packages/architect/emulator/Dockerfile
FROM alpine:latest as dependency-preparer
RUN apk add --update openssl wget unzip xz tar
ARG EMULATOR_VERSION
ARG MITM_PROXY_VERSION
ARG ENVOY_PROXY_VERSION
ARG FRIDA_SERVER_VERSION
ARG ANDROID_SDK_TOOLS_VERSION
ARG EMULATOR_SYSTEM_IMAGE_VERSION
ARG EMULATOR_SYSTEM_IMAGE_VERSION_SHORT
WORKDIR /tmp
RUN wget "https://dl.google.com/android/repository/emulator-linux_x64-${EMULATOR_VERSION}.zip" && \
wget "https://dl.google.com/android/repository/sys-img/${EMULATOR_SYSTEM_IMAGE_VERSION}.zip" && \
wget "https://dl.google.com/android/repository/platform-tools_r${ANDROID_SDK_TOOLS_VERSION}-linux.zip" && \
wget "https://downloads.mitmproxy.org/${MITM_PROXY_VERSION}/mitmproxy-${MITM_PROXY_VERSION}-linux-x86_64.tar.gz" && \
wget "https://github.com/envoyproxy/envoy/releases/download/v${ENVOY_PROXY_VERSION}/envoy-${ENVOY_PROXY_VERSION}-linux-x86_64" && \
wget "https://github.com/frida/frida/releases/download/${FRIDA_SERVER_VERSION}/frida-server-${FRIDA_SERVER_VERSION}-android-x86_64.xz" && \
tar -xzf "mitmproxy-${MITM_PROXY_VERSION}-linux-x86_64.tar.gz" && \
unzip -u -o "emulator-linux_x64-${EMULATOR_VERSION}.zip" && \
unzip -u -o "platform-tools_r${ANDROID_SDK_TOOLS_VERSION}-linux.zip" && \
unzip -u -o "${EMULATOR_SYSTEM_IMAGE_VERSION_SHORT}" -d sysimg && \
xz --decompress "frida-server-${FRIDA_SERVER_VERSION}-android-x86_64.xz" && \
rm -f "${EMULATOR_SYSTEM_IMAGE_VERSION_SHORT}" && \
rm -f "emulator-linux_x64-${EMULATOR_VERSION}.zip" && \
rm -f "mitmproxy-${MITM_PROXY_VERSION}-linux-x86_64.tar.gz" && \
rm -f "platform-tools_r${ANDROID_SDK_TOOLS_VERSION}-linux.zip" && \
rm -f "frida-server-${FRIDA_SERVER_VERSION}-android-x86_64.xz"
FROM nvidia/opengl:1.2-glvnd-runtime-ubuntu22.04
ARG MITM_PROXY_VERSION
ARG ENVOY_PROXY_VERSION
ARG FRIDA_SERVER_VERSION
ENV ANDROID_SDK_ROOT=/android/sdk
ENV ANDROID_AVD_HOME=/android/avd-home
ENV NVIDIA_DRIVER_CAPABILITIES=${NVIDIA_DRIVER_CAPABILITIES},display
RUN mkdir -p "/android/apks/" && \
mkdir -p "/android/frida/" && \
mkdir -p "/android/avd-home/" && \
mkdir -p "/android/sdk/emulator/" && \
mkdir -p "/android/sdk/platforms/" && \
mkdir -p "/android/sdk/system-images/" && \
mkdir -p "/android/sdk/platform-tools/"
COPY --from=dependency-preparer "/tmp/mitmweb" "/usr/local/bin/mitmweb"
COPY --from=dependency-preparer "/tmp/mitmdump" "/usr/local/bin/mitmdump"
COPY --from=dependency-preparer "/tmp/mitmproxy" "/usr/local/bin/mitmproxy"
COPY --from=dependency-preparer "/tmp/emulator/" "/android/sdk/emulator/"
COPY --from=dependency-preparer "/tmp/platform-tools/" "/android/sdk/platform-tools/"
COPY --from=dependency-preparer "/tmp/sysimg/" "/android/sdk/system-images/android/default/"
COPY --from=dependency-preparer "/tmp/envoy-${ENVOY_PROXY_VERSION}-linux-x86_64" "/usr/local/bin/envoy"
COPY --from=dependency-preparer "/tmp/frida-server-${FRIDA_SERVER_VERSION}-android-x86_64" "/android/frida/frida-server"
ADD avd/ /android/avd-home
COPY entrypoint.sh /android/sdk/
COPY make-snapshot.sh /android/sdk/
COPY envoy.yaml /etc/envoy/envoy.yaml
COPY default.pulse-audio /etc/pulse/default.pa
COPY nginx.conf /etc/nginx/sites-enabled/default
COPY emulator_access.json /android/sdk/emulator/lib/emulator_access.json
RUN apt-get update && \
# spell-checker: disable
apt-get install \
-y \
--force-yes \
-o Dpkg::Options::="--force-confold" \
--no-install-recommends \
socat tzdata openssl libasound2 libatk1.0-0 libc6 libcairo2 \
libcups2 libdbus-1-3 libexpat1 libfontconfig1 libgcc1 libgconf-2-4 \
libgdk-pixbuf2.0-0 libglib2.0-0 libgtk-3-0 libnspr4 libpango-1.0-0 \
libpangocairo-1.0-0 libstdc++6 libx11-6 libx11-xcb1 libxcb1 libx11-xcb1 \
libxcursor1 libxdamage1 libxext6 libxfixes3 libxi6 libxrandr2 nginx \
libxrender1 libxss1 libxtst6 libnss3 pulseaudio libpulse0 libtinfo5 \
libxkbfile-dev libx11-dev libxkbfile1 x11proto-dev && \
# spell-checker: enable
apt-get clean && \
rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* && \
gpasswd -a root audio && \
chmod +x /usr/local/bin/envoy && \
chmod +x /usr/local/bin/mitmweb && \
chmod +x /usr/local/bin/mitmdump && \
chmod +x /usr/local/bin/mitmproxy && \
chmod +x /android/sdk/entrypoint.sh && \
chmod +x /android/sdk/make-snapshot.sh && \
chmod +x /android/sdk/platform-tools/adb
EXPOSE 5554 5555 8080 8081 8554 8555 27042
CMD ["/android/sdk/entrypoint.sh"]
HEALTHCHECK --interval=1s \
--timeout=3s \
--retries=90 \
CMD bash -c "[ -f /tmp/boot-completed ]"
LABEL org.opencontainers.image.licenses="MIT" \
org.opencontainers.image.source="https://github.com/leonitousconforti/tinyburg" \
org.opencontainers.image.description="Runs TinyTower on an android emulator in a docker image. Exposes the emulator console, adb, grpc, and frida server endpoints without any protections"