/opensearch-dashboards/config/opensearch_dashboards.orig.yml
 ADD --chmod=755 dashboards/scripts/docker_entrypoint.sh /usr/local/bin/

Dockerfiles/file-monitor.Dockerfile

@@ -106,12 +106,12 @@ ENV SUPERCRONIC_CRONTAB "/etc/crontab"
 
 ADD --chmod=755 shared/bin/yara_rules_setup.sh /usr/local/bin/
 ADD --chmod=755 shared/bin/capa-build.sh /usr/local/bin/
-ADD file-monitor/scripts /usr/local/bin
 ADD nginx/landingpage/css "${EXTRACTED_FILE_HTTP_SERVER_ASSETS_DIR}/css"
 ADD nginx/landingpage/js "${EXTRACTED_FILE_HTTP_SERVER_ASSETS_DIR}/js"
 ADD --chmod=644 docs/images/logo/Malcolm_background.png "${EXTRACTED_FILE_HTTP_SERVER_ASSETS_DIR}/assets/img/bg-masthead.png"
 ADD --chmod=644 docs/images/icon/favicon.ico "${EXTRACTED_FILE_HTTP_SERVER_ASSETS_DIR}/favicon.ico"
 ADD --chmod=755 shared/bin/web-ui-asset-download.sh /usr/local/bin/
+ADD --chmod=755 container-health-scripts/file-monitor.sh /usr/local/bin/container_health.sh
 
 RUN export BINARCH=$(uname -m | sed 's/x86_64/amd64/' | sed 's/aarch64/arm64/') && \
     sed -i "s/main$/main contrib non-free/g" /etc/apt/sources.list.d/debian.sources && \

Dockerfiles/file-upload.Dockerfile

@@ -99,7 +99,7 @@ COPY --from=ghcr.io/mmguero-dev/gostatic --chmod=755 /goStatic /usr/bin/goStatic
 ADD --chmod=755 shared/bin/docker-uid-gid-setup.sh /usr/local/bin/
 ADD --chmod=755 shared/bin/service_check_passthrough.sh /usr/local/bin/
 ADD --chmod=755 file-upload/docker-entrypoint.sh /docker-entrypoint.sh
-ADD file-upload/scripts /usr/local/bin
+ADD --chmod=755 container-health-scripts/upload.sh /usr/local/bin/container_health.sh
 ADD --chmod=644 docs/images/logo/Malcolm_banner.png /var/www/upload/Malcolm_banner.png
 ADD --chmod=644 file-upload/nginx/sites-available/default /etc/nginx/sites-available/default
 ADD --chmod=644 file-upload/php/php.ini /etc/php/$PHP_VERSION/fpm/php.ini

Dockerfiles/freq.Dockerfile

@@ -60,7 +60,7 @@ RUN apt-get -q update && \
 COPY --from=ghcr.io/mmguero-dev/gostatic --chmod=755 /goStatic /usr/bin/goStatic
 ADD --chmod=755 shared/bin/docker-uid-gid-setup.sh /usr/local/bin/
 ADD --chmod=755 shared/bin/service_check_passthrough.sh /usr/local/bin/
-ADD freq-server/scripts /usr/local/bin
+ADD --chmod=755 container-health-scripts/freq.sh /usr/local/bin/container_health.sh
 ADD --chmod=644 freq-server/supervisord.conf /etc/supervisord.conf
 
 WORKDIR /opt/freq_server

Dockerfiles/htadmin.Dockerfile

@@ -84,13 +84,13 @@ RUN apt-get -q update && \
 COPY --from=ghcr.io/mmguero-dev/gostatic --chmod=755 /goStatic /usr/bin/goStatic
 ADD --chmod=755 shared/bin/docker-uid-gid-setup.sh /usr/local/bin/
 ADD --chmod=755 shared/bin/service_check_passthrough.sh /usr/local/bin/
+ADD --chmod=755 container-health-scripts/htadmin.sh /usr/local/bin/container_health.sh
 ADD --chmod=644 docs/images/favicon/favicon.ico /var/www/htadmin/
 ADD --chmod=644 htadmin/supervisord.conf /supervisord.conf
 ADD --chmod=755 htadmin/htadmin.sh /usr/local/bin/
 ADD htadmin/src /var/www/htadmin/
 ADD --chmod=644 htadmin/php/php.ini /etc/php/$PHP_VERSION/fpm/php.ini
 ADD --chmod=644 htadmin/nginx/sites-available/default /etc/nginx/sites-available/default
-ADD htadmin/scripts /usr/local/bin/
 
 EXPOSE 80
 

Dockerfiles/logstash.Dockerfile

@@ -82,6 +82,7 @@ RUN set -x && \
 COPY --from=ghcr.io/mmguero-dev/gostatic --chmod=755 /goStatic /usr/bin/goStatic
 ADD --chmod=755 shared/bin/docker-uid-gid-setup.sh /usr/local/bin/
 ADD --chmod=755 shared/bin/service_check_passthrough.sh /usr/local/bin/
+ADD --chmod=755 container-health-scripts/logstash.sh /usr/local/bin/container_health.sh
 ADD --chmod=755 shared/bin/opensearch_status.sh /usr/local/bin/
 ADD --chmod=755 shared/bin/jdk-cacerts-auto-import.sh /usr/local/bin/
 ADD --chmod=755 shared/bin/keystore-bootstrap.sh /usr/local/bin/

Dockerfiles/netbox.Dockerfile

@@ -134,11 +134,11 @@ RUN export BINARCH=$(uname -m | sed 's/x86_64/amd64/' | sed 's/aarch64/arm64/')
 COPY --from=ghcr.io/mmguero-dev/gostatic --chmod=755 /goStatic /usr/bin/goStatic
 ADD --chmod=755 shared/bin/docker-uid-gid-setup.sh /usr/local/bin/
 ADD --chmod=755 shared/bin/service_check_passthrough.sh /usr/local/bin/
+ADD --chmod=755 container-health-scripts/netbox.sh /usr/local/bin/container_health.sh
 ADD --chmod=755 netbox/scripts/* /usr/local/bin/
 ADD --chmod=644 scripts/malcolm_utils.py /usr/local/bin/
 ADD --chmod=644 netbox/supervisord.conf /etc/supervisord.conf
 ADD --chmod=644 netbox/preload/*.yml $NETBOX_PRELOAD_PATH/
-ADD --chmod=755 netbox/health-scripts/container_health_netbox.sh /usr/local/bin/container_health.sh
 
 EXPOSE 9001
 

Dockerfiles/nginx.Dockerfile

@@ -241,6 +241,7 @@ COPY --from=docbuild /site/_site /usr/share/nginx/html/readme
 
 ADD nginx/landingpage /usr/share/nginx/html
 ADD --chmod=755 shared/bin/docker-uid-gid-setup.sh /usr/local/bin/
+ADD --chmod=755 container-health-scripts/nginx.sh /usr/local/bin/container_health.sh
 ADD nginx/scripts /usr/local/bin/
 ADD --chmod=644 nginx/*.conf /etc/nginx/
 ADD nginx/templates /etc/nginx/templates/

Dockerfiles/opensearch.Dockerfile

@@ -70,7 +70,7 @@ ADD --chmod=755 shared/bin/docker-uid-gid-setup.sh /usr/local/bin/
 ADD --chmod=755 shared/bin/jdk-cacerts-auto-import.sh /usr/local/bin/
 ADD --chmod=755 shared/bin/keystore-bootstrap.sh /usr/local/bin/
 ADD --chmod=755 shared/bin/service_check_passthrough.sh /usr/local/bin/
-ADD opensearch-scripts /usr/local/bin
+ADD --chmod=755 container-health-scripts/opensearch.sh /usr/local/bin/container_health.sh
 
 ENV bootstrap.memory_lock "true"
 ENV cluster.routing.allocation.disk.threshold_enabled "false"

Dockerfiles/pcap-capture.Dockerfile

@@ -57,6 +57,7 @@ ENV PCAP_SNAPLEN $PCAP_SNAPLEN
 COPY --from=ghcr.io/mmguero-dev/gostatic --chmod=755 /goStatic /usr/bin/goStatic
 ADD --chmod=755 shared/bin/docker-uid-gid-setup.sh /usr/local/bin/
 ADD --chmod=755 shared/bin/service_check_passthrough.sh /usr/local/bin/
+ADD --chmod=755 container-health-scripts/pcap-capture.sh /usr/local/bin/container_health.sh
 ADD --chmod=755 shared/bin/nic-capture-setup.sh /usr/local/bin/
 ADD --chmod=644 pcap-capture/supervisord.conf /etc/supervisord.conf
 ADD --chmod=755 pcap-capture/scripts/*.sh /usr/local/bin/

Dockerfiles/pcap-monitor.Dockerfile

@@ -79,6 +79,7 @@ ADD --chmod=644 shared/bin/watch_common.py /usr/local/bin/
 ADD --chmod=755 shared/bin/docker-uid-gid-setup.sh /usr/local/bin/
 ADD --chmod=755 shared/bin/pcap_watcher.py /usr/local/bin/
 ADD --chmod=755 shared/bin/service_check_passthrough.sh /usr/local/bin/
+ADD --chmod=755 container-health-scripts/pcap-monitor.sh /usr/local/bin/container_health.sh
 COPY --from=ghcr.io/mmguero-dev/gostatic --chmod=755 /goStatic /usr/bin/goStatic
 ADD pcap-monitor/scripts /usr/local/bin
 

Dockerfiles/postgresql.Dockerfile

@@ -25,7 +25,7 @@ ENV TERM xterm
 COPY --from=ghcr.io/mmguero-dev/gostatic --chmod=755 /goStatic /usr/bin/goStatic
 ADD --chmod=755 shared/bin/docker-uid-gid-setup.sh /usr/local/bin/
 ADD --chmod=755 shared/bin/service_check_passthrough.sh /usr/local/bin/
-ADD --chmod=755 netbox/health-scripts/container_health_postgres.sh /usr/local/bin/container_health.sh
+ADD --chmod=755 container-health-scripts/postgres.sh /usr/local/bin/container_health.sh
 
 RUN apk update --no-cache && \
     apk upgrade --no-cache && \

Dockerfiles/redis.Dockerfile

@@ -24,7 +24,7 @@ ENV TERM xterm
 COPY --from=ghcr.io/mmguero-dev/gostatic --chmod=755 /goStatic /usr/bin/goStatic
 ADD --chmod=755 shared/bin/docker-uid-gid-setup.sh /usr/local/bin/
 ADD --chmod=755 shared/bin/service_check_passthrough.sh /usr/local/bin/
-ADD --chmod=755 redis-scripts/container_health.sh /usr/local/bin/container_health.sh
+ADD --chmod=755 container-health-scripts/redis.sh /usr/local/bin/container_health.sh
 
 RUN apk update --no-cache && \
     apk upgrade --no-cache && \

Dockerfiles/suricata.Dockerfile

@@ -138,6 +138,7 @@ ADD --chmod=644 suricata/supervisord.conf /etc/supervisord.conf
 ADD --chmod=755 shared/bin/docker-uid-gid-setup.sh /usr/local/bin/
 ADD --chmod=755 shared/bin/pcap_processor.py /usr/local/bin/
 ADD --chmod=755 shared/bin/service_check_passthrough.sh /usr/local/bin/
+ADD --chmod=755 container-health-scripts/suricata.sh /usr/local/bin/container_health.sh
 ADD --chmod=755 shared/bin/suricata_config_populate.py /usr/local/bin/
 ADD --chmod=755 suricata/rules-default/ "$SURICATA_DEFAULT_RULES_DIR"/
 ADD suricata/scripts /usr/local/bin/

Dockerfiles/zeek.Dockerfile

@@ -154,6 +154,7 @@ RUN export BINARCH=$(uname -m | sed 's/x86_64/amd64/' | sed 's/aarch64/arm64/')
 COPY --from=ghcr.io/mmguero-dev/gostatic --chmod=755 /goStatic /usr/bin/goStatic
 ADD --chmod=755 shared/bin/docker-uid-gid-setup.sh /usr/local/bin/
 ADD --chmod=755 shared/bin/service_check_passthrough.sh /usr/local/bin/
+ADD --chmod=755 container-health-scripts/zeek.sh /usr/local/bin/container_health.sh
 ADD --chmod=755 shared/bin/zeek_intel_setup.sh ${ZEEK_DIR}/bin/
 ADD --chmod=755 shared/bin/zeekdeploy.sh ${ZEEK_DIR}/bin/
 ADD zeek/scripts /usr/local/bin

docs/development.md

@@ -9,6 +9,7 @@ Checking out the [Malcolm source code]({{ site.github.repository_url }}/tree/{{
 * `api` - code and configuration for the `api` container, which provides a REST API to query Malcolm
 * `arkime` - code and configuration for the `arkime` container that processes PCAP files using `capture`, which serves the Viewer application
 * `config` - a directory containing the environment variable files that define Malcolm's configuration
+* `container-health-scripts` - scripts included in Malcolm's images for [Docker health checks](https://docs.docker.com/reference/dockerfile/#healthcheck) and [Kubernetes liveness checks](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#define-a-liveness-command)
 * `dashboards` - code and configuration for the `dashboards` container for creating additional ad-hoc visualizations and dashboards beyond that which is provided by Arkime Viewer
 * `Dockerfiles` - a directory containing build instructions for Malcolm's images
 * `docs` - a directory containing instructions and documentation
@@ -28,13 +29,16 @@ Checking out the [Malcolm source code]({{ site.github.repository_url }}/tree/{{
 * `pcap` - an initially empty directory for PCAP files to be uploaded, processed, and stored
 * `pcap-capture` - code and configuration for the `pcap-capture` container that can capture network traffic
 * `pcap-monitor` - code and configuration for the `pcap-monitor` container that watches for new or uploaded PCAP files and notifies the other services to process them
+* `redis` - an initially empty directory where the Redis database runtime files will reside
 * `scripts` - control scripts for starting, stopping, restarting, etc., Malcolm
 * `shared` - miscellaneous code used by various Malcolm components 
 * `suricata` - code and configuration for the `suricata` container that handles PCAP processing using Suricata
 * `suricata-logs` - an initially empty directory for Suricata logs to be uploaded, processed, and stored
+* `yara` - a directory for custom user-provided YARA rules
 * `zeek` - code and configuration for the `Zeek` container that handles PCAP processing using Zeek
 * `zeek-logs` - an initially empty directory for Zeek logs to be uploaded, processed, and stored
 * `_includes` and `_layouts` - templates for the HTML version of the documentation
+* `.github` - GitHub workflow actions used to build [Malcolm using GitHub runners](contributing-github-runners.md#GitHubRunners)
 
 and the following files of special note: