Add a minimal containerized environment

This patch adds a minimal Zeek environment packaged as a container.
Since this is intended both as a base layer for other images and as a
quick way to explore Zeek we install only zeek and zkg as basic
functionality.

Closes #1625.

docker/Dockerfile

@@ -0,0 +1,60 @@
+# See the file "COPYING" in the main distribution directory for copyright.
+
+# Layer to build Zeek.
+FROM debian:buster-slim AS build_zeek
+
+# Configure system for build.
+RUN apt-get -q update \
+ && apt-get install -q -y --no-install-recommends \
+     bind9 \
+     bison \
+     cmake \
+     flex \
+     g++ \
+     gcc \
+     libmaxminddb-dev \
+     libpcap-dev \
+     libssl-dev \
+     libz-dev \
+     make \
+     python3-minimal \
+     python3-dev \
+     swig \
+     ninja-build \
+     python3-pip \
+ && apt-get clean \
+ && rm -rf /var/lib/apt/lists/*
+
+# Copy over the Zeek source tree.
+# NOTE: This assumes that we build in the context of the parent directory (the
+# Git checkout root). We e.g., ensure that in the `Makefile` in this directory.
+COPY . /src/zeek
+RUN make -C /src/zeek distclean
+
+WORKDIR /src/zeek
+RUN ./configure \
+     --generator=Ninja \
+     --build-type=Release \
+ && ninja -C build install
+
+# Final layer containing all artifacts.
+FROM debian:buster-slim AS final
+
+RUN apt-get -q update \
+ && apt-get install -q -y --no-install-recommends \
+     ca-certificates \
+     git \
+     libmaxminddb0 \
+     libpython3.7 \
+     libpcap0.8 \
+     libssl1.1 \
+     libz1 \
+     python3-minimal \
+     python3-git \
+     python3-semantic-version \
+ && apt-get clean \
+ && rm -rf /var/lib/apt/lists/*
+
+# Copy over Zeek installation.
+COPY --from=build_zeek /usr/local/zeek /usr/local/zeek
+ENV PATH "/usr/local/zeek/bin:${PATH}"

docker/Makefile

@@ -0,0 +1,8 @@
+# See the file "COPYING" in the main distribution directory for copyright.
+
+VERSION := $$(cat ../VERSION)
+
+.PHONY: all
+
+all:
+	@docker build -t zeek:$(VERSION) -f Dockerfile ..

docker/README

@@ -0,0 +1,19 @@
+Container image for Zeek
+========================
+
+This directory contains a minimal container image for Zeek. This image is
+published automatically to [DockerHub](https://hub.docker.com/u/zeekurity) for
+releases and for commits on the `master` branch.
+
+- Images for release are published as
+  [`zeekurity/zeek`](https://hub.docker.com/r/zeekurity/zeek) with the `latest`
+  tag pointing to the latest release.
+- Development images for the `master` branch are published as
+  [`zeekurity/zeek-dev`](https://hub.docker.com/r/zeekurity/zeek-dev).
+
+
+To run the image execute e.g.,:
+
+    docker run -it zeekurity/zeek
+
+To build the image execute `make` from this directory.

docker/container-structure-test.yaml

@@ -0,0 +1,37 @@
+# See the file "COPYING" in the main distribution directory for copyright.
+
+# This file contains a test configuration for
+# https://github.com/GoogleContainerTools/container-structure-test.
+
+schemaVersion: 2.0.0
+
+commandTests:
+  - name: zeek can be run
+    command: zeek
+    args: ["-v"]
+    expectedOutput: ["^zeek version .*"]
+
+  - name: is release build
+    command: zeek-config
+    args: ["--build_type"]
+    expectedOutput: ["release"]
+
+  - name: btest can be run
+    command: btest
+    args: ["--version"]
+    expectedOutput: ["\\d\\.\\d"]
+
+  - name: valid zkg config
+    command: zkg
+    args: ["config"]
+    # Just validate that we some some valid entry here.
+    expectedOutput: ["state_dir = /usr/local/zeek/var/lib/zkg"]
+
+  - name: plugin can be installed
+    command: zkg
+    # We pick any plugin with minimal deps here.
+    args: ["install", "--force", "sethhall/domain-tld"]
+    expectedOutput:
+      - "Installing \"zeek/sethhall/domain-tld\""
+      - "Installed \"zeek/sethhall/domain-tld\" (.*)"
+      - "Loaded \"zeek/sethhall/domain-tld\""