
Security News
Oracle Drags Its Feet in the JavaScript Trademark Dispute
Oracle seeks to dismiss fraud claims in the JavaScript trademark dispute, delaying the case and avoiding questions about its right to the name.
github.com/jimschubert/docked
A Dockerfile linting tool which aims to pull many best practices and recommendations from multiple sources:
Check out the currently supported rules.
docked analyze ./Dockerfile
Successful Outputs:
Failure Outputs:
And, it's customizable. You can ignore, re-prioritize, or add custom rules via regex. There's also JSON and HTML outputs.
Latest binary releases are available via GitHub Releases.
brew install jimschubert/tap/docked
docker pull jimschubert/docked:latest
When running the docker image, be sure to mount and reference the sources appropriately. For example:
After you've installed the binary either manually or via Homebrew, consider enabling completions for your shell.
For instructions, view help for your target shell.
docked completion zsh --help
docked completion bash --help
docked completion fish --help
docked completion powershell --help
$ docked analyze --help
Analyze a Dockerfile for issues
If not provided, FILE defaults to ./Dockerfile
Usage:
docked analyze [FILE] [flags]
Flags:
-h, --help help for analyze
-i, --ignore strings The lint ids to ignore
-k, --no-buildkit-warnings Whether to suppress Docker parser warnings
--regex-engine string The regex engine to use (regexp, regexp2) (default "regexp2")
--report-type string The type of reporting output (text, json, html) (default "text")
Global Flags:
--config string config file (default is $HOME/.docked.yaml)
--viper use Viper for configuration (default true)
Things to consider:
--report-type json
), but this is not forcedregexp2
engine is default because it supports full regular expression syntax. Compare differences in regexp2's README. Note that regexp2
patterns are not run in compatibility mode in docked, although that might change later.viper
configuration is work-in-progress. Feel free to contribute.The optional configuration file follows this example syntax:
ignore:
- D7:tagged-latest
rule_overrides:
'D5:secret-aws-access-key': low
custom_rules:
- name: custom-name
summary: Your custom summary
details: Your additional rule details
pattern: '.' # some regex pattern
priority: critical
command: add
Build a local distribution for evaluation using goreleaser (easiest).
goreleaser release --skip-publish --snapshot --rm-dist
This will create an executable application for your os/architecture under dist
:
dist
├── docked_darwin_amd64
│ └── docked
├── docked_linux_386
│ └── docked
├── docked_linux_amd64
│ └── docked
├── docked_linux_arm64
│ └── docked
├── docked_linux_arm_6
│ └── docked
└── docked_windows_amd64
└── docked.exe
Build and execute locally using go:
go get -d ./...
go build -o docked ./cmd/docked/
./docked --help
This project is licensed under Apache 2.0.
FAQs
Unknown package
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Oracle seeks to dismiss fraud claims in the JavaScript trademark dispute, delaying the case and avoiding questions about its right to the name.
Security News
The Linux Foundation is warning open source developers that compliance with global sanctions is mandatory, highlighting legal risks and restrictions on contributions.
Security News
Maven Central now validates Sigstore signatures, making it easier for developers to verify the provenance of Java packages.