Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

validate-dockerfile

Package Overview
Dependencies
Maintainers
1
Versions
24
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

validate-dockerfile - npm Package Compare versions

Comparing version 0.0.1 to 0.1.0

42

index.js
'use strict';
// FROM and CMD are handled differently
var commandsRegex = /^(MAINTAINER|RUN|EXPOSE|ENV|ADD|ENTRYPOINT|VOLUME|USER|WORKDIR|ONBUILD)/i;
var commandsRegex = /^(CMD|FROM|MAINTAINER|RUN|EXPOSE|ENV|ADD|ENTRYPOINT|VOLUME|USER|WORKDIR|ONBUILD)\s/i;
// Some regexes sourced from:
// http://stackoverflow.com/a/2821201/1216976
// http://stackoverflow.com/a/3809435/1216976
var validParams = {
from: /^[A-z0-9.\/]*(:[A-z0-9.]*)?$/,
maintainer: /.*/,
expose: /^[0-9\s]*$/,
env: /^[a-zA-Z_]+[a-zA-Z0-9_]* .*$/,
user: /^[A-z0-9]$/,
run: /.*/,
cmd: /.*/,
onbuild: /.*/,
entrypoint: /.*/,
add: /^[A-z0-9\/_.-]*|[-a-zA-Z0-9@:%._\+~#=]{2,256}\.[a-z]{2,6}\b([-a-zA-Z0-9@:%_\+.~#?&\/\/=]*) [A-z0-9\/_.-]*$/,
volume: /^(\[")?[A-z0-9\/_.-]*("\])?/,
workdir: /^[A-z0-9\/_.-]*$/
};
var validateLine = function (line) {
var command = commandsRegex.exec(line)[0].trim().toLowerCase();
var params = line.replace(commandsRegex, '');
return validParams[command].test(params);
}
var validate = function (dockerfile) {

@@ -30,16 +53,11 @@ if (typeof dockerfile !== 'string') {

for (var i = 1; i < linesArr.length; i++) {
var currentLine = linesArr[i].trim().toUpperCase();
if (!currentLine) {
// blank lines are valid
continue;
}
for (var i = 0; i < linesArr.length; i++) {
var currentLine = linesArr[i].trim();
if (currentLine.indexOf('CMD') === 0) {
if (currentLine.toUpperCase().indexOf('CMD') === 0) {
hasCmd = true;
continue;
}
if (commandsRegex.test(currentLine)) {
// Starts with a valid command
if (validateLine(currentLine)) {
// Command is valid and has valid params
continue;

@@ -46,0 +64,0 @@ }

{
"name": "validate-dockerfile",
"version": "0.0.1",
"version": "0.1.0",
"description": "Does some basic validation of a Dockerfile",

@@ -5,0 +5,0 @@ "main": "index.js",

@@ -5,9 +5,2 @@ #validate-dockerfile

##Warning!
This is not production-ready. Yet to do:
- Per-command validation
- Further testing (say, actual unit tests and such)
##Installation

@@ -26,2 +19,8 @@

##TODO
Non-mission-critical stuff that'd be nice to have:
- Stream support
Examples used in testing borrowed from https://github.com/kstaken/dockerfile-examples/tree/master/salt-minion. Thanks!

@@ -9,3 +9,2 @@ 'use strict';

find.eachfile(/./, path.join(__dirname, 'Dockerfiles'), function (file) {
console.log(file);
fs.readFile(file, 'UTF-8', function (err, data) {

@@ -19,5 +18,4 @@ if (err) {

console.log(data);
// process.exit();
}
});
});
SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc