dockerlint - npm Package Compare versions

Comparing version 0.1.3 to 0.1.4

lib/checks.js

@@ -11,3 +11,3 @@ // Generated by CoffeeScript 1.9.0
 
-  exports.all = ['from_first', 'no_empty_tag', 'no_empty_digest', 'json_array_format', 'json_array_even_quotes', 'add', 'multiple_entries', 'sudo', 'absolute_workdir', 'onbuild_copyadd', 'onbuild_disallowed', 'label_no_empty_value'];
+  exports.all = ['from_first', 'no_empty_tag', 'no_empty_digest', 'json_array_format', 'recommended_exec_form', 'json_array_even_quotes', 'json_array_brackets', 'add', 'multiple_entries', 'sudo', 'absolute_workdir', 'onbuild_copyadd', 'onbuild_disallowed', 'label_no_empty_value'];
 
@@ -120,2 +120,55 @@ Array.prototype.filter = function(func) {
 
+  exports.json_array_brackets = function(rules) {
+    var i, lbracket, r, rbracket, rule, _i, _j, _len, _len1, _ref;
+    _ref = ['CMD', 'ENTRYPOINT', 'RUN', 'VOLUME'];
+    for (_i = 0, _len = _ref.length; _i < _len; _i++) {
+      i = _ref[_i];
+      rule = this.getAll(i, rules);
+      for (_j = 0, _len1 = rule.length; _j < _len1; _j++) {
+        r = rule[_j];
+        if (!r["arguments"][0].match(/\[|\]/g)) {
+          continue;
+        }
+        lbracket = r["arguments"][0].match(/\[/g);
+        if ((lbracket != null) && lbracket.length > 1) {
+          utils.log('ERROR', "Multiple opening brackets found on line " + r.line);
+          return 'failed';
+        }
+        rbracket = r["arguments"][0].match(/\]/g);
+        if ((rbracket != null) && rbracket.length > 1) {
+          utils.log('ERROR', "Multiple closing brackets found on line " + r.line);
+          return 'failed';
+        }
+        if (!r["arguments"][0].match(/^\[/)) {
+          utils.log('ERROR', "No opening bracket found on line " + r.line);
+          return 'failed';
+        }
+        if (!r["arguments"][0].match(/\]$/)) {
+          utils.log('ERROR', "No closing bracket found on line " + r.line);
+          return 'failed';
+        }
+      }
+    }
+    return 'ok';
+  };
+
+  exports.recommended_exec_form = function(rules) {
+    var i, lbracket, r, rbracket, rule, _i, _j, _len, _len1, _ref;
+    _ref = ['CMD', 'ENTRYPOINT'];
+    for (_i = 0, _len = _ref.length; _i < _len; _i++) {
+      i = _ref[_i];
+      rule = this.getAll(i, rules);
+      for (_j = 0, _len1 = rule.length; _j < _len1; _j++) {
+        r = rule[_j];
+        lbracket = r["arguments"][0].match(/\[/g);
+        rbracket = r["arguments"][0].match(/\]/g);
+        if ((lbracket == null) || (rbracket == null)) {
+          utils.log('WARN', "Recommended exec/array form not used on line " + r.line);
+          return 'failed';
+        }
+      }
+    }
+    return 'ok';
+  };
+
   exports.add = function(rules) {
@@ -122,0 +175,0 @@ var add, lines, rule, _i, _len;

lib/cli.js

@@ -39,2 +39,5 @@ // Generated by CoffeeScript 1.9.0
     }
+    if (!fs.lstatSync(dockerfile).isFile()) {
+      utils.log("FATAL", dockerfile + " is not a file.");
+    }
     rules = parser.parser(dockerfile);
@@ -41,0 +44,0 @@ if (args.debug) {

package.json

 {
   "name": "dockerlint",
-  "version": "0.1.3",
+  "version": "0.1.4",
   "description": "Linting for Dockerfiles",
@@ -5,0 +5,0 @@ "main": "bin/dockerlint",

README.md

@@ -0,1 +1,2 @@
+[![NPM](https://nodei.co/npm/dockerlint.png?downloads=true&downloadRank=true&stars=true)](https://nodei.co/npm/dockerlint/)
 [![Build Status](https://travis-ci.org/RedCoolBeans/dockerlint.svg?branch=master)](https://travis-ci.org/RedCoolBeans/dockerlint)
@@ -27,2 +28,38 @@ [![Build status](https://ci.appveyor.com/api/projects/status/bwvl5wexs90wspyg?svg=true)](https://ci.appveyor.com/project/jasperla/dockerlint)
 
+## Docker image
+
+Alternatively there is a [Docker image](https://hub.docker.com/r/redcoolbeans/dockerlint) available.
+
+This image provides a quick and easy way to validate your Dockerfiles, without
+having to install Node.JS and the dockerlint dependencies on your system.
+
+First fetch the image from the [Docker Hub](https://hub.docker.com/):
+
+    docker pull redcoolbeans/dockerlint
+
+You can either run it directly, or use [docker-compose](https://www.docker.com/docker-compose).
+
+### docker run
+
+For a quick one-off validation:
+
+    docker run -it --rm -v "$PWD/Dockerfile":/Dockerfile:ro redcoolbeans/dockerlint
+
+### docker-compose
+
+For docker-compose use a `docker-compose.yml` such as the following:
+
+    ---
+      dockerlint:
+        image: redcoolbeans/dockerlint
+        volumes:
+          - ./Dockerfile:/Dockerfile
+
+Then simply run:
+
+    docker-compose up dockerlint
+
+This will validate the `Dockerfile` in your current directory.
+
+
 ### Running from a git clone
@@ -29,0 +66,0 @@

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Native code

Supply chain risk

Contains native code (e.g., compiled binaries or shared libraries). Including native code can obscure malicious behavior.

Found 1 instance in 1 package

Improved metrics

Number of package files

20

increased by5.26%

Lines of code

471

increased by13.22%

Number of lines in readme file

95

increased by63.79%

Number of medium supply chain risk alerts

0

decreased by-100%

Worsened metrics

Total package byte prevSize

31520

decreased by-9.76%

No dependency changes