Unable to build image with modsecurity

[hathagat]

Describe the bug

Hi, trying to build the image results in an error because the pcre library is missing. It seems like the module should be build with pcre2 using --with-pcre2 during the configure step.

Related issues:

• PCRE2 support still requires PCRE1 owasp-modsecurity/ModSecurity#2750
• Dockerfile is unable to create the image with modsecurity #735

Is this an issue or do I need to build the module another way?

To reproduce

Steps to reproduce the behavior:

1. Use this Dockerfile: https://github.com/nginxinc/docker-nginx/blob/master/modules/Dockerfile
2. Build according to readme: docker build --build-arg ENABLED_MODULES="modsecurity" -t my-nginx-with-modsecurity .

Spoiler: Error log

[...]
#10 121.9 checking for libpcre config script... no
#10 121.9 configure: *** pcre library not found.
#10 121.9 configure: error: pcre library is required
#10 122.0 make: *** [debian/rules:47: config.pre.nginx] Error 1
#10 122.0 dpkg-buildpackage: error: debian/rules build subprocess returned exit status 2
#10 122.0 debuild: fatal error at line 1182:
#10 122.0 dpkg-buildpackage -us -uc -ui failed
#10 122.0 real 24.37
#10 122.0 user 23.40
#10 122.0 sys 3.78
#10 122.0 make: *** [Makefile:210: module-modsecurity] Error 29
#10 122.0 + find ../../ -maxdepth 1 -mindepth 1 -type f -name *.deb -exec mv -v {} /tmp/packages/ ;
#10 122.0 + BUILT_MODULES= modsecurity
#10 122.0 + echo BUILT_MODULES=" modsecurity"
#10 DONE 122.5s

#11 [stage-1 2/7] COPY --from=builder /tmp/packages /tmp/packages
#11 CACHED

#12 [stage-1 3/7] RUN set -ex     && apt update     && . /tmp/packages/modules.env     && for module in $BUILT_MODULES; do            apt install --no-install-suggests --no-install-recommends -y /tmp/packages/nginx-module-${module}_1.25.2*.deb;        done     && rm -rf /tmp/packages     && rm -rf /var/lib/apt/lists/
#12 0.474 + apt update
#12 0.482 
#12 0.482 WARNING: apt does not have a stable CLI interface. Use with caution in scripts.
#12 0.482 
#12 0.550 Get:1 http://deb.debian.org/debian bookworm InRelease [151 kB]
#12 0.593 Get:2 http://deb.debian.org/debian bookworm-updates InRelease [52.1 kB]
#12 0.608 Get:3 http://deb.debian.org/debian-security bookworm-security InRelease [48.0 kB]
#12 0.728 Get:4 http://deb.debian.org/debian bookworm/main amd64 Packages [8906 kB]
#12 1.459 Get:5 http://deb.debian.org/debian bookworm-updates/main amd64 Packages [4732 B]
#12 1.459 Get:6 http://deb.debian.org/debian-security bookworm-security/main amd64 Packages [57.6 kB]
#12 2.675 Fetched 9220 kB in 2s (4249 kB/s)
#12 2.675 Reading package lists...
#12 3.710 Building dependency tree...
#12 3.968 Reading state information...
#12 4.033 All packages are up to date.
#12 4.043 + . /tmp/packages/modules.env
#12 4.043 + BUILT_MODULES= modsecurity
#12 4.043 + apt install --no-install-suggests --no-install-recommends -y /tmp/packages/nginx-module-modsecurity_1.25.2*.deb
#12 4.050 
#12 4.050 WARNING: apt does not have a stable CLI interface. Use with caution in scripts.
#12 4.050 
#12 4.054 Reading package lists...
#12 5.086 E: Unsupported file /tmp/packages/nginx-module-modsecurity_1.25.2*.deb given on commandline
#12 ERROR: process "/bin/sh -c set -ex     && apt update     && . /tmp/packages/modules.env     && for module in $BUILT_MODULES; do            apt install --no-install-suggests --no-install-recommends -y /tmp/packages/nginx-module-${module}_${NGINX_VERSION}*.deb;        done     && rm -rf /tmp/packages     && rm -rf /var/lib/apt/lists/" did not complete successfully: exit code: 100
------
 > [stage-1 3/7] RUN set -ex     && apt update     && . /tmp/packages/modules.env     && for module in $BUILT_MODULES; do            apt install --no-install-suggests --no-install-recommends -y /tmp/packages/nginx-module-${module}_1.25.2*.deb;        done     && rm -rf /tmp/packages     && rm -rf /var/lib/apt/lists/:
0.482 
0.550 Get:1 http://deb.debian.org/debian bookworm InRelease [151 kB]
0.593 Get:2 http://deb.debian.org/debian bookworm-updates InRelease [52.1 kB]
0.608 Get:3 http://deb.debian.org/debian-security bookworm-security InRelease [48.0 kB]
0.728 Get:4 http://deb.debian.org/debian bookworm/main amd64 Packages [8906 kB]
1.459 Get:5 http://deb.debian.org/debian bookworm-updates/main amd64 Packages [4732 B]
1.459 Get:6 http://deb.debian.org/debian-security bookworm-security/main amd64 Packages [57.6 kB]


6.086 E: Unsupported file /tmp/packages/nginx-module-modsecurity_1.25.2*.deb given on commandline
------
Dockerfile:74
--------------------
  73 |     COPY --from=builder /tmp/packages /tmp/packages
  74 | >>> RUN set -ex \
  75 | >>>     && apt update \
  76 | >>>     && . /tmp/packages/modules.env \
  77 | >>>     && for module in $BUILT_MODULES; do \
  78 | >>>            apt install --no-install-suggests --no-install-recommends -y /tmp/packages/nginx-module-${module}_${NGINX_VERSION}*.deb; \
  79 | >>>        done \
  80 | >>>     && rm -rf /tmp/packages \
  81 | >>>     && rm -rf /var/lib/apt/lists/
  82 |     
--------------------
ERROR: failed to solve: process "/bin/sh -c set -ex     && apt update     && . /tmp/packages/modules.env     && for module in $BUILT_MODULES; do            apt install --no-install-suggests --no-install-recommends -y /tmp/packages/nginx-module-${module}_${NGINX_VERSION}*.deb;        done     && rm -rf /tmp/packages     && rm -rf /var/lib/apt/lists/" did not complete successfully: exit code: 100

Expected behavior

The image is build successfully.

Your environment

• Docker version 24.0.5, build ced0996
• Debian GNU/Linux 11 (bullseye)
• 6.1.0-0.deb11.7-amd64

[hathagat]

As support for modsecurity was recently removed, this issue is no longer relevant and I don't think it will ever be fixed.
3142ac3

https://www.f5.com/de_de/company/blog/nginx/nginx-plus-r32-released
https://hg.nginx.org/pkg-oss/rev/c16f78b1a000