diff --git a/.automation/build.py b/.automation/build.py index 8e08a5d5639..076b15a8aa9 100644 --- a/.automation/build.py +++ b/.automation/build.py @@ -69,7 +69,6 @@ else: VERSION_URL_SEGMENT = VERSION - MKDOCS_URL_ROOT = ML_DOC_URL_BASE + VERSION_URL_SEGMENT BRANCH = "main" @@ -266,8 +265,7 @@ def generate_flavor(flavor, flavor_info): file.write(action_yml) logging.info(f"Updated {flavor_action_yml}") extra_lines = [ - "COPY entrypoint.sh /entrypoint.sh", - "RUN chmod +x entrypoint.sh", + "COPY --chmod=755 entrypoint.sh /entrypoint.sh", 'ENTRYPOINT ["/bin/bash", "/entrypoint.sh"]', ] build_dockerfile( @@ -295,14 +293,22 @@ def build_dockerfile( docker_arg = [] docker_copy = [] docker_other = [] + docker_build_platform_other = [] all_dockerfile_items = [] + all_build_platform_dockerfile_items = [] apk_packages = DEFAULT_DOCKERFILE_APK_PACKAGES.copy() + apk_build_platform_packages = [] + apk_npm_packages = [] npm_packages = [] pip_packages = [] pipvenv_packages = {} gem_packages = [] cargo_packages = [] if "cargo" not in extra_packages else extra_packages["cargo"] is_docker_other_run = False + is_docker_build_platform_other_run = False + has_npm_copy = False + venv_builddeps_command = [] + venv_apk_builddeps = ["gcc", "libffi-dev", "musl-dev", "make", "curl", "openssl-dev"] # Manage docker if requires_docker is True: apk_packages += ["docker", "openrc"] @@ -314,9 +320,72 @@ def build_dockerfile( if "install" not in item: item["install"] = {} # Collect Dockerfile items + if "build_platform_dockerfile" in item["install"]: + item_label = item.get("linter_name", item.get("descriptor_id", "")) + install_comment = f"# {item_label} installation" + docker_build_platform_other += [install_comment] + for dockerfile_item in item["install"]["build_platform_dockerfile"]: + # FROM + if ( + dockerfile_item in all_build_platform_dockerfile_items + or dockerfile_item.replace( + "RUN ", "RUN --mount=type=secret,id=GITHUB_TOKEN " + ) + in all_build_platform_dockerfile_items + ): + dockerfile_item = ( + "# Next line commented because already managed by another linter\n" + "# " + "\n# ".join(dockerfile_item.splitlines()) + ) + docker_build_platform_other += [dockerfile_item] + # RUN (standalone with GITHUB_TOKEN) + elif ( + dockerfile_item.startswith("RUN") + and "GITHUB_TOKEN" in dockerfile_item + ): + dockerfile_item_cmd = dockerfile_item.replace( + "RUN ", "RUN --mount=type=secret,id=GITHUB_TOKEN " + ) + docker_build_platform_other += [dockerfile_item_cmd] + is_docker_build_platform_other_run = False + # RUN (start) + elif dockerfile_item.startswith("RUN") and is_docker_build_platform_other_run is False: + docker_build_platform_other += [dockerfile_item] + is_docker_build_platform_other_run = True + # RUN (append) + elif dockerfile_item.startswith("RUN") and is_docker_build_platform_other_run is True: + dockerfile_item_cmd = dockerfile_item.replace("RUN", " &&") + # Add \ in previous instruction line + for index, prev_instruction_line in reversed( + list(enumerate(docker_build_platform_other)) + ): + if ( + prev_instruction_line.strip() != "" + and not prev_instruction_line.startswith("#") + ): + # Remove last char if \n + prev_instruction_line = ( + prev_instruction_line + if not prev_instruction_line.endswith("\n") + else prev_instruction_line[:-1] + ) + docker_build_platform_other[index] = prev_instruction_line + " \\" + break + docker_build_platform_other += [dockerfile_item_cmd] + # Other + else: + is_docker_build_platform_other_run = False + docker_build_platform_other += [dockerfile_item] + all_dockerfile_items += [dockerfile_item] + # Removing comment if no install was needed + if docker_build_platform_other[-1] == install_comment: + docker_build_platform_other.pop() + else: + docker_build_platform_other += ["#"] if "dockerfile" in item["install"]: item_label = item.get("linter_name", item.get("descriptor_id", "")) - docker_other += [f"# {item_label} installation"] + install_comment = f"# {item_label} installation" + docker_other += [install_comment] for dockerfile_item in item["install"]["dockerfile"]: # FROM if dockerfile_item.startswith("FROM"): @@ -337,10 +406,6 @@ def build_dockerfile( "# " + "\n# ".join(dockerfile_item.splitlines()) ) docker_copy += [dockerfile_item] - docker_other += [ - "# Managed with " - + "\n# ".join(dockerfile_item.splitlines()) - ] # Already used item elif ( dockerfile_item in all_dockerfile_items @@ -393,16 +458,35 @@ def build_dockerfile( is_docker_other_run = False docker_other += [dockerfile_item] all_dockerfile_items += [dockerfile_item] - docker_other += [""] - # Collect python packages + # Removing comment if no install was needed + if docker_other[-1] == install_comment: + docker_other.pop() + else: + docker_other += ["#"] + # Collect apk packages if "apk" in item["install"]: apk_packages += item["install"]["apk"] + if "pip_apk" in item["install"]: + venv_apk_builddeps += item["install"]["pip_apk"] + if "pip_builddep" in item["install"]: + venv_builddeps_command += item["install"]["pip_builddep"] + if "build_platform_apk" in item["install"]: + apk_build_platform_packages += item["install"]["build_platform_apk"] + if "npm_apk" in item["install"]: + apk_npm_packages += item["install"]["npm_apk"] # Collect npm packages if "npm" in item["install"]: npm_packages += item["install"]["npm"] + if not has_npm_copy: + has_npm_copy = True + apk_npm_packages += ["npm"] + docker_copy += ["COPY --link --from=node_modules /node-deps /node-deps"] # Collect python for venvs if "linter_name" in item and "pip" in item["install"]: - pipvenv_packages[item["linter_name"]] = item["install"]["pip"] + pipvenv_packages[item["linter_name"]] = { + "pip": item["install"]["pip"], + "env": item["install"]["pip_builddep_env"] if "pip_builddep_env" in item["install"] else "" + } # Collect python packages elif "pip" in item["install"]: pip_packages += item["install"]["pip"] @@ -419,31 +503,6 @@ def build_dockerfile( if len(gem_packages) > 0: apk_packages += ["ruby", "ruby-dev", "ruby-bundler", "ruby-rdoc"] # Replace between tags in Dockerfile - # Commands - replace_in_file( - dockerfile, - "#FROM__START", - "#FROM__END", - "\n".join(list(dict.fromkeys(docker_from))), - ) - replace_in_file( - dockerfile, - "#ARG__START", - "#ARG__END", - "\n".join(list(dict.fromkeys(docker_arg))), - ) - replace_in_file( - dockerfile, - "#COPY__START", - "#COPY__END", - "\n".join(docker_copy), - ) - replace_in_file( - dockerfile, - "#OTHER__START", - "#OTHER__END", - "\n".join(docker_other), - ) # apk packages apk_install_command = "" if len(apk_packages) > 0: @@ -452,9 +511,70 @@ def build_dockerfile( + " \\\n ".join(list(dict.fromkeys(apk_packages))) + " \\\n && git config --global core.autocrlf true" ) + apk_build_platform_install_command = "" + if len(apk_build_platform_packages) > 0: + apk_build_platform_install_command = ( + "RUN apk add --update --no-cache \\\n " + + " \\\n ".join(list(dict.fromkeys(apk_build_platform_packages))) + ) + apk_npm_install_command = "" + if len(apk_npm_packages) > 0: + apk_npm_install_command = ( + "RUN apk add --update --no-cache \\\n " + + " \\\n ".join(list(dict.fromkeys(apk_npm_packages))) + ) + if len(venv_apk_builddeps) > 0: + venv_builddeps_command = [( + "RUN apk add --update --no-cache \\\n " + + " \\\n ".join(list(dict.fromkeys(venv_apk_builddeps))) + )] + venv_builddeps_command replace_in_file(dockerfile, "#APK__START", "#APK__END", apk_install_command) + replace_in_file(dockerfile, "#BUILD_PLATFORM_APK__START", "#BUILD_PLATFORM_APK__END", apk_build_platform_install_command) + replace_in_file(dockerfile, "#NPM_APK__START", "#NPM_APK__END", apk_npm_install_command) # cargo packages cargo_install_command = "" + # Pre-building packages + prebuild_list = set(cargo_packages) & {"shellcheck-sarif", "sarif-fmt"} + cargo_packages = set(cargo_packages) - prebuild_list + if len(cargo_packages) > 0: + docker_from += [ + "FROM --platform=$BUILDPLATFORM alpine:3 AS cargo-build\n" + + "WORKDIR /cargo\n" + + "ENV HOME=/cargo\n" + + "USER 0\n" + + "RUN --mount=type=cache,target=/var/cache/apk,id=apk-${BUILDARCH},sharing=locked \\\n" + + " apk add --update \\\n" + + " gcc \\\n" + + " rustup \\\n" + + " bash \\\n" + + " git \\\n" + + " musl-dev \\\n" + + " llvm \\\n" + + " clang \\\n" + + " curl \n" + + 'RUN curl --location "https://github.com/cargo-bins/cargo-binstall/releases/latest/download/cargo-binstall-$([[ "${TARGETARCH}" == "amd64" ]] && echo "x86_64" || echo "aarch64")-unknown-linux-musl.tgz" | tar -xzv \\\n' + + " && mkdir -p /cargo/.cargo/bin \\\n" + + " && mv cargo-binstall /cargo/.cargo/bin \\\n" + + " && chown -R 63425:63425 /cargo \n" + + "USER 63425\n" + + "ENV CC_aarch64_unknown_linux_musl=clang \\\n" + + " AR_aarch64_unknown_linux_musl=llvm-ar \\\n" + + ' CARGO_TARGET_AARCH64_UNKNOWN_LINUX_MUSL_RUSTFLAGS="-Clink-self-contained=yes -Clinker=rust-lld" \\\n' + + " CC_x86_64_unknown_linux_musl=clang \\\n" + + " AR_x86_64_unknown_linux_musl=llvm-ar \\\n" + + ' CARGO_TARGET_X86_64_UNKNOWN_LINUX_MUSL_RUSTFLAGS="-Clink-self-contained=yes -Clinker=rust-lld"\n' + + "ARG TARGETARCH\n" + + 'RUN rustup-init -y --target $([[ "${TARGETARCH}" == "amd64" ]] && echo "x86_64-unknown-linux-musl" || echo "aarch64-unknown-linux-musl")\n' + + "\n" + + "RUN --mount=type=cache,id=cargo-${TARGETARCH},sharing=locked,target=/cargo/.cargo/registry/,uid=63425 \\\n" + + " . /cargo/.cargo/env \\\n" + + f' && cargo binstall --no-confirm --no-symlinks {" ".join(prebuild_list)} --root /tmp --target $([[ "${{TARGETARCH}}" == "amd64" ]] && echo "x86_64-unknown-linux-musl" || echo "aarch64-unknown-linux-musl") \n' + + "\n" + + "FROM scratch AS cargo\n" + + "COPY --link --from=cargo-build /tmp/bin/* /bin/\n" + + f'RUN ["/bin/' + '", "--help"]\nRUN ["/bin/'.join(prebuild_list) + '", "--help"]\n' + ] + docker_copy += [f"COPY --link --from=cargo /bin/* /usr/bin/"] keep_rustup = False if len(cargo_packages) > 0: rust_commands = [] @@ -512,8 +632,8 @@ def build_dockerfile( pip_install_command = "" if len(pip_packages) > 0: pip_install_command = ( - "RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir --upgrade pip &&" - + " PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir --upgrade \\\n '" + "RUN PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --no-cache-dir --upgrade pip &&" + + " PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --no-cache-dir --upgrade \\\n '" + "' \\\n '".join(list(dict.fromkeys(pip_packages))) + "' && \\\n" + 'find . | grep -E "(/__pycache__$|\\.pyc$|\\.pyo$)" | xargs rm -rf && \\\n' @@ -522,35 +642,54 @@ def build_dockerfile( replace_in_file(dockerfile, "#PIP__START", "#PIP__END", pip_install_command) # Python packages in venv if len(pipvenv_packages.items()) > 0: - pipenv_install_command = ( - "RUN PYTHONDONTWRITEBYTECODE=1 pip3 install" - " --no-cache-dir --upgrade pip virtualenv \\\n" + pipenv_download_list = [] + pipenv_download_command = ( + "RUN --mount=type=cache,id=pip,sharing=locked,target=/var/cache/pip,uid=0 \\\n" + " mkdir /download \\\n" + " && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --cache-dir=/var/cache/pip --upgrade pip crossenv wheel \\\n" ) - env_path_command = 'ENV PATH="${PATH}"' - for pip_linter, pip_linter_packages in pipvenv_packages.items(): + pipenv_install_command = "" + pipenv_path_command = 'ENV PATH="${PATH}"' + for pip_linter, data in pipvenv_packages.items(): + pip_linter_packages = data["pip"] + pip_linter_env = data["env"] + pipenv_download_list += pip_linter_packages pipenv_install_command += ( - f' && mkdir -p "/venvs/{pip_linter}" ' - + f'&& cd "/venvs/{pip_linter}" ' - + "&& virtualenv . " - + "&& source bin/activate " - + "&& PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir " + 'RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \\\n' + f' mkdir -p "/venvs/{pip_linter}" \\\n' + + f' && cd "/venvs/{pip_linter}" \\\n' + + " && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ \"${TARGETPLATFORM}\" == \"linux/arm64\" ]] && echo \"aarch64\" || echo \"x86_64\") . \\\n" + # See https://github.com/benfogle/crossenv/issues/107 + + " && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\\\\0\\\\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \\\n" + + " && source bin/activate \\\n" + + f" && PYTHONDONTWRITEBYTECODE=1 {pip_linter_env} pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip " + (" ".join(pip_linter_packages)) - + " " - + "&& deactivate " - + "&& cd ./../.. \\\n" + + "\\n" ) - env_path_command += f":/venvs/{pip_linter}/bin" - pipenv_install_command = pipenv_install_command[:-2] # remove last \ - pipenv_install_command += ( - ' \\\n && find . | grep -E "(/__pycache__$|\\.pyc$|\\.pyo$)" | xargs rm -rf ' - + "&& rm -rf /root/.cache\n" - + env_path_command + pipenv_path_command += f":/venvs/{pip_linter}/cross/bin" + pipenv_download_command += ( + '&& pip download --cache-dir=/var/cache/pip --dest "/download" \\\n ' + + (" \\\n ".join(pipenv_download_list)) + + " \\\n" ) + pipenv_download_command = pipenv_download_command[:-2] # remove last \ + pipenv_download_command += "\n" else: pipenv_install_command = "" + pipenv_download_command = "" + pipenv_path_command = "" replace_in_file( dockerfile, "#PIPVENV__START", "#PIPVENV__END", pipenv_install_command ) + replace_in_file( + dockerfile, "#PIPVENV_DOWNLOAD__START", "#PIPVENV_DOWNLOAD__END", pipenv_download_command + ) + replace_in_file( + dockerfile, "#PIPVENV_BUILDDEPS__START", "#PIPVENV_BUILDDEPS__END", "\\n".join(venv_builddeps_command) + ) + replace_in_file( + dockerfile, "#PIPVENV_PATH__START", "#PIPVENV_PATH__END", pipenv_path_command + ) # Ruby gem packages gem_install_command = "" @@ -561,6 +700,37 @@ def build_dockerfile( + " \\\n ".join(list(dict.fromkeys(gem_packages))) ) replace_in_file(dockerfile, "#GEM__START", "#GEM__END", gem_install_command) + # Commands + replace_in_file( + dockerfile, + "#FROM__START", + "#FROM__END", + "\n".join(list(dict.fromkeys(docker_from))), + ) + replace_in_file( + dockerfile, + "#ARG__START", + "#ARG__END", + "\n".join(list(dict.fromkeys(docker_arg))), + ) + replace_in_file( + dockerfile, + "#COPY__START", + "#COPY__END", + "\n".join(docker_copy), + ) + replace_in_file( + dockerfile, + "#OTHER__START", + "#OTHER__END", + "\n".join(docker_other), + ) + replace_in_file( + dockerfile, + "#BUILD_PLATFORM_OTHER__START", + "#BUILD_PLATFORM_OTHER__END", + "\n".join(docker_build_platform_other), + ) flavor_env = f"ENV MEGALINTER_FLAVOR={flavor}" replace_in_file(dockerfile, "#FLAVOR__START", "#FLAVOR__END", flavor_env) replace_in_file( @@ -1441,12 +1611,12 @@ def process_type(linters_by_type, type1, type_label, linters_tables_md): # Pre/post commands & unsecured variables linter_doc_md += [ f"| {linter.name}_PRE_COMMANDS | List of bash commands to run before the linter" - f"| {dump_as_json(linter.pre_commands,'None')} |", + f"| {dump_as_json(linter.pre_commands, 'None')} |", f"| {linter.name}_POST_COMMANDS | List of bash commands to run after the linter" f"| {dump_as_json(linter.post_commands,'None')} |", f"| {linter.name}_UNSECURED_ENV_VARIABLES | List of env variables explicitly " + f"not filtered before calling {linter.name} and its pre/post commands" - f"| {dump_as_json(linter.post_commands,'None')} |", + f"| {dump_as_json(linter.post_commands, 'None')} |", ] add_in_config_schema_file( [ @@ -2484,7 +2654,7 @@ def finalize_doc_build(): [![GitHub stars](https://img.shields.io/github/stars/oxsecurity/megalinter?cacheSeconds=3600&color=%23FD80CD)](https://github.com/oxsecurity/megalinter/stargazers/) [![Dependents](https://img.shields.io/static/v1?label=Used%20by&message=2180&color=%23FD80CD&logo=slickpic)](https://github.com/oxsecurity/megalinter/network/dependents) [![GitHub contributors](https://img.shields.io/github/contributors/oxsecurity/megalinter.svg?color=%23FD80CD)](https://github.com/oxsecurity/megalinter/graphs/contributors/) -[![PRs Welcome](https://img.shields.io/badge/PRs-welcome-brightgreen.svg?style=flat-square&color=%23FD80CD)](http://makeapullrequest.com)""", # noqa: E501 +[![PRs Welcome](https://img.shields.io/badge/PRs-welcome-brightgreen.svg?style=flat-square&color=%23FD80CD)](http://makeapullrequest.com)""", # noqa: E501 ) # Remove TOC in target file @@ -3239,7 +3409,7 @@ def update_workflow_linters(file_path, linters): file_content = f.read() file_content = re.sub( r"(linter:\s+\[\s*)([^\[\]]*?)(\s*\])", - rf"\1{re.escape(linters).replace(chr(92),'').strip()}\3", + rf"\1{re.escape(linters).replace(chr(92), '').strip()}\3", file_content, ) diff --git a/.config/make/python.mak b/.config/make/python.mak index 0f9a342e3af..e503623f69e 100644 --- a/.config/make/python.mak +++ b/.config/make/python.mak @@ -20,28 +20,28 @@ python-bootstrap-dev: ## Bootstrap python for dev env # =============================================================================================== .PHONY: python-venv-init python-venv-init: ## Create venv ".venv/" if not exist - if [ ! -d .venv ] ; then - $(python_launcher) -m venv .venv + if [[ ! -d .venv ]] ; then \ + $(python_launcher) -m venv .venv; \ fi .PHONY: python-venv-upgrade python-venv-upgrade: ## Upgrade venv with pip, setuptools and wheel - source .venv/bin/activate + . .venv/bin/activate; \ pip install --upgrade pip setuptools wheel .PHONY: python-venv-requirements python-venv-requirements: ## Install or upgrade from $(python_requirements_file) - source .venv/bin/activate + . .venv/bin/activate; \ pip install --upgrade --requirement $(python_requirements_file) .PHONY: python-venv-requirements-dev python-venv-requirements-dev: ## Install or upgrade from $(python_requirements_dev_file) - source .venv/bin/activate + . .venv/bin/activate; \ pip install --upgrade --requirement $(python_requirements_dev_file) .PHONY: python-venv-linters-install python-venv-linters-install: ## Install or upgrade linters - source .venv/bin/activate + . .venv/bin/activate; \ pip install --upgrade flake8 .PHONY: python-venv-purge @@ -54,22 +54,22 @@ python-venv-purge: ## Remove venv ".venv/" folder .PHONY: python-purge-cache python-purge-cache: ## Purge cache to avoid used cached files if [ -d .venv ] ; then - source .venv/bin/activate + . .venv/bin/activate; \ pip cache purge fi .PHONY: python-version python-version: ## Displays the python version used for the .venv - source .venv/bin/activate + . .venv/bin/activate; \ $(python_launcher) --version .PHONY: python-flake8 python-flake8: ## Run flake8 linter for python - source .venv/bin/activate + . .venv/bin/activate; \ flake8 --config .config/.flake8 .PHONY: python-pytest python-pytest: ## Run pytest to test python scripts - source .venv/bin/activate + . .venv/bin/activate; \ cd scripts/ $(python_launcher) -m pytest diff --git a/.github/workflows/-build-docker.yml b/.github/workflows/-build-docker.yml new file mode 100644 index 00000000000..8c8e9865d38 --- /dev/null +++ b/.github/workflows/-build-docker.yml @@ -0,0 +1,131 @@ +name: "Build Docker" + +on: + workflow_call: + inputs: + tagTemplate: + required: true + type: string + shouldLoginDockerHub: + required: true + type: boolean + shouldLoginGithub: + required: true + type: boolean + dockerfile: + required: true + type: string + push: + required: true + type: boolean + imageName: + required: true + type: string + workerImageName: + required: true + type: string + +jobs: + build: + name: Build Docker + runs-on: ubuntu-latest + timeout-minutes: 120 + steps: + - name: Maximize build space + uses: easimon/maximize-build-space@master + with: + root-reserve-mb: 512 + swap-size-mb: 1024 + remove-dotnet: 'true' # will release about 17GB if you don't need .NET + remove-haskell: 'true' # will release about 2.7GB if you don't need haskell + remove-android: 'true' # will release about 11 GB if you don't need Android + remove-codeql: 'true' # will release about 5.4GB if you don't need CodeQL + remove-docker-images: 'true' # will free about 3GB by clearing out some pre cached images + - name: Checkout Code + uses: actions/checkout@v3 + + - name: Set up QEMU + uses: docker/setup-qemu-action@v2 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + + - name: Get current date + run: echo "BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ')" >>"$GITHUB_ENV" + + - name: Build image tag name + id: image_tag + run: | + BRANCH_NAME="${GITHUB_REF##*/}" + TAG="${{ inputs.tagTemplate }}" + echo "Tag name: ${TAG}" + MAIN_TAG=() + WORKER_TAG=() + if [[ "${{inputs.shouldLoginGithub}}" == "true" ]]; then + MAIN_TAG+=("ghcr.io/oxsecurity/${{ inputs.imageName }}:${TAG}") + WORKER_TAG+=("ghcr.io/oxsecurity/${{ inputs.workerImageName }}:${TAG}") + fi + if [[ "${{inputs.shouldLoginDockerHub}}" == "true" ]]; then + MAIN_TAG+=("oxsecurity/${{ inputs.imageName }}:${TAG}") + WORKER_TAG+=("oxsecurity/${{ inputs.workerImageName }}:${TAG}") + fi + echo "tag=${MAIN_TAG}" >>"$GITHUB_OUTPUT" + echo "workerTag=${WORKER_TAG}" >>"$GITHUB_OUTPUT" + + - name: Login to Docker Hub + if: ${{ inputs.shouldLoginDockerHub }} + uses: docker/login-action@v2 + with: + username: ${{ secrets.DOCKER_USERNAME }} + password: ${{ secrets.DOCKER_PASSWORD }} + + - name: Login to GitHub Container Registry + if: ${{ inputs.shouldLoginGithub }} + uses: docker/login-action@v2 + with: + registry: ghcr.io + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Build Image + uses: docker/build-push-action@v4 + with: + file: ${{ inputs.dockerfile }} + platforms: linux/amd64,linux/arm64 + build-args: | + BUILD_DATE=${{ env.BUILD_DATE }} + BUILD_REVISION=${{ github.sha }} + BUILD_VERSION=alpha + load: false + push: ${{ inputs.push }} + outputs: ${{ (!inputs.push && 'type=oci,dest=image.tar') || '' }} + + secrets: | + GITHUB_TOKEN=${{ secrets.GITHUB_TOKEN }} + tags: ${{ steps.image_tag.outputs.tag }} + + - name: Build Worker Image + uses: docker/build-push-action@v4 + with: + context: . + file: Dockerfile-worker + platforms: linux/amd64 + build-args: | + MEGALINTER_BASE_IMAGE=ghcr.io/oxsecurity/megalinter-${{ matrix.flavor }}:alpha + BUILD_DATE=${{ env.BUILD_DATE }} + BUILD_REVISION=${{ github.sha }} + BUILD_VERSION=alpha + load: false + push: ${{ inputs.push }} + + secrets: | + GITHUB_TOKEN=${{ secrets.GITHUB_TOKEN }} + tags: ${{ steps.image_tag.outputs.workerTag }} + + - name: Archive oci artifacts + uses: actions/upload-artifact@v3 + with: + name: oci-tar + path: image.tar + if-no-files-found: ${{ (inputs.push && 'ignore') || 'error' }} + retention-days: 1 diff --git a/.github/workflows/deploy-ALPHA-flavors.yml b/.github/workflows/deploy-ALPHA-flavors.yml index bb8cba75135..be297c4de1a 100644 --- a/.github/workflows/deploy-ALPHA-flavors.yml +++ b/.github/workflows/deploy-ALPHA-flavors.yml @@ -42,15 +42,23 @@ jobs: build: # Name the Job name: Deploy Docker Image - ALPHA - Flavors - # Set the agent to run on - runs-on: ${{ matrix.os }} permissions: packages: write + # Only run this on the main repo + if: github.repository == 'oxsecurity/megalinter' && !contains(github.event.head_commit.message, 'skip deploy') + uses: ./.github/workflows/-build-docker.yml + with: + tagTemplate: "alpha" + shouldLoginDockerHub: false + shouldLoginGithub: true + dockerfile: flavors/${{ matrix.flavor }}/Dockerfile + push: true + imageName: megalinter-${{ matrix.flavor }} + workerImageName: megalinter-worker-${{ matrix.flavor }} strategy: fail-fast: false max-parallel: 10 matrix: - os: [ubuntu-latest] # flavors-start flavor: [ @@ -70,69 +78,11 @@ jobs: "swift", "terraform", ] -# flavors-end - # Only run this on the main repo - if: github.repository == 'oxsecurity/megalinter' && !contains(github.event.head_commit.message, 'skip deploy') + # flavors-end ################## # Load all steps # ################## steps: - ########################## - # Checkout the code base # - ########################## - - name: Checkout Code - uses: actions/checkout@v3 - - - name: Set up QEMU - uses: docker/setup-qemu-action@v2 - - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 - - - name: Login to GitHub Container Registry - uses: docker/login-action@v2 - with: - registry: ghcr.io - username: ${{ github.repository_owner }} - password: ${{ secrets.GITHUB_TOKEN }} - - - name: Get current date - run: echo "BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ')" >> ${GITHUB_ENV} - - - name: Build Image - uses: docker/build-push-action@v4 - with: - context: . - file: flavors/${{ matrix.flavor }}/Dockerfile - platforms: linux/amd64,linux/arm64 - build-args: | - BUILD_DATE=${{ env.BUILD_DATE }} - BUILD_REVISION=${{ github.sha }} - BUILD_VERSION=alpha - load: false - push: true - secrets: | - GITHUB_TOKEN=${{ secrets.GITHUB_TOKEN }} - tags: | - ghcr.io/oxsecurity/megalinter-${{ matrix.flavor }}:alpha - - - name: Build Worker Image - uses: docker/build-push-action@v4 - with: - context: . - file: Dockerfile-worker - platforms: linux/amd64 - build-args: | - MEGALINTER_BASE_IMAGE=ghcr.io/oxsecurity/megalinter-${{ matrix.flavor }}:alpha - BUILD_DATE=${{ env.BUILD_DATE }} - BUILD_REVISION=${{ github.sha }} - BUILD_VERSION=alpha - load: false - push: true - secrets: | - GITHUB_TOKEN=${{ secrets.GITHUB_TOKEN }} - tags: | - ghcr.io/oxsecurity/megalinter-worker-${{ matrix.flavor }}:alpha ############################################## # Check Docker image security with Trivy # @@ -140,7 +90,7 @@ jobs: - name: Run Trivy vulnerability scanner uses: aquasecurity/trivy-action@master with: - image-ref: 'ghcr.io/oxsecurity/megalinter-worker-${{ matrix.flavor }}:alpha' + image-ref: 'docker.io/oxsecurity/megalinter-${{ matrix.flavor }}:alpha' format: 'table' exit-code: '1' ignore-unfixed: true diff --git a/.github/workflows/deploy-DEV.yml b/.github/workflows/deploy-DEV.yml index b84d1786f11..9c94b0cc64a 100644 --- a/.github/workflows/deploy-DEV.yml +++ b/.github/workflows/deploy-DEV.yml @@ -46,45 +46,30 @@ concurrency: cancel-in-progress: true jobs: - build: - # Name the Job name: Tests + Deploy Docker Image - DEV - # Set the agent to run on - runs-on: ubuntu-latest - permissions: read-all # Prevent duplicate run from happening when a forked push is committed if: (github.event_name == 'push' || github.event.pull_request.head.repo.full_name != github.repository) && !contains(github.event.head_commit.message, 'skip deploy') - # Set max build time for the job - timeout-minutes: 120 - ################## - # Load all steps # - ################## + uses: ./.github/workflows/-build-docker.yml + with: + tagTemplate: "test-${{ github.actor }}-${BRANCH_NAME}" + shouldLoginDockerHub: ${{ (github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name == github.repository) || (github.event_name == 'push' && github.repository == 'oxsecurity/megalinter') }} + shouldLoginGithub: false + dockerfile: ${{ (contains(github.event.head_commit.message, 'quick build') && 'Dockerfile-quick') || 'Dockerfile' }} + push: false + imageName: megalinter + workerImageName: megalinter-worker + test: + name: Test + runs-on: ubuntu-latest + needs: build + strategy: + fail-fast: false + max-parallel: 10 + matrix: + platform: [amd64] #,linux/arm64 -Temporary, getting no space left on device steps: - ########################## - # Checkout the code base # - ########################## - - name: Checkout Code - uses: actions/checkout@v3 - - ####################### - # Docker Buildx setup # - ####################### - - name: Set up QEMU - uses: docker/setup-qemu-action@v2 - - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 - - ######################## - # Get the current date # - ######################## - - name: Get current date - run: echo "BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ')" >>"$GITHUB_ENV" - - ######################## - # Build image tag name # - ######################## + - uses: actions/checkout@v3 - name: Build image tag name id: image_tag run: | @@ -92,13 +77,16 @@ jobs: TAG="test-${{ github.actor }}-${BRANCH_NAME}" echo "Tag name: ${TAG}" echo "tag=${TAG}" >>"$GITHUB_OUTPUT" - - - name: Set up QEMU - uses: docker/setup-qemu-action@v2 - - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 - + - uses: actions/download-artifact@v3 + with: + name: oci-tar + - name: Load image + shell: bash + run: | + if [[ -f image.tar ]]; then + skopeo copy --override-os=linux --override-arch=${{ matrix.platform }} oci-archive:image.tar docker-daemon:oxsecurity/megalinter:${{ steps.image_tag.outputs.tag }} + rm -f image.tar + fi # Free disk space - name: Free Disk space shell: bash @@ -106,86 +94,6 @@ jobs: sudo rm -rf /usr/local/lib/android # will release about 10 GB if you don't need Android sudo rm -rf /usr/share/dotnet # will release about 20GB if you don't need .NET - ################################### - # Build image locally for testing # - ################################### - - name: Build MegaLinter Docker Image (quick) - if: "contains(github.event.head_commit.message, 'quick build')" - id: docker_build_quick - uses: docker/build-push-action@v4 - with: - context: . - file: Dockerfile-quick - platforms: linux/amd64,linux/arm64 - build-args: | - BUILD_DATE=${{ env.BUILD_DATE }} - BUILD_REVISION=${{ github.sha }} - BUILD_VERSION=${{ steps.image_tag.outputs.tag }} - MEGA_LINTER_BASE_IMAGE="oxsecurity/megalinter:beta" - load: true - push: false - secrets: | - GITHUB_TOKEN=${{ secrets.GITHUB_TOKEN }} - tags: | - oxsecurity/megalinter:${{ steps.image_tag.outputs.tag }} - timeout-minutes: 90 - - ####################################### - # Build image (full for forked repos) # - ####################################### - - name: Build MegaLinter Docker Image (full from forks) - if: | - ( - (github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name != github.repository) || - (github.event_name == 'push' && github.repository != 'oxsecurity/megalinter') - ) - && - !contains(github.event.head_commit.message, 'quick build') - id: docker_build - uses: docker/build-push-action@v4 - with: - context: . - file: Dockerfile - platforms: linux/amd64,linux/arm64 - build-args: | - BUILD_DATE=${{ env.BUILD_DATE }} - BUILD_REVISION=${{ github.sha }} - BUILD_VERSION=${{ steps.image_tag.outputs.tag }} - load: true - push: false - secrets: | - GITHUB_TOKEN=${{ secrets.GITHUB_TOKEN }} - tags: | - oxsecurity/megalinter:${{ steps.image_tag.outputs.tag }} - timeout-minutes: 90 - - #################################### - # Build image (full for main repo) # - #################################### - - name: Build MegaLinter Docker Image (full from main repo) & push - if: | - ( - (github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name == github.repository) || - (github.event_name == 'push' && github.repository == 'oxsecurity/megalinter') - ) - && - !contains(github.event.head_commit.message, 'quick build') - uses: docker/build-push-action@v4 - with: - context: . - file: Dockerfile - platforms: linux/amd64,linux/arm64 - build-args: | - BUILD_DATE=${{ env.BUILD_DATE }} - BUILD_REVISION=${{ github.sha }} - BUILD_VERSION=${{ steps.image_tag.outputs.tag }} - load: true - push: false - secrets: | - GITHUB_TOKEN=${{ secrets.GITHUB_TOKEN }} - tags: | - oxsecurity/megalinter:${{ steps.image_tag.outputs.tag }} - ##################################### # Run Linter test cases # ##################################### @@ -218,48 +126,48 @@ jobs: shell: bash run: docker run -e GITHUB_REPOSITORY="${{ github.repository }}" -e GITHUB_SHA="${{ github.sha }}" -e GITHUB_TOKEN="${{ github.token }}" -e GITHUB_RUN_ID="${{ github.run_id }}" -e GITHUB_TOKEN="${{ secrets.GITHUB_TOKEN }}" -v "/var/run/docker.sock:/var/run/docker.sock:rw" -v ${GITHUB_WORKSPACE}:/tmp/lint oxsecurity/megalinter:${{ steps.image_tag.outputs.tag }} timeout-minutes: 15 - - # Upload MegaLinter artifacts - - name: Archive production artifacts - if: ${{ success() }} || ${{ failure() }} - uses: actions/upload-artifact@v3 - with: - name: MegaLinter reports - path: | - megalinter-reports - mega-linter.log - linter-helps.json - linter-versions.json - - - name: debug - if: ${{ success() }} || ${{ failure() }} - run: echo ${{ steps.docker_build.outcome }} - - # Test mega-linter-runner with newly created image - - name: Setup Node - if: ${{ steps.docker_build.outcome }} == 'success' && !contains(github.event.head_commit.message, 'quick build') - uses: actions/setup-node@v3.7.0 - with: - node-version: "12" - - name: Install NPM dependencies - if: ${{ steps.docker_build.outcome }} == 'success' && !contains(github.event.head_commit.message, 'quick build') - run: cd mega-linter-runner && sudo yarn install --frozen-lockfile && sudo npm link - - name: Run mega-linter-runner tests - if: ${{ steps.docker_build.outcome }} == 'success' && !contains(github.event.head_commit.message, 'quick build') - run: cd mega-linter-runner && MEGALINTER_RELEASE=${{ steps.image_tag.outputs.tag }} MEGALINTER_NO_DOCKER_PULL=true npm run test - - ############################################## - # Check Docker image security with Trivy # - ############################################## - - - name: Run Trivy vulnerability scanner - uses: aquasecurity/trivy-action@master - with: - image-ref: "docker.io/oxsecurity/megalinter:${{ steps.image_tag.outputs.tag }}" - format: 'table' - exit-code: '1' - ignore-unfixed: true - scanners: vuln - vuln-type: 'os,library' - severity: 'CRITICAL,HIGH' - timeout: 15m0s +# +# # Upload MegaLinter artifacts +# - name: Archive production artifacts +# if: ${{ success() }} || ${{ failure() }} +# uses: actions/upload-artifact@v3 +# with: +# name: MegaLinter reports +# path: | +# megalinter-reports +# mega-linter.log +# linter-helps.json +# linter-versions.json +# +# - name: debug +# if: ${{ success() }} || ${{ failure() }} +# run: echo ${{ steps.docker_build.outcome }} +# +# # Test mega-linter-runner with newly created image +# - name: Setup Node +# if: ${{ steps.docker_build.outcome }} == 'success' && !contains(github.event.head_commit.message, 'quick build') +# uses: actions/setup-node@v3.7.0 +# with: +# node-version: "12" +# - name: Install NPM dependencies +# if: ${{ steps.docker_build.outcome }} == 'success' && !contains(github.event.head_commit.message, 'quick build') +# run: cd mega-linter-runner && sudo yarn install --frozen-lockfile && sudo npm link +# - name: Run mega-linter-runner tests +# if: ${{ steps.docker_build.outcome }} == 'success' && !contains(github.event.head_commit.message, 'quick build') +# run: cd mega-linter-runner && MEGALINTER_RELEASE=${{ steps.image_tag.outputs.tag }} MEGALINTER_NO_DOCKER_PULL=true npm run test +# +# ############################################## +# # Check Docker image security with Trivy # +# ############################################## +# +# - name: Run Trivy vulnerability scanner +# uses: aquasecurity/trivy-action@master +# with: +# image-ref: "docker.io/oxsecurity/megalinter:${{ steps.image_tag.outputs.tag }}" +# format: 'table' +# exit-code: '1' +# ignore-unfixed: true +# scanners: vuln +# vuln-type: 'os,library' +# severity: 'CRITICAL,HIGH' +# timeout: 15m0s diff --git a/Dockerfile b/Dockerfile index 48c950c7bfa..2a4d6fdbcf6 100644 --- a/Dockerfile +++ b/Dockerfile @@ -20,19 +20,46 @@ FROM koalaman/shellcheck:stable as shellcheck FROM mvdan/shfmt:latest-alpine as shfmt FROM hadolint/hadolint:v2.12.0-alpine as hadolint FROM mstruebing/editorconfig-checker:2.7.0 as editorconfig-checker -FROM golang:1-alpine as revive +FROM dotenvlinter/dotenv-linter:latest as dotenvlinter +FROM --platform=$BUILDPLATFORM golang:1-alpine as revive-build ## The golang image used as a builder is a temporary workaround ## for the released revive binaries not returning version numbers (devel). ## The install command should then be what is commented in the go.megalinter-descriptor.yml -RUN GOBIN=/usr/bin go install github.com/mgechev/revive@latest +## See https://github.com/mgechev/revive/issues/787 +RUN mkdir temp && cd temp && go mod init temp && go get -d github.com/mgechev/revive@latest +ARG BUILDARCH +ARG TARGETARCH +RUN GOOS=linux GOARCH=${TARGETARCH} go install github.com/mgechev/revive@latest \ +&& ([[ "${BUILDARCH}" == "${TARGETARCH}" ]] && mv bin/revive /usr/bin) || mv bin/linux_${TARGETARCH}/revive /usr/bin +FROM golang:1-alpine as revive +COPY --from=revive-build /usr/bin/revive /usr/bin/revive +# Verify Binary +RUN /usr/bin/revive --version FROM ghcr.io/yannh/kubeconform:latest-alpine as kubeconform FROM ghcr.io/assignuser/chktex-alpine:latest as chktex FROM mrtazz/checkmake:latest as checkmake FROM ghcr.io/phpstan/phpstan:latest-php8.1 as phpstan FROM yoheimuta/protolint:latest as protolint +FROM --platform=$BUILDPLATFORM alpine:3 AS fetch-ruff +ARG BUILDARCH +RUN --mount=type=cache,target=/var/cache/apk,id=apk-${BUILDARCH},sharing=locked \ + apk add --update curl +WORKDIR / +ARG TARGETARCH +RUN export DL_LOCATION="https://github.com/charliermarsh/ruff/releases/latest/download/ruff-$([[ "${TARGETARCH}" == "amd64" ]] && echo "x86_64" || echo "aarch64")-unknown-linux-musl.tar.gz" \ + && echo "Downloading from ${DL_LOCATION}" \ + && curl --location "${DL_LOCATION}" | tar -xzv +FROM --platform=$BUILDPLATFORM golang:alpine as dustilock-build +RUN mkdir temp && cd temp && go mod init temp && go get -d github.com/checkmarx/dustilock@v1.2.0 +ARG BUILDARCH +ARG TARGETARCH +RUN GOOS=linux GOARCH=${TARGETARCH} go install github.com/checkmarx/dustilock@v1.2.0 \ +&& ([[ "${BUILDARCH}" == "${TARGETARCH}" ]] && mv bin/dustilock /usr/bin) || mv bin/linux_${TARGETARCH}/dustilock /usr/bin FROM golang:alpine as dustilock -RUN GOBIN=/usr/bin go install github.com/checkmarx/dustilock@v1.2.0 +COPY --from=dustilock-build /usr/bin/dustilock /usr/bin/dustilock +# Verify Binary +RUN /usr/bin/dustilock --version FROM zricethezav/gitleaks:v8.17.0 as gitleaks FROM checkmarx/kics:alpine as kics @@ -44,20 +71,495 @@ FROM tenable/terrascan:1.18.1 as terrascan FROM alpine/terragrunt:latest as terragrunt # Next FROM line commented because already managed by another linter # FROM alpine/terragrunt:latest as terragrunt +FROM --platform=$BUILDPLATFORM alpine:3 AS cargo-build +WORKDIR /cargo +ENV HOME=/cargo +USER 0 +RUN --mount=type=cache,target=/var/cache/apk,id=apk-${BUILDARCH},sharing=locked \ + apk add --update \ + gcc \ + rustup \ + bash \ + git \ + musl-dev \ + llvm \ + clang \ + curl +RUN curl --location "https://github.com/cargo-bins/cargo-binstall/releases/latest/download/cargo-binstall-$([[ "${TARGETARCH}" == "amd64" ]] && echo "x86_64" || echo "aarch64")-unknown-linux-musl.tgz" | tar -xzv \ + && mkdir -p /cargo/.cargo/bin \ + && mv cargo-binstall /cargo/.cargo/bin \ + && chown -R 63425:63425 /cargo +USER 63425 +ENV CC_aarch64_unknown_linux_musl=clang \ + AR_aarch64_unknown_linux_musl=llvm-ar \ + CARGO_TARGET_AARCH64_UNKNOWN_LINUX_MUSL_RUSTFLAGS="-Clink-self-contained=yes -Clinker=rust-lld" \ + CC_x86_64_unknown_linux_musl=clang \ + AR_x86_64_unknown_linux_musl=llvm-ar \ + CARGO_TARGET_X86_64_UNKNOWN_LINUX_MUSL_RUSTFLAGS="-Clink-self-contained=yes -Clinker=rust-lld" +ARG TARGETARCH +RUN rustup-init -y --target $([[ "${TARGETARCH}" == "amd64" ]] && echo "x86_64-unknown-linux-musl" || echo "aarch64-unknown-linux-musl") + +RUN --mount=type=cache,id=cargo-${TARGETARCH},sharing=locked,target=/cargo/.cargo/registry/,uid=63425 \ + . /cargo/.cargo/env \ + && cargo binstall --no-confirm --no-symlinks sarif-fmt shellcheck-sarif --root /tmp --target $([[ "${TARGETARCH}" == "amd64" ]] && echo "x86_64-unknown-linux-musl" || echo "aarch64-unknown-linux-musl") + +FROM scratch AS cargo +COPY --link --from=cargo-build /tmp/bin/* /bin/ +RUN ["/bin/sarif-fmt", "--help"] +RUN ["/bin/shellcheck-sarif", "--help"] + #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START +RUN apk add --update --no-cache \ + gnupg \ + curl \ + openjdk11 +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START +# PHP installation +RUN --mount=type=secret,id=GITHUB_TOKEN GITHUB_AUTH_TOKEN="$(cat /run/secrets/GITHUB_TOKEN)" \ + && export GITHUB_AUTH_TOKEN \ + && wget --tries=5 -q -O phive.phar https://phar.io/releases/phive.phar \ + && wget --tries=5 -q -O phive.phar.asc https://phar.io/releases/phive.phar.asc \ + && PHAR_KEY_ID="0x9D8A98B29B2D5D79" \ + && ( gpg --keyserver keyserver.pgp.com --recv-keys "$PHAR_KEY_ID" \ + || gpg --keyserver ha.pool.sks-keyservers.net --recv-keys "$PHAR_KEY_ID" \ + || gpg --keyserver pgp.mit.edu --recv-keys "$PHAR_KEY_ID" \ + || gpg --keyserver hkps://keyserver.ubuntu.com --recv-keys "$PHAR_KEY_ID" ) \ + && gpg --verify phive.phar.asc phive.phar \ + && chmod +x phive.phar \ + && mv phive.phar /usr/local/bin/phive \ + && rm phive.phar.asc + +# +# SCALA installation +RUN curl --retry-all-errors --retry 10 -fLo coursier https://git.io/coursier-cli && \ + chmod +x coursier + +# +# arm-ttk installation +ARG ARM_TTK_NAME='master.zip' +ARG ARM_TTK_URI='https://github.com/Azure/arm-ttk/archive/master.zip' +ARG ARM_TTK_DIRECTORY='/opt/microsoft' +ENV ARM_TTK_PSD1="${ARM_TTK_DIRECTORY}/arm-ttk-master/arm-ttk/arm-ttk.psd1" +RUN curl --retry 5 --retry-delay 5 -sLO "${ARM_TTK_URI}" \ + && unzip "${ARM_TTK_NAME}" -d "${ARM_TTK_DIRECTORY}" \ + && rm "${ARM_TTK_NAME}" \ + && ln -sTf "${ARM_TTK_PSD1}" /usr/bin/arm-ttk \ + && chmod a+x /usr/bin/arm-ttk \ +# +# bash-exec installation + && printf '#!/bin/bash \n\nif [[ -x "$1" ]]; then exit 0; else echo "Error: File:[$1] is not executable"; exit 1; fi' > /usr/bin/bash-exec \ + && chmod +x /usr/bin/bash-exec + +# +# pmd installation +ARG PMD_VERSION=6.55.0 +RUN wget --quiet https://github.com/pmd/pmd/releases/download/pmd_releases%2F${PMD_VERSION}/pmd-bin-${PMD_VERSION}.zip && \ + unzip pmd-bin-${PMD_VERSION}.zip && \ + rm pmd-bin-${PMD_VERSION}.zip && \ + mv pmd-bin-${PMD_VERSION} /usr/bin/pmd && \ + chmod +x /usr/bin/pmd/bin/run.sh \ +# +# ktlint installation + && curl --retry 5 --retry-delay 5 -sSLO https://github.com/pinterest/ktlint/releases/latest/download/ktlint && \ + chmod a+x ktlint && \ + mv "ktlint" /usr/bin/ \ +# +# scalafix installation + && ./coursier install scalafix --quiet --install-dir /usr/bin && rm -rf /root/.cache +# +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START +RUN apk add --update --no-cache \ + npm +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START +WORKDIR /node-deps +RUN npm --no-cache install --ignore-scripts --omit=dev \ + @salesforce/cli \ + typescript \ + @coffeelint/cli \ + jscpd \ + stylelint \ + stylelint-config-standard \ + stylelint-config-sass-guidelines \ + stylelint-scss \ + gherkin-lint \ + graphql \ + graphql-schema-linter \ + npm-groovy-lint \ + htmlhint \ + eslint \ + eslint-config-airbnb \ + eslint-config-prettier \ + eslint-config-standard \ + eslint-plugin-import \ + eslint-plugin-jest \ + eslint-plugin-node \ + eslint-plugin-prettier \ + eslint-plugin-promise \ + eslint-plugin-vue \ + @babel/core \ + @babel/eslint-parser \ + @microsoft/eslint-formatter-sarif \ + standard \ + prettier \ + @prantlf/jsonlint \ + eslint-plugin-jsonc \ + v8r \ + npm-package-json-lint \ + npm-package-json-lint-config-default \ + eslint-plugin-react \ + eslint-plugin-jsx-a11y \ + markdownlint-cli \ + markdown-link-check \ + markdown-table-formatter \ + @stoplight/spectral-cli \ + secretlint \ + @secretlint/secretlint-rule-preset-recommend \ + @secretlint/secretlint-formatter-sarif \ + cspell \ + sql-lint \ + tekton-lint \ + prettyjson \ + @typescript-eslint/eslint-plugin \ + @typescript-eslint/parser \ + ts-standard && \ + echo "Cleaning npm cache…" \ + && npm cache clean --force || true \ + && echo "Changing owner of node_modules files…" \ + && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ + && echo "Removing extra node_module files…" \ + && rm -rf /root/.npm/_cacache \ + && find . -name "*.d.ts" -delete \ + && find . -name "*.map" -delete \ + && find . -name "*.npmignore" -delete \ + && find . -name "*.travis.yml" -delete \ + && find . -name "CHANGELOG.md" -delete \ + && find . -name "README.md" -delete \ + && find . -name ".package-lock.json" -delete \ + && find . -name "package-lock.json" -delete \ + && find . -name "README.md" -delete +WORKDIR / + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START +COPY --link --from=build-platform /usr/local/bin/phive /usr/local/bin/phive +COPY --link --from=node_modules /node-deps /node-deps +COPY --link --from=actionlint /usr/local/bin/actionlint /usr/bin/actionlint +# shellcheck is a dependency for actionlint + +COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck +COPY --link --from=build-platform /usr/bin/arm-ttk /usr/bin/arm-ttk +COPY --link --from=build-platform /usr/bin/bash-exec /usr/bin/bash-exec +# Next COPY line commented because already managed by another linter +# COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck +COPY --link --from=shfmt /bin/shfmt /usr/bin/ +COPY --link --from=hadolint /bin/hadolint /usr/bin/hadolint +COPY --link --from=editorconfig-checker /usr/bin/ec /usr/bin/editorconfig-checker +COPY --link --from=dotenvlinter /dotenv-linter /usr/bin/dotenv-linter +COPY --link --from=revive /usr/bin/revive /usr/bin/revive +COPY --link --from=build-platform /usr/bin/pmd /usr/bin/pmd +COPY --link --from=build-platform /usr/bin/ktlint /usr/bin/ktlint +COPY --link --from=kubeconform /kubeconform /usr/bin/ +COPY --link --from=chktex /usr/bin/chktex /usr/bin/ +COPY --link --from=checkmake /checkmake /usr/bin/checkmake +COPY --link --chmod=755 --from=phpstan /composer/vendor/phpstan/phpstan/phpstan.phar /usr/bin/phpstan +COPY --link --from=protolint /usr/local/bin/protolint /usr/bin/ +COPY --link --from=fetch-ruff /ruff /usr/bin/ruff +COPY --link --from=dustilock /usr/bin/dustilock /usr/bin/dustilock +COPY --link --from=gitleaks /usr/bin/gitleaks /usr/bin/ +COPY --link --from=kics /app/bin/kics /usr/bin/ +COPY --from=kics /app/bin/assets /opt/kics/assets/ +COPY --link --from=trufflehog /usr/bin/trufflehog /usr/bin/ +COPY --link --from=build-platform /usr/bin/scalafix /usr/bin/ +COPY --link --from=vale /bin/vale /bin/vale +COPY --link --from=lychee /usr/local/bin/lychee /usr/bin/ +COPY --link --from=tflint /usr/local/bin/tflint /usr/bin/ +COPY --link --from=terrascan /go/bin/terrascan /usr/bin/ +COPY --link --from=terragrunt /usr/local/bin/terragrunt /usr/bin/ +COPY --link --from=terragrunt /bin/terraform /usr/bin/ +COPY --link --from=cargo /bin/* /usr/bin/ +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev \ + g++ \ + cmake +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START +RUN --mount=type=cache,id=pip,sharing=locked,target=/var/cache/pip,uid=0 \ + mkdir /download \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --cache-dir=/var/cache/pip --upgrade pip crossenv wheel \ +&& pip download --cache-dir=/var/cache/pip --dest "/download" \ + ansible-lint \ + cpplint \ + cfn-lint \ + djlint \ + pylint \ + typing-extensions \ + black \ + flake8 \ + isort \ + black \ + bandit \ + bandit_sarif_formatter \ + bandit[toml] \ + mypy \ + pyright \ + packaging \ + checkov \ + semgrep \ + restructuredtext_lint \ + rstcheck \ + rstfmt \ + snakemake \ + snakefmt \ + proselint \ + sqlfluff \ + yamllint + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/ansible-lint" \ + && cd "/venvs/ansible-lint" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip ansible-lint +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/cpplint" \ + && cd "/venvs/cpplint" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip cpplint +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/cfn-lint" \ + && cd "/venvs/cfn-lint" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip cfn-lint +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/djlint" \ + && cd "/venvs/djlint" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip djlint +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/pylint" \ + && cd "/venvs/pylint" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip pylint typing-extensions +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/black" \ + && cd "/venvs/black" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip black +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/flake8" \ + && cd "/venvs/flake8" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip flake8 +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/isort" \ + && cd "/venvs/isort" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip isort black +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/bandit" \ + && cd "/venvs/bandit" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip bandit bandit_sarif_formatter bandit[toml] +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/mypy" \ + && cd "/venvs/mypy" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip mypy +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/pyright" \ + && cd "/venvs/pyright" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip pyright +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/checkov" \ + && cd "/venvs/checkov" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip packaging checkov +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/semgrep" \ + && cd "/venvs/semgrep" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip semgrep +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/rst-lint" \ + && cd "/venvs/rst-lint" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip restructuredtext_lint +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/rstcheck" \ + && cd "/venvs/rstcheck" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip rstcheck +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/rstfmt" \ + && cd "/venvs/rstfmt" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip rstfmt +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/snakemake" \ + && cd "/venvs/snakemake" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip snakemake +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/snakefmt" \ + && cd "/venvs/snakefmt" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip snakefmt +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/proselint" \ + && cd "/venvs/proselint" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip proselint +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/sqlfluff" \ + && cd "/venvs/sqlfluff" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip sqlfluff +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/yamllint" \ + && cd "/venvs/yamllint" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip yamllint + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -69,13 +571,9 @@ RUN apk add --update --no-cache libc6-compat \ ARG TARGETPLATFORM ARG PWSH_VERSION='latest' ARG PWSH_DIRECTORY='/opt/microsoft/powershell' -ARG ARM_TTK_NAME='master.zip' -ARG ARM_TTK_URI='https://github.com/Azure/arm-ttk/archive/master.zip' -ARG ARM_TTK_DIRECTORY='/opt/microsoft' ARG BICEP_EXE='bicep' ARG BICEP_DIR='/usr/local/bin' ARG DART_VERSION='2.8.4' -ARG PMD_VERSION=6.55.0 ARG PSSA_VERSION='latest' #ARG__END @@ -134,6 +632,9 @@ RUN apk add --no-cache \ libc6-compat \ openssl \ readline-dev \ + lua5.3 \ + lua5.3-dev \ + luarocks5.3 \ g++ \ libc-dev \ libgcc \ @@ -161,6 +662,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -168,112 +671,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START -RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir --upgrade pip virtualenv \ - && mkdir -p "/venvs/ansible-lint" && cd "/venvs/ansible-lint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir ansible-lint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/cpplint" && cd "/venvs/cpplint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir cpplint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/cfn-lint" && cd "/venvs/cfn-lint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir cfn-lint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/djlint" && cd "/venvs/djlint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir djlint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/pylint" && cd "/venvs/pylint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir pylint typing-extensions && deactivate && cd ./../.. \ - && mkdir -p "/venvs/black" && cd "/venvs/black" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir black && deactivate && cd ./../.. \ - && mkdir -p "/venvs/flake8" && cd "/venvs/flake8" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir flake8 && deactivate && cd ./../.. \ - && mkdir -p "/venvs/isort" && cd "/venvs/isort" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir isort black && deactivate && cd ./../.. \ - && mkdir -p "/venvs/bandit" && cd "/venvs/bandit" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir bandit bandit_sarif_formatter bandit[toml] && deactivate && cd ./../.. \ - && mkdir -p "/venvs/mypy" && cd "/venvs/mypy" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir mypy && deactivate && cd ./../.. \ - && mkdir -p "/venvs/pyright" && cd "/venvs/pyright" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir pyright && deactivate && cd ./../.. \ - && mkdir -p "/venvs/ruff" && cd "/venvs/ruff" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir ruff && deactivate && cd ./../.. \ - && mkdir -p "/venvs/checkov" && cd "/venvs/checkov" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir packaging checkov && deactivate && cd ./../.. \ - && mkdir -p "/venvs/semgrep" && cd "/venvs/semgrep" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir semgrep && deactivate && cd ./../.. \ - && mkdir -p "/venvs/rst-lint" && cd "/venvs/rst-lint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir restructuredtext_lint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/rstcheck" && cd "/venvs/rstcheck" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir rstcheck && deactivate && cd ./../.. \ - && mkdir -p "/venvs/rstfmt" && cd "/venvs/rstfmt" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir rstfmt && deactivate && cd ./../.. \ - && mkdir -p "/venvs/snakemake" && cd "/venvs/snakemake" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir snakemake && deactivate && cd ./../.. \ - && mkdir -p "/venvs/snakefmt" && cd "/venvs/snakefmt" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir snakefmt && deactivate && cd ./../.. \ - && mkdir -p "/venvs/proselint" && cd "/venvs/proselint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir proselint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/sqlfluff" && cd "/venvs/sqlfluff" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir sqlfluff && deactivate && cd ./../.. \ - && mkdir -p "/venvs/yamllint" && cd "/venvs/yamllint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir yamllint && deactivate && cd ./../.. \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf && rm -rf /root/.cache -ENV PATH="${PATH}":/venvs/ansible-lint/bin:/venvs/cpplint/bin:/venvs/cfn-lint/bin:/venvs/djlint/bin:/venvs/pylint/bin:/venvs/black/bin:/venvs/flake8/bin:/venvs/isort/bin:/venvs/bandit/bin:/venvs/mypy/bin:/venvs/pyright/bin:/venvs/ruff/bin:/venvs/checkov/bin:/venvs/semgrep/bin:/venvs/rst-lint/bin:/venvs/rstcheck/bin:/venvs/rstfmt/bin:/venvs/snakemake/bin:/venvs/snakefmt/bin:/venvs/proselint/bin:/venvs/sqlfluff/bin:/venvs/yamllint/bin -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START -WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ - sfdx-cli \ - typescript \ - @coffeelint/cli \ - jscpd \ - stylelint \ - stylelint-config-standard \ - stylelint-config-sass-guidelines \ - stylelint-scss \ - gherkin-lint \ - graphql \ - graphql-schema-linter \ - npm-groovy-lint \ - htmlhint \ - eslint \ - eslint-config-airbnb \ - eslint-config-prettier \ - eslint-config-standard \ - eslint-plugin-import \ - eslint-plugin-jest \ - eslint-plugin-node \ - eslint-plugin-prettier \ - eslint-plugin-promise \ - eslint-plugin-vue \ - @babel/core \ - @babel/eslint-parser \ - @microsoft/eslint-formatter-sarif \ - standard \ - prettier \ - @prantlf/jsonlint \ - eslint-plugin-jsonc \ - v8r \ - npm-package-json-lint \ - npm-package-json-lint-config-default \ - eslint-plugin-react \ - eslint-plugin-jsx-a11y \ - markdownlint-cli \ - markdown-link-check \ - markdown-table-formatter \ - @stoplight/spectral-cli \ - secretlint \ - @secretlint/secretlint-rule-preset-recommend \ - @secretlint/secretlint-formatter-sarif \ - cspell \ - sql-lint \ - tekton-lint \ - prettyjson \ - @typescript-eslint/eslint-plugin \ - @typescript-eslint/parser \ - ts-standard && \ - echo "Cleaning npm cache…" \ - && npm cache clean --force || true \ - && echo "Changing owner of node_modules files…" \ - && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ - && echo "Removing extra node_module files…" \ - && rm -rf /root/.npm/_cacache \ - && find . -name "*.d.ts" -delete \ - && find . -name "*.map" -delete \ - && find . -name "*.npmignore" -delete \ - && find . -name "*.travis.yml" -delete \ - && find . -name "CHANGELOG.md" -delete \ - && find . -name "README.md" -delete \ - && find . -name ".package-lock.json" -delete \ - && find . -name "package-lock.json" -delete \ - && find . -name "README.md" -delete -WORKDIR / - -#NPM__END +#PIPVENV_PATH__START +ENV PATH="${PATH}":/venvs/ansible-lint/cross/bin:/venvs/cpplint/cross/bin:/venvs/cfn-lint/cross/bin:/venvs/djlint/cross/bin:/venvs/pylint/cross/bin:/venvs/black/cross/bin:/venvs/flake8/cross/bin:/venvs/isort/cross/bin:/venvs/bandit/cross/bin:/venvs/mypy/cross/bin:/venvs/pyright/cross/bin:/venvs/checkov/cross/bin:/venvs/semgrep/cross/bin:/venvs/rst-lint/cross/bin:/venvs/rstcheck/cross/bin:/venvs/rstfmt/cross/bin:/venvs/snakemake/cross/bin:/venvs/snakefmt/cross/bin:/venvs/proselint/cross/bin:/venvs/sqlfluff/cross/bin:/venvs/yamllint/cross/bin +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -307,45 +707,13 @@ RUN echo 'gem: --no-document' >> ~/.gemrc && \ #CARGO__START RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable \ && export PATH="/root/.cargo/bin:${PATH}" \ - && rustup component add clippy && cargo install --force --locked sarif-fmt shellcheck-sarif \ + && rustup component add clippy \ && rm -rf /root/.cargo/registry /root/.cargo/git /root/.cache/sccache ENV PATH="/root/.cargo/bin:${PATH}" #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START -COPY --link --from=actionlint /usr/local/bin/actionlint /usr/bin/actionlint -# shellcheck is a dependency for actionlint - -COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck -# Next COPY line commented because already managed by another linter -# COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck -COPY --link --from=shfmt /bin/shfmt /usr/bin/ -COPY --link --from=hadolint /bin/hadolint /usr/bin/hadolint -COPY --link --from=editorconfig-checker /usr/bin/ec /usr/bin/editorconfig-checker -COPY --link --from=revive /usr/bin/revive /usr/bin/revive -COPY --link --from=kubeconform /kubeconform /usr/bin/ -COPY --link --from=chktex /usr/bin/chktex /usr/bin/ -COPY --link --from=checkmake /checkmake /usr/bin/checkmake -COPY --link --from=phpstan /composer/vendor/phpstan/phpstan/phpstan.phar /usr/bin/phpstan -COPY --link --from=protolint /usr/local/bin/protolint /usr/bin/ -COPY --link --from=dustilock /usr/bin/dustilock /usr/bin/dustilock -COPY --link --from=gitleaks /usr/bin/gitleaks /usr/bin/ -COPY --link --from=kics /app/bin/kics /usr/bin/ -COPY --from=kics /app/bin/assets /opt/kics/assets/ -COPY --link --from=trufflehog /usr/bin/trufflehog /usr/bin/ -COPY --link --from=vale /bin/vale /bin/vale -COPY --link --from=lychee /usr/local/bin/lychee /usr/bin/ -COPY --link --from=tflint /usr/local/bin/tflint /usr/bin/ -COPY --link --from=terrascan /go/bin/terrascan /usr/bin/ -COPY --link --from=terragrunt /usr/local/bin/terragrunt /usr/bin/ -COPY --link --from=terragrunt /bin/terraform /usr/bin/ -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## @@ -353,9 +721,10 @@ COPY --link --from=terragrunt /bin/terraform /usr/bin/ #OTHER__START RUN rc-update add docker boot && rc-service docker start || true # ARM installation -RUN --mount=type=secret,id=GITHUB_TOKEN case ${TARGETPLATFORM} in \ +RUN --mount=type=secret,id=GITHUB_TOKEN ([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && exit 0) || \ + case ${TARGETPLATFORM} in \ "linux/amd64") POWERSHELL_ARCH=alpine-x64 ;; \ - "linux/arm64") POWERSHELL_ARCH=arm64 ;; \ + "linux/arm64") POWERSHELL_ARCH=alpine-arm64 ;; \ esac \ && mkdir -p ${PWSH_DIRECTORY} \ && curl --retry 5 --retry-delay 5 -s \ @@ -367,9 +736,10 @@ RUN --mount=type=secret,id=GITHUB_TOKEN case ${TARGETPLATFORM} in \ | cut -d '"' -f 4 \ | xargs -n 1 wget -O - \ | tar -xzC ${PWSH_DIRECTORY} \ - && ln -sf ${PWSH_DIRECTORY}/pwsh /usr/bin/pwsh - + && ln -sf ${PWSH_DIRECTORY}/pwsh /usr/bin/pwsh \ + && chmod +x /usr/bin/pwsh +# # CLOJURE installation ENV LANG=C.UTF-8 RUN ALPINE_GLIBC_BASE_URL="https://github.com/sgerrand/alpine-pkg-glibc/releases/download" && \ @@ -411,14 +781,14 @@ RUN ALPINE_GLIBC_BASE_URL="https://github.com/sgerrand/alpine-pkg-glibc/releases "$ALPINE_GLIBC_BASE_PACKAGE_FILENAME" \ "$ALPINE_GLIBC_BIN_PACKAGE_FILENAME" \ "$ALPINE_GLIBC_I18N_PACKAGE_FILENAME" \ - +# # CSHARP installation && wget --tries=5 -q -O dotnet-install.sh https://dot.net/v1/dotnet-install.sh \ && chmod +x dotnet-install.sh \ && ./dotnet-install.sh --install-dir /usr/share/dotnet -channel 6.0 -version latest ENV PATH="${PATH}:/root/.dotnet/tools:/usr/share/dotnet" - +# # DART installation # Next line commented because already managed by another linter # ENV LANG=C.UTF-8 @@ -462,61 +832,40 @@ ENV PATH="${PATH}:/root/.dotnet/tools:/usr/share/dotnet" # "$ALPINE_GLIBC_BASE_PACKAGE_FILENAME" \ # "$ALPINE_GLIBC_BIN_PACKAGE_FILENAME" \ # "$ALPINE_GLIBC_I18N_PACKAGE_FILENAME" - +# # JAVA installation ENV JAVA_HOME=/usr/lib/jvm/java-11-openjdk ENV PATH="$JAVA_HOME/bin:${PATH}" - +# # PHP installation -RUN --mount=type=secret,id=GITHUB_TOKEN GITHUB_AUTH_TOKEN="$(cat /run/secrets/GITHUB_TOKEN)" \ - && export GITHUB_AUTH_TOKEN \ - && wget --tries=5 -q -O phive.phar https://phar.io/releases/phive.phar \ - && wget --tries=5 -q -O phive.phar.asc https://phar.io/releases/phive.phar.asc \ - && PHAR_KEY_ID="0x9D8A98B29B2D5D79" \ - && ( gpg --keyserver keyserver.pgp.com --recv-keys "$PHAR_KEY_ID" \ - || gpg --keyserver ha.pool.sks-keyservers.net --recv-keys "$PHAR_KEY_ID" \ - || gpg --keyserver pgp.mit.edu --recv-keys "$PHAR_KEY_ID" \ - || gpg --keyserver hkps://keyserver.ubuntu.com --recv-keys "$PHAR_KEY_ID" ) \ - && gpg --verify phive.phar.asc phive.phar \ - && chmod +x phive.phar \ - && mv phive.phar /usr/local/bin/phive \ - && rm phive.phar.asc \ - && update-alternatives --install /usr/bin/php php /usr/bin/php81 110 - - +RUN update-alternatives --install /usr/bin/php php /usr/bin/php81 110 \ +# # POWERSHELL installation -RUN --mount=type=secret,id=GITHUB_TOKEN case ${TARGETPLATFORM} in \ - "linux/amd64") POWERSHELL_ARCH=alpine-x64 ;; \ - "linux/arm64") POWERSHELL_ARCH=arm64 ;; \ - esac \ - && mkdir -p ${PWSH_DIRECTORY} \ - && curl --retry 5 --retry-delay 5 -s \ - -H "Accept: application/vnd.github+json" \ - -H "Authorization: Bearer $(cat /run/secrets/GITHUB_TOKEN)" \ - https://api.github.com/repos/powershell/powershell/releases/${PWSH_VERSION} \ - | grep browser_download_url \ - | grep linux-${POWERSHELL_ARCH} \ - | cut -d '"' -f 4 \ - | xargs -n 1 wget -O - \ - | tar -xzC ${PWSH_DIRECTORY} \ - && ln -sf ${PWSH_DIRECTORY}/pwsh /usr/bin/pwsh \ - && chmod +x /usr/bin/pwsh - - +# Next line commented because already managed by another linter +# RUN ([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && exit 0) || \ +# case ${TARGETPLATFORM} in \ +# "linux/amd64") POWERSHELL_ARCH=alpine-x64 ;; \ +# "linux/arm64") POWERSHELL_ARCH=alpine-arm64 ;; \ +# esac \ +# && mkdir -p ${PWSH_DIRECTORY} \ +# && curl --retry 5 --retry-delay 5 -s \ +# -H "Accept: application/vnd.github+json" \ +# -H "Authorization: Bearer $(cat /run/secrets/GITHUB_TOKEN)" \ +# https://api.github.com/repos/powershell/powershell/releases/${PWSH_VERSION} \ +# | grep browser_download_url \ +# | grep linux-${POWERSHELL_ARCH} \ +# | cut -d '"' -f 4 \ +# | xargs -n 1 wget -O - \ +# | tar -xzC ${PWSH_DIRECTORY} \ +# && ln -sf ${PWSH_DIRECTORY}/pwsh /usr/bin/pwsh \ +# && chmod +x /usr/bin/pwsh +# # SALESFORCE installation # Next line commented because already managed by another linter # ENV JAVA_HOME=/usr/lib/jvm/java-11-openjdk # Next line commented because already managed by another linter # ENV PATH="$JAVA_HOME/bin:${PATH}" -RUN echo y|sfdx plugins:install sfdx-hardis \ - && npm cache clean --force || true \ - && rm -rf /root/.npm/_cacache \ - -# SCALA installation - && curl --retry-all-errors --retry 10 -fLo coursier https://git.io/coursier-cli && \ - chmod +x coursier - - +# # VBDOTNET installation # Next line commented because already managed by another linter # RUN wget --tries=5 -q -O dotnet-install.sh https://dot.net/v1/dotnet-install.sh \ @@ -524,31 +873,7 @@ RUN echo y|sfdx plugins:install sfdx-hardis \ # && ./dotnet-install.sh --install-dir /usr/share/dotnet -channel 6.0 -version latest # Next line commented because already managed by another linter # ENV PATH="${PATH}:/root/.dotnet/tools:/usr/share/dotnet" - -# actionlint installation -# Managed with COPY --link --from=actionlint /usr/local/bin/actionlint /usr/bin/actionlint -# # shellcheck is a dependency for actionlint -# Managed with COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck - -# arm-ttk installation -ENV ARM_TTK_PSD1="${ARM_TTK_DIRECTORY}/arm-ttk-master/arm-ttk/arm-ttk.psd1" -RUN curl --retry 5 --retry-delay 5 -sLO "${ARM_TTK_URI}" \ - && unzip "${ARM_TTK_NAME}" -d "${ARM_TTK_DIRECTORY}" \ - && rm "${ARM_TTK_NAME}" \ - && ln -sTf "${ARM_TTK_PSD1}" /usr/bin/arm-ttk \ - && chmod a+x /usr/bin/arm-ttk \ - -# bash-exec installation - && printf '#!/bin/bash \n\nif [[ -x "$1" ]]; then exit 0; else echo "Error: File:[$1] is not executable"; exit 1; fi' > /usr/bin/bash-exec \ - && chmod +x /usr/bin/bash-exec \ - -# shellcheck installation -# Managed with # Next COPY line commented because already managed by another linter -# # COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck - -# shfmt installation -# Managed with COPY --link --from=shfmt /bin/shfmt /usr/bin/ - +# # bicep_linter installation && case ${TARGETPLATFORM} in \ "linux/amd64") POWERSHELL_ARCH=musl-x64 ;; \ @@ -557,20 +882,20 @@ esac \ && curl --retry 5 --retry-delay 5 -sLo ${BICEP_EXE} "https://github.com/Azure/bicep/releases/latest/download/bicep-linux-${POWERSHELL_ARCH}" \ && chmod +x "${BICEP_EXE}" \ && mv "${BICEP_EXE}" "${BICEP_DIR}" \ - +# # clj-kondo installation && curl --retry 5 --retry-delay 5 -sLO https://raw.githubusercontent.com/clj-kondo/clj-kondo/master/script/install-clj-kondo \ && chmod +x install-clj-kondo \ && ./install-clj-kondo \ - +# # cljstyle installation && curl --retry 5 --retry-delay 5 -sLO https://raw.githubusercontent.com/greglook/cljstyle/main/script/install-cljstyle \ && chmod +x install-cljstyle \ && ./install-cljstyle \ - +# # csharpier installation && /usr/share/dotnet/dotnet tool install -g csharpier \ - +# # dartanalyzer installation && case ${TARGETPLATFORM} in \ "linux/amd64") DART_ARCH=x64 ;; \ @@ -580,24 +905,12 @@ esac \ && chmod +x dart-sdk/bin/dart* \ && mv dart-sdk/bin/* /usr/bin/ && mv dart-sdk/lib/* /usr/lib/ && mv dart-sdk/include/* /usr/include/ \ && rm -r dart-sdk/ \ - -# hadolint installation -# Managed with COPY --link --from=hadolint /bin/hadolint /usr/bin/hadolint - -# editorconfig-checker installation -# Managed with COPY --link --from=editorconfig-checker /usr/bin/ec /usr/bin/editorconfig-checker - -# dotenv-linter installation - && wget -q -O - https://raw.githubusercontent.com/dotenv-linter/dotenv-linter/master/install.sh | sh -s \ - +# # golangci-lint installation && wget -O- -nv https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh \ && golangci-lint --version - -# revive installation -# Managed with COPY --link --from=revive /usr/bin/revive /usr/bin/revive - +# # checkstyle installation RUN --mount=type=secret,id=GITHUB_TOKEN CHECKSTYLE_LATEST=$(curl -s \ -H "Accept: application/vnd.github+json" \ @@ -609,86 +922,48 @@ RUN --mount=type=secret,id=GITHUB_TOKEN CHECKSTYLE_LATEST=$(curl -s \ && curl --retry 5 --retry-delay 5 -sSL $CHECKSTYLE_LATEST \ --output /usr/bin/checkstyle - -# pmd installation -RUN wget --quiet https://github.com/pmd/pmd/releases/download/pmd_releases%2F${PMD_VERSION}/pmd-bin-${PMD_VERSION}.zip && \ - unzip pmd-bin-${PMD_VERSION}.zip && \ - rm pmd-bin-${PMD_VERSION}.zip && \ - mv pmd-bin-${PMD_VERSION} /usr/bin/pmd && \ - chmod +x /usr/bin/pmd/bin/run.sh \ - -# ktlint installation - && curl --retry 5 --retry-delay 5 -sSLO https://github.com/pinterest/ktlint/releases/latest/download/ktlint && \ - chmod a+x ktlint && \ - mv "ktlint" /usr/bin/ \ - -# kubeconform installation -# Managed with COPY --link --from=kubeconform /kubeconform /usr/bin/ - +# # kubescape installation - && ln -s /lib/libc.so.6 /usr/lib/libresolv.so.2 && \ +RUN ln -s /lib/libc.so.6 /usr/lib/libresolv.so.2 && \ curl --retry 5 --retry-delay 5 -sLv https://raw.githubusercontent.com/kubescape/kubescape/master/install.sh | /bin/bash -s -- -v v2.3.6 \ - +# # chktex installation -# Managed with COPY --link --from=chktex /usr/bin/chktex /usr/bin/ && cd ~ && touch .chktexrc && cd / \ - +# # luacheck installation - && wget --tries=5 https://www.lua.org/ftp/lua-5.3.5.tar.gz -O - -q | tar -xzf - \ - && cd lua-5.3.5 \ - && make linux \ - && make install \ - && cd .. && rm -r lua-5.3.5/ \ - && wget --tries=5 https://github.com/cvega/luarocks/archive/v3.3.1-super-linter.tar.gz -O - -q | tar -xzf - \ - && cd luarocks-3.3.1-super-linter \ - && ./configure --with-lua-include=/usr/local/include \ - && make \ - && make -b install \ - && cd .. && rm -r luarocks-3.3.1-super-linter/ \ - && luarocks install luacheck \ - && cd / \ - -# checkmake installation -# Managed with COPY --link --from=checkmake /checkmake /usr/bin/checkmake - + && luarocks-5.3 install luacheck \ +# # perlcritic installation && curl --retry 5 --retry-delay 5 -sL https://cpanmin.us/ | perl - -nq --no-wget Perl::Critic - +# # phpcs installation RUN --mount=type=secret,id=GITHUB_TOKEN GITHUB_AUTH_TOKEN="$(cat /run/secrets/GITHUB_TOKEN)" && export GITHUB_AUTH_TOKEN && phive --no-progress install phpcs -g --trust-gpg-keys 31C7E470E2138192 - -# phpstan installation -# Managed with COPY --link --from=phpstan /composer/vendor/phpstan/phpstan/phpstan.phar /usr/bin/phpstan -RUN chmod +x /usr/bin/phpstan - +# # psalm installation RUN --mount=type=secret,id=GITHUB_TOKEN GITHUB_AUTH_TOKEN="$(cat /run/secrets/GITHUB_TOKEN)" && export GITHUB_AUTH_TOKEN && phive --no-progress install psalm -g --trust-gpg-keys 8A03EA3B385DBAA1,12CE0F1D262429A5 - +# # phplint installation RUN --mount=type=secret,id=GITHUB_TOKEN GITHUB_AUTH_TOKEN="$(cat /run/secrets/GITHUB_TOKEN)" && export GITHUB_AUTH_TOKEN && phive --no-progress install overtrue/phplint --force-accept-unsigned -g - +# # powershell installation -RUN pwsh -c 'Install-Module -Name PSScriptAnalyzer -RequiredVersion ${PSSA_VERSION} -Scope AllUsers -Force' - +RUN ([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && exit 0) || pwsh -c 'Install-Module -Name PSScriptAnalyzer -RequiredVersion ${PSSA_VERSION} -Scope AllUsers -Force' +# # powershell_formatter installation # Next line commented because already managed by another linter -# RUN pwsh -c 'Install-Module -Name PSScriptAnalyzer -RequiredVersion ${PSSA_VERSION} -Scope AllUsers -Force' - -# protolint installation -# Managed with COPY --link --from=protolint /usr/local/bin/protolint /usr/bin/ - +# RUN ([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && exit 0) || pwsh -c 'Install-Module -Name PSScriptAnalyzer -RequiredVersion ${PSSA_VERSION} -Scope AllUsers -Force' +# # mypy installation ENV MYPY_CACHE_DIR=/tmp - +# # lintr installation RUN mkdir -p /home/r-library \ && cp -r /usr/lib/R/library/ /home/r-library/ \ && Rscript -e "install.packages(c('lintr','purrr'), repos = 'https://cloud.r-project.org/')" \ && R -e "install.packages(list.dirs('/home/r-library',recursive = FALSE), repos = NULL, type = 'source')" \ - +# # raku installation && curl -L https://github.com/nxadm/rakudo-pkg/releases/download/v2020.10-02/rakudo-pkg-Alpine3.12_2020.10-02_x86_64.apk > rakudo-pkg-Alpine3.12_2020.10-02_x86_64.apk \ && apk add --no-cache --allow-untrusted rakudo-pkg-Alpine3.12_2020.10-02_x86_64.apk \ @@ -698,7 +973,7 @@ RUN mkdir -p /home/r-library \ && /opt/rakudo-pkg/bin/install-zef-as-user ENV PATH="~/.raku/bin:/opt/rakudo-pkg/bin:/opt/rakudo-pkg/share/perl6/site/bin:$PATH" - +# # devskim installation # Next line commented because already managed by another linter # RUN wget --tries=5 -q -O dotnet-install.sh https://dot.net/v1/dotnet-install.sh \ @@ -707,61 +982,41 @@ ENV PATH="~/.raku/bin:/opt/rakudo-pkg/bin:/opt/rakudo-pkg/share/perl6/site/bin:$ # Next line commented because already managed by another linter # ENV PATH="${PATH}:/root/.dotnet/tools:/usr/share/dotnet" RUN dotnet tool install --global Microsoft.CST.DevSkim.CLI \ - -# dustilock installation -# Managed with COPY --link --from=dustilock /usr/bin/dustilock /usr/bin/dustilock - -# gitleaks installation -# Managed with COPY --link --from=gitleaks /usr/bin/gitleaks /usr/bin/ - +# # grype installation && curl -sSfL https://raw.githubusercontent.com/anchore/grype/main/install.sh | sh -s -- -b /usr/local/bin v0.63.1 \ - +# # kics installation -# Managed with COPY --link --from=kics /app/bin/kics /usr/bin/ && mkdir -p /opt/kics/assets ENV KICS_QUERIES_PATH=/opt/kics/assets/queries KICS_LIBRARIES_PATH=/opt/kics/assets/libraries -# Managed with COPY --from=kics /app/bin/assets /opt/kics/assets/ - +# # syft installation RUN curl -sSfL https://raw.githubusercontent.com/anchore/syft/main/install.sh | sh -s -- -b /usr/local/bin \ - +# # trivy installation && wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin \ - +# # trivy-sbom installation # Next line commented because already managed by another linter # RUN wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin - -# trufflehog installation -# Managed with COPY --link --from=trufflehog /usr/bin/trufflehog /usr/bin/ - +# # sfdx-scanner-apex installation && sfdx plugins:install @salesforce/sfdx-scanner \ && npm cache clean --force || true \ && rm -rf /root/.npm/_cacache \ - +# # sfdx-scanner-aura installation # Next line commented because already managed by another linter # RUN sfdx plugins:install @salesforce/sfdx-scanner \ # && npm cache clean --force || true \ # && rm -rf /root/.npm/_cacache - +# # sfdx-scanner-lwc installation # Next line commented because already managed by another linter # RUN sfdx plugins:install @salesforce/sfdx-scanner \ # && npm cache clean --force || true \ # && rm -rf /root/.npm/_cacache - -# scalafix installation - && ./coursier install scalafix --quiet --install-dir /usr/bin && rm -rf /root/.cache \ - -# vale installation -# Managed with COPY --link --from=vale /bin/vale /bin/vale - -# lychee installation -# Managed with COPY --link --from=lychee /usr/local/bin/lychee /usr/bin/ - +# # tsqllint installation # Next line commented because already managed by another linter # RUN wget --tries=5 -q -O dotnet-install.sh https://dot.net/v1/dotnet-install.sh \ @@ -770,39 +1025,9 @@ RUN curl -sSfL https://raw.githubusercontent.com/anchore/syft/main/install.sh | # Next line commented because already managed by another linter # ENV PATH="${PATH}:/root/.dotnet/tools:/usr/share/dotnet" && dotnet tool install --global TSQLLint - -# tflint installation -# Managed with COPY --link --from=tflint /usr/local/bin/tflint /usr/bin/ - -# terrascan installation -# Managed with COPY --link --from=terrascan /go/bin/terrascan /usr/bin/ - -# terragrunt installation -# Managed with COPY --link --from=terragrunt /usr/local/bin/terragrunt /usr/bin/ - -# terraform-fmt installation -# Managed with COPY --link --from=terragrunt /bin/terraform /usr/bin/ - +# #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### @@ -840,7 +1065,6 @@ LABEL com.github.actions.name="MegaLinter" \ org.opencontainers.image.description="Lint your code base with GitHub Actions" #EXTRA_DOCKERFILE_LINES__START -COPY entrypoint.sh /entrypoint.sh -RUN chmod +x entrypoint.sh +COPY --chmod=755 entrypoint.sh /entrypoint.sh ENTRYPOINT ["/bin/bash", "/entrypoint.sh"] #EXTRA_DOCKERFILE_LINES__END diff --git a/docs/all_linters.md b/docs/all_linters.md index 9438ca44a2c..3dc7fbce4c7 100644 --- a/docs/all_linters.md +++ b/docs/all_linters.md @@ -3,113 +3,113 @@ # References -| Linter | Version | License | Popularity | Descriptors | Ref | URL | -|:--------------------------------------------------------------------------------------------------------|:-------------:|:-------------------------------------------:|:-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------:|:-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|:-------------------:|:---------------------------------------------------------------------------------------------------------------------------------------------------:| -| [**actionlint**](https://github.com/rhysd/actionlint){target=_blank} | 1.6.25 | [MIT](licenses/actionlint.md) | [![GitHub stars](https://img.shields.io/github/stars/rhysd/actionlint?cacheSeconds=3600)](https://github.com/rhysd/actionlint){target=_blank} | [ACTION](descriptors/action_actionlint.md) | :white_circle: | [Repository](https://github.com/rhysd/actionlint){target=_blank} | -| [**ansible-lint**](https://github.com/ansible/ansible-lint){target=_blank} | 6.17.2 | [GPL-3.0](licenses/ansible-lint.md) | [![GitHub stars](https://img.shields.io/github/stars/ansible/ansible-lint?cacheSeconds=3600)](https://github.com/ansible/ansible-lint){target=_blank} | [ANSIBLE](descriptors/ansible_ansible_lint.md) | :white_circle: | [Repository](https://github.com/ansible/ansible-lint){target=_blank} | -| [**arm-ttk**](https://github.com/Azure/arm-ttk){target=_blank} | N/A | [MIT](licenses/arm-ttk.md) | [![GitHub stars](https://img.shields.io/github/stars/Azure/arm-ttk?cacheSeconds=3600)](https://github.com/Azure/arm-ttk){target=_blank} | [ARM](descriptors/arm_arm_ttk.md) | :white_circle: | [Repository](https://github.com/Azure/arm-ttk){target=_blank} | -| [**bandit**](https://github.com/PyCQA/bandit){target=_blank} | 1.7.5 | [Apache-2.0](licenses/bandit.md) | [![GitHub stars](https://img.shields.io/github/stars/PyCQA/bandit?cacheSeconds=3600)](https://github.com/PyCQA/bandit){target=_blank} | [PYTHON](descriptors/python_bandit.md) | :white_circle: | [Repository](https://github.com/PyCQA/bandit){target=_blank} | -| [**bash-exec**](https://tiswww.case.edu/php/chet/bash/bashtop.html){target=_blank} | 5.2.15 | | | [BASH](descriptors/bash_bash_exec.md) | | [Web Site](https://tiswww.case.edu/php/chet/bash/bashtop.html){target=_blank} | -| [**bicep_linter**](https://github.com/Azure/bicep){target=_blank} | 0.19.5 | [MIT](licenses/bicep_linter.md) | [![GitHub stars](https://img.shields.io/github/stars/Azure/bicep?cacheSeconds=3600)](https://github.com/Azure/bicep){target=_blank} | [BICEP](descriptors/bicep_bicep_linter.md) | :white_circle: | [Repository](https://github.com/Azure/bicep){target=_blank} | -| [**black**](https://github.com/psf/black){target=_blank} | 23.7.0 | [MIT](licenses/black.md) | [![GitHub stars](https://img.shields.io/github/stars/psf/black?cacheSeconds=3600)](https://github.com/psf/black){target=_blank} | [PYTHON](descriptors/python_black.md) | :white_circle: | [Repository](https://github.com/psf/black){target=_blank} | -| [**cfn-lint**](https://github.com/aws-cloudformation/cfn-lint){target=_blank} | 0.78.1 | [MIT-0](licenses/cfn-lint.md) | [![GitHub stars](https://img.shields.io/github/stars/aws-cloudformation/cfn-lint?cacheSeconds=3600)](https://github.com/aws-cloudformation/cfn-lint){target=_blank} | [CLOUDFORMATION](descriptors/cloudformation_cfn_lint.md) | :white_circle: | [Repository](https://github.com/aws-cloudformation/cfn-lint){target=_blank} | -| [**checkmake**](https://github.com/mrtazz/checkmake){target=_blank} | 0.2.0 | [MIT](licenses/checkmake.md) | [![GitHub stars](https://img.shields.io/github/stars/mrtazz/checkmake?cacheSeconds=3600)](https://github.com/mrtazz/checkmake){target=_blank} | [MAKEFILE](descriptors/makefile_checkmake.md) | :white_circle: | [Repository](https://github.com/mrtazz/checkmake){target=_blank} | -| [**checkov**](https://github.com/bridgecrewio/checkov){target=_blank} | 2.3.326 | [Apache-2.0](licenses/checkov.md) | [![GitHub stars](https://img.shields.io/github/stars/bridgecrewio/checkov?cacheSeconds=3600)](https://github.com/bridgecrewio/checkov){target=_blank} | [REPOSITORY](descriptors/repository_checkov.md) | :no_entry_sign: | [Repository](https://github.com/bridgecrewio/checkov){target=_blank} | -| [**checkstyle**](https://github.com/checkstyle/checkstyle){target=_blank} | 10.12.1 | [LGPL-2.1](licenses/checkstyle.md) | [![GitHub stars](https://img.shields.io/github/stars/checkstyle/checkstyle?cacheSeconds=3600)](https://github.com/checkstyle/checkstyle){target=_blank} | [JAVA](descriptors/java_checkstyle.md) | :heart: | [MegaLinter reference](https://checkstyle.sourceforge.io/index.html#Related_Tools_Active_Tools){target=_blank} | -| [**chktex**](https://www.nongnu.org/chktex){target=_blank} | 1.7.6 | | | [LATEX](descriptors/latex_chktex.md) | :white_circle: | [Web Site](https://www.nongnu.org/chktex){target=_blank} | -| [**clippy**](https://github.com/rust-lang/rust-clippy){target=_blank} | 0.1.71 | [Other](licenses/clippy.md) | [![GitHub stars](https://img.shields.io/github/stars/rust-lang/rust-clippy?cacheSeconds=3600)](https://github.com/rust-lang/rust-clippy){target=_blank} | [RUST](descriptors/rust_clippy.md) | :white_circle: | [Repository](https://github.com/rust-lang/rust-clippy){target=_blank} | -| [**clj-kondo**](https://github.com/borkdude/clj-kondo){target=_blank} | 2023.07.13 | [EPL-1.0](licenses/clj-kondo.md) | [![GitHub stars](https://img.shields.io/github/stars/borkdude/clj-kondo?cacheSeconds=3600)](https://github.com/borkdude/clj-kondo){target=_blank} | [CLOJURE](descriptors/clojure_clj_kondo.md) | :heart: | [MegaLinter reference](https://github.com/borkdude/clj-kondo/blob/master/doc/ci-integration.md#github){target=_blank} | -| [**cljstyle**](https://github.com/greglook/cljstyle){target=_blank} | 0.15.0 | [EPL-1.0](licenses/cljstyle.md) | [![GitHub stars](https://img.shields.io/github/stars/greglook/cljstyle?cacheSeconds=3600)](https://github.com/greglook/cljstyle){target=_blank} | [CLOJURE](descriptors/clojure_cljstyle.md) | :heart: | [MegaLinter reference](https://github.com/greglook/cljstyle/blob/main/doc/integrations.md){target=_blank} | -| [**coffeelint**](https://github.com/clutchski/coffeelint){target=_blank} | 5.2.11 | [Other](licenses/coffeelint.md) | [![GitHub stars](https://img.shields.io/github/stars/clutchski/coffeelint?cacheSeconds=3600)](https://github.com/clutchski/coffeelint){target=_blank} | [COFFEE](descriptors/coffee_coffeelint.md) | :white_circle: | [Repository](https://github.com/clutchski/coffeelint){target=_blank} | -| [**cpplint**](https://github.com/cpplint/cpplint){target=_blank} | 1.6.1 | [Other](licenses/cpplint.md) | [![GitHub stars](https://img.shields.io/github/stars/cpplint/cpplint?cacheSeconds=3600)](https://github.com/cpplint/cpplint){target=_blank} | [C](descriptors/c_cpplint.md)
[CPP](descriptors/cpp_cpplint.md) | :white_circle: | [Repository](https://github.com/cpplint/cpplint){target=_blank} | -| [**csharpier**](https://github.com/belav/csharpier){target=_blank} | 0.25.0 | [MIT](licenses/csharpier.md) | [![GitHub stars](https://img.shields.io/github/stars/belav/csharpier?cacheSeconds=3600)](https://github.com/belav/csharpier){target=_blank} | [CSHARP](descriptors/csharp_csharpier.md) | :white_circle: | [Repository](https://github.com/belav/csharpier){target=_blank} | -| [**cspell**](https://github.com/streetsidesoftware/cspell){target=_blank} | 6.31.2 | [MIT](licenses/cspell.md) | [![GitHub stars](https://img.shields.io/github/stars/streetsidesoftware/cspell?cacheSeconds=3600)](https://github.com/streetsidesoftware/cspell){target=_blank} | [SPELL](descriptors/spell_cspell.md) | :heart: | [MegaLinter reference](https://github.com/streetsidesoftware/cspell/tree/master/packages/cspell#mega-linter){target=_blank} | -| [**dartanalyzer**](https://github.com/dart-lang/sdk){target=_blank} | N/A | [BSD-3-Clause](licenses/dartanalyzer.md) | [![GitHub stars](https://img.shields.io/github/stars/dart-lang/sdk?cacheSeconds=3600)](https://github.com/dart-lang/sdk){target=_blank} | [DART](descriptors/dart_dartanalyzer.md) | :no_entry_sign: | [Repository](https://github.com/dart-lang/sdk){target=_blank} | -| [**devskim**](https://github.com/microsoft/DevSkim){target=_blank} | 1.0.11 | [MIT](licenses/devskim.md) | [![GitHub stars](https://img.shields.io/github/stars/microsoft/DevSkim?cacheSeconds=3600)](https://github.com/microsoft/DevSkim){target=_blank} | [REPOSITORY](descriptors/repository_devskim.md) | :white_circle: | [Repository](https://github.com/microsoft/DevSkim){target=_blank} | -| [**djlint**](https://github.com/Riverside-Healthcare/djlint){target=_blank} | 1.31.1 | [GPL-3.0](licenses/djlint.md) | [![GitHub stars](https://img.shields.io/github/stars/Riverside-Healthcare/djlint?cacheSeconds=3600)](https://github.com/Riverside-Healthcare/djlint){target=_blank} | [HTML](descriptors/html_djlint.md) | :heart: | [MegaLinter reference](https://djlint.com/docs/integrations/#megalinter){target=_blank} | -| [**dotenv-linter**](https://github.com/dotenv-linter/dotenv-linter){target=_blank} | 3.3.0 | [MIT](licenses/dotenv-linter.md) | [![GitHub stars](https://img.shields.io/github/stars/dotenv-linter/dotenv-linter?cacheSeconds=3600)](https://github.com/dotenv-linter/dotenv-linter){target=_blank} | [ENV](descriptors/env_dotenv_linter.md) | :heart: | [MegaLinter reference](https://dotenv-linter.github.io/#/integrations/mega_linter){target=_blank} | -| [**dotnet-format**](https://github.com/dotnet/format){target=_blank} | 6.0.412 | [MIT](licenses/dotnet-format.md) | [![GitHub stars](https://img.shields.io/github/stars/dotnet/format?cacheSeconds=3600)](https://github.com/dotnet/format){target=_blank} | [CSHARP](descriptors/csharp_dotnet_format.md)
[VBDOTNET](descriptors/vbdotnet_dotnet_format.md) | :white_circle: | [Repository](https://github.com/dotnet/format){target=_blank} | -| [**dustilock**](https://github.com/Checkmarx/dustilock){target=_blank} | 1.2.0 | [Apache-2.0](licenses/dustilock.md) | [![GitHub stars](https://img.shields.io/github/stars/Checkmarx/dustilock?cacheSeconds=3600)](https://github.com/Checkmarx/dustilock){target=_blank} | [REPOSITORY](descriptors/repository_dustilock.md) | :white_circle: | [Repository](https://github.com/Checkmarx/dustilock){target=_blank} | -| [**editorconfig-checker**](https://github.com/editorconfig-checker/editorconfig-checker){target=_blank} | 2.7.0 | [MIT](licenses/editorconfig-checker.md) | [![GitHub stars](https://img.shields.io/github/stars/editorconfig-checker/editorconfig-checker?cacheSeconds=3600)](https://github.com/editorconfig-checker/editorconfig-checker){target=_blank} | [EDITORCONFIG](descriptors/editorconfig_editorconfig_checker.md) | :heart: | [MegaLinter reference](https://github.com/editorconfig-checker/editorconfig-checker#mega-linter){target=_blank} | -| [**eslint**](https://github.com/eslint/eslint){target=_blank} | 8.45.0 | [MIT](licenses/eslint.md) | [![GitHub stars](https://img.shields.io/github/stars/eslint/eslint?cacheSeconds=3600)](https://github.com/eslint/eslint){target=_blank} | [JAVASCRIPT](descriptors/javascript_eslint.md)
[JSX](descriptors/jsx_eslint.md)
[TSX](descriptors/tsx_eslint.md)
[TYPESCRIPT](descriptors/typescript_eslint.md) | :heart: | [MegaLinter reference](https://eslint.org/docs/user-guide/integrations#source-control){target=_blank} | -| [**eslint-plugin-jsonc**](https://github.com/ota-meshi/eslint-plugin-jsonc){target=_blank} | 2.9.0 | [MIT](licenses/eslint-plugin-jsonc.md) | [![GitHub stars](https://img.shields.io/github/stars/ota-meshi/eslint-plugin-jsonc?cacheSeconds=3600)](https://github.com/ota-meshi/eslint-plugin-jsonc){target=_blank} | [JSON](descriptors/json_eslint_plugin_jsonc.md) | :heart: | [MegaLinter reference](https://eslint.org/docs/user-guide/integrations#source-control){target=_blank} | -| [**flake8**](https://github.com/PyCQA/flake8){target=_blank} | 6.0.0 | [MIT](licenses/flake8.md) | [![GitHub stars](https://img.shields.io/github/stars/PyCQA/flake8?cacheSeconds=3600)](https://github.com/PyCQA/flake8){target=_blank} | [PYTHON](descriptors/python_flake8.md) | :white_circle: | [Repository](https://github.com/PyCQA/flake8){target=_blank} | -| [**gherkin-lint**](https://github.com/vsiakka/gherkin-lint){target=_blank} | N/A | [ISC](licenses/gherkin-lint.md) | [![GitHub stars](https://img.shields.io/github/stars/vsiakka/gherkin-lint?cacheSeconds=3600)](https://github.com/vsiakka/gherkin-lint){target=_blank} | [GHERKIN](descriptors/gherkin_gherkin_lint.md) | :white_circle: | [Repository](https://github.com/vsiakka/gherkin-lint){target=_blank} | -| [**git_diff**](https://github.com/git/git){target=_blank} | 2.38.5 | [LGPL-2.1](licenses/git_diff.md) | [![GitHub stars](https://img.shields.io/github/stars/git/git?cacheSeconds=3600)](https://github.com/git/git){target=_blank} | [REPOSITORY](descriptors/repository_git_diff.md) | | [Repository](https://github.com/git/git){target=_blank} | -| [**gitleaks**](https://github.com/gitleaks/gitleaks){target=_blank} | 8.17.0 | [MIT](licenses/gitleaks.md) | [![GitHub stars](https://img.shields.io/github/stars/gitleaks/gitleaks?cacheSeconds=3600)](https://github.com/gitleaks/gitleaks){target=_blank} | [REPOSITORY](descriptors/repository_gitleaks.md) | :white_circle: | [Repository](https://github.com/gitleaks/gitleaks){target=_blank} | -| [**golangci-lint**](https://github.com/golangci/golangci-lint){target=_blank} | 1.53.3 | [GPL-3.0](licenses/golangci-lint.md) | [![GitHub stars](https://img.shields.io/github/stars/golangci/golangci-lint?cacheSeconds=3600)](https://github.com/golangci/golangci-lint){target=_blank} | [GO](descriptors/go_golangci_lint.md) | :white_circle: | [Repository](https://github.com/golangci/golangci-lint){target=_blank} | -| [**graphql-schema-linter**](https://github.com/cjoudrey/graphql-schema-linter){target=_blank} | 3.0.1 | [MIT](licenses/graphql-schema-linter.md) | [![GitHub stars](https://img.shields.io/github/stars/cjoudrey/graphql-schema-linter?cacheSeconds=3600)](https://github.com/cjoudrey/graphql-schema-linter){target=_blank} | [GRAPHQL](descriptors/graphql_graphql_schema_linter.md) | :hammer_and_wrench: | [Pull Request](https://github.com/cjoudrey/graphql-schema-linter/pull/272){target=_blank} | -| [**grype**](https://github.com/anchore/grype){target=_blank} | 0.63.1 | [Apache-2.0](licenses/grype.md) | [![GitHub stars](https://img.shields.io/github/stars/anchore/grype?cacheSeconds=3600)](https://github.com/anchore/grype){target=_blank} | [REPOSITORY](descriptors/repository_grype.md) | :white_circle: | [Repository](https://github.com/anchore/grype){target=_blank} | -| [**hadolint**](https://github.com/hadolint/hadolint){target=_blank} | 2.12.0 | [GPL-3.0](licenses/hadolint.md) | [![GitHub stars](https://img.shields.io/github/stars/hadolint/hadolint?cacheSeconds=3600)](https://github.com/hadolint/hadolint){target=_blank} | [DOCKERFILE](descriptors/dockerfile_hadolint.md) | :heart: | [MegaLinter reference](https://github.com/hadolint/hadolint/blob/master/docs/INTEGRATION.md#mega-linter){target=_blank} | -| [**helm**](https://github.com/helm/helm){target=_blank} | 3.10.2 | [Apache-2.0](licenses/helm.md) | [![GitHub stars](https://img.shields.io/github/stars/helm/helm?cacheSeconds=3600)](https://github.com/helm/helm){target=_blank} | [KUBERNETES](descriptors/kubernetes_helm.md) | :white_circle: | [Repository](https://github.com/helm/helm){target=_blank} | -| [**htmlhint**](https://github.com/htmlhint/HTMLHint){target=_blank} | 1.1.4 | [MIT](licenses/htmlhint.md) | [![GitHub stars](https://img.shields.io/github/stars/htmlhint/HTMLHint?cacheSeconds=3600)](https://github.com/htmlhint/HTMLHint){target=_blank} | [HTML](descriptors/html_htmlhint.md) | :heart: | [MegaLinter reference](https://htmlhint.com/docs/user-guide/integrations/task-runner){target=_blank} | -| [**isort**](https://github.com/PyCQA/isort){target=_blank} | 5.12.0 | [MIT](licenses/isort.md) | [![GitHub stars](https://img.shields.io/github/stars/PyCQA/isort?cacheSeconds=3600)](https://github.com/PyCQA/isort){target=_blank} | [PYTHON](descriptors/python_isort.md) | :white_circle: | [Repository](https://github.com/PyCQA/isort){target=_blank} | -| [**jscpd**](https://github.com/kucherenko/jscpd){target=_blank} | 3.5.9 | [MIT](licenses/jscpd.md) | [![GitHub stars](https://img.shields.io/github/stars/kucherenko/jscpd?cacheSeconds=3600)](https://github.com/kucherenko/jscpd){target=_blank} | [COPYPASTE](descriptors/copypaste_jscpd.md) | :heart: | [MegaLinter reference](https://github.com/kucherenko/jscpd#who-uses-jscpd){target=_blank} | -| [**jsonlint**](https://github.com/prantlf/jsonlint){target=_blank} | 14.0.3 | [MIT](licenses/jsonlint.md) | [![GitHub stars](https://img.shields.io/github/stars/prantlf/jsonlint?cacheSeconds=3600)](https://github.com/prantlf/jsonlint){target=_blank} | [JSON](descriptors/json_jsonlint.md) | :white_circle: | [Repository](https://github.com/prantlf/jsonlint){target=_blank} | -| [**kics**](https://github.com/checkmarx/kics){target=_blank} | 1.7.3 | [Apache-2.0](licenses/kics.md) | [![GitHub stars](https://img.shields.io/github/stars/checkmarx/kics?cacheSeconds=3600)](https://github.com/checkmarx/kics){target=_blank} | [REPOSITORY](descriptors/repository_kics.md) | :heart: | [MegaLinter reference](https://docs.kics.io/latest/integrations/){target=_blank} | -| [**ktlint**](https://github.com/pinterest/ktlint){target=_blank} | 0.50.0 | [MIT](licenses/ktlint.md) | [![GitHub stars](https://img.shields.io/github/stars/pinterest/ktlint?cacheSeconds=3600)](https://github.com/pinterest/ktlint){target=_blank} | [KOTLIN](descriptors/kotlin_ktlint.md) | :heart: | [MegaLinter reference](https://github.com/pinterest/ktlint#-with-continuous-integration){target=_blank} | -| [**kubeconform**](https://github.com/yannh/kubeconform){target=_blank} | 0.6.3 | [Apache-2.0](licenses/kubeconform.md) | [![GitHub stars](https://img.shields.io/github/stars/yannh/kubeconform?cacheSeconds=3600)](https://github.com/yannh/kubeconform){target=_blank} | [KUBERNETES](descriptors/kubernetes_kubeconform.md) | :white_circle: | [Repository](https://github.com/yannh/kubeconform){target=_blank} | -| [**kubescape**](https://github.com/kubescape/kubescape){target=_blank} | 2.3.6 | [Apache-2.0](licenses/kubescape.md) | [![GitHub stars](https://img.shields.io/github/stars/kubescape/kubescape?cacheSeconds=3600)](https://github.com/kubescape/kubescape){target=_blank} | [KUBERNETES](descriptors/kubernetes_kubescape.md) | :white_circle: | [Repository](https://github.com/kubescape/kubescape){target=_blank} | -| [**lintr**](https://github.com/r-lib/lintr){target=_blank} | N/A | [Other](licenses/lintr.md) | [![GitHub stars](https://img.shields.io/github/stars/r-lib/lintr?cacheSeconds=3600)](https://github.com/r-lib/lintr){target=_blank} | [R](descriptors/r_lintr.md) | :heart: | [MegaLinter reference](https://cran.r-project.org/web/packages/lintr/vignettes/continuous-integration.html){target=_blank} | -| [**luacheck**](https://github.com/luarocks/luacheck){target=_blank} | 1.1.1 | [MIT](licenses/luacheck.md) | [![GitHub stars](https://img.shields.io/github/stars/luarocks/luacheck?cacheSeconds=3600)](https://github.com/luarocks/luacheck){target=_blank} | [LUA](descriptors/lua_luacheck.md) | :no_entry_sign: | [Repository](https://github.com/luarocks/luacheck){target=_blank} | -| [**lychee**](https://github.com/lycheeverse/lychee){target=_blank} | 0.13.0 | [Apache-2.0](licenses/lychee.md) | [![GitHub stars](https://img.shields.io/github/stars/lycheeverse/lychee?cacheSeconds=3600)](https://github.com/lycheeverse/lychee){target=_blank} | [SPELL](descriptors/spell_lychee.md) | :white_circle: | [Repository](https://github.com/lycheeverse/lychee){target=_blank} | -| [**markdown-link-check**](https://github.com/tcort/markdown-link-check){target=_blank} | 3.11.2 | [ISC](licenses/markdown-link-check.md) | [![GitHub stars](https://img.shields.io/github/stars/tcort/markdown-link-check?cacheSeconds=3600)](https://github.com/tcort/markdown-link-check){target=_blank} | [MARKDOWN](descriptors/markdown_markdown_link_check.md) | :heart: | [MegaLinter reference](https://github.com/tcort/markdown-link-check#run-in-other-tools){target=_blank} | -| [**markdown-table-formatter**](https://github.com/nvuillam/markdown-table-formatter){target=_blank} | 1.4.0 | [MIT](licenses/markdown-table-formatter.md) | [![GitHub stars](https://img.shields.io/github/stars/nvuillam/markdown-table-formatter?cacheSeconds=3600)](https://github.com/nvuillam/markdown-table-formatter){target=_blank} | [MARKDOWN](descriptors/markdown_markdown_table_formatter.md) | :white_circle: | [Repository](https://github.com/nvuillam/markdown-table-formatter){target=_blank} | -| [**markdownlint**](https://github.com/DavidAnson/markdownlint){target=_blank} | 0.35.0 | [MIT](licenses/markdownlint.md) | [![GitHub stars](https://img.shields.io/github/stars/DavidAnson/markdownlint?cacheSeconds=3600)](https://github.com/DavidAnson/markdownlint){target=_blank} | [MARKDOWN](descriptors/markdown_markdownlint.md) | :white_circle: | [Repository](https://github.com/DavidAnson/markdownlint){target=_blank} | -| [**mypy**](https://github.com/python/mypy){target=_blank} | 1.4.1 | [MIT](licenses/mypy.md) | [![GitHub stars](https://img.shields.io/github/stars/python/mypy?cacheSeconds=3600)](https://github.com/python/mypy){target=_blank} | [PYTHON](descriptors/python_mypy.md) | | [Repository](https://github.com/python/mypy){target=_blank} | -| [**npm-groovy-lint**](https://github.com/nvuillam/npm-groovy-lint){target=_blank} | 11.1.1 | [GPL-3.0](licenses/npm-groovy-lint.md) | [![GitHub stars](https://img.shields.io/github/stars/nvuillam/npm-groovy-lint?cacheSeconds=3600)](https://github.com/nvuillam/npm-groovy-lint){target=_blank} | [GROOVY](descriptors/groovy_npm_groovy_lint.md) | :heart: | [MegaLinter reference](https://nvuillam.github.io/npm-groovy-lint/#mega-linter){target=_blank} | -| [**npm-package-json-lint**](https://github.com/tclindner/npm-package-json-lint){target=_blank} | 7.0.0 | [MIT](licenses/npm-package-json-lint.md) | [![GitHub stars](https://img.shields.io/github/stars/tclindner/npm-package-json-lint?cacheSeconds=3600)](https://github.com/tclindner/npm-package-json-lint){target=_blank} | [JSON](descriptors/json_npm_package_json_lint.md) | :heart: | [MegaLinter reference](https://npmpackagejsonlint.org/docs/integrations#megalinter){target=_blank} | -| [**perlcritic**](https://github.com/Perl-Critic/Perl-Critic){target=_blank} | 1.150 | [Other](licenses/perlcritic.md) | [![GitHub stars](https://img.shields.io/github/stars/Perl-Critic/Perl-Critic?cacheSeconds=3600)](https://github.com/Perl-Critic/Perl-Critic){target=_blank} | [PERL](descriptors/perl_perlcritic.md) | :white_circle: | [Repository](https://github.com/Perl-Critic/Perl-Critic){target=_blank} | -| [**phpcs**](https://github.com/squizlabs/PHP_CodeSniffer){target=_blank} | 3.7.2 | [BSD-3-Clause](licenses/phpcs.md) | [![GitHub stars](https://img.shields.io/github/stars/squizlabs/PHP_CodeSniffer?cacheSeconds=3600)](https://github.com/squizlabs/PHP_CodeSniffer){target=_blank} | [PHP](descriptors/php_phpcs.md) | :white_circle: | [Repository](https://github.com/squizlabs/PHP_CodeSniffer){target=_blank} | -| [**phplint**](https://github.com/overtrue/phplint){target=_blank} | 9.0.4 | [MIT](licenses/phplint.md) | [![GitHub stars](https://img.shields.io/github/stars/overtrue/phplint?cacheSeconds=3600)](https://github.com/overtrue/phplint){target=_blank} | [PHP](descriptors/php_phplint.md) | :white_circle: | [Repository](https://github.com/overtrue/phplint){target=_blank} | -| [**phpstan**](https://github.com/phpstan/phpstan){target=_blank} | 1.10.25 | [MIT](licenses/phpstan.md) | [![GitHub stars](https://img.shields.io/github/stars/phpstan/phpstan?cacheSeconds=3600)](https://github.com/phpstan/phpstan){target=_blank} | [PHP](descriptors/php_phpstan.md) | :white_circle: | [Repository](https://github.com/phpstan/phpstan){target=_blank} | -| [**pmd**](https://github.com/pmd/pmd){target=_blank} | 6.55.0 | [Apache-2.0](licenses/pmd.md) | [![GitHub stars](https://img.shields.io/github/stars/pmd/pmd?cacheSeconds=3600)](https://github.com/pmd/pmd){target=_blank} | [JAVA](descriptors/java_pmd.md) | :heart: | [MegaLinter reference](https://pmd.sourceforge.io/pmd-6.55.0/pmd_userdocs_tools_ci.html){target=_blank} | -| [**powershell**](https://github.com/PowerShell/PSScriptAnalyzer){target=_blank} | 7.3.6 | [MIT](licenses/powershell.md) | [![GitHub stars](https://img.shields.io/github/stars/PowerShell/PSScriptAnalyzer?cacheSeconds=3600)](https://github.com/PowerShell/PSScriptAnalyzer){target=_blank} | [POWERSHELL](descriptors/powershell_powershell.md) | :white_circle: | [Repository](https://github.com/PowerShell/PSScriptAnalyzer){target=_blank} | -| [**powershell_formatter**](https://github.com/PowerShell/PSScriptAnalyzer){target=_blank} | 7.3.6 | [MIT](licenses/powershell_formatter.md) | [![GitHub stars](https://img.shields.io/github/stars/PowerShell/PSScriptAnalyzer?cacheSeconds=3600)](https://github.com/PowerShell/PSScriptAnalyzer){target=_blank} | [POWERSHELL](descriptors/powershell_powershell_formatter.md) | :white_circle: | [Repository](https://github.com/PowerShell/PSScriptAnalyzer){target=_blank} | -| [**prettier**](https://github.com/prettier/prettier){target=_blank} | 3.0.0 | [MIT](licenses/prettier.md) | [![GitHub stars](https://img.shields.io/github/stars/prettier/prettier?cacheSeconds=3600)](https://github.com/prettier/prettier){target=_blank} | [JAVASCRIPT](descriptors/javascript_prettier.md)
[JSON](descriptors/json_prettier.md)
[TYPESCRIPT](descriptors/typescript_prettier.md)
[YAML](descriptors/yaml_prettier.md) | :white_circle: | [Repository](https://github.com/prettier/prettier){target=_blank} | -| [**proselint**](https://github.com/amperser/proselint){target=_blank} | 0.13.0 | [BSD-3-Clause](licenses/proselint.md) | [![GitHub stars](https://img.shields.io/github/stars/amperser/proselint?cacheSeconds=3600)](https://github.com/amperser/proselint){target=_blank} | [SPELL](descriptors/spell_proselint.md) | :white_circle: | [Repository](https://github.com/amperser/proselint){target=_blank} | -| [**protolint**](https://github.com/yoheimuta/protolint){target=_blank} | 0.45.0 | [MIT](licenses/protolint.md) | [![GitHub stars](https://img.shields.io/github/stars/yoheimuta/protolint?cacheSeconds=3600)](https://github.com/yoheimuta/protolint){target=_blank} | [PROTOBUF](descriptors/protobuf_protolint.md) | :white_circle: | [Repository](https://github.com/yoheimuta/protolint){target=_blank} | -| [**psalm**](https://github.com/vimeo/psalm){target=_blank} | Psalm.5.13.1@ | [MIT](licenses/psalm.md) | [![GitHub stars](https://img.shields.io/github/stars/vimeo/psalm?cacheSeconds=3600)](https://github.com/vimeo/psalm){target=_blank} | [PHP](descriptors/php_psalm.md) | :white_circle: | [Repository](https://github.com/vimeo/psalm){target=_blank} | -| [**puppet-lint**](https://github.com/puppetlabs/puppet-lint){target=_blank} | 4.0.0 | [MIT](licenses/puppet-lint.md) | [![GitHub stars](https://img.shields.io/github/stars/puppetlabs/puppet-lint?cacheSeconds=3600)](https://github.com/puppetlabs/puppet-lint){target=_blank} | [PUPPET](descriptors/puppet_puppet_lint.md) | :white_circle: | [Repository](https://github.com/puppetlabs/puppet-lint){target=_blank} | -| [**pylint**](https://github.com/PyCQA/pylint){target=_blank} | 2.17.4 | [GPL-2.0](licenses/pylint.md) | [![GitHub stars](https://img.shields.io/github/stars/PyCQA/pylint?cacheSeconds=3600)](https://github.com/PyCQA/pylint){target=_blank} | [PYTHON](descriptors/python_pylint.md) | :white_circle: | [Repository](https://github.com/PyCQA/pylint){target=_blank} | -| [**pyright**](https://github.com/microsoft/pyright){target=_blank} | 1.1.317 | [Other](licenses/pyright.md) | [![GitHub stars](https://img.shields.io/github/stars/microsoft/pyright?cacheSeconds=3600)](https://github.com/microsoft/pyright){target=_blank} | [PYTHON](descriptors/python_pyright.md) | :white_circle: | [Repository](https://github.com/microsoft/pyright){target=_blank} | -| [**raku**](https://github.com/rakudo/rakudo){target=_blank} | 2020.10 | [Artistic-2.0](licenses/raku.md) | [![GitHub stars](https://img.shields.io/github/stars/rakudo/rakudo?cacheSeconds=3600)](https://github.com/rakudo/rakudo){target=_blank} | [RAKU](descriptors/raku_raku.md) | :white_circle: | [Repository](https://github.com/rakudo/rakudo){target=_blank} | -| [**remark-lint**](https://github.com/remarkjs/remark-lint){target=_blank} | 14.0.2 | [MIT](licenses/remark-lint.md) | [![GitHub stars](https://img.shields.io/github/stars/remarkjs/remark-lint?cacheSeconds=3600)](https://github.com/remarkjs/remark-lint){target=_blank} | [MARKDOWN](descriptors/markdown_remark_lint.md) | :white_circle: | [Repository](https://github.com/remarkjs/remark-lint){target=_blank} | -| [**revive**](https://github.com/mgechev/revive){target=_blank} | 1.3.2 | [MIT](licenses/revive.md) | [![GitHub stars](https://img.shields.io/github/stars/mgechev/revive?cacheSeconds=3600)](https://github.com/mgechev/revive){target=_blank} | [GO](descriptors/go_revive.md) | :white_circle: | [Repository](https://github.com/mgechev/revive){target=_blank} | -| [**rst-lint**](https://github.com/twolfson/restructuredtext-lint){target=_blank} | 1.4.0 | [Unlicense](licenses/rst-lint.md) | [![GitHub stars](https://img.shields.io/github/stars/twolfson/restructuredtext-lint?cacheSeconds=3600)](https://github.com/twolfson/restructuredtext-lint){target=_blank} | [RST](descriptors/rst_rst_lint.md) | :heart: | [MegaLinter reference](https://github.com/twolfson/restructuredtext-lint/wiki/Integration-in-other-tools#integration-in-other-tools){target=_blank} | -| [**rstcheck**](https://github.com/myint/rstcheck){target=_blank} | 6.1.2 | [MIT](licenses/rstcheck.md) | [![GitHub stars](https://img.shields.io/github/stars/myint/rstcheck?cacheSeconds=3600)](https://github.com/myint/rstcheck){target=_blank} | [RST](descriptors/rst_rstcheck.md) | :heart: | [MegaLinter reference](https://rstcheck.readthedocs.io/en/latest/usage/integration/#use-with-mega-linter){target=_blank} | -| [**rstfmt**](https://github.com/dzhu/rstfmt){target=_blank} | 0.0.13 | | | [RST](descriptors/rst_rstfmt.md) | :hammer_and_wrench: | [Pull Request](https://github.com/dzhu/rstfmt/pull/1){target=_blank} | -| [**rubocop**](https://github.com/rubocop-hq/rubocop){target=_blank} | 1.54.2 | [MIT](licenses/rubocop.md) | [![GitHub stars](https://img.shields.io/github/stars/rubocop-hq/rubocop?cacheSeconds=3600)](https://github.com/rubocop-hq/rubocop){target=_blank} | [RUBY](descriptors/ruby_rubocop.md) | :heart: | [MegaLinter reference](https://docs.rubocop.org/rubocop/integration_with_other_tools.html#mega-linter-integration){target=_blank} | -| [**ruff**](https://github.com/charliermarsh/ruff){target=_blank} | 0.0.278 | [MIT](licenses/ruff.md) | [![GitHub stars](https://img.shields.io/github/stars/charliermarsh/ruff?cacheSeconds=3600)](https://github.com/charliermarsh/ruff){target=_blank} | [PYTHON](descriptors/python_ruff.md) | :white_circle: | [Repository](https://github.com/charliermarsh/ruff){target=_blank} | -| [**scalafix**](https://github.com/scalacenter/scalafix){target=_blank} | 0.11.0 | [Other](licenses/scalafix.md) | [![GitHub stars](https://img.shields.io/github/stars/scalacenter/scalafix?cacheSeconds=3600)](https://github.com/scalacenter/scalafix){target=_blank} | [SCALA](descriptors/scala_scalafix.md) | :heart: | [MegaLinter reference](https://scalacenter.github.io/scalafix/docs/users/installation.html#plugins-for-other-build-tools){target=_blank} | -| [**scss-lint**](https://github.com/sds/scss-lint){target=_blank} | 0.60.0 | [MIT](licenses/scss-lint.md) | [![GitHub stars](https://img.shields.io/github/stars/sds/scss-lint?cacheSeconds=3600)](https://github.com/sds/scss-lint){target=_blank} | [CSS](descriptors/css_scss_lint.md) | :white_circle: | [Repository](https://github.com/sds/scss-lint){target=_blank} | -| [**secretlint**](https://github.com/secretlint/secretlint){target=_blank} | 7.0.3 | [MIT](licenses/secretlint.md) | [![GitHub stars](https://img.shields.io/github/stars/secretlint/secretlint?cacheSeconds=3600)](https://github.com/secretlint/secretlint){target=_blank} | [REPOSITORY](descriptors/repository_secretlint.md) | :heart: | [MegaLinter reference](https://github.com/secretlint/secretlint#mega-linter){target=_blank} | -| [**semgrep**](https://github.com/returntocorp/semgrep){target=_blank} | 1.32.0 | [LGPL-2.1](licenses/semgrep.md) | [![GitHub stars](https://img.shields.io/github/stars/returntocorp/semgrep?cacheSeconds=3600)](https://github.com/returntocorp/semgrep){target=_blank} | [REPOSITORY](descriptors/repository_semgrep.md) | :white_circle: | [Repository](https://github.com/returntocorp/semgrep){target=_blank} | -| [**sfdx-scanner-apex**](https://github.com/forcedotcom/sfdx-scanner){target=_blank} | 3.14.0 | [MIT](licenses/sfdx-scanner-apex.md) | [![GitHub stars](https://img.shields.io/github/stars/forcedotcom/sfdx-scanner?cacheSeconds=3600)](https://github.com/forcedotcom/sfdx-scanner){target=_blank} | [SALESFORCE](descriptors/salesforce_sfdx_scanner_apex.md) | :hammer_and_wrench: | [Pull Request](https://github.com/forcedotcom/sfdx-scanner/pull/307){target=_blank} | -| [**sfdx-scanner-aura**](https://github.com/forcedotcom/sfdx-scanner){target=_blank} | 3.14.0 | [MIT](licenses/sfdx-scanner-aura.md) | [![GitHub stars](https://img.shields.io/github/stars/forcedotcom/sfdx-scanner?cacheSeconds=3600)](https://github.com/forcedotcom/sfdx-scanner){target=_blank} | [SALESFORCE](descriptors/salesforce_sfdx_scanner_aura.md) | :hammer_and_wrench: | [Pull Request](https://github.com/forcedotcom/sfdx-scanner/pull/307){target=_blank} | -| [**sfdx-scanner-lwc**](https://github.com/forcedotcom/sfdx-scanner){target=_blank} | 3.14.0 | [MIT](licenses/sfdx-scanner-lwc.md) | [![GitHub stars](https://img.shields.io/github/stars/forcedotcom/sfdx-scanner?cacheSeconds=3600)](https://github.com/forcedotcom/sfdx-scanner){target=_blank} | [SALESFORCE](descriptors/salesforce_sfdx_scanner_lwc.md) | :hammer_and_wrench: | [Pull Request](https://github.com/forcedotcom/sfdx-scanner/pull/307){target=_blank} | -| [**shellcheck**](https://github.com/koalaman/shellcheck){target=_blank} | 0.9.0 | [GPL-3.0](licenses/shellcheck.md) | [![GitHub stars](https://img.shields.io/github/stars/koalaman/shellcheck?cacheSeconds=3600)](https://github.com/koalaman/shellcheck){target=_blank} | [BASH](descriptors/bash_shellcheck.md) | | [Repository](https://github.com/koalaman/shellcheck){target=_blank} | -| [**shfmt**](https://github.com/mvdan/sh){target=_blank} | 3.7.0 | [BSD-3-Clause](licenses/shfmt.md) | [![GitHub stars](https://img.shields.io/github/stars/mvdan/sh?cacheSeconds=3600)](https://github.com/mvdan/sh){target=_blank} | [BASH](descriptors/bash_shfmt.md) | :no_entry_sign: | [Repository](https://github.com/mvdan/sh){target=_blank} | -| [**snakefmt**](https://github.com/snakemake/snakefmt){target=_blank} | 0.8.4 | [MIT](licenses/snakefmt.md) | [![GitHub stars](https://img.shields.io/github/stars/snakemake/snakefmt?cacheSeconds=3600)](https://github.com/snakemake/snakefmt){target=_blank} | [SNAKEMAKE](descriptors/snakemake_snakefmt.md) | :white_circle: | [Repository](https://github.com/snakemake/snakefmt){target=_blank} | -| [**snakemake**](https://github.com/snakemake/snakemake){target=_blank} | 7.30.1 | [MIT](licenses/snakemake.md) | [![GitHub stars](https://img.shields.io/github/stars/snakemake/snakemake?cacheSeconds=3600)](https://github.com/snakemake/snakemake){target=_blank} | [SNAKEMAKE](descriptors/snakemake_snakemake.md) | :white_circle: | [Repository](https://github.com/snakemake/snakemake){target=_blank} | -| [**spectral**](https://github.com/stoplightio/spectral){target=_blank} | 6.8.0 | [Apache-2.0](licenses/spectral.md) | [![GitHub stars](https://img.shields.io/github/stars/stoplightio/spectral?cacheSeconds=3600)](https://github.com/stoplightio/spectral){target=_blank} | [OPENAPI](descriptors/openapi_spectral.md) | :white_circle: | [Repository](https://github.com/stoplightio/spectral){target=_blank} | -| [**sql-lint**](https://github.com/joereynolds/sql-lint){target=_blank} | 1.0.0 | [MIT](licenses/sql-lint.md) | [![GitHub stars](https://img.shields.io/github/stars/joereynolds/sql-lint?cacheSeconds=3600)](https://github.com/joereynolds/sql-lint){target=_blank} | [SQL](descriptors/sql_sql_lint.md) | :white_circle: | [Repository](https://github.com/joereynolds/sql-lint){target=_blank} | -| [**sqlfluff**](https://github.com/sqlfluff/sqlfluff){target=_blank} | 2.1.2 | [MIT](licenses/sqlfluff.md) | [![GitHub stars](https://img.shields.io/github/stars/sqlfluff/sqlfluff?cacheSeconds=3600)](https://github.com/sqlfluff/sqlfluff){target=_blank} | [SQL](descriptors/sql_sqlfluff.md) | :white_circle: | [Repository](https://github.com/sqlfluff/sqlfluff){target=_blank} | -| [**standard**](https://github.com/standard/standard){target=_blank} | 17.1.0 | [MIT](licenses/standard.md) | [![GitHub stars](https://img.shields.io/github/stars/standard/standard?cacheSeconds=3600)](https://github.com/standard/standard){target=_blank} | [JAVASCRIPT](descriptors/javascript_standard.md) | :white_circle: | [Repository](https://github.com/standard/standard){target=_blank} | -| [**stylelint**](https://github.com/stylelint/stylelint){target=_blank} | 15.10.1 | [MIT](licenses/stylelint.md) | [![GitHub stars](https://img.shields.io/github/stars/stylelint/stylelint?cacheSeconds=3600)](https://github.com/stylelint/stylelint){target=_blank} | [CSS](descriptors/css_stylelint.md) | :white_circle: | [Repository](https://github.com/stylelint/stylelint){target=_blank} | -| [**swiftlint**](https://github.com/realm/SwiftLint){target=_blank} | 0.52.4 | [MIT](licenses/swiftlint.md) | [![GitHub stars](https://img.shields.io/github/stars/realm/SwiftLint?cacheSeconds=3600)](https://github.com/realm/SwiftLint){target=_blank} | [SWIFT](descriptors/swift_swiftlint.md) | :white_circle: | [Repository](https://github.com/realm/SwiftLint){target=_blank} | -| [**syft**](https://github.com/anchore/syft){target=_blank} | 0.85.0 | [Apache-2.0](licenses/syft.md) | [![GitHub stars](https://img.shields.io/github/stars/anchore/syft?cacheSeconds=3600)](https://github.com/anchore/syft){target=_blank} | [REPOSITORY](descriptors/repository_syft.md) | :white_circle: | [Repository](https://github.com/anchore/syft){target=_blank} | -| [**tekton-lint**](https://github.com/IBM/tekton-lint){target=_blank} | 0.6.0 | | [![GitHub stars](https://img.shields.io/github/stars/IBM/tekton-lint?cacheSeconds=3600)](https://github.com/IBM/tekton-lint){target=_blank} | [TEKTON](descriptors/tekton_tekton_lint.md) | :white_circle: | [Repository](https://github.com/IBM/tekton-lint){target=_blank} | -| [**terraform-fmt**](https://github.com/hashicorp/terraform){target=_blank} | 1.5.3 | [MPL-2.0](licenses/terraform-fmt.md) | [![GitHub stars](https://img.shields.io/github/stars/hashicorp/terraform?cacheSeconds=3600)](https://github.com/hashicorp/terraform){target=_blank} | [TERRAFORM](descriptors/terraform_terraform_fmt.md) | :white_circle: | [Repository](https://github.com/hashicorp/terraform){target=_blank} | -| [**terragrunt**](https://github.com/gruntwork-io/terragrunt){target=_blank} | 0.48.1 | [MIT](licenses/terragrunt.md) | [![GitHub stars](https://img.shields.io/github/stars/gruntwork-io/terragrunt?cacheSeconds=3600)](https://github.com/gruntwork-io/terragrunt){target=_blank} | [TERRAFORM](descriptors/terraform_terragrunt.md) | :white_circle: | [Repository](https://github.com/gruntwork-io/terragrunt){target=_blank} | -| [**terrascan**](https://github.com/tenable/terrascan){target=_blank} | 1.18.1 | [Apache-2.0](licenses/terrascan.md) | [![GitHub stars](https://img.shields.io/github/stars/tenable/terrascan?cacheSeconds=3600)](https://github.com/tenable/terrascan){target=_blank} | [TERRAFORM](descriptors/terraform_terrascan.md) | :white_circle: | [Repository](https://github.com/tenable/terrascan){target=_blank} | -| [**tflint**](https://github.com/terraform-linters/tflint){target=_blank} | 0.47.0 | [MPL-2.0](licenses/tflint.md) | [![GitHub stars](https://img.shields.io/github/stars/terraform-linters/tflint?cacheSeconds=3600)](https://github.com/terraform-linters/tflint){target=_blank} | [TERRAFORM](descriptors/terraform_tflint.md) | :white_circle: | [Repository](https://github.com/terraform-linters/tflint){target=_blank} | -| [**trivy**](https://github.com/aquasecurity/trivy){target=_blank} | 0.43.1 | [Apache-2.0](licenses/trivy.md) | [![GitHub stars](https://img.shields.io/github/stars/aquasecurity/trivy?cacheSeconds=3600)](https://github.com/aquasecurity/trivy){target=_blank} | [REPOSITORY](descriptors/repository_trivy.md) | :white_circle: | [Repository](https://github.com/aquasecurity/trivy){target=_blank} | -| [**trivy-sbom**](https://github.com/aquasecurity/trivy){target=_blank} | 0.43.1 | | [![GitHub stars](https://img.shields.io/github/stars/aquasecurity/trivy?cacheSeconds=3600)](https://github.com/aquasecurity/trivy){target=_blank} | [REPOSITORY](descriptors/repository_trivy_sbom.md) | :white_circle: | [Repository](https://github.com/aquasecurity/trivy){target=_blank} | -| [**trufflehog**](https://github.com/trufflesecurity/trufflehog){target=_blank} | 3.44.0 | | [![GitHub stars](https://img.shields.io/github/stars/trufflesecurity/trufflehog?cacheSeconds=3600)](https://github.com/trufflesecurity/trufflehog){target=_blank} | [REPOSITORY](descriptors/repository_trufflehog.md) | :white_circle: | [Repository](https://github.com/trufflesecurity/trufflehog){target=_blank} | -| [**ts-standard**](https://github.com/standard/ts-standard){target=_blank} | 12.0.2 | | [![GitHub stars](https://img.shields.io/github/stars/standard/ts-standard?cacheSeconds=3600)](https://github.com/standard/ts-standard){target=_blank} | [TYPESCRIPT](descriptors/typescript_ts_standard.md) | :white_circle: | [Repository](https://github.com/standard/ts-standard){target=_blank} | -| [**tsqllint**](https://github.com/tsqllint/tsqllint){target=_blank} | 1.15.3.0 | [MIT](licenses/tsqllint.md) | [![GitHub stars](https://img.shields.io/github/stars/tsqllint/tsqllint?cacheSeconds=3600)](https://github.com/tsqllint/tsqllint){target=_blank} | [SQL](descriptors/sql_tsqllint.md) | :white_circle: | [Repository](https://github.com/tsqllint/tsqllint){target=_blank} | -| [**v8r**](https://github.com/chris48s/v8r){target=_blank} | 2.0.0 | [MIT](licenses/v8r.md) | [![GitHub stars](https://img.shields.io/github/stars/chris48s/v8r?cacheSeconds=3600)](https://github.com/chris48s/v8r){target=_blank} | [JSON](descriptors/json_v8r.md)
[YAML](descriptors/yaml_v8r.md) | :no_entry_sign: | [Repository](https://github.com/chris48s/v8r){target=_blank} | -| [**vale**](https://github.com/errata-ai/vale){target=_blank} | 2.28.0 | [MIT](licenses/vale.md) | [![GitHub stars](https://img.shields.io/github/stars/errata-ai/vale?cacheSeconds=3600)](https://github.com/errata-ai/vale){target=_blank} | [SPELL](descriptors/spell_vale.md) | :white_circle: | [Repository](https://github.com/errata-ai/vale){target=_blank} | -| [**xmllint**](http://xmlsoft.org/xmllint.html){target=_blank} | 21004 | | | [XML](descriptors/xml_xmllint.md) | :white_circle: | [Web Site](http://xmlsoft.org/xmllint.html){target=_blank} | -| [**yamllint**](https://github.com/adrienverge/yamllint){target=_blank} | 1.32.0 | [GPL-3.0](licenses/yamllint.md) | [![GitHub stars](https://img.shields.io/github/stars/adrienverge/yamllint?cacheSeconds=3600)](https://github.com/adrienverge/yamllint){target=_blank} | [YAML](descriptors/yaml_yamllint.md) | :no_entry_sign: | [Repository](https://github.com/adrienverge/yamllint){target=_blank} | +| Linter | Supported Platforms | Version | License | Popularity | Descriptors | Ref | URL | +|:--------------------------------------------------------------------------------------------------------|:------------------------------:|:-------------:|:-------------------------------------------:|:-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------:|:-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|:-------------------:|:---------------------------------------------------------------------------------------------------------------------------------------------------:| +| [**actionlint**](https://github.com/rhysd/actionlint){target=_blank} | linux/amd64
linux/arm64 | 1.6.25 | [MIT](licenses/actionlint.md) | [![GitHub stars](https://img.shields.io/github/stars/rhysd/actionlint?cacheSeconds=3600)](https://github.com/rhysd/actionlint){target=_blank} | [ACTION](descriptors/action_actionlint.md) | :white_circle: | [Repository](https://github.com/rhysd/actionlint){target=_blank} | +| [**ansible-lint**](https://github.com/ansible/ansible-lint){target=_blank} | linux/amd64
linux/arm64 | 6.17.2 | [GPL-3.0](licenses/ansible-lint.md) | [![GitHub stars](https://img.shields.io/github/stars/ansible/ansible-lint?cacheSeconds=3600)](https://github.com/ansible/ansible-lint){target=_blank} | [ANSIBLE](descriptors/ansible_ansible_lint.md) | :white_circle: | [Repository](https://github.com/ansible/ansible-lint){target=_blank} | +| [**arm-ttk**](https://github.com/Azure/arm-ttk){target=_blank} | linux/amd64
linux/arm64 | N/A | [MIT](licenses/arm-ttk.md) | [![GitHub stars](https://img.shields.io/github/stars/Azure/arm-ttk?cacheSeconds=3600)](https://github.com/Azure/arm-ttk){target=_blank} | [ARM](descriptors/arm_arm_ttk.md) | :white_circle: | [Repository](https://github.com/Azure/arm-ttk){target=_blank} | +| [**bandit**](https://github.com/PyCQA/bandit){target=_blank} | linux/amd64
linux/arm64 | 1.7.5 | [Apache-2.0](licenses/bandit.md) | [![GitHub stars](https://img.shields.io/github/stars/PyCQA/bandit?cacheSeconds=3600)](https://github.com/PyCQA/bandit){target=_blank} | [PYTHON](descriptors/python_bandit.md) | :white_circle: | [Repository](https://github.com/PyCQA/bandit){target=_blank} | +| [**bash-exec**](https://tiswww.case.edu/php/chet/bash/bashtop.html){target=_blank} | linux/amd64
linux/arm64 | 5.2.15 | | | [BASH](descriptors/bash_bash_exec.md) | | [Web Site](https://tiswww.case.edu/php/chet/bash/bashtop.html){target=_blank} | +| [**bicep_linter**](https://github.com/Azure/bicep){target=_blank} | linux/amd64
linux/arm64 | 0.19.5 | [MIT](licenses/bicep_linter.md) | [![GitHub stars](https://img.shields.io/github/stars/Azure/bicep?cacheSeconds=3600)](https://github.com/Azure/bicep){target=_blank} | [BICEP](descriptors/bicep_bicep_linter.md) | :white_circle: | [Repository](https://github.com/Azure/bicep){target=_blank} | +| [**black**](https://github.com/psf/black){target=_blank} | linux/amd64
linux/arm64 | 23.7.0 | [MIT](licenses/black.md) | [![GitHub stars](https://img.shields.io/github/stars/psf/black?cacheSeconds=3600)](https://github.com/psf/black){target=_blank} | [PYTHON](descriptors/python_black.md) | :white_circle: | [Repository](https://github.com/psf/black){target=_blank} | +| [**cfn-lint**](https://github.com/aws-cloudformation/cfn-lint){target=_blank} | linux/amd64
linux/arm64 | 0.78.1 | [MIT-0](licenses/cfn-lint.md) | [![GitHub stars](https://img.shields.io/github/stars/aws-cloudformation/cfn-lint?cacheSeconds=3600)](https://github.com/aws-cloudformation/cfn-lint){target=_blank} | [CLOUDFORMATION](descriptors/cloudformation_cfn_lint.md) | :white_circle: | [Repository](https://github.com/aws-cloudformation/cfn-lint){target=_blank} | +| [**checkmake**](https://github.com/mrtazz/checkmake){target=_blank} | linux/amd64 | 0.2.0 | [MIT](licenses/checkmake.md) | [![GitHub stars](https://img.shields.io/github/stars/mrtazz/checkmake?cacheSeconds=3600)](https://github.com/mrtazz/checkmake){target=_blank} | [MAKEFILE](descriptors/makefile_checkmake.md) | :white_circle: | [Repository](https://github.com/mrtazz/checkmake){target=_blank} | +| [**checkov**](https://github.com/bridgecrewio/checkov){target=_blank} | linux/amd64
linux/arm64 | 2.3.326 | [Apache-2.0](licenses/checkov.md) | [![GitHub stars](https://img.shields.io/github/stars/bridgecrewio/checkov?cacheSeconds=3600)](https://github.com/bridgecrewio/checkov){target=_blank} | [REPOSITORY](descriptors/repository_checkov.md) | :no_entry_sign: | [Repository](https://github.com/bridgecrewio/checkov){target=_blank} | +| [**checkstyle**](https://github.com/checkstyle/checkstyle){target=_blank} | linux/amd64
linux/arm64 | 10.12.1 | [LGPL-2.1](licenses/checkstyle.md) | [![GitHub stars](https://img.shields.io/github/stars/checkstyle/checkstyle?cacheSeconds=3600)](https://github.com/checkstyle/checkstyle){target=_blank} | [JAVA](descriptors/java_checkstyle.md) | :heart: | [MegaLinter reference](https://checkstyle.sourceforge.io/index.html#Related_Tools_Active_Tools){target=_blank} | +| [**chktex**](https://www.nongnu.org/chktex){target=_blank} | linux/amd64 | 1.7.6 | | | [LATEX](descriptors/latex_chktex.md) | :white_circle: | [Web Site](https://www.nongnu.org/chktex){target=_blank} | +| [**clippy**](https://github.com/rust-lang/rust-clippy){target=_blank} | linux/amd64
linux/arm64 | 0.1.71 | [Other](licenses/clippy.md) | [![GitHub stars](https://img.shields.io/github/stars/rust-lang/rust-clippy?cacheSeconds=3600)](https://github.com/rust-lang/rust-clippy){target=_blank} | [RUST](descriptors/rust_clippy.md) | :white_circle: | [Repository](https://github.com/rust-lang/rust-clippy){target=_blank} | +| [**clj-kondo**](https://github.com/borkdude/clj-kondo){target=_blank} | linux/amd64
windows/amd64 | 2023.07.13 | [EPL-1.0](licenses/clj-kondo.md) | [![GitHub stars](https://img.shields.io/github/stars/borkdude/clj-kondo?cacheSeconds=3600)](https://github.com/borkdude/clj-kondo){target=_blank} | [CLOJURE](descriptors/clojure_clj_kondo.md) | :heart: | [MegaLinter reference](https://github.com/borkdude/clj-kondo/blob/master/doc/ci-integration.md#github){target=_blank} | +| [**cljstyle**](https://github.com/greglook/cljstyle){target=_blank} | | 0.15.0 | [EPL-1.0](licenses/cljstyle.md) | [![GitHub stars](https://img.shields.io/github/stars/greglook/cljstyle?cacheSeconds=3600)](https://github.com/greglook/cljstyle){target=_blank} | [CLOJURE](descriptors/clojure_cljstyle.md) | :heart: | [MegaLinter reference](https://github.com/greglook/cljstyle/blob/main/doc/integrations.md){target=_blank} | +| [**coffeelint**](https://github.com/clutchski/coffeelint){target=_blank} | linux/amd64
linux/arm64 | 5.2.11 | [Other](licenses/coffeelint.md) | [![GitHub stars](https://img.shields.io/github/stars/clutchski/coffeelint?cacheSeconds=3600)](https://github.com/clutchski/coffeelint){target=_blank} | [COFFEE](descriptors/coffee_coffeelint.md) | :white_circle: | [Repository](https://github.com/clutchski/coffeelint){target=_blank} | +| [**cpplint**](https://github.com/cpplint/cpplint){target=_blank} | linux/amd64
linux/arm64 | 1.6.1 | [Other](licenses/cpplint.md) | [![GitHub stars](https://img.shields.io/github/stars/cpplint/cpplint?cacheSeconds=3600)](https://github.com/cpplint/cpplint){target=_blank} | [C](descriptors/c_cpplint.md)
[CPP](descriptors/cpp_cpplint.md) | :white_circle: | [Repository](https://github.com/cpplint/cpplint){target=_blank} | +| [**csharpier**](https://github.com/belav/csharpier){target=_blank} | linux/amd64
linux/arm64 | 0.25.0 | [MIT](licenses/csharpier.md) | [![GitHub stars](https://img.shields.io/github/stars/belav/csharpier?cacheSeconds=3600)](https://github.com/belav/csharpier){target=_blank} | [CSHARP](descriptors/csharp_csharpier.md) | :white_circle: | [Repository](https://github.com/belav/csharpier){target=_blank} | +| [**cspell**](https://github.com/streetsidesoftware/cspell){target=_blank} | linux/amd64
linux/arm64 | 6.31.2 | [MIT](licenses/cspell.md) | [![GitHub stars](https://img.shields.io/github/stars/streetsidesoftware/cspell?cacheSeconds=3600)](https://github.com/streetsidesoftware/cspell){target=_blank} | [SPELL](descriptors/spell_cspell.md) | :heart: | [MegaLinter reference](https://github.com/streetsidesoftware/cspell/tree/master/packages/cspell#mega-linter){target=_blank} | +| [**dartanalyzer**](https://github.com/dart-lang/sdk){target=_blank} | linux/amd64
linux/arm64 | N/A | [BSD-3-Clause](licenses/dartanalyzer.md) | [![GitHub stars](https://img.shields.io/github/stars/dart-lang/sdk?cacheSeconds=3600)](https://github.com/dart-lang/sdk){target=_blank} | [DART](descriptors/dart_dartanalyzer.md) | :no_entry_sign: | [Repository](https://github.com/dart-lang/sdk){target=_blank} | +| [**devskim**](https://github.com/microsoft/DevSkim){target=_blank} | linux/amd64
linux/arm64 | 1.0.11 | [MIT](licenses/devskim.md) | [![GitHub stars](https://img.shields.io/github/stars/microsoft/DevSkim?cacheSeconds=3600)](https://github.com/microsoft/DevSkim){target=_blank} | [REPOSITORY](descriptors/repository_devskim.md) | :white_circle: | [Repository](https://github.com/microsoft/DevSkim){target=_blank} | +| [**djlint**](https://github.com/Riverside-Healthcare/djlint){target=_blank} | linux/amd64
linux/arm64 | 1.31.1 | [GPL-3.0](licenses/djlint.md) | [![GitHub stars](https://img.shields.io/github/stars/Riverside-Healthcare/djlint?cacheSeconds=3600)](https://github.com/Riverside-Healthcare/djlint){target=_blank} | [HTML](descriptors/html_djlint.md) | :heart: | [MegaLinter reference](https://djlint.com/docs/integrations/#megalinter){target=_blank} | +| [**dotenv-linter**](https://github.com/dotenv-linter/dotenv-linter){target=_blank} | linux/amd64
linux/arm64 | 3.3.0 | [MIT](licenses/dotenv-linter.md) | [![GitHub stars](https://img.shields.io/github/stars/dotenv-linter/dotenv-linter?cacheSeconds=3600)](https://github.com/dotenv-linter/dotenv-linter){target=_blank} | [ENV](descriptors/env_dotenv_linter.md) | :heart: | [MegaLinter reference](https://dotenv-linter.github.io/#/integrations/mega_linter){target=_blank} | +| [**dotnet-format**](https://github.com/dotnet/format){target=_blank} | linux/amd64
linux/arm64 | 6.0.412 | [MIT](licenses/dotnet-format.md) | [![GitHub stars](https://img.shields.io/github/stars/dotnet/format?cacheSeconds=3600)](https://github.com/dotnet/format){target=_blank} | [CSHARP](descriptors/csharp_dotnet_format.md)
[VBDOTNET](descriptors/vbdotnet_dotnet_format.md) | :white_circle: | [Repository](https://github.com/dotnet/format){target=_blank} | +| [**dustilock**](https://github.com/Checkmarx/dustilock){target=_blank} | linux/amd64
linux/arm64 | 1.2.0 | [Apache-2.0](licenses/dustilock.md) | [![GitHub stars](https://img.shields.io/github/stars/Checkmarx/dustilock?cacheSeconds=3600)](https://github.com/Checkmarx/dustilock){target=_blank} | [REPOSITORY](descriptors/repository_dustilock.md) | :white_circle: | [Repository](https://github.com/Checkmarx/dustilock){target=_blank} | +| [**editorconfig-checker**](https://github.com/editorconfig-checker/editorconfig-checker){target=_blank} | linux/amd64
linux/arm64 | 2.7.0 | [MIT](licenses/editorconfig-checker.md) | [![GitHub stars](https://img.shields.io/github/stars/editorconfig-checker/editorconfig-checker?cacheSeconds=3600)](https://github.com/editorconfig-checker/editorconfig-checker){target=_blank} | [EDITORCONFIG](descriptors/editorconfig_editorconfig_checker.md) | :heart: | [MegaLinter reference](https://github.com/editorconfig-checker/editorconfig-checker#mega-linter){target=_blank} | +| [**eslint**](https://github.com/eslint/eslint){target=_blank} | linux/amd64
linux/arm64 | 8.45.0 | [MIT](licenses/eslint.md) | [![GitHub stars](https://img.shields.io/github/stars/eslint/eslint?cacheSeconds=3600)](https://github.com/eslint/eslint){target=_blank} | [JAVASCRIPT](descriptors/javascript_eslint.md)
[JSX](descriptors/jsx_eslint.md)
[TSX](descriptors/tsx_eslint.md)
[TYPESCRIPT](descriptors/typescript_eslint.md) | :heart: | [MegaLinter reference](https://eslint.org/docs/user-guide/integrations#source-control){target=_blank} | +| [**eslint-plugin-jsonc**](https://github.com/ota-meshi/eslint-plugin-jsonc){target=_blank} | linux/amd64
linux/arm64 | 2.9.0 | [MIT](licenses/eslint-plugin-jsonc.md) | [![GitHub stars](https://img.shields.io/github/stars/ota-meshi/eslint-plugin-jsonc?cacheSeconds=3600)](https://github.com/ota-meshi/eslint-plugin-jsonc){target=_blank} | [JSON](descriptors/json_eslint_plugin_jsonc.md) | :heart: | [MegaLinter reference](https://eslint.org/docs/user-guide/integrations#source-control){target=_blank} | +| [**flake8**](https://github.com/PyCQA/flake8){target=_blank} | linux/amd64
linux/arm64 | 6.0.0 | [MIT](licenses/flake8.md) | [![GitHub stars](https://img.shields.io/github/stars/PyCQA/flake8?cacheSeconds=3600)](https://github.com/PyCQA/flake8){target=_blank} | [PYTHON](descriptors/python_flake8.md) | :white_circle: | [Repository](https://github.com/PyCQA/flake8){target=_blank} | +| [**gherkin-lint**](https://github.com/vsiakka/gherkin-lint){target=_blank} | linux/amd64
linux/arm64 | N/A | [ISC](licenses/gherkin-lint.md) | [![GitHub stars](https://img.shields.io/github/stars/vsiakka/gherkin-lint?cacheSeconds=3600)](https://github.com/vsiakka/gherkin-lint){target=_blank} | [GHERKIN](descriptors/gherkin_gherkin_lint.md) | :white_circle: | [Repository](https://github.com/vsiakka/gherkin-lint){target=_blank} | +| [**git_diff**](https://github.com/git/git){target=_blank} | linux/amd64
linux/arm64 | 2.38.5 | [LGPL-2.1](licenses/git_diff.md) | [![GitHub stars](https://img.shields.io/github/stars/git/git?cacheSeconds=3600)](https://github.com/git/git){target=_blank} | [REPOSITORY](descriptors/repository_git_diff.md) | | [Repository](https://github.com/git/git){target=_blank} | +| [**gitleaks**](https://github.com/gitleaks/gitleaks){target=_blank} | linux/amd64
linux/arm64 | 8.17.0 | [MIT](licenses/gitleaks.md) | [![GitHub stars](https://img.shields.io/github/stars/gitleaks/gitleaks?cacheSeconds=3600)](https://github.com/gitleaks/gitleaks){target=_blank} | [REPOSITORY](descriptors/repository_gitleaks.md) | :white_circle: | [Repository](https://github.com/gitleaks/gitleaks){target=_blank} | +| [**golangci-lint**](https://github.com/golangci/golangci-lint){target=_blank} | linux/amd64
linux/arm64 | 1.53.3 | [GPL-3.0](licenses/golangci-lint.md) | [![GitHub stars](https://img.shields.io/github/stars/golangci/golangci-lint?cacheSeconds=3600)](https://github.com/golangci/golangci-lint){target=_blank} | [GO](descriptors/go_golangci_lint.md) | :white_circle: | [Repository](https://github.com/golangci/golangci-lint){target=_blank} | +| [**graphql-schema-linter**](https://github.com/cjoudrey/graphql-schema-linter){target=_blank} | linux/amd64
linux/arm64 | 3.0.1 | [MIT](licenses/graphql-schema-linter.md) | [![GitHub stars](https://img.shields.io/github/stars/cjoudrey/graphql-schema-linter?cacheSeconds=3600)](https://github.com/cjoudrey/graphql-schema-linter){target=_blank} | [GRAPHQL](descriptors/graphql_graphql_schema_linter.md) | :hammer_and_wrench: | [Pull Request](https://github.com/cjoudrey/graphql-schema-linter/pull/272){target=_blank} | +| [**grype**](https://github.com/anchore/grype){target=_blank} | | 0.63.1 | [Apache-2.0](licenses/grype.md) | [![GitHub stars](https://img.shields.io/github/stars/anchore/grype?cacheSeconds=3600)](https://github.com/anchore/grype){target=_blank} | [REPOSITORY](descriptors/repository_grype.md) | :white_circle: | [Repository](https://github.com/anchore/grype){target=_blank} | +| [**hadolint**](https://github.com/hadolint/hadolint){target=_blank} | linux/amd64
linux/arm64 | 2.12.0 | [GPL-3.0](licenses/hadolint.md) | [![GitHub stars](https://img.shields.io/github/stars/hadolint/hadolint?cacheSeconds=3600)](https://github.com/hadolint/hadolint){target=_blank} | [DOCKERFILE](descriptors/dockerfile_hadolint.md) | :heart: | [MegaLinter reference](https://github.com/hadolint/hadolint/blob/master/docs/INTEGRATION.md#mega-linter){target=_blank} | +| [**helm**](https://github.com/helm/helm){target=_blank} | linux/amd64
linux/arm64 | 3.10.2 | [Apache-2.0](licenses/helm.md) | [![GitHub stars](https://img.shields.io/github/stars/helm/helm?cacheSeconds=3600)](https://github.com/helm/helm){target=_blank} | [KUBERNETES](descriptors/kubernetes_helm.md) | :white_circle: | [Repository](https://github.com/helm/helm){target=_blank} | +| [**htmlhint**](https://github.com/htmlhint/HTMLHint){target=_blank} | linux/amd64
linux/arm64 | 1.1.4 | [MIT](licenses/htmlhint.md) | [![GitHub stars](https://img.shields.io/github/stars/htmlhint/HTMLHint?cacheSeconds=3600)](https://github.com/htmlhint/HTMLHint){target=_blank} | [HTML](descriptors/html_htmlhint.md) | :heart: | [MegaLinter reference](https://htmlhint.com/docs/user-guide/integrations/task-runner){target=_blank} | +| [**isort**](https://github.com/PyCQA/isort){target=_blank} | linux/amd64
linux/arm64 | 5.12.0 | [MIT](licenses/isort.md) | [![GitHub stars](https://img.shields.io/github/stars/PyCQA/isort?cacheSeconds=3600)](https://github.com/PyCQA/isort){target=_blank} | [PYTHON](descriptors/python_isort.md) | :white_circle: | [Repository](https://github.com/PyCQA/isort){target=_blank} | +| [**jscpd**](https://github.com/kucherenko/jscpd){target=_blank} | linux/amd64
linux/arm64 | 3.5.9 | [MIT](licenses/jscpd.md) | [![GitHub stars](https://img.shields.io/github/stars/kucherenko/jscpd?cacheSeconds=3600)](https://github.com/kucherenko/jscpd){target=_blank} | [COPYPASTE](descriptors/copypaste_jscpd.md) | :heart: | [MegaLinter reference](https://github.com/kucherenko/jscpd#who-uses-jscpd){target=_blank} | +| [**jsonlint**](https://github.com/prantlf/jsonlint){target=_blank} | linux/amd64
linux/arm64 | 14.0.3 | [MIT](licenses/jsonlint.md) | [![GitHub stars](https://img.shields.io/github/stars/prantlf/jsonlint?cacheSeconds=3600)](https://github.com/prantlf/jsonlint){target=_blank} | [JSON](descriptors/json_jsonlint.md) | :white_circle: | [Repository](https://github.com/prantlf/jsonlint){target=_blank} | +| [**kics**](https://github.com/checkmarx/kics){target=_blank} | | 1.7.3 | [Apache-2.0](licenses/kics.md) | [![GitHub stars](https://img.shields.io/github/stars/checkmarx/kics?cacheSeconds=3600)](https://github.com/checkmarx/kics){target=_blank} | [REPOSITORY](descriptors/repository_kics.md) | :heart: | [MegaLinter reference](https://docs.kics.io/latest/integrations/){target=_blank} | +| [**ktlint**](https://github.com/pinterest/ktlint){target=_blank} | linux/amd64
linux/arm64 | 0.50.0 | [MIT](licenses/ktlint.md) | [![GitHub stars](https://img.shields.io/github/stars/pinterest/ktlint?cacheSeconds=3600)](https://github.com/pinterest/ktlint){target=_blank} | [KOTLIN](descriptors/kotlin_ktlint.md) | :heart: | [MegaLinter reference](https://github.com/pinterest/ktlint#-with-continuous-integration){target=_blank} | +| [**kubeconform**](https://github.com/yannh/kubeconform){target=_blank} | linux/amd64
linux/arm64 | 0.6.3 | [Apache-2.0](licenses/kubeconform.md) | [![GitHub stars](https://img.shields.io/github/stars/yannh/kubeconform?cacheSeconds=3600)](https://github.com/yannh/kubeconform){target=_blank} | [KUBERNETES](descriptors/kubernetes_kubeconform.md) | :white_circle: | [Repository](https://github.com/yannh/kubeconform){target=_blank} | +| [**kubescape**](https://github.com/kubescape/kubescape){target=_blank} | linux/amd64
linux/arm64 | 2.3.6 | [Apache-2.0](licenses/kubescape.md) | [![GitHub stars](https://img.shields.io/github/stars/kubescape/kubescape?cacheSeconds=3600)](https://github.com/kubescape/kubescape){target=_blank} | [KUBERNETES](descriptors/kubernetes_kubescape.md) | :white_circle: | [Repository](https://github.com/kubescape/kubescape){target=_blank} | +| [**lintr**](https://github.com/r-lib/lintr){target=_blank} | linux/amd64
linux/arm64 | N/A | [Other](licenses/lintr.md) | [![GitHub stars](https://img.shields.io/github/stars/r-lib/lintr?cacheSeconds=3600)](https://github.com/r-lib/lintr){target=_blank} | [R](descriptors/r_lintr.md) | :heart: | [MegaLinter reference](https://cran.r-project.org/web/packages/lintr/vignettes/continuous-integration.html){target=_blank} | +| [**luacheck**](https://github.com/luarocks/luacheck){target=_blank} | linux/amd64
linux/arm64 | 1.1.1 | [MIT](licenses/luacheck.md) | [![GitHub stars](https://img.shields.io/github/stars/luarocks/luacheck?cacheSeconds=3600)](https://github.com/luarocks/luacheck){target=_blank} | [LUA](descriptors/lua_luacheck.md) | :no_entry_sign: | [Repository](https://github.com/luarocks/luacheck){target=_blank} | +| [**lychee**](https://github.com/lycheeverse/lychee){target=_blank} | | 0.13.0 | [Apache-2.0](licenses/lychee.md) | [![GitHub stars](https://img.shields.io/github/stars/lycheeverse/lychee?cacheSeconds=3600)](https://github.com/lycheeverse/lychee){target=_blank} | [SPELL](descriptors/spell_lychee.md) | :white_circle: | [Repository](https://github.com/lycheeverse/lychee){target=_blank} | +| [**markdown-link-check**](https://github.com/tcort/markdown-link-check){target=_blank} | linux/amd64
linux/arm64 | 3.11.2 | [ISC](licenses/markdown-link-check.md) | [![GitHub stars](https://img.shields.io/github/stars/tcort/markdown-link-check?cacheSeconds=3600)](https://github.com/tcort/markdown-link-check){target=_blank} | [MARKDOWN](descriptors/markdown_markdown_link_check.md) | :heart: | [MegaLinter reference](https://github.com/tcort/markdown-link-check#run-in-other-tools){target=_blank} | +| [**markdown-table-formatter**](https://github.com/nvuillam/markdown-table-formatter){target=_blank} | linux/amd64
linux/arm64 | 1.4.0 | [MIT](licenses/markdown-table-formatter.md) | [![GitHub stars](https://img.shields.io/github/stars/nvuillam/markdown-table-formatter?cacheSeconds=3600)](https://github.com/nvuillam/markdown-table-formatter){target=_blank} | [MARKDOWN](descriptors/markdown_markdown_table_formatter.md) | :white_circle: | [Repository](https://github.com/nvuillam/markdown-table-formatter){target=_blank} | +| [**markdownlint**](https://github.com/DavidAnson/markdownlint){target=_blank} | linux/amd64
linux/arm64 | 0.35.0 | [MIT](licenses/markdownlint.md) | [![GitHub stars](https://img.shields.io/github/stars/DavidAnson/markdownlint?cacheSeconds=3600)](https://github.com/DavidAnson/markdownlint){target=_blank} | [MARKDOWN](descriptors/markdown_markdownlint.md) | :white_circle: | [Repository](https://github.com/DavidAnson/markdownlint){target=_blank} | +| [**mypy**](https://github.com/python/mypy){target=_blank} | linux/amd64
linux/arm64 | 1.4.1 | [MIT](licenses/mypy.md) | [![GitHub stars](https://img.shields.io/github/stars/python/mypy?cacheSeconds=3600)](https://github.com/python/mypy){target=_blank} | [PYTHON](descriptors/python_mypy.md) | | [Repository](https://github.com/python/mypy){target=_blank} | +| [**npm-groovy-lint**](https://github.com/nvuillam/npm-groovy-lint){target=_blank} | linux/amd64
linux/arm64 | 11.1.1 | [GPL-3.0](licenses/npm-groovy-lint.md) | [![GitHub stars](https://img.shields.io/github/stars/nvuillam/npm-groovy-lint?cacheSeconds=3600)](https://github.com/nvuillam/npm-groovy-lint){target=_blank} | [GROOVY](descriptors/groovy_npm_groovy_lint.md) | :heart: | [MegaLinter reference](https://nvuillam.github.io/npm-groovy-lint/#mega-linter){target=_blank} | +| [**npm-package-json-lint**](https://github.com/tclindner/npm-package-json-lint){target=_blank} | linux/amd64
linux/arm64 | 7.0.0 | [MIT](licenses/npm-package-json-lint.md) | [![GitHub stars](https://img.shields.io/github/stars/tclindner/npm-package-json-lint?cacheSeconds=3600)](https://github.com/tclindner/npm-package-json-lint){target=_blank} | [JSON](descriptors/json_npm_package_json_lint.md) | :heart: | [MegaLinter reference](https://npmpackagejsonlint.org/docs/integrations#megalinter){target=_blank} | +| [**perlcritic**](https://github.com/Perl-Critic/Perl-Critic){target=_blank} | linux/amd64
linux/arm64 | 1.150 | [Other](licenses/perlcritic.md) | [![GitHub stars](https://img.shields.io/github/stars/Perl-Critic/Perl-Critic?cacheSeconds=3600)](https://github.com/Perl-Critic/Perl-Critic){target=_blank} | [PERL](descriptors/perl_perlcritic.md) | :white_circle: | [Repository](https://github.com/Perl-Critic/Perl-Critic){target=_blank} | +| [**phpcs**](https://github.com/squizlabs/PHP_CodeSniffer){target=_blank} | linux/amd64
linux/arm64 | 3.7.2 | [BSD-3-Clause](licenses/phpcs.md) | [![GitHub stars](https://img.shields.io/github/stars/squizlabs/PHP_CodeSniffer?cacheSeconds=3600)](https://github.com/squizlabs/PHP_CodeSniffer){target=_blank} | [PHP](descriptors/php_phpcs.md) | :white_circle: | [Repository](https://github.com/squizlabs/PHP_CodeSniffer){target=_blank} | +| [**phplint**](https://github.com/overtrue/phplint){target=_blank} | linux/amd64
linux/arm64 | 9.0.4 | [MIT](licenses/phplint.md) | [![GitHub stars](https://img.shields.io/github/stars/overtrue/phplint?cacheSeconds=3600)](https://github.com/overtrue/phplint){target=_blank} | [PHP](descriptors/php_phplint.md) | :white_circle: | [Repository](https://github.com/overtrue/phplint){target=_blank} | +| [**phpstan**](https://github.com/phpstan/phpstan){target=_blank} | linux/amd64
linux/arm64 | 1.10.25 | [MIT](licenses/phpstan.md) | [![GitHub stars](https://img.shields.io/github/stars/phpstan/phpstan?cacheSeconds=3600)](https://github.com/phpstan/phpstan){target=_blank} | [PHP](descriptors/php_phpstan.md) | :white_circle: | [Repository](https://github.com/phpstan/phpstan){target=_blank} | +| [**pmd**](https://github.com/pmd/pmd){target=_blank} | linux/amd64
linux/arm64 | 6.55.0 | [Apache-2.0](licenses/pmd.md) | [![GitHub stars](https://img.shields.io/github/stars/pmd/pmd?cacheSeconds=3600)](https://github.com/pmd/pmd){target=_blank} | [JAVA](descriptors/java_pmd.md) | :heart: | [MegaLinter reference](https://pmd.sourceforge.io/pmd-6.55.0/pmd_userdocs_tools_ci.html){target=_blank} | +| [**powershell**](https://github.com/PowerShell/PSScriptAnalyzer){target=_blank} | linux/amd64
linux/arm64 | 7.3.6 | [MIT](licenses/powershell.md) | [![GitHub stars](https://img.shields.io/github/stars/PowerShell/PSScriptAnalyzer?cacheSeconds=3600)](https://github.com/PowerShell/PSScriptAnalyzer){target=_blank} | [POWERSHELL](descriptors/powershell_powershell.md) | :white_circle: | [Repository](https://github.com/PowerShell/PSScriptAnalyzer){target=_blank} | +| [**powershell_formatter**](https://github.com/PowerShell/PSScriptAnalyzer){target=_blank} | linux/amd64
linux/arm64 | 7.3.6 | [MIT](licenses/powershell_formatter.md) | [![GitHub stars](https://img.shields.io/github/stars/PowerShell/PSScriptAnalyzer?cacheSeconds=3600)](https://github.com/PowerShell/PSScriptAnalyzer){target=_blank} | [POWERSHELL](descriptors/powershell_powershell_formatter.md) | :white_circle: | [Repository](https://github.com/PowerShell/PSScriptAnalyzer){target=_blank} | +| [**prettier**](https://github.com/prettier/prettier){target=_blank} | linux/amd64
linux/arm64 | 3.0.0 | [MIT](licenses/prettier.md) | [![GitHub stars](https://img.shields.io/github/stars/prettier/prettier?cacheSeconds=3600)](https://github.com/prettier/prettier){target=_blank} | [JAVASCRIPT](descriptors/javascript_prettier.md)
[JSON](descriptors/json_prettier.md)
[TYPESCRIPT](descriptors/typescript_prettier.md)
[YAML](descriptors/yaml_prettier.md) | :white_circle: | [Repository](https://github.com/prettier/prettier){target=_blank} | +| [**proselint**](https://github.com/amperser/proselint){target=_blank} | linux/amd64
linux/arm64 | 0.13.0 | [BSD-3-Clause](licenses/proselint.md) | [![GitHub stars](https://img.shields.io/github/stars/amperser/proselint?cacheSeconds=3600)](https://github.com/amperser/proselint){target=_blank} | [SPELL](descriptors/spell_proselint.md) | :white_circle: | [Repository](https://github.com/amperser/proselint){target=_blank} | +| [**protolint**](https://github.com/yoheimuta/protolint){target=_blank} | linux/amd64
linux/arm64 | 0.45.0 | [MIT](licenses/protolint.md) | [![GitHub stars](https://img.shields.io/github/stars/yoheimuta/protolint?cacheSeconds=3600)](https://github.com/yoheimuta/protolint){target=_blank} | [PROTOBUF](descriptors/protobuf_protolint.md) | :white_circle: | [Repository](https://github.com/yoheimuta/protolint){target=_blank} | +| [**psalm**](https://github.com/vimeo/psalm){target=_blank} | linux/amd64
linux/arm64 | Psalm.5.13.1@ | [MIT](licenses/psalm.md) | [![GitHub stars](https://img.shields.io/github/stars/vimeo/psalm?cacheSeconds=3600)](https://github.com/vimeo/psalm){target=_blank} | [PHP](descriptors/php_psalm.md) | :white_circle: | [Repository](https://github.com/vimeo/psalm){target=_blank} | +| [**puppet-lint**](https://github.com/puppetlabs/puppet-lint){target=_blank} | linux/amd64
linux/arm64 | 4.0.0 | [MIT](licenses/puppet-lint.md) | [![GitHub stars](https://img.shields.io/github/stars/puppetlabs/puppet-lint?cacheSeconds=3600)](https://github.com/puppetlabs/puppet-lint){target=_blank} | [PUPPET](descriptors/puppet_puppet_lint.md) | :white_circle: | [Repository](https://github.com/puppetlabs/puppet-lint){target=_blank} | +| [**pylint**](https://github.com/PyCQA/pylint){target=_blank} | linux/amd64
linux/arm64 | 2.17.4 | [GPL-2.0](licenses/pylint.md) | [![GitHub stars](https://img.shields.io/github/stars/PyCQA/pylint?cacheSeconds=3600)](https://github.com/PyCQA/pylint){target=_blank} | [PYTHON](descriptors/python_pylint.md) | :white_circle: | [Repository](https://github.com/PyCQA/pylint){target=_blank} | +| [**pyright**](https://github.com/microsoft/pyright){target=_blank} | linux/amd64
linux/arm64 | 1.1.317 | [Other](licenses/pyright.md) | [![GitHub stars](https://img.shields.io/github/stars/microsoft/pyright?cacheSeconds=3600)](https://github.com/microsoft/pyright){target=_blank} | [PYTHON](descriptors/python_pyright.md) | :white_circle: | [Repository](https://github.com/microsoft/pyright){target=_blank} | +| [**raku**](https://github.com/rakudo/rakudo){target=_blank} | linux/amd64
linux/arm64 | 2020.10 | [Artistic-2.0](licenses/raku.md) | [![GitHub stars](https://img.shields.io/github/stars/rakudo/rakudo?cacheSeconds=3600)](https://github.com/rakudo/rakudo){target=_blank} | [RAKU](descriptors/raku_raku.md) | :white_circle: | [Repository](https://github.com/rakudo/rakudo){target=_blank} | +| [**remark-lint**](https://github.com/remarkjs/remark-lint){target=_blank} | linux/amd64
linux/arm64 | 14.0.2 | [MIT](licenses/remark-lint.md) | [![GitHub stars](https://img.shields.io/github/stars/remarkjs/remark-lint?cacheSeconds=3600)](https://github.com/remarkjs/remark-lint){target=_blank} | [MARKDOWN](descriptors/markdown_remark_lint.md) | :white_circle: | [Repository](https://github.com/remarkjs/remark-lint){target=_blank} | +| [**revive**](https://github.com/mgechev/revive){target=_blank} | linux/amd64
linux/arm64 | 1.3.2 | [MIT](licenses/revive.md) | [![GitHub stars](https://img.shields.io/github/stars/mgechev/revive?cacheSeconds=3600)](https://github.com/mgechev/revive){target=_blank} | [GO](descriptors/go_revive.md) | :white_circle: | [Repository](https://github.com/mgechev/revive){target=_blank} | +| [**rst-lint**](https://github.com/twolfson/restructuredtext-lint){target=_blank} | linux/amd64
linux/arm64 | 1.4.0 | [Unlicense](licenses/rst-lint.md) | [![GitHub stars](https://img.shields.io/github/stars/twolfson/restructuredtext-lint?cacheSeconds=3600)](https://github.com/twolfson/restructuredtext-lint){target=_blank} | [RST](descriptors/rst_rst_lint.md) | :heart: | [MegaLinter reference](https://github.com/twolfson/restructuredtext-lint/wiki/Integration-in-other-tools#integration-in-other-tools){target=_blank} | +| [**rstcheck**](https://github.com/myint/rstcheck){target=_blank} | linux/amd64
linux/arm64 | 6.1.2 | [MIT](licenses/rstcheck.md) | [![GitHub stars](https://img.shields.io/github/stars/myint/rstcheck?cacheSeconds=3600)](https://github.com/myint/rstcheck){target=_blank} | [RST](descriptors/rst_rstcheck.md) | :heart: | [MegaLinter reference](https://rstcheck.readthedocs.io/en/latest/usage/integration/#use-with-mega-linter){target=_blank} | +| [**rstfmt**](https://github.com/dzhu/rstfmt){target=_blank} | linux/amd64
linux/arm64 | 0.0.13 | | | [RST](descriptors/rst_rstfmt.md) | :hammer_and_wrench: | [Pull Request](https://github.com/dzhu/rstfmt/pull/1){target=_blank} | +| [**rubocop**](https://github.com/rubocop-hq/rubocop){target=_blank} | linux/amd64
linux/arm64 | 1.54.2 | [MIT](licenses/rubocop.md) | [![GitHub stars](https://img.shields.io/github/stars/rubocop-hq/rubocop?cacheSeconds=3600)](https://github.com/rubocop-hq/rubocop){target=_blank} | [RUBY](descriptors/ruby_rubocop.md) | :heart: | [MegaLinter reference](https://docs.rubocop.org/rubocop/integration_with_other_tools.html#mega-linter-integration){target=_blank} | +| [**ruff**](https://github.com/charliermarsh/ruff){target=_blank} | | 0.0.278 | [MIT](licenses/ruff.md) | [![GitHub stars](https://img.shields.io/github/stars/charliermarsh/ruff?cacheSeconds=3600)](https://github.com/charliermarsh/ruff){target=_blank} | [PYTHON](descriptors/python_ruff.md) | :white_circle: | [Repository](https://github.com/charliermarsh/ruff){target=_blank} | +| [**scalafix**](https://github.com/scalacenter/scalafix){target=_blank} | linux/amd64
linux/arm64 | 0.11.0 | [Other](licenses/scalafix.md) | [![GitHub stars](https://img.shields.io/github/stars/scalacenter/scalafix?cacheSeconds=3600)](https://github.com/scalacenter/scalafix){target=_blank} | [SCALA](descriptors/scala_scalafix.md) | :heart: | [MegaLinter reference](https://scalacenter.github.io/scalafix/docs/users/installation.html#plugins-for-other-build-tools){target=_blank} | +| [**scss-lint**](https://github.com/sds/scss-lint){target=_blank} | linux/amd64
linux/arm64 | 0.60.0 | [MIT](licenses/scss-lint.md) | [![GitHub stars](https://img.shields.io/github/stars/sds/scss-lint?cacheSeconds=3600)](https://github.com/sds/scss-lint){target=_blank} | [CSS](descriptors/css_scss_lint.md) | :white_circle: | [Repository](https://github.com/sds/scss-lint){target=_blank} | +| [**secretlint**](https://github.com/secretlint/secretlint){target=_blank} | linux/amd64
linux/arm64 | 7.0.3 | [MIT](licenses/secretlint.md) | [![GitHub stars](https://img.shields.io/github/stars/secretlint/secretlint?cacheSeconds=3600)](https://github.com/secretlint/secretlint){target=_blank} | [REPOSITORY](descriptors/repository_secretlint.md) | :heart: | [MegaLinter reference](https://github.com/secretlint/secretlint#mega-linter){target=_blank} | +| [**semgrep**](https://github.com/returntocorp/semgrep){target=_blank} | linux/amd64
linux/arm64 | 1.32.0 | [LGPL-2.1](licenses/semgrep.md) | [![GitHub stars](https://img.shields.io/github/stars/returntocorp/semgrep?cacheSeconds=3600)](https://github.com/returntocorp/semgrep){target=_blank} | [REPOSITORY](descriptors/repository_semgrep.md) | :white_circle: | [Repository](https://github.com/returntocorp/semgrep){target=_blank} | +| [**sfdx-scanner-apex**](https://github.com/forcedotcom/sfdx-scanner){target=_blank} | linux/amd64
linux/arm64 | 3.14.0 | [MIT](licenses/sfdx-scanner-apex.md) | [![GitHub stars](https://img.shields.io/github/stars/forcedotcom/sfdx-scanner?cacheSeconds=3600)](https://github.com/forcedotcom/sfdx-scanner){target=_blank} | [SALESFORCE](descriptors/salesforce_sfdx_scanner_apex.md) | :hammer_and_wrench: | [Pull Request](https://github.com/forcedotcom/sfdx-scanner/pull/307){target=_blank} | +| [**sfdx-scanner-aura**](https://github.com/forcedotcom/sfdx-scanner){target=_blank} | linux/amd64
linux/arm64 | 3.14.0 | [MIT](licenses/sfdx-scanner-aura.md) | [![GitHub stars](https://img.shields.io/github/stars/forcedotcom/sfdx-scanner?cacheSeconds=3600)](https://github.com/forcedotcom/sfdx-scanner){target=_blank} | [SALESFORCE](descriptors/salesforce_sfdx_scanner_aura.md) | :hammer_and_wrench: | [Pull Request](https://github.com/forcedotcom/sfdx-scanner/pull/307){target=_blank} | +| [**sfdx-scanner-lwc**](https://github.com/forcedotcom/sfdx-scanner){target=_blank} | linux/amd64
linux/arm64 | 3.14.0 | [MIT](licenses/sfdx-scanner-lwc.md) | [![GitHub stars](https://img.shields.io/github/stars/forcedotcom/sfdx-scanner?cacheSeconds=3600)](https://github.com/forcedotcom/sfdx-scanner){target=_blank} | [SALESFORCE](descriptors/salesforce_sfdx_scanner_lwc.md) | :hammer_and_wrench: | [Pull Request](https://github.com/forcedotcom/sfdx-scanner/pull/307){target=_blank} | +| [**shellcheck**](https://github.com/koalaman/shellcheck){target=_blank} | linux/amd64
linux/arm64 | 0.9.0 | [GPL-3.0](licenses/shellcheck.md) | [![GitHub stars](https://img.shields.io/github/stars/koalaman/shellcheck?cacheSeconds=3600)](https://github.com/koalaman/shellcheck){target=_blank} | [BASH](descriptors/bash_shellcheck.md) | | [Repository](https://github.com/koalaman/shellcheck){target=_blank} | +| [**shfmt**](https://github.com/mvdan/sh){target=_blank} | linux/amd64
linux/arm64 | 3.7.0 | [BSD-3-Clause](licenses/shfmt.md) | [![GitHub stars](https://img.shields.io/github/stars/mvdan/sh?cacheSeconds=3600)](https://github.com/mvdan/sh){target=_blank} | [BASH](descriptors/bash_shfmt.md) | :no_entry_sign: | [Repository](https://github.com/mvdan/sh){target=_blank} | +| [**snakefmt**](https://github.com/snakemake/snakefmt){target=_blank} | linux/amd64
linux/arm64 | 0.8.4 | [MIT](licenses/snakefmt.md) | [![GitHub stars](https://img.shields.io/github/stars/snakemake/snakefmt?cacheSeconds=3600)](https://github.com/snakemake/snakefmt){target=_blank} | [SNAKEMAKE](descriptors/snakemake_snakefmt.md) | :white_circle: | [Repository](https://github.com/snakemake/snakefmt){target=_blank} | +| [**snakemake**](https://github.com/snakemake/snakemake){target=_blank} | linux/amd64
linux/arm64 | 7.30.1 | [MIT](licenses/snakemake.md) | [![GitHub stars](https://img.shields.io/github/stars/snakemake/snakemake?cacheSeconds=3600)](https://github.com/snakemake/snakemake){target=_blank} | [SNAKEMAKE](descriptors/snakemake_snakemake.md) | :white_circle: | [Repository](https://github.com/snakemake/snakemake){target=_blank} | +| [**spectral**](https://github.com/stoplightio/spectral){target=_blank} | linux/amd64
linux/arm64 | 6.8.0 | [Apache-2.0](licenses/spectral.md) | [![GitHub stars](https://img.shields.io/github/stars/stoplightio/spectral?cacheSeconds=3600)](https://github.com/stoplightio/spectral){target=_blank} | [OPENAPI](descriptors/openapi_spectral.md) | :white_circle: | [Repository](https://github.com/stoplightio/spectral){target=_blank} | +| [**sql-lint**](https://github.com/joereynolds/sql-lint){target=_blank} | linux/amd64
linux/arm64 | 1.0.0 | [MIT](licenses/sql-lint.md) | [![GitHub stars](https://img.shields.io/github/stars/joereynolds/sql-lint?cacheSeconds=3600)](https://github.com/joereynolds/sql-lint){target=_blank} | [SQL](descriptors/sql_sql_lint.md) | :white_circle: | [Repository](https://github.com/joereynolds/sql-lint){target=_blank} | +| [**sqlfluff**](https://github.com/sqlfluff/sqlfluff){target=_blank} | linux/amd64
linux/arm64 | 2.1.2 | [MIT](licenses/sqlfluff.md) | [![GitHub stars](https://img.shields.io/github/stars/sqlfluff/sqlfluff?cacheSeconds=3600)](https://github.com/sqlfluff/sqlfluff){target=_blank} | [SQL](descriptors/sql_sqlfluff.md) | :white_circle: | [Repository](https://github.com/sqlfluff/sqlfluff){target=_blank} | +| [**standard**](https://github.com/standard/standard){target=_blank} | linux/amd64
linux/arm64 | 17.1.0 | [MIT](licenses/standard.md) | [![GitHub stars](https://img.shields.io/github/stars/standard/standard?cacheSeconds=3600)](https://github.com/standard/standard){target=_blank} | [JAVASCRIPT](descriptors/javascript_standard.md) | :white_circle: | [Repository](https://github.com/standard/standard){target=_blank} | +| [**stylelint**](https://github.com/stylelint/stylelint){target=_blank} | linux/amd64
linux/arm64 | 15.10.1 | [MIT](licenses/stylelint.md) | [![GitHub stars](https://img.shields.io/github/stars/stylelint/stylelint?cacheSeconds=3600)](https://github.com/stylelint/stylelint){target=_blank} | [CSS](descriptors/css_stylelint.md) | :white_circle: | [Repository](https://github.com/stylelint/stylelint){target=_blank} | +| [**swiftlint**](https://github.com/realm/SwiftLint){target=_blank} | linux/amd64
linux/arm64 | 0.52.4 | [MIT](licenses/swiftlint.md) | [![GitHub stars](https://img.shields.io/github/stars/realm/SwiftLint?cacheSeconds=3600)](https://github.com/realm/SwiftLint){target=_blank} | [SWIFT](descriptors/swift_swiftlint.md) | :white_circle: | [Repository](https://github.com/realm/SwiftLint){target=_blank} | +| [**syft**](https://github.com/anchore/syft){target=_blank} | linux/amd64
linux/arm64 | 0.85.0 | [Apache-2.0](licenses/syft.md) | [![GitHub stars](https://img.shields.io/github/stars/anchore/syft?cacheSeconds=3600)](https://github.com/anchore/syft){target=_blank} | [REPOSITORY](descriptors/repository_syft.md) | :white_circle: | [Repository](https://github.com/anchore/syft){target=_blank} | +| [**tekton-lint**](https://github.com/IBM/tekton-lint){target=_blank} | linux/amd64
linux/arm64 | 0.6.0 | | [![GitHub stars](https://img.shields.io/github/stars/IBM/tekton-lint?cacheSeconds=3600)](https://github.com/IBM/tekton-lint){target=_blank} | [TEKTON](descriptors/tekton_tekton_lint.md) | :white_circle: | [Repository](https://github.com/IBM/tekton-lint){target=_blank} | +| [**terraform-fmt**](https://github.com/hashicorp/terraform){target=_blank} | linux/amd64
linux/arm64 | 1.5.3 | [MPL-2.0](licenses/terraform-fmt.md) | [![GitHub stars](https://img.shields.io/github/stars/hashicorp/terraform?cacheSeconds=3600)](https://github.com/hashicorp/terraform){target=_blank} | [TERRAFORM](descriptors/terraform_terraform_fmt.md) | :white_circle: | [Repository](https://github.com/hashicorp/terraform){target=_blank} | +| [**terragrunt**](https://github.com/gruntwork-io/terragrunt){target=_blank} | linux/amd64
linux/arm64 | 0.48.1 | [MIT](licenses/terragrunt.md) | [![GitHub stars](https://img.shields.io/github/stars/gruntwork-io/terragrunt?cacheSeconds=3600)](https://github.com/gruntwork-io/terragrunt){target=_blank} | [TERRAFORM](descriptors/terraform_terragrunt.md) | :white_circle: | [Repository](https://github.com/gruntwork-io/terragrunt){target=_blank} | +| [**terrascan**](https://github.com/tenable/terrascan){target=_blank} | linux/amd64
linux/arm64 | 1.18.1 | [Apache-2.0](licenses/terrascan.md) | [![GitHub stars](https://img.shields.io/github/stars/tenable/terrascan?cacheSeconds=3600)](https://github.com/tenable/terrascan){target=_blank} | [TERRAFORM](descriptors/terraform_terrascan.md) | :white_circle: | [Repository](https://github.com/tenable/terrascan){target=_blank} | +| [**tflint**](https://github.com/terraform-linters/tflint){target=_blank} | linux/amd64
linux/arm64 | 0.47.0 | [MPL-2.0](licenses/tflint.md) | [![GitHub stars](https://img.shields.io/github/stars/terraform-linters/tflint?cacheSeconds=3600)](https://github.com/terraform-linters/tflint){target=_blank} | [TERRAFORM](descriptors/terraform_tflint.md) | :white_circle: | [Repository](https://github.com/terraform-linters/tflint){target=_blank} | +| [**trivy**](https://github.com/aquasecurity/trivy){target=_blank} | linux/amd64
linux/arm64 | 0.43.1 | [Apache-2.0](licenses/trivy.md) | [![GitHub stars](https://img.shields.io/github/stars/aquasecurity/trivy?cacheSeconds=3600)](https://github.com/aquasecurity/trivy){target=_blank} | [REPOSITORY](descriptors/repository_trivy.md) | :white_circle: | [Repository](https://github.com/aquasecurity/trivy){target=_blank} | +| [**trivy-sbom**](https://github.com/aquasecurity/trivy){target=_blank} | linux/amd64
linux/arm64 | 0.43.1 | | [![GitHub stars](https://img.shields.io/github/stars/aquasecurity/trivy?cacheSeconds=3600)](https://github.com/aquasecurity/trivy){target=_blank} | [REPOSITORY](descriptors/repository_trivy_sbom.md) | :white_circle: | [Repository](https://github.com/aquasecurity/trivy){target=_blank} | +| [**trufflehog**](https://github.com/trufflesecurity/trufflehog){target=_blank} | linux/amd64
linux/arm64 | 3.44.0 | | [![GitHub stars](https://img.shields.io/github/stars/trufflesecurity/trufflehog?cacheSeconds=3600)](https://github.com/trufflesecurity/trufflehog){target=_blank} | [REPOSITORY](descriptors/repository_trufflehog.md) | :white_circle: | [Repository](https://github.com/trufflesecurity/trufflehog){target=_blank} | +| [**ts-standard**](https://github.com/standard/ts-standard){target=_blank} | linux/amd64
linux/arm64 | 12.0.2 | | [![GitHub stars](https://img.shields.io/github/stars/standard/ts-standard?cacheSeconds=3600)](https://github.com/standard/ts-standard){target=_blank} | [TYPESCRIPT](descriptors/typescript_ts_standard.md) | :white_circle: | [Repository](https://github.com/standard/ts-standard){target=_blank} | +| [**tsqllint**](https://github.com/tsqllint/tsqllint){target=_blank} | linux/amd64
linux/arm64 | 1.15.3.0 | [MIT](licenses/tsqllint.md) | [![GitHub stars](https://img.shields.io/github/stars/tsqllint/tsqllint?cacheSeconds=3600)](https://github.com/tsqllint/tsqllint){target=_blank} | [SQL](descriptors/sql_tsqllint.md) | :white_circle: | [Repository](https://github.com/tsqllint/tsqllint){target=_blank} | +| [**v8r**](https://github.com/chris48s/v8r){target=_blank} | linux/amd64
linux/arm64 | 2.0.0 | [MIT](licenses/v8r.md) | [![GitHub stars](https://img.shields.io/github/stars/chris48s/v8r?cacheSeconds=3600)](https://github.com/chris48s/v8r){target=_blank} | [JSON](descriptors/json_v8r.md)
[YAML](descriptors/yaml_v8r.md) | :no_entry_sign: | [Repository](https://github.com/chris48s/v8r){target=_blank} | +| [**vale**](https://github.com/errata-ai/vale){target=_blank} | | 2.28.0 | [MIT](licenses/vale.md) | [![GitHub stars](https://img.shields.io/github/stars/errata-ai/vale?cacheSeconds=3600)](https://github.com/errata-ai/vale){target=_blank} | [SPELL](descriptors/spell_vale.md) | :white_circle: | [Repository](https://github.com/errata-ai/vale){target=_blank} | +| [**xmllint**](http://xmlsoft.org/xmllint.html){target=_blank} | linux/amd64
linux/arm64 | 21004 | | | [XML](descriptors/xml_xmllint.md) | :white_circle: | [Web Site](http://xmlsoft.org/xmllint.html){target=_blank} | +| [**yamllint**](https://github.com/adrienverge/yamllint){target=_blank} | linux/amd64
linux/arm64 | 1.32.0 | [GPL-3.0](licenses/yamllint.md) | [![GitHub stars](https://img.shields.io/github/stars/adrienverge/yamllint?cacheSeconds=3600)](https://github.com/adrienverge/yamllint){target=_blank} | [YAML](descriptors/yaml_yamllint.md) | :no_entry_sign: | [Repository](https://github.com/adrienverge/yamllint){target=_blank} | diff --git a/docs/descriptors/arm_arm_ttk.md b/docs/descriptors/arm_arm_ttk.md index c687c16fb7f..db9a98c662b 100644 --- a/docs/descriptors/arm_arm_ttk.md +++ b/docs/descriptors/arm_arm_ttk.md @@ -111,15 +111,20 @@ Check the spelling of the name, or if a path was included, verify that the path - Dockerfile commands : ```dockerfile # Parent descriptor install +ARG TARGETPLATFORM ARG PWSH_VERSION='latest' ARG PWSH_DIRECTORY='/opt/microsoft/powershell' -RUN mkdir -p ${PWSH_DIRECTORY} \ +RUN case ${TARGETPLATFORM} in \ + "linux/amd64") POWERSHELL_ARCH=alpine-x64 ;; \ + "linux/arm64") POWERSHELL_ARCH=arm64 ;; \ + esac \ + && mkdir -p ${PWSH_DIRECTORY} \ && curl --retry 5 --retry-delay 5 -s \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer $(cat /run/secrets/GITHUB_TOKEN)" \ https://api.github.com/repos/powershell/powershell/releases/${PWSH_VERSION} \ | grep browser_download_url \ - | grep linux-alpine-x64 \ + | grep linux-${POWERSHELL_ARCH} \ | cut -d '"' -f 4 \ | xargs -n 1 wget -O - \ | tar -xzC ${PWSH_DIRECTORY} \ diff --git a/docs/descriptors/bash_bash_exec.md b/docs/descriptors/bash_bash_exec.md index f503a160698..31f15906bab 100644 --- a/docs/descriptors/bash_bash_exec.md +++ b/docs/descriptors/bash_bash_exec.md @@ -116,8 +116,6 @@ General help using GNU software: - Dockerfile commands : ```dockerfile -RUN printf '#!/bin/bash \\n\\nif [[ -x "$1" ]]; then exit 0; else echo "Error: File:[$1] is not executable"; exit 1; fi' > /usr/bin/bash-exec \ - && chmod +x /usr/bin/bash-exec - +COPY --link --from=build-platform /usr/bin/bash-exec /usr/bin/bash-exec ``` diff --git a/docs/descriptors/bicep_bicep_linter.md b/docs/descriptors/bicep_bicep_linter.md index 476fcad61c9..9185bf2267e 100644 --- a/docs/descriptors/bicep_bicep_linter.md +++ b/docs/descriptors/bicep_bicep_linter.md @@ -247,12 +247,16 @@ Usage: - Dockerfile commands : ```dockerfile +ARG TARGETPLATFORM ARG BICEP_EXE='bicep' -ARG BICEP_URI='https://github.com/Azure/bicep/releases/latest/download/bicep-linux-musl-x64' ARG BICEP_DIR='/usr/local/bin' -RUN curl --retry 5 --retry-delay 5 -sLo ${BICEP_EXE} "${BICEP_URI}" \ - && chmod +x "${BICEP_EXE}" \ - && mv "${BICEP_EXE}" "${BICEP_DIR}" +RUN case ${TARGETPLATFORM} in \ + "linux/amd64") POWERSHELL_ARCH=musl-x64 ;; \ + "linux/arm64") POWERSHELL_ARCH=arm64 ;; \ +esac \ +&& curl --retry 5 --retry-delay 5 -sLo ${BICEP_EXE} "https://github.com/Azure/bicep/releases/latest/download/bicep-linux-${POWERSHELL_ARCH}" \ +&& chmod +x "${BICEP_EXE}" \ +&& mv "${BICEP_EXE}" "${BICEP_DIR}" ``` diff --git a/docs/descriptors/dart_dartanalyzer.md b/docs/descriptors/dart_dartanalyzer.md index dcded70f8d0..4e6b4fc7463 100644 --- a/docs/descriptors/dart_dartanalyzer.md +++ b/docs/descriptors/dart_dartanalyzer.md @@ -161,8 +161,13 @@ RUN ALPINE_GLIBC_BASE_URL="https://github.com/sgerrand/alpine-pkg-glibc/releases "$ALPINE_GLIBC_I18N_PACKAGE_FILENAME" # Linter install +ARG TARGETPLATFORM ARG DART_VERSION='2.8.4' -RUN wget --tries=5 https://storage.googleapis.com/dart-archive/channels/stable/release/${DART_VERSION}/sdk/dartsdk-linux-x64-release.zip -O - -q | unzip -q - \ +RUN case ${TARGETPLATFORM} in \ + "linux/amd64") DART_ARCH=x64 ;; \ + "linux/arm64") DART_ARCH=arm64 ;; \ + esac \ + && wget --tries=5 https://storage.googleapis.com/dart-archive/channels/stable/release/${DART_VERSION}/sdk/dartsdk-linux-${DART_ARCH}-release.zip -O - -q | unzip -q - \ && chmod +x dart-sdk/bin/dart* \ && mv dart-sdk/bin/* /usr/bin/ && mv dart-sdk/lib/* /usr/lib/ && mv dart-sdk/include/* /usr/include/ \ && rm -r dart-sdk/ diff --git a/docs/descriptors/env_dotenv_linter.md b/docs/descriptors/env_dotenv_linter.md index 17985382bcf..f9ee9808f94 100644 --- a/docs/descriptors/env_dotenv_linter.md +++ b/docs/descriptors/env_dotenv_linter.md @@ -122,6 +122,7 @@ SUBCOMMANDS: - Dockerfile commands : ```dockerfile -RUN wget -q -O - https://raw.githubusercontent.com/dotenv-linter/dotenv-linter/master/install.sh | sh -s +FROM dotenvlinter/dotenv-linter:latest as dotenvlinter +COPY --link --from=dotenvlinter /dotenv-linter /usr/bin/dotenv-linter ``` diff --git a/docs/descriptors/php_phpstan.md b/docs/descriptors/php_phpstan.md index 829742f485c..93e76001e88 100644 --- a/docs/descriptors/php_phpstan.md +++ b/docs/descriptors/php_phpstan.md @@ -137,7 +137,6 @@ RUN GITHUB_AUTH_TOKEN="$(cat /run/secrets/GITHUB_TOKEN)" \ # Linter install FROM ghcr.io/phpstan/phpstan:latest-php8.1 as phpstan -COPY --link --from=phpstan /composer/vendor/phpstan/phpstan/phpstan.phar /usr/bin/phpstan -RUN chmod +x /usr/bin/phpstan +COPY --link --chmod=755 --from=phpstan /composer/vendor/phpstan/phpstan/phpstan.phar /usr/bin/phpstan ``` diff --git a/docs/descriptors/powershell_powershell.md b/docs/descriptors/powershell_powershell.md index 07da774f63e..55a1f3ffe6f 100644 --- a/docs/descriptors/powershell_powershell.md +++ b/docs/descriptors/powershell_powershell.md @@ -407,15 +407,20 @@ All parameters are case-insensitive. - Dockerfile commands : ```dockerfile # Parent descriptor install +ARG TARGETPLATFORM ARG PWSH_VERSION='latest' ARG PWSH_DIRECTORY='/opt/microsoft/powershell' -RUN mkdir -p ${PWSH_DIRECTORY} \ +RUN case ${TARGETPLATFORM} in \ + "linux/amd64") POWERSHELL_ARCH=alpine-x64 ;; \ + "linux/arm64") POWERSHELL_ARCH=arm64 ;; \ + esac \ + && mkdir -p ${PWSH_DIRECTORY} \ && curl --retry 5 --retry-delay 5 -s \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer $(cat /run/secrets/GITHUB_TOKEN)" \ https://api.github.com/repos/powershell/powershell/releases/${PWSH_VERSION} \ | grep browser_download_url \ - | grep linux-alpine-x64 \ + | grep linux-${POWERSHELL_ARCH} \ | cut -d '"' -f 4 \ | xargs -n 1 wget -O - \ | tar -xzC ${PWSH_DIRECTORY} \ diff --git a/docs/descriptors/powershell_powershell_formatter.md b/docs/descriptors/powershell_powershell_formatter.md index d298123c280..76a3f6f8d17 100644 --- a/docs/descriptors/powershell_powershell_formatter.md +++ b/docs/descriptors/powershell_powershell_formatter.md @@ -408,15 +408,20 @@ All parameters are case-insensitive. - Dockerfile commands : ```dockerfile # Parent descriptor install +ARG TARGETPLATFORM ARG PWSH_VERSION='latest' ARG PWSH_DIRECTORY='/opt/microsoft/powershell' -RUN mkdir -p ${PWSH_DIRECTORY} \ +RUN case ${TARGETPLATFORM} in \ + "linux/amd64") POWERSHELL_ARCH=alpine-x64 ;; \ + "linux/arm64") POWERSHELL_ARCH=arm64 ;; \ + esac \ + && mkdir -p ${PWSH_DIRECTORY} \ && curl --retry 5 --retry-delay 5 -s \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer $(cat /run/secrets/GITHUB_TOKEN)" \ https://api.github.com/repos/powershell/powershell/releases/${PWSH_VERSION} \ | grep browser_download_url \ - | grep linux-alpine-x64 \ + | grep linux-${POWERSHELL_ARCH} \ | cut -d '"' -f 4 \ | xargs -n 1 wget -O - \ | tar -xzC ${PWSH_DIRECTORY} \ diff --git a/docs/descriptors/python_ruff.md b/docs/descriptors/python_ruff.md index 8e9cce07cfd..c5cbcc7da77 100644 --- a/docs/descriptors/python_ruff.md +++ b/docs/descriptors/python_ruff.md @@ -115,5 +115,17 @@ For help with a specific command, see: `ruff help `. ### Installation on mega-linter Docker image -- PIP packages (Python): - - [ruff](https://pypi.org/project/ruff) +- Dockerfile commands : +```dockerfile +FROM --platform=$BUILDPLATFORM alpine:3 AS fetch-ruff +ARG BUILDARCH +RUN --mount=type=cache,target=/var/cache/apk,id=apk-${BUILDARCH},sharing=locked \ + apk add --update curl +WORKDIR / +ARG TARGETARCH +RUN export DL_LOCATION="https://github.com/charliermarsh/ruff/releases/latest/download/ruff-$([[ "${TARGETARCH}" == "amd64" ]] && echo "x86_64" || echo "aarch64")-unknown-linux-musl.tar.gz" \ + && echo "Downloading from ${DL_LOCATION}" \ + && curl --location "${DL_LOCATION}" | tar -xzv +COPY --link --from=fetch-ruff /ruff /usr/bin/ruff +``` + diff --git a/docs/descriptors/scala.md b/docs/descriptors/scala.md index 299a4177201..666b6f1ea80 100644 --- a/docs/descriptors/scala.md +++ b/docs/descriptors/scala.md @@ -30,12 +30,5 @@ description: scalafix is available to analyze SCALA files in MegaLinter ### Installation -- Dockerfile commands : -```dockerfile -RUN curl --retry-all-errors --retry 10 -fLo coursier https://git.io/coursier-cli && \ - chmod +x coursier - -``` - - APK packages (Linux): - [openjdk11](https://pkgs.alpinelinux.org/packages?branch=edge&name=openjdk11) diff --git a/docs/descriptors/scala_scalafix.md b/docs/descriptors/scala_scalafix.md index d6505eb954b..2bbd1793d43 100644 --- a/docs/descriptors/scala_scalafix.md +++ b/docs/descriptors/scala_scalafix.md @@ -231,11 +231,6 @@ Less common options: - Dockerfile commands : ```dockerfile -# Parent descriptor install -RUN curl --retry-all-errors --retry 10 -fLo coursier https://git.io/coursier-cli && \ - chmod +x coursier - -# Linter install -RUN ./coursier install scalafix --quiet --install-dir /usr/bin && rm -rf /root/.cache +COPY --link --from=build-platform /usr/bin/scalafix /usr/bin/ ``` diff --git a/docs/descriptors/xml_xmllint.md b/docs/descriptors/xml_xmllint.md index 466e8761afb..b05146f9f06 100644 --- a/docs/descriptors/xml_xmllint.md +++ b/docs/descriptors/xml_xmllint.md @@ -25,7 +25,7 @@ To apply file formatting you must set `XML_XMLLINT_CLI_LINT_MODE: file` and `XML | Variable | Description | Default value | |-----------------------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------------| | XML_XMLLINT_AUTOFORMAT | If set to `true`, it will reformat and reindent the output | `false` | -| XML_XMLLINT_INDENT | The number of indentation spaces when `XML_XMLLINT_AUTOFORMAT` is `true` | `` | +| XML_XMLLINT_INDENT | The number of indentation spaces when `XML_XMLLINT_AUTOFORMAT` is `true` | ` ` | | XML_XMLLINT_ARGUMENTS | User custom arguments to add in linter CLI call
Ex: `-s --foo "bar"` | | | XML_XMLLINT_FILTER_REGEX_INCLUDE | Custom regex including filter
Ex: `(src\|lib)` | Include every file | | XML_XMLLINT_FILTER_REGEX_EXCLUDE | Custom regex excluding filter
Ex: `(test\|examples)` | Exclude no file | diff --git a/entrypoint.sh b/entrypoint.sh index f9d09ebe325..3f2dd856c97 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -1,5 +1,9 @@ #!/usr/bin/env bash +if [[ -d /venvs/megalinter ]]; then + source /venvs/megalinter/bin/activate +fi + PYTHONPATH=$PYTHONPATH:$(pwd) export PYTHONPATH @@ -31,9 +35,9 @@ if [ "${UPGRADE_LINTERS_VERSION}" == "true" ]; then echo "[MegaLinter init] UPGRADING LINTER VERSION" pip install pytest-cov pytest-timeout # Run only get_linter_version test methods - pytest -v --durations=0 -k _get_linter_version megalinter/ + pytest -v --durations=0 -k _get_linter_version /tmp/lint # Run only get_linter_help test methods - pytest -v --durations=0 -k _get_linter_help megalinter/ + pytest -v --durations=0 -k _get_linter_help /tmp/lint # Reinstall mkdocs-material because of broken dependency pip3 install --upgrade "markdown==3.3.7" mike mkdocs-material "pymdown-extensions==9.11" "mkdocs-glightbox==0.3.2" mdx_truly_sane_lists jsonschema json-schema-for-humans giturlparse webpreview "github-dependents-info==0.10.0" cd /tmp/lint || exit 1 @@ -47,9 +51,9 @@ if [ "${TEST_CASE_RUN}" == "true" ]; then echo "[MegaLinter init] RUNNING TEST CASES" pip install pytest-cov pytest-timeout pytest-xdist if [ -z "${TEST_KEYWORDS}" ]; then - pytest -v --timeout=300 --durations=0 --cov=megalinter --cov-report=xml megalinter/ + pytest -v --timeout=300 --durations=0 --cov=megalinter --cov-report=xml /tmp/lint else - pytest -v --timeout=300 --durations=0 -k "${TEST_KEYWORDS}" megalinter/ + pytest -v --timeout=300 --durations=0 -k "${TEST_KEYWORDS}" /tmp/lint fi PYTEST_STATUS=$? echo Pytest exited $PYTEST_STATUS diff --git a/flavors/ci_light/Dockerfile b/flavors/ci_light/Dockerfile index a0f2260fdf3..cddd863ef82 100644 --- a/flavors/ci_light/Dockerfile +++ b/flavors/ci_light/Dockerfile @@ -15,23 +15,174 @@ FROM koalaman/shellcheck:stable as shellcheck FROM mvdan/shfmt:latest-alpine as shfmt FROM hadolint/hadolint:v2.12.0-alpine as hadolint +FROM dotenvlinter/dotenv-linter:latest as dotenvlinter FROM mrtazz/checkmake:latest as checkmake FROM zricethezav/gitleaks:v8.17.0 as gitleaks FROM trufflesecurity/trufflehog:latest as trufflehog #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START +RUN apk add --update --no-cache \ + npm +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START +WORKDIR /node-deps +RUN npm --no-cache install --ignore-scripts --omit=dev \ + jscpd \ + npm-groovy-lint \ + @prantlf/jsonlint \ + eslint \ + eslint-plugin-jsonc \ + @microsoft/eslint-formatter-sarif \ + v8r \ + prettier \ + secretlint \ + @secretlint/secretlint-rule-preset-recommend \ + @secretlint/secretlint-formatter-sarif && \ + echo "Cleaning npm cache…" \ + && npm cache clean --force || true \ + && echo "Changing owner of node_modules files…" \ + && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ + && echo "Removing extra node_module files…" \ + && rm -rf /root/.npm/_cacache \ + && find . -name "*.d.ts" -delete \ + && find . -name "*.map" -delete \ + && find . -name "*.npmignore" -delete \ + && find . -name "*.travis.yml" -delete \ + && find . -name "CHANGELOG.md" -delete \ + && find . -name "README.md" -delete \ + && find . -name ".package-lock.json" -delete \ + && find . -name "package-lock.json" -delete \ + && find . -name "README.md" -delete +WORKDIR / + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START +COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck +COPY --link --from=shfmt /bin/shfmt /usr/bin/ +COPY --link --from=node_modules /node-deps /node-deps +COPY --link --from=hadolint /bin/hadolint /usr/bin/hadolint +COPY --link --from=dotenvlinter /dotenv-linter /usr/bin/dotenv-linter +COPY --link --from=checkmake /checkmake /usr/bin/checkmake +COPY --link --from=gitleaks /usr/bin/gitleaks /usr/bin/ +COPY --link --from=trufflehog /usr/bin/trufflehog /usr/bin/ +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START +RUN --mount=type=cache,id=pip,sharing=locked,target=/var/cache/pip,uid=0 \ + mkdir /download \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --cache-dir=/var/cache/pip --upgrade pip crossenv wheel \ +&& pip download --cache-dir=/var/cache/pip --dest "/download" \ + yamllint + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/yamllint" \ + && cd "/venvs/yamllint" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip yamllint + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -86,6 +237,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -93,53 +246,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START -RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir --upgrade pip virtualenv \ - && mkdir -p "/venvs/yamllint" && cd "/venvs/yamllint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir yamllint && deactivate && cd ./../.. \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf && rm -rf /root/.cache -ENV PATH="${PATH}":/venvs/yamllint/bin -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START -WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ - jscpd \ - npm-groovy-lint \ - @prantlf/jsonlint \ - eslint \ - eslint-plugin-jsonc \ - @microsoft/eslint-formatter-sarif \ - v8r \ - prettier \ - secretlint \ - @secretlint/secretlint-rule-preset-recommend \ - @secretlint/secretlint-formatter-sarif && \ - echo "Cleaning npm cache…" \ - && npm cache clean --force || true \ - && echo "Changing owner of node_modules files…" \ - && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ - && echo "Removing extra node_module files…" \ - && rm -rf /root/.npm/_cacache \ - && find . -name "*.d.ts" -delete \ - && find . -name "*.map" -delete \ - && find . -name "*.npmignore" -delete \ - && find . -name "*.travis.yml" -delete \ - && find . -name "CHANGELOG.md" -delete \ - && find . -name "README.md" -delete \ - && find . -name ".package-lock.json" -delete \ - && find . -name "package-lock.json" -delete \ - && find . -name "README.md" -delete -WORKDIR / - -#NPM__END +#PIPVENV_PATH__START +ENV PATH="${PATH}":/venvs/yamllint/cross/bin +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -162,84 +271,29 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ ############################################################################################# #CARGO__START -RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable \ - && export PATH="/root/.cargo/bin:${PATH}" \ - && cargo install --force --locked sarif-fmt shellcheck-sarif \ - && rm -rf /root/.cargo/registry /root/.cargo/git /root/.cache/sccache /root/.rustup -ENV PATH="/root/.cargo/bin:${PATH}" -#CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# +#CARGO__END -#COPY__START -COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck -COPY --link --from=shfmt /bin/shfmt /usr/bin/ -COPY --link --from=hadolint /bin/hadolint /usr/bin/hadolint -COPY --link --from=checkmake /checkmake /usr/bin/checkmake -COPY --link --from=gitleaks /usr/bin/gitleaks /usr/bin/ -COPY --link --from=trufflehog /usr/bin/trufflehog /usr/bin/ -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START -# shellcheck installation -# Managed with COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck - -# shfmt installation -# Managed with COPY --link --from=shfmt /bin/shfmt /usr/bin/ - -# hadolint installation -# Managed with COPY --link --from=hadolint /bin/hadolint /usr/bin/hadolint - -# dotenv-linter installation -RUN wget -q -O - https://raw.githubusercontent.com/dotenv-linter/dotenv-linter/master/install.sh | sh -s \ - -# checkmake installation -# Managed with COPY --link --from=checkmake /checkmake /usr/bin/checkmake - -# gitleaks installation -# Managed with COPY --link --from=gitleaks /usr/bin/gitleaks /usr/bin/ - # grype installation - && curl -sSfL https://raw.githubusercontent.com/anchore/grype/main/install.sh | sh -s -- -b /usr/local/bin v0.63.1 \ - +RUN curl -sSfL https://raw.githubusercontent.com/anchore/grype/main/install.sh | sh -s -- -b /usr/local/bin v0.63.1 \ +# # trivy installation && wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin - +# # trivy-sbom installation # Next line commented because already managed by another linter # RUN wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin - -# trufflehog installation -# Managed with COPY --link --from=trufflehog /usr/bin/trufflehog /usr/bin/ - +# #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### @@ -277,7 +331,6 @@ LABEL com.github.actions.name="MegaLinter" \ org.opencontainers.image.description="Lint your code base with GitHub Actions" #EXTRA_DOCKERFILE_LINES__START -COPY entrypoint.sh /entrypoint.sh -RUN chmod +x entrypoint.sh +COPY --chmod=755 entrypoint.sh /entrypoint.sh ENTRYPOINT ["/bin/bash", "/entrypoint.sh"] #EXTRA_DOCKERFILE_LINES__END diff --git a/flavors/cupcake/Dockerfile b/flavors/cupcake/Dockerfile index 1f529951833..197adc4b67d 100644 --- a/flavors/cupcake/Dockerfile +++ b/flavors/cupcake/Dockerfile @@ -21,15 +21,34 @@ FROM koalaman/shellcheck:stable as shellcheck FROM mvdan/shfmt:latest-alpine as shfmt FROM hadolint/hadolint:v2.12.0-alpine as hadolint FROM mstruebing/editorconfig-checker:2.7.0 as editorconfig-checker -FROM golang:1-alpine as revive +FROM dotenvlinter/dotenv-linter:latest as dotenvlinter +FROM --platform=$BUILDPLATFORM golang:1-alpine as revive-build ## The golang image used as a builder is a temporary workaround ## for the released revive binaries not returning version numbers (devel). ## The install command should then be what is commented in the go.megalinter-descriptor.yml -RUN GOBIN=/usr/bin go install github.com/mgechev/revive@latest +## See https://github.com/mgechev/revive/issues/787 +RUN mkdir temp && cd temp && go mod init temp && go get -d github.com/mgechev/revive@latest +ARG BUILDARCH +ARG TARGETARCH +RUN GOOS=linux GOARCH=${TARGETARCH} go install github.com/mgechev/revive@latest \ +&& ([[ "${BUILDARCH}" == "${TARGETARCH}" ]] && mv bin/revive /usr/bin) || mv bin/linux_${TARGETARCH}/revive /usr/bin +FROM golang:1-alpine as revive +COPY --from=revive-build /usr/bin/revive /usr/bin/revive +# Verify Binary +RUN /usr/bin/revive --version FROM ghcr.io/yannh/kubeconform:latest-alpine as kubeconform FROM mrtazz/checkmake:latest as checkmake FROM ghcr.io/phpstan/phpstan:latest-php8.1 as phpstan +FROM --platform=$BUILDPLATFORM alpine:3 AS fetch-ruff +ARG BUILDARCH +RUN --mount=type=cache,target=/var/cache/apk,id=apk-${BUILDARCH},sharing=locked \ + apk add --update curl +WORKDIR / +ARG TARGETARCH +RUN export DL_LOCATION="https://github.com/charliermarsh/ruff/releases/latest/download/ruff-$([[ "${TARGETARCH}" == "amd64" ]] && echo "x86_64" || echo "aarch64")-unknown-linux-musl.tar.gz" \ + && echo "Downloading from ${DL_LOCATION}" \ + && curl --location "${DL_LOCATION}" | tar -xzv FROM zricethezav/gitleaks:v8.17.0 as gitleaks FROM checkmarx/kics:alpine as kics FROM trufflesecurity/trufflehog:latest as trufflehog @@ -39,20 +58,438 @@ FROM tenable/terrascan:1.18.1 as terrascan FROM alpine/terragrunt:latest as terragrunt # Next FROM line commented because already managed by another linter # FROM alpine/terragrunt:latest as terragrunt +FROM --platform=$BUILDPLATFORM alpine:3 AS cargo-build +WORKDIR /cargo +ENV HOME=/cargo +USER 0 +RUN --mount=type=cache,target=/var/cache/apk,id=apk-${BUILDARCH},sharing=locked \ + apk add --update \ + gcc \ + rustup \ + bash \ + git \ + musl-dev \ + llvm \ + clang \ + curl +RUN curl --location "https://github.com/cargo-bins/cargo-binstall/releases/latest/download/cargo-binstall-$([[ "${TARGETARCH}" == "amd64" ]] && echo "x86_64" || echo "aarch64")-unknown-linux-musl.tgz" | tar -xzv \ + && mkdir -p /cargo/.cargo/bin \ + && mv cargo-binstall /cargo/.cargo/bin \ + && chown -R 63425:63425 /cargo +USER 63425 +ENV CC_aarch64_unknown_linux_musl=clang \ + AR_aarch64_unknown_linux_musl=llvm-ar \ + CARGO_TARGET_AARCH64_UNKNOWN_LINUX_MUSL_RUSTFLAGS="-Clink-self-contained=yes -Clinker=rust-lld" \ + CC_x86_64_unknown_linux_musl=clang \ + AR_x86_64_unknown_linux_musl=llvm-ar \ + CARGO_TARGET_X86_64_UNKNOWN_LINUX_MUSL_RUSTFLAGS="-Clink-self-contained=yes -Clinker=rust-lld" +ARG TARGETARCH +RUN rustup-init -y --target $([[ "${TARGETARCH}" == "amd64" ]] && echo "x86_64-unknown-linux-musl" || echo "aarch64-unknown-linux-musl") + +RUN --mount=type=cache,id=cargo-${TARGETARCH},sharing=locked,target=/cargo/.cargo/registry/,uid=63425 \ + . /cargo/.cargo/env \ + && cargo binstall --no-confirm --no-symlinks sarif-fmt shellcheck-sarif --root /tmp --target $([[ "${TARGETARCH}" == "amd64" ]] && echo "x86_64-unknown-linux-musl" || echo "aarch64-unknown-linux-musl") + +FROM scratch AS cargo +COPY --link --from=cargo-build /tmp/bin/* /bin/ +RUN ["/bin/sarif-fmt", "--help"] +RUN ["/bin/shellcheck-sarif", "--help"] + #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START +RUN apk add --update --no-cache \ + gnupg +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START +# PHP installation +RUN --mount=type=secret,id=GITHUB_TOKEN GITHUB_AUTH_TOKEN="$(cat /run/secrets/GITHUB_TOKEN)" \ + && export GITHUB_AUTH_TOKEN \ + && wget --tries=5 -q -O phive.phar https://phar.io/releases/phive.phar \ + && wget --tries=5 -q -O phive.phar.asc https://phar.io/releases/phive.phar.asc \ + && PHAR_KEY_ID="0x9D8A98B29B2D5D79" \ + && ( gpg --keyserver keyserver.pgp.com --recv-keys "$PHAR_KEY_ID" \ + || gpg --keyserver ha.pool.sks-keyservers.net --recv-keys "$PHAR_KEY_ID" \ + || gpg --keyserver pgp.mit.edu --recv-keys "$PHAR_KEY_ID" \ + || gpg --keyserver hkps://keyserver.ubuntu.com --recv-keys "$PHAR_KEY_ID" ) \ + && gpg --verify phive.phar.asc phive.phar \ + && chmod +x phive.phar \ + && mv phive.phar /usr/local/bin/phive \ + && rm phive.phar.asc + +# +# bash-exec installation +RUN printf '#!/bin/bash \n\nif [[ -x "$1" ]]; then exit 0; else echo "Error: File:[$1] is not executable"; exit 1; fi' > /usr/bin/bash-exec \ + && chmod +x /usr/bin/bash-exec + +# +# pmd installation +ARG PMD_VERSION=6.55.0 +RUN wget --quiet https://github.com/pmd/pmd/releases/download/pmd_releases%2F${PMD_VERSION}/pmd-bin-${PMD_VERSION}.zip && \ + unzip pmd-bin-${PMD_VERSION}.zip && \ + rm pmd-bin-${PMD_VERSION}.zip && \ + mv pmd-bin-${PMD_VERSION} /usr/bin/pmd && \ + chmod +x /usr/bin/pmd/bin/run.sh \ +# +# ktlint installation + && curl --retry 5 --retry-delay 5 -sSLO https://github.com/pinterest/ktlint/releases/latest/download/ktlint && \ + chmod a+x ktlint && \ + mv "ktlint" /usr/bin/ + +# +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START +RUN apk add --update --no-cache \ + npm +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START +WORKDIR /node-deps +RUN npm --no-cache install --ignore-scripts --omit=dev \ + typescript \ + jscpd \ + stylelint \ + stylelint-config-standard \ + stylelint-config-sass-guidelines \ + stylelint-scss \ + graphql \ + graphql-schema-linter \ + npm-groovy-lint \ + htmlhint \ + eslint \ + eslint-config-airbnb \ + eslint-config-prettier \ + eslint-config-standard \ + eslint-plugin-import \ + eslint-plugin-jest \ + eslint-plugin-node \ + eslint-plugin-prettier \ + eslint-plugin-promise \ + eslint-plugin-vue \ + @babel/core \ + @babel/eslint-parser \ + @microsoft/eslint-formatter-sarif \ + standard \ + prettier \ + @prantlf/jsonlint \ + eslint-plugin-jsonc \ + v8r \ + npm-package-json-lint \ + npm-package-json-lint-config-default \ + eslint-plugin-react \ + eslint-plugin-jsx-a11y \ + markdownlint-cli \ + markdown-link-check \ + markdown-table-formatter \ + secretlint \ + @secretlint/secretlint-rule-preset-recommend \ + @secretlint/secretlint-formatter-sarif \ + cspell \ + sql-lint \ + prettyjson \ + @typescript-eslint/eslint-plugin \ + @typescript-eslint/parser \ + ts-standard && \ + echo "Cleaning npm cache…" \ + && npm cache clean --force || true \ + && echo "Changing owner of node_modules files…" \ + && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ + && echo "Removing extra node_module files…" \ + && rm -rf /root/.npm/_cacache \ + && find . -name "*.d.ts" -delete \ + && find . -name "*.map" -delete \ + && find . -name "*.npmignore" -delete \ + && find . -name "*.travis.yml" -delete \ + && find . -name "CHANGELOG.md" -delete \ + && find . -name "README.md" -delete \ + && find . -name ".package-lock.json" -delete \ + && find . -name "package-lock.json" -delete \ + && find . -name "README.md" -delete +WORKDIR / + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START +COPY --link --from=build-platform /usr/local/bin/phive /usr/local/bin/phive +COPY --link --from=node_modules /node-deps /node-deps +COPY --link --from=actionlint /usr/local/bin/actionlint /usr/bin/actionlint +# shellcheck is a dependency for actionlint + +COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck +COPY --link --from=build-platform /usr/bin/bash-exec /usr/bin/bash-exec +# Next COPY line commented because already managed by another linter +# COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck +COPY --link --from=shfmt /bin/shfmt /usr/bin/ +COPY --link --from=hadolint /bin/hadolint /usr/bin/hadolint +COPY --link --from=editorconfig-checker /usr/bin/ec /usr/bin/editorconfig-checker +COPY --link --from=dotenvlinter /dotenv-linter /usr/bin/dotenv-linter +COPY --link --from=revive /usr/bin/revive /usr/bin/revive +COPY --link --from=build-platform /usr/bin/pmd /usr/bin/pmd +COPY --link --from=build-platform /usr/bin/ktlint /usr/bin/ktlint +COPY --link --from=kubeconform /kubeconform /usr/bin/ +COPY --link --from=checkmake /checkmake /usr/bin/checkmake +COPY --link --chmod=755 --from=phpstan /composer/vendor/phpstan/phpstan/phpstan.phar /usr/bin/phpstan +COPY --link --from=fetch-ruff /ruff /usr/bin/ruff +COPY --link --from=gitleaks /usr/bin/gitleaks /usr/bin/ +COPY --link --from=kics /app/bin/kics /usr/bin/ +COPY --from=kics /app/bin/assets /opt/kics/assets/ +COPY --link --from=trufflehog /usr/bin/trufflehog /usr/bin/ +COPY --link --from=lychee /usr/local/bin/lychee /usr/bin/ +COPY --link --from=tflint /usr/local/bin/tflint /usr/bin/ +COPY --link --from=terrascan /go/bin/terrascan /usr/bin/ +COPY --link --from=terragrunt /usr/local/bin/terragrunt /usr/bin/ +COPY --link --from=terragrunt /bin/terraform /usr/bin/ +COPY --link --from=cargo /bin/* /usr/bin/ +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev \ + g++ \ + cmake +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START +RUN --mount=type=cache,id=pip,sharing=locked,target=/var/cache/pip,uid=0 \ + mkdir /download \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --cache-dir=/var/cache/pip --upgrade pip crossenv wheel \ +&& pip download --cache-dir=/var/cache/pip --dest "/download" \ + ansible-lint \ + cpplint \ + cfn-lint \ + djlint \ + pylint \ + typing-extensions \ + black \ + flake8 \ + isort \ + black \ + mypy \ + pyright \ + packaging \ + checkov \ + semgrep \ + restructuredtext_lint \ + rstcheck \ + rstfmt \ + proselint \ + sqlfluff \ + yamllint + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/ansible-lint" \ + && cd "/venvs/ansible-lint" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip ansible-lint +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/cpplint" \ + && cd "/venvs/cpplint" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip cpplint +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/cfn-lint" \ + && cd "/venvs/cfn-lint" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip cfn-lint +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/djlint" \ + && cd "/venvs/djlint" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip djlint +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/pylint" \ + && cd "/venvs/pylint" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip pylint typing-extensions +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/black" \ + && cd "/venvs/black" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip black +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/flake8" \ + && cd "/venvs/flake8" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip flake8 +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/isort" \ + && cd "/venvs/isort" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip isort black +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/mypy" \ + && cd "/venvs/mypy" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip mypy +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/pyright" \ + && cd "/venvs/pyright" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip pyright +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/checkov" \ + && cd "/venvs/checkov" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip packaging checkov +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/semgrep" \ + && cd "/venvs/semgrep" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip semgrep +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/rst-lint" \ + && cd "/venvs/rst-lint" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip restructuredtext_lint +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/rstcheck" \ + && cd "/venvs/rstcheck" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip rstcheck +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/rstfmt" \ + && cd "/venvs/rstfmt" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip rstfmt +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/proselint" \ + && cd "/venvs/proselint" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip proselint +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/sqlfluff" \ + && cd "/venvs/sqlfluff" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip sqlfluff +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/yamllint" \ + && cd "/venvs/yamllint" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip yamllint + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -61,7 +498,7 @@ RUN apk add --update --no-cache libc6-compat \ ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START -ARG PMD_VERSION=6.55.0 + #ARG__END #################### @@ -130,6 +567,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -137,104 +576,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START -RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir --upgrade pip virtualenv \ - && mkdir -p "/venvs/ansible-lint" && cd "/venvs/ansible-lint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir ansible-lint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/cpplint" && cd "/venvs/cpplint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir cpplint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/cfn-lint" && cd "/venvs/cfn-lint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir cfn-lint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/djlint" && cd "/venvs/djlint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir djlint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/pylint" && cd "/venvs/pylint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir pylint typing-extensions && deactivate && cd ./../.. \ - && mkdir -p "/venvs/black" && cd "/venvs/black" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir black && deactivate && cd ./../.. \ - && mkdir -p "/venvs/flake8" && cd "/venvs/flake8" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir flake8 && deactivate && cd ./../.. \ - && mkdir -p "/venvs/isort" && cd "/venvs/isort" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir isort black && deactivate && cd ./../.. \ - && mkdir -p "/venvs/mypy" && cd "/venvs/mypy" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir mypy && deactivate && cd ./../.. \ - && mkdir -p "/venvs/pyright" && cd "/venvs/pyright" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir pyright && deactivate && cd ./../.. \ - && mkdir -p "/venvs/ruff" && cd "/venvs/ruff" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir ruff && deactivate && cd ./../.. \ - && mkdir -p "/venvs/checkov" && cd "/venvs/checkov" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir packaging checkov && deactivate && cd ./../.. \ - && mkdir -p "/venvs/semgrep" && cd "/venvs/semgrep" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir semgrep && deactivate && cd ./../.. \ - && mkdir -p "/venvs/rst-lint" && cd "/venvs/rst-lint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir restructuredtext_lint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/rstcheck" && cd "/venvs/rstcheck" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir rstcheck && deactivate && cd ./../.. \ - && mkdir -p "/venvs/rstfmt" && cd "/venvs/rstfmt" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir rstfmt && deactivate && cd ./../.. \ - && mkdir -p "/venvs/proselint" && cd "/venvs/proselint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir proselint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/sqlfluff" && cd "/venvs/sqlfluff" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir sqlfluff && deactivate && cd ./../.. \ - && mkdir -p "/venvs/yamllint" && cd "/venvs/yamllint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir yamllint && deactivate && cd ./../.. \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf && rm -rf /root/.cache -ENV PATH="${PATH}":/venvs/ansible-lint/bin:/venvs/cpplint/bin:/venvs/cfn-lint/bin:/venvs/djlint/bin:/venvs/pylint/bin:/venvs/black/bin:/venvs/flake8/bin:/venvs/isort/bin:/venvs/mypy/bin:/venvs/pyright/bin:/venvs/ruff/bin:/venvs/checkov/bin:/venvs/semgrep/bin:/venvs/rst-lint/bin:/venvs/rstcheck/bin:/venvs/rstfmt/bin:/venvs/proselint/bin:/venvs/sqlfluff/bin:/venvs/yamllint/bin -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START -WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ - typescript \ - jscpd \ - stylelint \ - stylelint-config-standard \ - stylelint-config-sass-guidelines \ - stylelint-scss \ - graphql \ - graphql-schema-linter \ - npm-groovy-lint \ - htmlhint \ - eslint \ - eslint-config-airbnb \ - eslint-config-prettier \ - eslint-config-standard \ - eslint-plugin-import \ - eslint-plugin-jest \ - eslint-plugin-node \ - eslint-plugin-prettier \ - eslint-plugin-promise \ - eslint-plugin-vue \ - @babel/core \ - @babel/eslint-parser \ - @microsoft/eslint-formatter-sarif \ - standard \ - prettier \ - @prantlf/jsonlint \ - eslint-plugin-jsonc \ - v8r \ - npm-package-json-lint \ - npm-package-json-lint-config-default \ - eslint-plugin-react \ - eslint-plugin-jsx-a11y \ - markdownlint-cli \ - markdown-link-check \ - markdown-table-formatter \ - secretlint \ - @secretlint/secretlint-rule-preset-recommend \ - @secretlint/secretlint-formatter-sarif \ - cspell \ - sql-lint \ - prettyjson \ - @typescript-eslint/eslint-plugin \ - @typescript-eslint/parser \ - ts-standard && \ - echo "Cleaning npm cache…" \ - && npm cache clean --force || true \ - && echo "Changing owner of node_modules files…" \ - && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ - && echo "Removing extra node_module files…" \ - && rm -rf /root/.npm/_cacache \ - && find . -name "*.d.ts" -delete \ - && find . -name "*.map" -delete \ - && find . -name "*.npmignore" -delete \ - && find . -name "*.travis.yml" -delete \ - && find . -name "CHANGELOG.md" -delete \ - && find . -name "README.md" -delete \ - && find . -name ".package-lock.json" -delete \ - && find . -name "package-lock.json" -delete \ - && find . -name "README.md" -delete -WORKDIR / - -#NPM__END +#PIPVENV_PATH__START +ENV PATH="${PATH}":/venvs/ansible-lint/cross/bin:/venvs/cpplint/cross/bin:/venvs/cfn-lint/cross/bin:/venvs/djlint/cross/bin:/venvs/pylint/cross/bin:/venvs/black/cross/bin:/venvs/flake8/cross/bin:/venvs/isort/cross/bin:/venvs/mypy/cross/bin:/venvs/pyright/cross/bin:/venvs/checkov/cross/bin:/venvs/semgrep/cross/bin:/venvs/rst-lint/cross/bin:/venvs/rstcheck/cross/bin:/venvs/rstfmt/cross/bin:/venvs/proselint/cross/bin:/venvs/sqlfluff/cross/bin:/venvs/yamllint/cross/bin +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -267,41 +611,13 @@ RUN echo 'gem: --no-document' >> ~/.gemrc && \ #CARGO__START RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable \ && export PATH="/root/.cargo/bin:${PATH}" \ - && rustup component add clippy && cargo install --force --locked sarif-fmt shellcheck-sarif \ + && rustup component add clippy \ && rm -rf /root/.cargo/registry /root/.cargo/git /root/.cache/sccache ENV PATH="/root/.cargo/bin:${PATH}" #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START -COPY --link --from=actionlint /usr/local/bin/actionlint /usr/bin/actionlint -# shellcheck is a dependency for actionlint - -COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck -# Next COPY line commented because already managed by another linter -# COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck -COPY --link --from=shfmt /bin/shfmt /usr/bin/ -COPY --link --from=hadolint /bin/hadolint /usr/bin/hadolint -COPY --link --from=editorconfig-checker /usr/bin/ec /usr/bin/editorconfig-checker -COPY --link --from=revive /usr/bin/revive /usr/bin/revive -COPY --link --from=kubeconform /kubeconform /usr/bin/ -COPY --link --from=checkmake /checkmake /usr/bin/checkmake -COPY --link --from=phpstan /composer/vendor/phpstan/phpstan/phpstan.phar /usr/bin/phpstan -COPY --link --from=gitleaks /usr/bin/gitleaks /usr/bin/ -COPY --link --from=kics /app/bin/kics /usr/bin/ -COPY --from=kics /app/bin/assets /opt/kics/assets/ -COPY --link --from=trufflehog /usr/bin/trufflehog /usr/bin/ -COPY --link --from=lychee /usr/local/bin/lychee /usr/bin/ -COPY --link --from=tflint /usr/local/bin/tflint /usr/bin/ -COPY --link --from=terrascan /go/bin/terrascan /usr/bin/ -COPY --link --from=terragrunt /usr/local/bin/terragrunt /usr/bin/ -COPY --link --from=terragrunt /bin/terraform /usr/bin/ -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## @@ -350,71 +666,29 @@ RUN ALPINE_GLIBC_BASE_URL="https://github.com/sgerrand/alpine-pkg-glibc/releases "$ALPINE_GLIBC_BIN_PACKAGE_FILENAME" \ "$ALPINE_GLIBC_I18N_PACKAGE_FILENAME" - +# # JAVA installation ENV JAVA_HOME=/usr/lib/jvm/java-11-openjdk ENV PATH="$JAVA_HOME/bin:${PATH}" - +# # PHP installation -RUN --mount=type=secret,id=GITHUB_TOKEN GITHUB_AUTH_TOKEN="$(cat /run/secrets/GITHUB_TOKEN)" \ - && export GITHUB_AUTH_TOKEN \ - && wget --tries=5 -q -O phive.phar https://phar.io/releases/phive.phar \ - && wget --tries=5 -q -O phive.phar.asc https://phar.io/releases/phive.phar.asc \ - && PHAR_KEY_ID="0x9D8A98B29B2D5D79" \ - && ( gpg --keyserver keyserver.pgp.com --recv-keys "$PHAR_KEY_ID" \ - || gpg --keyserver ha.pool.sks-keyservers.net --recv-keys "$PHAR_KEY_ID" \ - || gpg --keyserver pgp.mit.edu --recv-keys "$PHAR_KEY_ID" \ - || gpg --keyserver hkps://keyserver.ubuntu.com --recv-keys "$PHAR_KEY_ID" ) \ - && gpg --verify phive.phar.asc phive.phar \ - && chmod +x phive.phar \ - && mv phive.phar /usr/local/bin/phive \ - && rm phive.phar.asc \ - && update-alternatives --install /usr/bin/php php /usr/bin/php81 110 - - -# actionlint installation -# Managed with COPY --link --from=actionlint /usr/local/bin/actionlint /usr/bin/actionlint -# # shellcheck is a dependency for actionlint -# Managed with COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck - -# bash-exec installation -RUN printf '#!/bin/bash \n\nif [[ -x "$1" ]]; then exit 0; else echo "Error: File:[$1] is not executable"; exit 1; fi' > /usr/bin/bash-exec \ - && chmod +x /usr/bin/bash-exec \ - -# shellcheck installation -# Managed with # Next COPY line commented because already managed by another linter -# # COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck - -# shfmt installation -# Managed with COPY --link --from=shfmt /bin/shfmt /usr/bin/ - +RUN update-alternatives --install /usr/bin/php php /usr/bin/php81 110 \ +# # clj-kondo installation && curl --retry 5 --retry-delay 5 -sLO https://raw.githubusercontent.com/clj-kondo/clj-kondo/master/script/install-clj-kondo \ && chmod +x install-clj-kondo \ && ./install-clj-kondo \ - +# # cljstyle installation && curl --retry 5 --retry-delay 5 -sLO https://raw.githubusercontent.com/greglook/cljstyle/main/script/install-cljstyle \ && chmod +x install-cljstyle \ && ./install-cljstyle \ - -# hadolint installation -# Managed with COPY --link --from=hadolint /bin/hadolint /usr/bin/hadolint - -# editorconfig-checker installation -# Managed with COPY --link --from=editorconfig-checker /usr/bin/ec /usr/bin/editorconfig-checker - -# dotenv-linter installation - && wget -q -O - https://raw.githubusercontent.com/dotenv-linter/dotenv-linter/master/install.sh | sh -s \ - +# # golangci-lint installation && wget -O- -nv https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh \ && golangci-lint --version - -# revive installation -# Managed with COPY --link --from=revive /usr/bin/revive /usr/bin/revive - +# # checkstyle installation RUN --mount=type=secret,id=GITHUB_TOKEN CHECKSTYLE_LATEST=$(curl -s \ -H "Accept: application/vnd.github+json" \ @@ -426,107 +700,44 @@ RUN --mount=type=secret,id=GITHUB_TOKEN CHECKSTYLE_LATEST=$(curl -s \ && curl --retry 5 --retry-delay 5 -sSL $CHECKSTYLE_LATEST \ --output /usr/bin/checkstyle - -# pmd installation -RUN wget --quiet https://github.com/pmd/pmd/releases/download/pmd_releases%2F${PMD_VERSION}/pmd-bin-${PMD_VERSION}.zip && \ - unzip pmd-bin-${PMD_VERSION}.zip && \ - rm pmd-bin-${PMD_VERSION}.zip && \ - mv pmd-bin-${PMD_VERSION} /usr/bin/pmd && \ - chmod +x /usr/bin/pmd/bin/run.sh \ - -# ktlint installation - && curl --retry 5 --retry-delay 5 -sSLO https://github.com/pinterest/ktlint/releases/latest/download/ktlint && \ - chmod a+x ktlint && \ - mv "ktlint" /usr/bin/ \ - -# kubeconform installation -# Managed with COPY --link --from=kubeconform /kubeconform /usr/bin/ - +# # kubescape installation - && ln -s /lib/libc.so.6 /usr/lib/libresolv.so.2 && \ +RUN ln -s /lib/libc.so.6 /usr/lib/libresolv.so.2 && \ curl --retry 5 --retry-delay 5 -sLv https://raw.githubusercontent.com/kubescape/kubescape/master/install.sh | /bin/bash -s -- -v v2.3.6 - -# checkmake installation -# Managed with COPY --link --from=checkmake /checkmake /usr/bin/checkmake - +# # phpcs installation RUN --mount=type=secret,id=GITHUB_TOKEN GITHUB_AUTH_TOKEN="$(cat /run/secrets/GITHUB_TOKEN)" && export GITHUB_AUTH_TOKEN && phive --no-progress install phpcs -g --trust-gpg-keys 31C7E470E2138192 - -# phpstan installation -# Managed with COPY --link --from=phpstan /composer/vendor/phpstan/phpstan/phpstan.phar /usr/bin/phpstan -RUN chmod +x /usr/bin/phpstan - +# # psalm installation RUN --mount=type=secret,id=GITHUB_TOKEN GITHUB_AUTH_TOKEN="$(cat /run/secrets/GITHUB_TOKEN)" && export GITHUB_AUTH_TOKEN && phive --no-progress install psalm -g --trust-gpg-keys 8A03EA3B385DBAA1,12CE0F1D262429A5 - +# # phplint installation RUN --mount=type=secret,id=GITHUB_TOKEN GITHUB_AUTH_TOKEN="$(cat /run/secrets/GITHUB_TOKEN)" && export GITHUB_AUTH_TOKEN && phive --no-progress install overtrue/phplint --force-accept-unsigned -g - +# # mypy installation ENV MYPY_CACHE_DIR=/tmp - -# gitleaks installation -# Managed with COPY --link --from=gitleaks /usr/bin/gitleaks /usr/bin/ - +# # grype installation RUN curl -sSfL https://raw.githubusercontent.com/anchore/grype/main/install.sh | sh -s -- -b /usr/local/bin v0.63.1 \ - +# # kics installation -# Managed with COPY --link --from=kics /app/bin/kics /usr/bin/ && mkdir -p /opt/kics/assets ENV KICS_QUERIES_PATH=/opt/kics/assets/queries KICS_LIBRARIES_PATH=/opt/kics/assets/libraries -# Managed with COPY --from=kics /app/bin/assets /opt/kics/assets/ - +# # trivy installation RUN wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin - +# # trivy-sbom installation # Next line commented because already managed by another linter # RUN wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin - -# trufflehog installation -# Managed with COPY --link --from=trufflehog /usr/bin/trufflehog /usr/bin/ - -# lychee installation -# Managed with COPY --link --from=lychee /usr/local/bin/lychee /usr/bin/ - -# tflint installation -# Managed with COPY --link --from=tflint /usr/local/bin/tflint /usr/bin/ - -# terrascan installation -# Managed with COPY --link --from=terrascan /go/bin/terrascan /usr/bin/ - -# terragrunt installation -# Managed with COPY --link --from=terragrunt /usr/local/bin/terragrunt /usr/bin/ - -# terraform-fmt installation -# Managed with COPY --link --from=terragrunt /bin/terraform /usr/bin/ - +# #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### @@ -564,7 +775,6 @@ LABEL com.github.actions.name="MegaLinter" \ org.opencontainers.image.description="Lint your code base with GitHub Actions" #EXTRA_DOCKERFILE_LINES__START -COPY entrypoint.sh /entrypoint.sh -RUN chmod +x entrypoint.sh +COPY --chmod=755 entrypoint.sh /entrypoint.sh ENTRYPOINT ["/bin/bash", "/entrypoint.sh"] #EXTRA_DOCKERFILE_LINES__END diff --git a/flavors/documentation/Dockerfile b/flavors/documentation/Dockerfile index 919080d98be..82490179599 100644 --- a/flavors/documentation/Dockerfile +++ b/flavors/documentation/Dockerfile @@ -21,6 +21,7 @@ FROM koalaman/shellcheck:stable as shellcheck FROM mvdan/shfmt:latest-alpine as shfmt FROM hadolint/hadolint:v2.12.0-alpine as hadolint FROM mstruebing/editorconfig-checker:2.7.0 as editorconfig-checker +FROM dotenvlinter/dotenv-linter:latest as dotenvlinter FROM ghcr.io/yannh/kubeconform:latest-alpine as kubeconform FROM mrtazz/checkmake:latest as checkmake FROM yoheimuta/protolint:latest as protolint @@ -30,18 +31,270 @@ FROM jdkato/vale:latest as vale FROM lycheeverse/lychee:latest-alpine as lychee #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START +# bash-exec installation +RUN printf '#!/bin/bash \n\nif [[ -x "$1" ]]; then exit 0; else echo "Error: File:[$1] is not executable"; exit 1; fi' > /usr/bin/bash-exec \ + && chmod +x /usr/bin/bash-exec \ +# +# ktlint installation + && curl --retry 5 --retry-delay 5 -sSLO https://github.com/pinterest/ktlint/releases/latest/download/ktlint && \ + chmod a+x ktlint && \ + mv "ktlint" /usr/bin/ + +# +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START +RUN apk add --update --no-cache \ + npm +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START +WORKDIR /node-deps +RUN npm --no-cache install --ignore-scripts --omit=dev \ + jscpd \ + stylelint \ + stylelint-config-standard \ + stylelint-config-sass-guidelines \ + stylelint-scss \ + graphql \ + graphql-schema-linter \ + npm-groovy-lint \ + htmlhint \ + @prantlf/jsonlint \ + eslint \ + eslint-plugin-jsonc \ + @microsoft/eslint-formatter-sarif \ + v8r \ + prettier \ + markdownlint-cli \ + markdown-link-check \ + markdown-table-formatter \ + @stoplight/spectral-cli \ + secretlint \ + @secretlint/secretlint-rule-preset-recommend \ + @secretlint/secretlint-formatter-sarif \ + cspell \ + sql-lint \ + tekton-lint && \ + echo "Cleaning npm cache…" \ + && npm cache clean --force || true \ + && echo "Changing owner of node_modules files…" \ + && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ + && echo "Removing extra node_module files…" \ + && rm -rf /root/.npm/_cacache \ + && find . -name "*.d.ts" -delete \ + && find . -name "*.map" -delete \ + && find . -name "*.npmignore" -delete \ + && find . -name "*.travis.yml" -delete \ + && find . -name "CHANGELOG.md" -delete \ + && find . -name "README.md" -delete \ + && find . -name ".package-lock.json" -delete \ + && find . -name "package-lock.json" -delete \ + && find . -name "README.md" -delete +WORKDIR / + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START +COPY --link --from=actionlint /usr/local/bin/actionlint /usr/bin/actionlint +# shellcheck is a dependency for actionlint + +COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck +COPY --link --from=build-platform /usr/bin/bash-exec /usr/bin/bash-exec +# Next COPY line commented because already managed by another linter +# COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck +COPY --link --from=shfmt /bin/shfmt /usr/bin/ +COPY --link --from=node_modules /node-deps /node-deps +COPY --link --from=hadolint /bin/hadolint /usr/bin/hadolint +COPY --link --from=editorconfig-checker /usr/bin/ec /usr/bin/editorconfig-checker +COPY --link --from=dotenvlinter /dotenv-linter /usr/bin/dotenv-linter +COPY --link --from=build-platform /usr/bin/ktlint /usr/bin/ktlint +COPY --link --from=kubeconform /kubeconform /usr/bin/ +COPY --link --from=checkmake /checkmake /usr/bin/checkmake +COPY --link --from=protolint /usr/local/bin/protolint /usr/bin/ +COPY --link --from=gitleaks /usr/bin/gitleaks /usr/bin/ +COPY --link --from=trufflehog /usr/bin/trufflehog /usr/bin/ +COPY --link --from=vale /bin/vale /bin/vale +COPY --link --from=lychee /usr/local/bin/lychee /usr/bin/ +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev \ + g++ \ + cmake +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START +RUN --mount=type=cache,id=pip,sharing=locked,target=/var/cache/pip,uid=0 \ + mkdir /download \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --cache-dir=/var/cache/pip --upgrade pip crossenv wheel \ +&& pip download --cache-dir=/var/cache/pip --dest "/download" \ + ansible-lint \ + djlint \ + packaging \ + checkov \ + semgrep \ + snakemake \ + snakefmt \ + proselint \ + sqlfluff \ + yamllint + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/ansible-lint" \ + && cd "/venvs/ansible-lint" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip ansible-lint +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/djlint" \ + && cd "/venvs/djlint" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip djlint +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/checkov" \ + && cd "/venvs/checkov" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip packaging checkov +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/semgrep" \ + && cd "/venvs/semgrep" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip semgrep +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/snakemake" \ + && cd "/venvs/snakemake" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip snakemake +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/snakefmt" \ + && cd "/venvs/snakefmt" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip snakefmt +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/proselint" \ + && cd "/venvs/proselint" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip proselint +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/sqlfluff" \ + && cd "/venvs/sqlfluff" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip sqlfluff +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/yamllint" \ + && cd "/venvs/yamllint" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip yamllint + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -105,6 +358,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -112,75 +367,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START -RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir --upgrade pip virtualenv \ - && mkdir -p "/venvs/ansible-lint" && cd "/venvs/ansible-lint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir ansible-lint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/djlint" && cd "/venvs/djlint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir djlint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/checkov" && cd "/venvs/checkov" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir packaging checkov && deactivate && cd ./../.. \ - && mkdir -p "/venvs/semgrep" && cd "/venvs/semgrep" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir semgrep && deactivate && cd ./../.. \ - && mkdir -p "/venvs/snakemake" && cd "/venvs/snakemake" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir snakemake && deactivate && cd ./../.. \ - && mkdir -p "/venvs/snakefmt" && cd "/venvs/snakefmt" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir snakefmt && deactivate && cd ./../.. \ - && mkdir -p "/venvs/proselint" && cd "/venvs/proselint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir proselint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/sqlfluff" && cd "/venvs/sqlfluff" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir sqlfluff && deactivate && cd ./../.. \ - && mkdir -p "/venvs/yamllint" && cd "/venvs/yamllint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir yamllint && deactivate && cd ./../.. \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf && rm -rf /root/.cache -ENV PATH="${PATH}":/venvs/ansible-lint/bin:/venvs/djlint/bin:/venvs/checkov/bin:/venvs/semgrep/bin:/venvs/snakemake/bin:/venvs/snakefmt/bin:/venvs/proselint/bin:/venvs/sqlfluff/bin:/venvs/yamllint/bin -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START -WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ - jscpd \ - stylelint \ - stylelint-config-standard \ - stylelint-config-sass-guidelines \ - stylelint-scss \ - graphql \ - graphql-schema-linter \ - npm-groovy-lint \ - htmlhint \ - @prantlf/jsonlint \ - eslint \ - eslint-plugin-jsonc \ - @microsoft/eslint-formatter-sarif \ - v8r \ - prettier \ - markdownlint-cli \ - markdown-link-check \ - markdown-table-formatter \ - @stoplight/spectral-cli \ - secretlint \ - @secretlint/secretlint-rule-preset-recommend \ - @secretlint/secretlint-formatter-sarif \ - cspell \ - sql-lint \ - tekton-lint && \ - echo "Cleaning npm cache…" \ - && npm cache clean --force || true \ - && echo "Changing owner of node_modules files…" \ - && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ - && echo "Removing extra node_module files…" \ - && rm -rf /root/.npm/_cacache \ - && find . -name "*.d.ts" -delete \ - && find . -name "*.map" -delete \ - && find . -name "*.npmignore" -delete \ - && find . -name "*.travis.yml" -delete \ - && find . -name "CHANGELOG.md" -delete \ - && find . -name "README.md" -delete \ - && find . -name ".package-lock.json" -delete \ - && find . -name "package-lock.json" -delete \ - && find . -name "README.md" -delete -WORKDIR / - -#NPM__END +#PIPVENV_PATH__START +ENV PATH="${PATH}":/venvs/ansible-lint/cross/bin:/venvs/djlint/cross/bin:/venvs/checkov/cross/bin:/venvs/semgrep/cross/bin:/venvs/snakemake/cross/bin:/venvs/snakefmt/cross/bin:/venvs/proselint/cross/bin:/venvs/sqlfluff/cross/bin:/venvs/yamllint/cross/bin +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -205,128 +394,33 @@ RUN echo 'gem: --no-document' >> ~/.gemrc && \ ############################################################################################# #CARGO__START -RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable \ - && export PATH="/root/.cargo/bin:${PATH}" \ - && cargo install --force --locked sarif-fmt shellcheck-sarif \ - && rm -rf /root/.cargo/registry /root/.cargo/git /root/.cache/sccache /root/.rustup -ENV PATH="/root/.cargo/bin:${PATH}" -#CARGO__END - -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# -#COPY__START -COPY --link --from=actionlint /usr/local/bin/actionlint /usr/bin/actionlint -# shellcheck is a dependency for actionlint +#CARGO__END -COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck -# Next COPY line commented because already managed by another linter -# COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck -COPY --link --from=shfmt /bin/shfmt /usr/bin/ -COPY --link --from=hadolint /bin/hadolint /usr/bin/hadolint -COPY --link --from=editorconfig-checker /usr/bin/ec /usr/bin/editorconfig-checker -COPY --link --from=kubeconform /kubeconform /usr/bin/ -COPY --link --from=checkmake /checkmake /usr/bin/checkmake -COPY --link --from=protolint /usr/local/bin/protolint /usr/bin/ -COPY --link --from=gitleaks /usr/bin/gitleaks /usr/bin/ -COPY --link --from=trufflehog /usr/bin/trufflehog /usr/bin/ -COPY --link --from=vale /bin/vale /bin/vale -COPY --link --from=lychee /usr/local/bin/lychee /usr/bin/ -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START -# actionlint installation -# Managed with COPY --link --from=actionlint /usr/local/bin/actionlint /usr/bin/actionlint -# # shellcheck is a dependency for actionlint -# Managed with COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck - -# bash-exec installation -RUN printf '#!/bin/bash \n\nif [[ -x "$1" ]]; then exit 0; else echo "Error: File:[$1] is not executable"; exit 1; fi' > /usr/bin/bash-exec \ - && chmod +x /usr/bin/bash-exec \ - -# shellcheck installation -# Managed with # Next COPY line commented because already managed by another linter -# # COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck - -# shfmt installation -# Managed with COPY --link --from=shfmt /bin/shfmt /usr/bin/ - -# hadolint installation -# Managed with COPY --link --from=hadolint /bin/hadolint /usr/bin/hadolint - -# editorconfig-checker installation -# Managed with COPY --link --from=editorconfig-checker /usr/bin/ec /usr/bin/editorconfig-checker - -# dotenv-linter installation - && wget -q -O - https://raw.githubusercontent.com/dotenv-linter/dotenv-linter/master/install.sh | sh -s \ - -# ktlint installation - && curl --retry 5 --retry-delay 5 -sSLO https://github.com/pinterest/ktlint/releases/latest/download/ktlint && \ - chmod a+x ktlint && \ - mv "ktlint" /usr/bin/ \ - -# kubeconform installation -# Managed with COPY --link --from=kubeconform /kubeconform /usr/bin/ - # kubescape installation - && ln -s /lib/libc.so.6 /usr/lib/libresolv.so.2 && \ +RUN ln -s /lib/libc.so.6 /usr/lib/libresolv.so.2 && \ curl --retry 5 --retry-delay 5 -sLv https://raw.githubusercontent.com/kubescape/kubescape/master/install.sh | /bin/bash -s -- -v v2.3.6 \ - -# checkmake installation -# Managed with COPY --link --from=checkmake /checkmake /usr/bin/checkmake - -# protolint installation -# Managed with COPY --link --from=protolint /usr/local/bin/protolint /usr/bin/ - -# gitleaks installation -# Managed with COPY --link --from=gitleaks /usr/bin/gitleaks /usr/bin/ - +# # grype installation && curl -sSfL https://raw.githubusercontent.com/anchore/grype/main/install.sh | sh -s -- -b /usr/local/bin v0.63.1 \ - +# # trivy installation && wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin - +# # trivy-sbom installation # Next line commented because already managed by another linter # RUN wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin - -# trufflehog installation -# Managed with COPY --link --from=trufflehog /usr/bin/trufflehog /usr/bin/ - -# vale installation -# Managed with COPY --link --from=vale /bin/vale /bin/vale - -# lychee installation -# Managed with COPY --link --from=lychee /usr/local/bin/lychee /usr/bin/ - +# #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### @@ -364,7 +458,6 @@ LABEL com.github.actions.name="MegaLinter" \ org.opencontainers.image.description="Lint your code base with GitHub Actions" #EXTRA_DOCKERFILE_LINES__START -COPY entrypoint.sh /entrypoint.sh -RUN chmod +x entrypoint.sh +COPY --chmod=755 entrypoint.sh /entrypoint.sh ENTRYPOINT ["/bin/bash", "/entrypoint.sh"] #EXTRA_DOCKERFILE_LINES__END diff --git a/flavors/dotnet/Dockerfile b/flavors/dotnet/Dockerfile index 26fa3dab155..5febfd2f570 100644 --- a/flavors/dotnet/Dockerfile +++ b/flavors/dotnet/Dockerfile @@ -21,6 +21,7 @@ FROM koalaman/shellcheck:stable as shellcheck FROM mvdan/shfmt:latest-alpine as shfmt FROM hadolint/hadolint:v2.12.0-alpine as hadolint FROM mstruebing/editorconfig-checker:2.7.0 as editorconfig-checker +FROM dotenvlinter/dotenv-linter:latest as dotenvlinter FROM ghcr.io/yannh/kubeconform:latest-alpine as kubeconform FROM mrtazz/checkmake:latest as checkmake FROM yoheimuta/protolint:latest as protolint @@ -30,18 +31,293 @@ FROM jdkato/vale:latest as vale FROM lycheeverse/lychee:latest-alpine as lychee #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START +# arm-ttk installation +ARG ARM_TTK_NAME='master.zip' +ARG ARM_TTK_URI='https://github.com/Azure/arm-ttk/archive/master.zip' +ARG ARM_TTK_DIRECTORY='/opt/microsoft' +ENV ARM_TTK_PSD1="${ARM_TTK_DIRECTORY}/arm-ttk-master/arm-ttk/arm-ttk.psd1" +RUN curl --retry 5 --retry-delay 5 -sLO "${ARM_TTK_URI}" \ + && unzip "${ARM_TTK_NAME}" -d "${ARM_TTK_DIRECTORY}" \ + && rm "${ARM_TTK_NAME}" \ + && ln -sTf "${ARM_TTK_PSD1}" /usr/bin/arm-ttk \ + && chmod a+x /usr/bin/arm-ttk \ +# +# bash-exec installation + && printf '#!/bin/bash \n\nif [[ -x "$1" ]]; then exit 0; else echo "Error: File:[$1] is not executable"; exit 1; fi' > /usr/bin/bash-exec \ + && chmod +x /usr/bin/bash-exec \ +# +# ktlint installation + && curl --retry 5 --retry-delay 5 -sSLO https://github.com/pinterest/ktlint/releases/latest/download/ktlint && \ + chmod a+x ktlint && \ + mv "ktlint" /usr/bin/ + +# +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START +RUN apk add --update --no-cache \ + npm +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START +WORKDIR /node-deps +RUN npm --no-cache install --ignore-scripts --omit=dev \ + jscpd \ + stylelint \ + stylelint-config-standard \ + stylelint-config-sass-guidelines \ + stylelint-scss \ + gherkin-lint \ + graphql \ + graphql-schema-linter \ + npm-groovy-lint \ + htmlhint \ + @prantlf/jsonlint \ + eslint \ + eslint-plugin-jsonc \ + @microsoft/eslint-formatter-sarif \ + v8r \ + prettier \ + npm-package-json-lint \ + npm-package-json-lint-config-default \ + markdownlint-cli \ + markdown-link-check \ + markdown-table-formatter \ + @stoplight/spectral-cli \ + secretlint \ + @secretlint/secretlint-rule-preset-recommend \ + @secretlint/secretlint-formatter-sarif \ + cspell \ + sql-lint \ + tekton-lint && \ + echo "Cleaning npm cache…" \ + && npm cache clean --force || true \ + && echo "Changing owner of node_modules files…" \ + && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ + && echo "Removing extra node_module files…" \ + && rm -rf /root/.npm/_cacache \ + && find . -name "*.d.ts" -delete \ + && find . -name "*.map" -delete \ + && find . -name "*.npmignore" -delete \ + && find . -name "*.travis.yml" -delete \ + && find . -name "CHANGELOG.md" -delete \ + && find . -name "README.md" -delete \ + && find . -name ".package-lock.json" -delete \ + && find . -name "package-lock.json" -delete \ + && find . -name "README.md" -delete +WORKDIR / + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START +COPY --link --from=actionlint /usr/local/bin/actionlint /usr/bin/actionlint +# shellcheck is a dependency for actionlint + +COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck +COPY --link --from=build-platform /usr/bin/arm-ttk /usr/bin/arm-ttk +COPY --link --from=build-platform /usr/bin/bash-exec /usr/bin/bash-exec +# Next COPY line commented because already managed by another linter +# COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck +COPY --link --from=shfmt /bin/shfmt /usr/bin/ +COPY --link --from=node_modules /node-deps /node-deps +COPY --link --from=hadolint /bin/hadolint /usr/bin/hadolint +COPY --link --from=editorconfig-checker /usr/bin/ec /usr/bin/editorconfig-checker +COPY --link --from=dotenvlinter /dotenv-linter /usr/bin/dotenv-linter +COPY --link --from=build-platform /usr/bin/ktlint /usr/bin/ktlint +COPY --link --from=kubeconform /kubeconform /usr/bin/ +COPY --link --from=checkmake /checkmake /usr/bin/checkmake +COPY --link --from=protolint /usr/local/bin/protolint /usr/bin/ +COPY --link --from=gitleaks /usr/bin/gitleaks /usr/bin/ +COPY --link --from=trufflehog /usr/bin/trufflehog /usr/bin/ +COPY --link --from=vale /bin/vale /bin/vale +COPY --link --from=lychee /usr/local/bin/lychee /usr/bin/ +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev \ + g++ \ + cmake +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START +RUN --mount=type=cache,id=pip,sharing=locked,target=/var/cache/pip,uid=0 \ + mkdir /download \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --cache-dir=/var/cache/pip --upgrade pip crossenv wheel \ +&& pip download --cache-dir=/var/cache/pip --dest "/download" \ + ansible-lint \ + cpplint \ + djlint \ + packaging \ + checkov \ + semgrep \ + snakemake \ + snakefmt \ + proselint \ + sqlfluff \ + yamllint + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/ansible-lint" \ + && cd "/venvs/ansible-lint" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip ansible-lint +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/cpplint" \ + && cd "/venvs/cpplint" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip cpplint +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/djlint" \ + && cd "/venvs/djlint" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip djlint +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/checkov" \ + && cd "/venvs/checkov" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip packaging checkov +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/semgrep" \ + && cd "/venvs/semgrep" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip semgrep +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/snakemake" \ + && cd "/venvs/snakemake" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip snakemake +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/snakefmt" \ + && cd "/venvs/snakefmt" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip snakefmt +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/proselint" \ + && cd "/venvs/proselint" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip proselint +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/sqlfluff" \ + && cd "/venvs/sqlfluff" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip sqlfluff +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/yamllint" \ + && cd "/venvs/yamllint" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip yamllint + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -53,9 +329,6 @@ RUN apk add --update --no-cache libc6-compat \ ARG TARGETPLATFORM ARG PWSH_VERSION='latest' ARG PWSH_DIRECTORY='/opt/microsoft/powershell' -ARG ARM_TTK_NAME='master.zip' -ARG ARM_TTK_URI='https://github.com/Azure/arm-ttk/archive/master.zip' -ARG ARM_TTK_DIRECTORY='/opt/microsoft' ARG BICEP_EXE='bicep' ARG BICEP_DIR='/usr/local/bin' ARG PSSA_VERSION='latest' @@ -120,6 +393,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -127,79 +402,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START -RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir --upgrade pip virtualenv \ - && mkdir -p "/venvs/ansible-lint" && cd "/venvs/ansible-lint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir ansible-lint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/cpplint" && cd "/venvs/cpplint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir cpplint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/djlint" && cd "/venvs/djlint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir djlint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/checkov" && cd "/venvs/checkov" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir packaging checkov && deactivate && cd ./../.. \ - && mkdir -p "/venvs/semgrep" && cd "/venvs/semgrep" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir semgrep && deactivate && cd ./../.. \ - && mkdir -p "/venvs/snakemake" && cd "/venvs/snakemake" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir snakemake && deactivate && cd ./../.. \ - && mkdir -p "/venvs/snakefmt" && cd "/venvs/snakefmt" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir snakefmt && deactivate && cd ./../.. \ - && mkdir -p "/venvs/proselint" && cd "/venvs/proselint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir proselint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/sqlfluff" && cd "/venvs/sqlfluff" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir sqlfluff && deactivate && cd ./../.. \ - && mkdir -p "/venvs/yamllint" && cd "/venvs/yamllint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir yamllint && deactivate && cd ./../.. \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf && rm -rf /root/.cache -ENV PATH="${PATH}":/venvs/ansible-lint/bin:/venvs/cpplint/bin:/venvs/djlint/bin:/venvs/checkov/bin:/venvs/semgrep/bin:/venvs/snakemake/bin:/venvs/snakefmt/bin:/venvs/proselint/bin:/venvs/sqlfluff/bin:/venvs/yamllint/bin -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START -WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ - jscpd \ - stylelint \ - stylelint-config-standard \ - stylelint-config-sass-guidelines \ - stylelint-scss \ - gherkin-lint \ - graphql \ - graphql-schema-linter \ - npm-groovy-lint \ - htmlhint \ - @prantlf/jsonlint \ - eslint \ - eslint-plugin-jsonc \ - @microsoft/eslint-formatter-sarif \ - v8r \ - prettier \ - npm-package-json-lint \ - npm-package-json-lint-config-default \ - markdownlint-cli \ - markdown-link-check \ - markdown-table-formatter \ - @stoplight/spectral-cli \ - secretlint \ - @secretlint/secretlint-rule-preset-recommend \ - @secretlint/secretlint-formatter-sarif \ - cspell \ - sql-lint \ - tekton-lint && \ - echo "Cleaning npm cache…" \ - && npm cache clean --force || true \ - && echo "Changing owner of node_modules files…" \ - && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ - && echo "Removing extra node_module files…" \ - && rm -rf /root/.npm/_cacache \ - && find . -name "*.d.ts" -delete \ - && find . -name "*.map" -delete \ - && find . -name "*.npmignore" -delete \ - && find . -name "*.travis.yml" -delete \ - && find . -name "CHANGELOG.md" -delete \ - && find . -name "README.md" -delete \ - && find . -name ".package-lock.json" -delete \ - && find . -name "package-lock.json" -delete \ - && find . -name "README.md" -delete -WORKDIR / - -#NPM__END +#PIPVENV_PATH__START +ENV PATH="${PATH}":/venvs/ansible-lint/cross/bin:/venvs/cpplint/cross/bin:/venvs/djlint/cross/bin:/venvs/checkov/cross/bin:/venvs/semgrep/cross/bin:/venvs/snakemake/cross/bin:/venvs/snakefmt/cross/bin:/venvs/proselint/cross/bin:/venvs/sqlfluff/cross/bin:/venvs/yamllint/cross/bin +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -224,46 +429,21 @@ RUN echo 'gem: --no-document' >> ~/.gemrc && \ ############################################################################################# #CARGO__START -RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable \ - && export PATH="/root/.cargo/bin:${PATH}" \ - && cargo install --force --locked sarif-fmt shellcheck-sarif \ - && rm -rf /root/.cargo/registry /root/.cargo/git /root/.cache/sccache /root/.rustup -ENV PATH="/root/.cargo/bin:${PATH}" -#CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# +#CARGO__END -#COPY__START -COPY --link --from=actionlint /usr/local/bin/actionlint /usr/bin/actionlint -# shellcheck is a dependency for actionlint - -COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck -# Next COPY line commented because already managed by another linter -# COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck -COPY --link --from=shfmt /bin/shfmt /usr/bin/ -COPY --link --from=hadolint /bin/hadolint /usr/bin/hadolint -COPY --link --from=editorconfig-checker /usr/bin/ec /usr/bin/editorconfig-checker -COPY --link --from=kubeconform /kubeconform /usr/bin/ -COPY --link --from=checkmake /checkmake /usr/bin/checkmake -COPY --link --from=protolint /usr/local/bin/protolint /usr/bin/ -COPY --link --from=gitleaks /usr/bin/gitleaks /usr/bin/ -COPY --link --from=trufflehog /usr/bin/trufflehog /usr/bin/ -COPY --link --from=vale /bin/vale /bin/vale -COPY --link --from=lychee /usr/local/bin/lychee /usr/bin/ -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START # ARM installation -RUN --mount=type=secret,id=GITHUB_TOKEN case ${TARGETPLATFORM} in \ +RUN --mount=type=secret,id=GITHUB_TOKEN ([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && exit 0) || \ + case ${TARGETPLATFORM} in \ "linux/amd64") POWERSHELL_ARCH=alpine-x64 ;; \ - "linux/arm64") POWERSHELL_ARCH=arm64 ;; \ + "linux/arm64") POWERSHELL_ARCH=alpine-arm64 ;; \ esac \ && mkdir -p ${PWSH_DIRECTORY} \ && curl --retry 5 --retry-delay 5 -s \ @@ -275,35 +455,37 @@ RUN --mount=type=secret,id=GITHUB_TOKEN case ${TARGETPLATFORM} in \ | cut -d '"' -f 4 \ | xargs -n 1 wget -O - \ | tar -xzC ${PWSH_DIRECTORY} \ - && ln -sf ${PWSH_DIRECTORY}/pwsh /usr/bin/pwsh - + && ln -sf ${PWSH_DIRECTORY}/pwsh /usr/bin/pwsh \ + && chmod +x /usr/bin/pwsh +# # CSHARP installation RUN wget --tries=5 -q -O dotnet-install.sh https://dot.net/v1/dotnet-install.sh \ && chmod +x dotnet-install.sh \ && ./dotnet-install.sh --install-dir /usr/share/dotnet -channel 6.0 -version latest ENV PATH="${PATH}:/root/.dotnet/tools:/usr/share/dotnet" - +# # POWERSHELL installation -RUN --mount=type=secret,id=GITHUB_TOKEN case ${TARGETPLATFORM} in \ - "linux/amd64") POWERSHELL_ARCH=alpine-x64 ;; \ - "linux/arm64") POWERSHELL_ARCH=arm64 ;; \ - esac \ - && mkdir -p ${PWSH_DIRECTORY} \ - && curl --retry 5 --retry-delay 5 -s \ - -H "Accept: application/vnd.github+json" \ - -H "Authorization: Bearer $(cat /run/secrets/GITHUB_TOKEN)" \ - https://api.github.com/repos/powershell/powershell/releases/${PWSH_VERSION} \ - | grep browser_download_url \ - | grep linux-${POWERSHELL_ARCH} \ - | cut -d '"' -f 4 \ - | xargs -n 1 wget -O - \ - | tar -xzC ${PWSH_DIRECTORY} \ - && ln -sf ${PWSH_DIRECTORY}/pwsh /usr/bin/pwsh \ - && chmod +x /usr/bin/pwsh - - +# Next line commented because already managed by another linter +# RUN ([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && exit 0) || \ +# case ${TARGETPLATFORM} in \ +# "linux/amd64") POWERSHELL_ARCH=alpine-x64 ;; \ +# "linux/arm64") POWERSHELL_ARCH=alpine-arm64 ;; \ +# esac \ +# && mkdir -p ${PWSH_DIRECTORY} \ +# && curl --retry 5 --retry-delay 5 -s \ +# -H "Accept: application/vnd.github+json" \ +# -H "Authorization: Bearer $(cat /run/secrets/GITHUB_TOKEN)" \ +# https://api.github.com/repos/powershell/powershell/releases/${PWSH_VERSION} \ +# | grep browser_download_url \ +# | grep linux-${POWERSHELL_ARCH} \ +# | cut -d '"' -f 4 \ +# | xargs -n 1 wget -O - \ +# | tar -xzC ${PWSH_DIRECTORY} \ +# && ln -sf ${PWSH_DIRECTORY}/pwsh /usr/bin/pwsh \ +# && chmod +x /usr/bin/pwsh +# # VBDOTNET installation # Next line commented because already managed by another linter # RUN wget --tries=5 -q -O dotnet-install.sh https://dot.net/v1/dotnet-install.sh \ @@ -311,99 +493,40 @@ RUN --mount=type=secret,id=GITHUB_TOKEN case ${TARGETPLATFORM} in \ # && ./dotnet-install.sh --install-dir /usr/share/dotnet -channel 6.0 -version latest # Next line commented because already managed by another linter # ENV PATH="${PATH}:/root/.dotnet/tools:/usr/share/dotnet" - -# actionlint installation -# Managed with COPY --link --from=actionlint /usr/local/bin/actionlint /usr/bin/actionlint -# # shellcheck is a dependency for actionlint -# Managed with COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck - -# arm-ttk installation -ENV ARM_TTK_PSD1="${ARM_TTK_DIRECTORY}/arm-ttk-master/arm-ttk/arm-ttk.psd1" -RUN curl --retry 5 --retry-delay 5 -sLO "${ARM_TTK_URI}" \ - && unzip "${ARM_TTK_NAME}" -d "${ARM_TTK_DIRECTORY}" \ - && rm "${ARM_TTK_NAME}" \ - && ln -sTf "${ARM_TTK_PSD1}" /usr/bin/arm-ttk \ - && chmod a+x /usr/bin/arm-ttk \ - -# bash-exec installation - && printf '#!/bin/bash \n\nif [[ -x "$1" ]]; then exit 0; else echo "Error: File:[$1] is not executable"; exit 1; fi' > /usr/bin/bash-exec \ - && chmod +x /usr/bin/bash-exec \ - -# shellcheck installation -# Managed with # Next COPY line commented because already managed by another linter -# # COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck - -# shfmt installation -# Managed with COPY --link --from=shfmt /bin/shfmt /usr/bin/ - +# # bicep_linter installation - && case ${TARGETPLATFORM} in \ +RUN case ${TARGETPLATFORM} in \ "linux/amd64") POWERSHELL_ARCH=musl-x64 ;; \ "linux/arm64") POWERSHELL_ARCH=arm64 ;; \ esac \ && curl --retry 5 --retry-delay 5 -sLo ${BICEP_EXE} "https://github.com/Azure/bicep/releases/latest/download/bicep-linux-${POWERSHELL_ARCH}" \ && chmod +x "${BICEP_EXE}" \ && mv "${BICEP_EXE}" "${BICEP_DIR}" \ - +# # csharpier installation && /usr/share/dotnet/dotnet tool install -g csharpier \ - -# hadolint installation -# Managed with COPY --link --from=hadolint /bin/hadolint /usr/bin/hadolint - -# editorconfig-checker installation -# Managed with COPY --link --from=editorconfig-checker /usr/bin/ec /usr/bin/editorconfig-checker - -# dotenv-linter installation - && wget -q -O - https://raw.githubusercontent.com/dotenv-linter/dotenv-linter/master/install.sh | sh -s \ - -# ktlint installation - && curl --retry 5 --retry-delay 5 -sSLO https://github.com/pinterest/ktlint/releases/latest/download/ktlint && \ - chmod a+x ktlint && \ - mv "ktlint" /usr/bin/ \ - -# kubeconform installation -# Managed with COPY --link --from=kubeconform /kubeconform /usr/bin/ - +# # kubescape installation && ln -s /lib/libc.so.6 /usr/lib/libresolv.so.2 && \ curl --retry 5 --retry-delay 5 -sLv https://raw.githubusercontent.com/kubescape/kubescape/master/install.sh | /bin/bash -s -- -v v2.3.6 \ - -# checkmake installation -# Managed with COPY --link --from=checkmake /checkmake /usr/bin/checkmake - +# # powershell installation - && pwsh -c 'Install-Module -Name PSScriptAnalyzer -RequiredVersion ${PSSA_VERSION} -Scope AllUsers -Force' \ - + && ([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && exit 0) || pwsh -c 'Install-Module -Name PSScriptAnalyzer -RequiredVersion ${PSSA_VERSION} -Scope AllUsers -Force' \ +# # powershell_formatter installation # Next line commented because already managed by another linter -# RUN pwsh -c 'Install-Module -Name PSScriptAnalyzer -RequiredVersion ${PSSA_VERSION} -Scope AllUsers -Force' - -# protolint installation -# Managed with COPY --link --from=protolint /usr/local/bin/protolint /usr/bin/ - -# gitleaks installation -# Managed with COPY --link --from=gitleaks /usr/bin/gitleaks /usr/bin/ - +# RUN ([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && exit 0) || pwsh -c 'Install-Module -Name PSScriptAnalyzer -RequiredVersion ${PSSA_VERSION} -Scope AllUsers -Force' +# # grype installation && curl -sSfL https://raw.githubusercontent.com/anchore/grype/main/install.sh | sh -s -- -b /usr/local/bin v0.63.1 \ - +# # trivy installation && wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin \ - +# # trivy-sbom installation # Next line commented because already managed by another linter # RUN wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin - -# trufflehog installation -# Managed with COPY --link --from=trufflehog /usr/bin/trufflehog /usr/bin/ - -# vale installation -# Managed with COPY --link --from=vale /bin/vale /bin/vale - -# lychee installation -# Managed with COPY --link --from=lychee /usr/local/bin/lychee /usr/bin/ - +# # tsqllint installation # Next line commented because already managed by another linter # RUN wget --tries=5 -q -O dotnet-install.sh https://dot.net/v1/dotnet-install.sh \ @@ -412,27 +535,9 @@ esac \ # Next line commented because already managed by another linter # ENV PATH="${PATH}:/root/.dotnet/tools:/usr/share/dotnet" && dotnet tool install --global TSQLLint - +# #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### @@ -470,7 +575,6 @@ LABEL com.github.actions.name="MegaLinter" \ org.opencontainers.image.description="Lint your code base with GitHub Actions" #EXTRA_DOCKERFILE_LINES__START -COPY entrypoint.sh /entrypoint.sh -RUN chmod +x entrypoint.sh +COPY --chmod=755 entrypoint.sh /entrypoint.sh ENTRYPOINT ["/bin/bash", "/entrypoint.sh"] #EXTRA_DOCKERFILE_LINES__END diff --git a/flavors/dotnetweb/Dockerfile b/flavors/dotnetweb/Dockerfile index c0766b0efc2..afd8153f7bf 100644 --- a/flavors/dotnetweb/Dockerfile +++ b/flavors/dotnetweb/Dockerfile @@ -21,6 +21,7 @@ FROM koalaman/shellcheck:stable as shellcheck FROM mvdan/shfmt:latest-alpine as shfmt FROM hadolint/hadolint:v2.12.0-alpine as hadolint FROM mstruebing/editorconfig-checker:2.7.0 as editorconfig-checker +FROM dotenvlinter/dotenv-linter:latest as dotenvlinter FROM ghcr.io/yannh/kubeconform:latest-alpine as kubeconform FROM mrtazz/checkmake:latest as checkmake FROM yoheimuta/protolint:latest as protolint @@ -30,18 +31,313 @@ FROM jdkato/vale:latest as vale FROM lycheeverse/lychee:latest-alpine as lychee #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START +# arm-ttk installation +ARG ARM_TTK_NAME='master.zip' +ARG ARM_TTK_URI='https://github.com/Azure/arm-ttk/archive/master.zip' +ARG ARM_TTK_DIRECTORY='/opt/microsoft' +ENV ARM_TTK_PSD1="${ARM_TTK_DIRECTORY}/arm-ttk-master/arm-ttk/arm-ttk.psd1" +RUN curl --retry 5 --retry-delay 5 -sLO "${ARM_TTK_URI}" \ + && unzip "${ARM_TTK_NAME}" -d "${ARM_TTK_DIRECTORY}" \ + && rm "${ARM_TTK_NAME}" \ + && ln -sTf "${ARM_TTK_PSD1}" /usr/bin/arm-ttk \ + && chmod a+x /usr/bin/arm-ttk \ +# +# bash-exec installation + && printf '#!/bin/bash \n\nif [[ -x "$1" ]]; then exit 0; else echo "Error: File:[$1] is not executable"; exit 1; fi' > /usr/bin/bash-exec \ + && chmod +x /usr/bin/bash-exec \ +# +# ktlint installation + && curl --retry 5 --retry-delay 5 -sSLO https://github.com/pinterest/ktlint/releases/latest/download/ktlint && \ + chmod a+x ktlint && \ + mv "ktlint" /usr/bin/ + +# +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START +RUN apk add --update --no-cache \ + npm +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START +WORKDIR /node-deps +RUN npm --no-cache install --ignore-scripts --omit=dev \ + typescript \ + @coffeelint/cli \ + jscpd \ + stylelint \ + stylelint-config-standard \ + stylelint-config-sass-guidelines \ + stylelint-scss \ + gherkin-lint \ + graphql \ + graphql-schema-linter \ + npm-groovy-lint \ + htmlhint \ + eslint \ + eslint-config-airbnb \ + eslint-config-prettier \ + eslint-config-standard \ + eslint-plugin-import \ + eslint-plugin-jest \ + eslint-plugin-node \ + eslint-plugin-prettier \ + eslint-plugin-promise \ + eslint-plugin-vue \ + @babel/core \ + @babel/eslint-parser \ + @microsoft/eslint-formatter-sarif \ + standard \ + prettier \ + @prantlf/jsonlint \ + eslint-plugin-jsonc \ + v8r \ + npm-package-json-lint \ + npm-package-json-lint-config-default \ + eslint-plugin-react \ + eslint-plugin-jsx-a11y \ + markdownlint-cli \ + markdown-link-check \ + markdown-table-formatter \ + @stoplight/spectral-cli \ + secretlint \ + @secretlint/secretlint-rule-preset-recommend \ + @secretlint/secretlint-formatter-sarif \ + cspell \ + sql-lint \ + tekton-lint \ + prettyjson \ + @typescript-eslint/eslint-plugin \ + @typescript-eslint/parser \ + ts-standard && \ + echo "Cleaning npm cache…" \ + && npm cache clean --force || true \ + && echo "Changing owner of node_modules files…" \ + && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ + && echo "Removing extra node_module files…" \ + && rm -rf /root/.npm/_cacache \ + && find . -name "*.d.ts" -delete \ + && find . -name "*.map" -delete \ + && find . -name "*.npmignore" -delete \ + && find . -name "*.travis.yml" -delete \ + && find . -name "CHANGELOG.md" -delete \ + && find . -name "README.md" -delete \ + && find . -name ".package-lock.json" -delete \ + && find . -name "package-lock.json" -delete \ + && find . -name "README.md" -delete +WORKDIR / + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START +COPY --link --from=node_modules /node-deps /node-deps +COPY --link --from=actionlint /usr/local/bin/actionlint /usr/bin/actionlint +# shellcheck is a dependency for actionlint + +COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck +COPY --link --from=build-platform /usr/bin/arm-ttk /usr/bin/arm-ttk +COPY --link --from=build-platform /usr/bin/bash-exec /usr/bin/bash-exec +# Next COPY line commented because already managed by another linter +# COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck +COPY --link --from=shfmt /bin/shfmt /usr/bin/ +COPY --link --from=hadolint /bin/hadolint /usr/bin/hadolint +COPY --link --from=editorconfig-checker /usr/bin/ec /usr/bin/editorconfig-checker +COPY --link --from=dotenvlinter /dotenv-linter /usr/bin/dotenv-linter +COPY --link --from=build-platform /usr/bin/ktlint /usr/bin/ktlint +COPY --link --from=kubeconform /kubeconform /usr/bin/ +COPY --link --from=checkmake /checkmake /usr/bin/checkmake +COPY --link --from=protolint /usr/local/bin/protolint /usr/bin/ +COPY --link --from=gitleaks /usr/bin/gitleaks /usr/bin/ +COPY --link --from=trufflehog /usr/bin/trufflehog /usr/bin/ +COPY --link --from=vale /bin/vale /bin/vale +COPY --link --from=lychee /usr/local/bin/lychee /usr/bin/ +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev \ + g++ \ + cmake +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START +RUN --mount=type=cache,id=pip,sharing=locked,target=/var/cache/pip,uid=0 \ + mkdir /download \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --cache-dir=/var/cache/pip --upgrade pip crossenv wheel \ +&& pip download --cache-dir=/var/cache/pip --dest "/download" \ + ansible-lint \ + cpplint \ + djlint \ + packaging \ + checkov \ + semgrep \ + snakemake \ + snakefmt \ + proselint \ + sqlfluff \ + yamllint + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/ansible-lint" \ + && cd "/venvs/ansible-lint" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip ansible-lint +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/cpplint" \ + && cd "/venvs/cpplint" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip cpplint +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/djlint" \ + && cd "/venvs/djlint" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip djlint +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/checkov" \ + && cd "/venvs/checkov" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip packaging checkov +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/semgrep" \ + && cd "/venvs/semgrep" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip semgrep +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/snakemake" \ + && cd "/venvs/snakemake" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip snakemake +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/snakefmt" \ + && cd "/venvs/snakefmt" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip snakefmt +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/proselint" \ + && cd "/venvs/proselint" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip proselint +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/sqlfluff" \ + && cd "/venvs/sqlfluff" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip sqlfluff +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/yamllint" \ + && cd "/venvs/yamllint" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip yamllint + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -53,9 +349,6 @@ RUN apk add --update --no-cache libc6-compat \ ARG TARGETPLATFORM ARG PWSH_VERSION='latest' ARG PWSH_DIRECTORY='/opt/microsoft/powershell' -ARG ARM_TTK_NAME='master.zip' -ARG ARM_TTK_URI='https://github.com/Azure/arm-ttk/archive/master.zip' -ARG ARM_TTK_DIRECTORY='/opt/microsoft' ARG BICEP_EXE='bicep' ARG BICEP_DIR='/usr/local/bin' ARG PSSA_VERSION='latest' @@ -120,6 +413,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -127,99 +422,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START -RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir --upgrade pip virtualenv \ - && mkdir -p "/venvs/ansible-lint" && cd "/venvs/ansible-lint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir ansible-lint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/cpplint" && cd "/venvs/cpplint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir cpplint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/djlint" && cd "/venvs/djlint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir djlint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/checkov" && cd "/venvs/checkov" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir packaging checkov && deactivate && cd ./../.. \ - && mkdir -p "/venvs/semgrep" && cd "/venvs/semgrep" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir semgrep && deactivate && cd ./../.. \ - && mkdir -p "/venvs/snakemake" && cd "/venvs/snakemake" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir snakemake && deactivate && cd ./../.. \ - && mkdir -p "/venvs/snakefmt" && cd "/venvs/snakefmt" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir snakefmt && deactivate && cd ./../.. \ - && mkdir -p "/venvs/proselint" && cd "/venvs/proselint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir proselint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/sqlfluff" && cd "/venvs/sqlfluff" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir sqlfluff && deactivate && cd ./../.. \ - && mkdir -p "/venvs/yamllint" && cd "/venvs/yamllint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir yamllint && deactivate && cd ./../.. \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf && rm -rf /root/.cache -ENV PATH="${PATH}":/venvs/ansible-lint/bin:/venvs/cpplint/bin:/venvs/djlint/bin:/venvs/checkov/bin:/venvs/semgrep/bin:/venvs/snakemake/bin:/venvs/snakefmt/bin:/venvs/proselint/bin:/venvs/sqlfluff/bin:/venvs/yamllint/bin -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START -WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ - typescript \ - @coffeelint/cli \ - jscpd \ - stylelint \ - stylelint-config-standard \ - stylelint-config-sass-guidelines \ - stylelint-scss \ - gherkin-lint \ - graphql \ - graphql-schema-linter \ - npm-groovy-lint \ - htmlhint \ - eslint \ - eslint-config-airbnb \ - eslint-config-prettier \ - eslint-config-standard \ - eslint-plugin-import \ - eslint-plugin-jest \ - eslint-plugin-node \ - eslint-plugin-prettier \ - eslint-plugin-promise \ - eslint-plugin-vue \ - @babel/core \ - @babel/eslint-parser \ - @microsoft/eslint-formatter-sarif \ - standard \ - prettier \ - @prantlf/jsonlint \ - eslint-plugin-jsonc \ - v8r \ - npm-package-json-lint \ - npm-package-json-lint-config-default \ - eslint-plugin-react \ - eslint-plugin-jsx-a11y \ - markdownlint-cli \ - markdown-link-check \ - markdown-table-formatter \ - @stoplight/spectral-cli \ - secretlint \ - @secretlint/secretlint-rule-preset-recommend \ - @secretlint/secretlint-formatter-sarif \ - cspell \ - sql-lint \ - tekton-lint \ - prettyjson \ - @typescript-eslint/eslint-plugin \ - @typescript-eslint/parser \ - ts-standard && \ - echo "Cleaning npm cache…" \ - && npm cache clean --force || true \ - && echo "Changing owner of node_modules files…" \ - && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ - && echo "Removing extra node_module files…" \ - && rm -rf /root/.npm/_cacache \ - && find . -name "*.d.ts" -delete \ - && find . -name "*.map" -delete \ - && find . -name "*.npmignore" -delete \ - && find . -name "*.travis.yml" -delete \ - && find . -name "CHANGELOG.md" -delete \ - && find . -name "README.md" -delete \ - && find . -name ".package-lock.json" -delete \ - && find . -name "package-lock.json" -delete \ - && find . -name "README.md" -delete -WORKDIR / - -#NPM__END +#PIPVENV_PATH__START +ENV PATH="${PATH}":/venvs/ansible-lint/cross/bin:/venvs/cpplint/cross/bin:/venvs/djlint/cross/bin:/venvs/checkov/cross/bin:/venvs/semgrep/cross/bin:/venvs/snakemake/cross/bin:/venvs/snakefmt/cross/bin:/venvs/proselint/cross/bin:/venvs/sqlfluff/cross/bin:/venvs/yamllint/cross/bin +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -244,46 +449,21 @@ RUN echo 'gem: --no-document' >> ~/.gemrc && \ ############################################################################################# #CARGO__START -RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable \ - && export PATH="/root/.cargo/bin:${PATH}" \ - && cargo install --force --locked sarif-fmt shellcheck-sarif \ - && rm -rf /root/.cargo/registry /root/.cargo/git /root/.cache/sccache /root/.rustup -ENV PATH="/root/.cargo/bin:${PATH}" -#CARGO__END - -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# -#COPY__START -COPY --link --from=actionlint /usr/local/bin/actionlint /usr/bin/actionlint -# shellcheck is a dependency for actionlint +#CARGO__END -COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck -# Next COPY line commented because already managed by another linter -# COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck -COPY --link --from=shfmt /bin/shfmt /usr/bin/ -COPY --link --from=hadolint /bin/hadolint /usr/bin/hadolint -COPY --link --from=editorconfig-checker /usr/bin/ec /usr/bin/editorconfig-checker -COPY --link --from=kubeconform /kubeconform /usr/bin/ -COPY --link --from=checkmake /checkmake /usr/bin/checkmake -COPY --link --from=protolint /usr/local/bin/protolint /usr/bin/ -COPY --link --from=gitleaks /usr/bin/gitleaks /usr/bin/ -COPY --link --from=trufflehog /usr/bin/trufflehog /usr/bin/ -COPY --link --from=vale /bin/vale /bin/vale -COPY --link --from=lychee /usr/local/bin/lychee /usr/bin/ -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START # ARM installation -RUN --mount=type=secret,id=GITHUB_TOKEN case ${TARGETPLATFORM} in \ +RUN --mount=type=secret,id=GITHUB_TOKEN ([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && exit 0) || \ + case ${TARGETPLATFORM} in \ "linux/amd64") POWERSHELL_ARCH=alpine-x64 ;; \ - "linux/arm64") POWERSHELL_ARCH=arm64 ;; \ + "linux/arm64") POWERSHELL_ARCH=alpine-arm64 ;; \ esac \ && mkdir -p ${PWSH_DIRECTORY} \ && curl --retry 5 --retry-delay 5 -s \ @@ -295,35 +475,37 @@ RUN --mount=type=secret,id=GITHUB_TOKEN case ${TARGETPLATFORM} in \ | cut -d '"' -f 4 \ | xargs -n 1 wget -O - \ | tar -xzC ${PWSH_DIRECTORY} \ - && ln -sf ${PWSH_DIRECTORY}/pwsh /usr/bin/pwsh - + && ln -sf ${PWSH_DIRECTORY}/pwsh /usr/bin/pwsh \ + && chmod +x /usr/bin/pwsh +# # CSHARP installation RUN wget --tries=5 -q -O dotnet-install.sh https://dot.net/v1/dotnet-install.sh \ && chmod +x dotnet-install.sh \ && ./dotnet-install.sh --install-dir /usr/share/dotnet -channel 6.0 -version latest ENV PATH="${PATH}:/root/.dotnet/tools:/usr/share/dotnet" - +# # POWERSHELL installation -RUN --mount=type=secret,id=GITHUB_TOKEN case ${TARGETPLATFORM} in \ - "linux/amd64") POWERSHELL_ARCH=alpine-x64 ;; \ - "linux/arm64") POWERSHELL_ARCH=arm64 ;; \ - esac \ - && mkdir -p ${PWSH_DIRECTORY} \ - && curl --retry 5 --retry-delay 5 -s \ - -H "Accept: application/vnd.github+json" \ - -H "Authorization: Bearer $(cat /run/secrets/GITHUB_TOKEN)" \ - https://api.github.com/repos/powershell/powershell/releases/${PWSH_VERSION} \ - | grep browser_download_url \ - | grep linux-${POWERSHELL_ARCH} \ - | cut -d '"' -f 4 \ - | xargs -n 1 wget -O - \ - | tar -xzC ${PWSH_DIRECTORY} \ - && ln -sf ${PWSH_DIRECTORY}/pwsh /usr/bin/pwsh \ - && chmod +x /usr/bin/pwsh - - +# Next line commented because already managed by another linter +# RUN ([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && exit 0) || \ +# case ${TARGETPLATFORM} in \ +# "linux/amd64") POWERSHELL_ARCH=alpine-x64 ;; \ +# "linux/arm64") POWERSHELL_ARCH=alpine-arm64 ;; \ +# esac \ +# && mkdir -p ${PWSH_DIRECTORY} \ +# && curl --retry 5 --retry-delay 5 -s \ +# -H "Accept: application/vnd.github+json" \ +# -H "Authorization: Bearer $(cat /run/secrets/GITHUB_TOKEN)" \ +# https://api.github.com/repos/powershell/powershell/releases/${PWSH_VERSION} \ +# | grep browser_download_url \ +# | grep linux-${POWERSHELL_ARCH} \ +# | cut -d '"' -f 4 \ +# | xargs -n 1 wget -O - \ +# | tar -xzC ${PWSH_DIRECTORY} \ +# && ln -sf ${PWSH_DIRECTORY}/pwsh /usr/bin/pwsh \ +# && chmod +x /usr/bin/pwsh +# # VBDOTNET installation # Next line commented because already managed by another linter # RUN wget --tries=5 -q -O dotnet-install.sh https://dot.net/v1/dotnet-install.sh \ @@ -331,99 +513,40 @@ RUN --mount=type=secret,id=GITHUB_TOKEN case ${TARGETPLATFORM} in \ # && ./dotnet-install.sh --install-dir /usr/share/dotnet -channel 6.0 -version latest # Next line commented because already managed by another linter # ENV PATH="${PATH}:/root/.dotnet/tools:/usr/share/dotnet" - -# actionlint installation -# Managed with COPY --link --from=actionlint /usr/local/bin/actionlint /usr/bin/actionlint -# # shellcheck is a dependency for actionlint -# Managed with COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck - -# arm-ttk installation -ENV ARM_TTK_PSD1="${ARM_TTK_DIRECTORY}/arm-ttk-master/arm-ttk/arm-ttk.psd1" -RUN curl --retry 5 --retry-delay 5 -sLO "${ARM_TTK_URI}" \ - && unzip "${ARM_TTK_NAME}" -d "${ARM_TTK_DIRECTORY}" \ - && rm "${ARM_TTK_NAME}" \ - && ln -sTf "${ARM_TTK_PSD1}" /usr/bin/arm-ttk \ - && chmod a+x /usr/bin/arm-ttk \ - -# bash-exec installation - && printf '#!/bin/bash \n\nif [[ -x "$1" ]]; then exit 0; else echo "Error: File:[$1] is not executable"; exit 1; fi' > /usr/bin/bash-exec \ - && chmod +x /usr/bin/bash-exec \ - -# shellcheck installation -# Managed with # Next COPY line commented because already managed by another linter -# # COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck - -# shfmt installation -# Managed with COPY --link --from=shfmt /bin/shfmt /usr/bin/ - +# # bicep_linter installation - && case ${TARGETPLATFORM} in \ +RUN case ${TARGETPLATFORM} in \ "linux/amd64") POWERSHELL_ARCH=musl-x64 ;; \ "linux/arm64") POWERSHELL_ARCH=arm64 ;; \ esac \ && curl --retry 5 --retry-delay 5 -sLo ${BICEP_EXE} "https://github.com/Azure/bicep/releases/latest/download/bicep-linux-${POWERSHELL_ARCH}" \ && chmod +x "${BICEP_EXE}" \ && mv "${BICEP_EXE}" "${BICEP_DIR}" \ - +# # csharpier installation && /usr/share/dotnet/dotnet tool install -g csharpier \ - -# hadolint installation -# Managed with COPY --link --from=hadolint /bin/hadolint /usr/bin/hadolint - -# editorconfig-checker installation -# Managed with COPY --link --from=editorconfig-checker /usr/bin/ec /usr/bin/editorconfig-checker - -# dotenv-linter installation - && wget -q -O - https://raw.githubusercontent.com/dotenv-linter/dotenv-linter/master/install.sh | sh -s \ - -# ktlint installation - && curl --retry 5 --retry-delay 5 -sSLO https://github.com/pinterest/ktlint/releases/latest/download/ktlint && \ - chmod a+x ktlint && \ - mv "ktlint" /usr/bin/ \ - -# kubeconform installation -# Managed with COPY --link --from=kubeconform /kubeconform /usr/bin/ - +# # kubescape installation && ln -s /lib/libc.so.6 /usr/lib/libresolv.so.2 && \ curl --retry 5 --retry-delay 5 -sLv https://raw.githubusercontent.com/kubescape/kubescape/master/install.sh | /bin/bash -s -- -v v2.3.6 \ - -# checkmake installation -# Managed with COPY --link --from=checkmake /checkmake /usr/bin/checkmake - +# # powershell installation - && pwsh -c 'Install-Module -Name PSScriptAnalyzer -RequiredVersion ${PSSA_VERSION} -Scope AllUsers -Force' \ - + && ([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && exit 0) || pwsh -c 'Install-Module -Name PSScriptAnalyzer -RequiredVersion ${PSSA_VERSION} -Scope AllUsers -Force' \ +# # powershell_formatter installation # Next line commented because already managed by another linter -# RUN pwsh -c 'Install-Module -Name PSScriptAnalyzer -RequiredVersion ${PSSA_VERSION} -Scope AllUsers -Force' - -# protolint installation -# Managed with COPY --link --from=protolint /usr/local/bin/protolint /usr/bin/ - -# gitleaks installation -# Managed with COPY --link --from=gitleaks /usr/bin/gitleaks /usr/bin/ - +# RUN ([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && exit 0) || pwsh -c 'Install-Module -Name PSScriptAnalyzer -RequiredVersion ${PSSA_VERSION} -Scope AllUsers -Force' +# # grype installation && curl -sSfL https://raw.githubusercontent.com/anchore/grype/main/install.sh | sh -s -- -b /usr/local/bin v0.63.1 \ - +# # trivy installation && wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin \ - +# # trivy-sbom installation # Next line commented because already managed by another linter # RUN wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin - -# trufflehog installation -# Managed with COPY --link --from=trufflehog /usr/bin/trufflehog /usr/bin/ - -# vale installation -# Managed with COPY --link --from=vale /bin/vale /bin/vale - -# lychee installation -# Managed with COPY --link --from=lychee /usr/local/bin/lychee /usr/bin/ - +# # tsqllint installation # Next line commented because already managed by another linter # RUN wget --tries=5 -q -O dotnet-install.sh https://dot.net/v1/dotnet-install.sh \ @@ -432,27 +555,9 @@ esac \ # Next line commented because already managed by another linter # ENV PATH="${PATH}:/root/.dotnet/tools:/usr/share/dotnet" && dotnet tool install --global TSQLLint - +# #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### @@ -490,7 +595,6 @@ LABEL com.github.actions.name="MegaLinter" \ org.opencontainers.image.description="Lint your code base with GitHub Actions" #EXTRA_DOCKERFILE_LINES__START -COPY entrypoint.sh /entrypoint.sh -RUN chmod +x entrypoint.sh +COPY --chmod=755 entrypoint.sh /entrypoint.sh ENTRYPOINT ["/bin/bash", "/entrypoint.sh"] #EXTRA_DOCKERFILE_LINES__END diff --git a/flavors/go/Dockerfile b/flavors/go/Dockerfile index 68d5fd2e39d..3353b741101 100644 --- a/flavors/go/Dockerfile +++ b/flavors/go/Dockerfile @@ -21,11 +21,21 @@ FROM koalaman/shellcheck:stable as shellcheck FROM mvdan/shfmt:latest-alpine as shfmt FROM hadolint/hadolint:v2.12.0-alpine as hadolint FROM mstruebing/editorconfig-checker:2.7.0 as editorconfig-checker -FROM golang:1-alpine as revive +FROM dotenvlinter/dotenv-linter:latest as dotenvlinter +FROM --platform=$BUILDPLATFORM golang:1-alpine as revive-build ## The golang image used as a builder is a temporary workaround ## for the released revive binaries not returning version numbers (devel). ## The install command should then be what is commented in the go.megalinter-descriptor.yml -RUN GOBIN=/usr/bin go install github.com/mgechev/revive@latest +## See https://github.com/mgechev/revive/issues/787 +RUN mkdir temp && cd temp && go mod init temp && go get -d github.com/mgechev/revive@latest +ARG BUILDARCH +ARG TARGETARCH +RUN GOOS=linux GOARCH=${TARGETARCH} go install github.com/mgechev/revive@latest \ +&& ([[ "${BUILDARCH}" == "${TARGETARCH}" ]] && mv bin/revive /usr/bin) || mv bin/linux_${TARGETARCH}/revive /usr/bin +FROM golang:1-alpine as revive +COPY --from=revive-build /usr/bin/revive /usr/bin/revive +# Verify Binary +RUN /usr/bin/revive --version FROM ghcr.io/yannh/kubeconform:latest-alpine as kubeconform FROM mrtazz/checkmake:latest as checkmake @@ -36,18 +46,271 @@ FROM jdkato/vale:latest as vale FROM lycheeverse/lychee:latest-alpine as lychee #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START +# bash-exec installation +RUN printf '#!/bin/bash \n\nif [[ -x "$1" ]]; then exit 0; else echo "Error: File:[$1] is not executable"; exit 1; fi' > /usr/bin/bash-exec \ + && chmod +x /usr/bin/bash-exec \ +# +# ktlint installation + && curl --retry 5 --retry-delay 5 -sSLO https://github.com/pinterest/ktlint/releases/latest/download/ktlint && \ + chmod a+x ktlint && \ + mv "ktlint" /usr/bin/ + +# +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START +RUN apk add --update --no-cache \ + npm +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START +WORKDIR /node-deps +RUN npm --no-cache install --ignore-scripts --omit=dev \ + jscpd \ + stylelint \ + stylelint-config-standard \ + stylelint-config-sass-guidelines \ + stylelint-scss \ + graphql \ + graphql-schema-linter \ + npm-groovy-lint \ + htmlhint \ + @prantlf/jsonlint \ + eslint \ + eslint-plugin-jsonc \ + @microsoft/eslint-formatter-sarif \ + v8r \ + prettier \ + markdownlint-cli \ + markdown-link-check \ + markdown-table-formatter \ + @stoplight/spectral-cli \ + secretlint \ + @secretlint/secretlint-rule-preset-recommend \ + @secretlint/secretlint-formatter-sarif \ + cspell \ + sql-lint \ + tekton-lint && \ + echo "Cleaning npm cache…" \ + && npm cache clean --force || true \ + && echo "Changing owner of node_modules files…" \ + && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ + && echo "Removing extra node_module files…" \ + && rm -rf /root/.npm/_cacache \ + && find . -name "*.d.ts" -delete \ + && find . -name "*.map" -delete \ + && find . -name "*.npmignore" -delete \ + && find . -name "*.travis.yml" -delete \ + && find . -name "CHANGELOG.md" -delete \ + && find . -name "README.md" -delete \ + && find . -name ".package-lock.json" -delete \ + && find . -name "package-lock.json" -delete \ + && find . -name "README.md" -delete +WORKDIR / + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START +COPY --link --from=actionlint /usr/local/bin/actionlint /usr/bin/actionlint +# shellcheck is a dependency for actionlint + +COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck +COPY --link --from=build-platform /usr/bin/bash-exec /usr/bin/bash-exec +# Next COPY line commented because already managed by another linter +# COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck +COPY --link --from=shfmt /bin/shfmt /usr/bin/ +COPY --link --from=node_modules /node-deps /node-deps +COPY --link --from=hadolint /bin/hadolint /usr/bin/hadolint +COPY --link --from=editorconfig-checker /usr/bin/ec /usr/bin/editorconfig-checker +COPY --link --from=dotenvlinter /dotenv-linter /usr/bin/dotenv-linter +COPY --link --from=revive /usr/bin/revive /usr/bin/revive +COPY --link --from=build-platform /usr/bin/ktlint /usr/bin/ktlint +COPY --link --from=kubeconform /kubeconform /usr/bin/ +COPY --link --from=checkmake /checkmake /usr/bin/checkmake +COPY --link --from=protolint /usr/local/bin/protolint /usr/bin/ +COPY --link --from=gitleaks /usr/bin/gitleaks /usr/bin/ +COPY --link --from=trufflehog /usr/bin/trufflehog /usr/bin/ +COPY --link --from=vale /bin/vale /bin/vale +COPY --link --from=lychee /usr/local/bin/lychee /usr/bin/ +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev \ + g++ \ + cmake +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START +RUN --mount=type=cache,id=pip,sharing=locked,target=/var/cache/pip,uid=0 \ + mkdir /download \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --cache-dir=/var/cache/pip --upgrade pip crossenv wheel \ +&& pip download --cache-dir=/var/cache/pip --dest "/download" \ + ansible-lint \ + djlint \ + packaging \ + checkov \ + semgrep \ + snakemake \ + snakefmt \ + proselint \ + sqlfluff \ + yamllint + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/ansible-lint" \ + && cd "/venvs/ansible-lint" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip ansible-lint +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/djlint" \ + && cd "/venvs/djlint" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip djlint +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/checkov" \ + && cd "/venvs/checkov" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip packaging checkov +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/semgrep" \ + && cd "/venvs/semgrep" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip semgrep +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/snakemake" \ + && cd "/venvs/snakemake" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip snakemake +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/snakefmt" \ + && cd "/venvs/snakefmt" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip snakefmt +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/proselint" \ + && cd "/venvs/proselint" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip proselint +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/sqlfluff" \ + && cd "/venvs/sqlfluff" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip sqlfluff +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/yamllint" \ + && cd "/venvs/yamllint" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip yamllint + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -112,6 +375,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -119,75 +384,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START -RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir --upgrade pip virtualenv \ - && mkdir -p "/venvs/ansible-lint" && cd "/venvs/ansible-lint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir ansible-lint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/djlint" && cd "/venvs/djlint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir djlint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/checkov" && cd "/venvs/checkov" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir packaging checkov && deactivate && cd ./../.. \ - && mkdir -p "/venvs/semgrep" && cd "/venvs/semgrep" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir semgrep && deactivate && cd ./../.. \ - && mkdir -p "/venvs/snakemake" && cd "/venvs/snakemake" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir snakemake && deactivate && cd ./../.. \ - && mkdir -p "/venvs/snakefmt" && cd "/venvs/snakefmt" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir snakefmt && deactivate && cd ./../.. \ - && mkdir -p "/venvs/proselint" && cd "/venvs/proselint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir proselint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/sqlfluff" && cd "/venvs/sqlfluff" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir sqlfluff && deactivate && cd ./../.. \ - && mkdir -p "/venvs/yamllint" && cd "/venvs/yamllint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir yamllint && deactivate && cd ./../.. \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf && rm -rf /root/.cache -ENV PATH="${PATH}":/venvs/ansible-lint/bin:/venvs/djlint/bin:/venvs/checkov/bin:/venvs/semgrep/bin:/venvs/snakemake/bin:/venvs/snakefmt/bin:/venvs/proselint/bin:/venvs/sqlfluff/bin:/venvs/yamllint/bin -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START -WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ - jscpd \ - stylelint \ - stylelint-config-standard \ - stylelint-config-sass-guidelines \ - stylelint-scss \ - graphql \ - graphql-schema-linter \ - npm-groovy-lint \ - htmlhint \ - @prantlf/jsonlint \ - eslint \ - eslint-plugin-jsonc \ - @microsoft/eslint-formatter-sarif \ - v8r \ - prettier \ - markdownlint-cli \ - markdown-link-check \ - markdown-table-formatter \ - @stoplight/spectral-cli \ - secretlint \ - @secretlint/secretlint-rule-preset-recommend \ - @secretlint/secretlint-formatter-sarif \ - cspell \ - sql-lint \ - tekton-lint && \ - echo "Cleaning npm cache…" \ - && npm cache clean --force || true \ - && echo "Changing owner of node_modules files…" \ - && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ - && echo "Removing extra node_module files…" \ - && rm -rf /root/.npm/_cacache \ - && find . -name "*.d.ts" -delete \ - && find . -name "*.map" -delete \ - && find . -name "*.npmignore" -delete \ - && find . -name "*.travis.yml" -delete \ - && find . -name "CHANGELOG.md" -delete \ - && find . -name "README.md" -delete \ - && find . -name ".package-lock.json" -delete \ - && find . -name "package-lock.json" -delete \ - && find . -name "README.md" -delete -WORKDIR / - -#NPM__END +#PIPVENV_PATH__START +ENV PATH="${PATH}":/venvs/ansible-lint/cross/bin:/venvs/djlint/cross/bin:/venvs/checkov/cross/bin:/venvs/semgrep/cross/bin:/venvs/snakemake/cross/bin:/venvs/snakefmt/cross/bin:/venvs/proselint/cross/bin:/venvs/sqlfluff/cross/bin:/venvs/yamllint/cross/bin +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -212,136 +411,37 @@ RUN echo 'gem: --no-document' >> ~/.gemrc && \ ############################################################################################# #CARGO__START -RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable \ - && export PATH="/root/.cargo/bin:${PATH}" \ - && cargo install --force --locked sarif-fmt shellcheck-sarif \ - && rm -rf /root/.cargo/registry /root/.cargo/git /root/.cache/sccache /root/.rustup -ENV PATH="/root/.cargo/bin:${PATH}" -#CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# +#CARGO__END -#COPY__START -COPY --link --from=actionlint /usr/local/bin/actionlint /usr/bin/actionlint -# shellcheck is a dependency for actionlint - -COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck -# Next COPY line commented because already managed by another linter -# COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck -COPY --link --from=shfmt /bin/shfmt /usr/bin/ -COPY --link --from=hadolint /bin/hadolint /usr/bin/hadolint -COPY --link --from=editorconfig-checker /usr/bin/ec /usr/bin/editorconfig-checker -COPY --link --from=revive /usr/bin/revive /usr/bin/revive -COPY --link --from=kubeconform /kubeconform /usr/bin/ -COPY --link --from=checkmake /checkmake /usr/bin/checkmake -COPY --link --from=protolint /usr/local/bin/protolint /usr/bin/ -COPY --link --from=gitleaks /usr/bin/gitleaks /usr/bin/ -COPY --link --from=trufflehog /usr/bin/trufflehog /usr/bin/ -COPY --link --from=vale /bin/vale /bin/vale -COPY --link --from=lychee /usr/local/bin/lychee /usr/bin/ -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START -# actionlint installation -# Managed with COPY --link --from=actionlint /usr/local/bin/actionlint /usr/bin/actionlint -# # shellcheck is a dependency for actionlint -# Managed with COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck - -# bash-exec installation -RUN printf '#!/bin/bash \n\nif [[ -x "$1" ]]; then exit 0; else echo "Error: File:[$1] is not executable"; exit 1; fi' > /usr/bin/bash-exec \ - && chmod +x /usr/bin/bash-exec \ - -# shellcheck installation -# Managed with # Next COPY line commented because already managed by another linter -# # COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck - -# shfmt installation -# Managed with COPY --link --from=shfmt /bin/shfmt /usr/bin/ - -# hadolint installation -# Managed with COPY --link --from=hadolint /bin/hadolint /usr/bin/hadolint - -# editorconfig-checker installation -# Managed with COPY --link --from=editorconfig-checker /usr/bin/ec /usr/bin/editorconfig-checker - -# dotenv-linter installation - && wget -q -O - https://raw.githubusercontent.com/dotenv-linter/dotenv-linter/master/install.sh | sh -s \ - # golangci-lint installation - && wget -O- -nv https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh \ +RUN wget -O- -nv https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh \ && golangci-lint --version \ - -# revive installation -# Managed with COPY --link --from=revive /usr/bin/revive /usr/bin/revive - -# ktlint installation - && curl --retry 5 --retry-delay 5 -sSLO https://github.com/pinterest/ktlint/releases/latest/download/ktlint && \ - chmod a+x ktlint && \ - mv "ktlint" /usr/bin/ \ - -# kubeconform installation -# Managed with COPY --link --from=kubeconform /kubeconform /usr/bin/ - +# # kubescape installation && ln -s /lib/libc.so.6 /usr/lib/libresolv.so.2 && \ curl --retry 5 --retry-delay 5 -sLv https://raw.githubusercontent.com/kubescape/kubescape/master/install.sh | /bin/bash -s -- -v v2.3.6 \ - -# checkmake installation -# Managed with COPY --link --from=checkmake /checkmake /usr/bin/checkmake - -# protolint installation -# Managed with COPY --link --from=protolint /usr/local/bin/protolint /usr/bin/ - -# gitleaks installation -# Managed with COPY --link --from=gitleaks /usr/bin/gitleaks /usr/bin/ - +# # grype installation && curl -sSfL https://raw.githubusercontent.com/anchore/grype/main/install.sh | sh -s -- -b /usr/local/bin v0.63.1 \ - +# # trivy installation && wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin - +# # trivy-sbom installation # Next line commented because already managed by another linter # RUN wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin - -# trufflehog installation -# Managed with COPY --link --from=trufflehog /usr/bin/trufflehog /usr/bin/ - -# vale installation -# Managed with COPY --link --from=vale /bin/vale /bin/vale - -# lychee installation -# Managed with COPY --link --from=lychee /usr/local/bin/lychee /usr/bin/ - +# #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### @@ -379,7 +479,6 @@ LABEL com.github.actions.name="MegaLinter" \ org.opencontainers.image.description="Lint your code base with GitHub Actions" #EXTRA_DOCKERFILE_LINES__START -COPY entrypoint.sh /entrypoint.sh -RUN chmod +x entrypoint.sh +COPY --chmod=755 entrypoint.sh /entrypoint.sh ENTRYPOINT ["/bin/bash", "/entrypoint.sh"] #EXTRA_DOCKERFILE_LINES__END diff --git a/flavors/java/Dockerfile b/flavors/java/Dockerfile index 8941fa8918b..d11b0c5897c 100644 --- a/flavors/java/Dockerfile +++ b/flavors/java/Dockerfile @@ -21,6 +21,7 @@ FROM koalaman/shellcheck:stable as shellcheck FROM mvdan/shfmt:latest-alpine as shfmt FROM hadolint/hadolint:v2.12.0-alpine as hadolint FROM mstruebing/editorconfig-checker:2.7.0 as editorconfig-checker +FROM dotenvlinter/dotenv-linter:latest as dotenvlinter FROM ghcr.io/yannh/kubeconform:latest-alpine as kubeconform FROM mrtazz/checkmake:latest as checkmake FROM yoheimuta/protolint:latest as protolint @@ -30,18 +31,280 @@ FROM jdkato/vale:latest as vale FROM lycheeverse/lychee:latest-alpine as lychee #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START +# bash-exec installation +RUN printf '#!/bin/bash \n\nif [[ -x "$1" ]]; then exit 0; else echo "Error: File:[$1] is not executable"; exit 1; fi' > /usr/bin/bash-exec \ + && chmod +x /usr/bin/bash-exec + +# +# pmd installation +ARG PMD_VERSION=6.55.0 +RUN wget --quiet https://github.com/pmd/pmd/releases/download/pmd_releases%2F${PMD_VERSION}/pmd-bin-${PMD_VERSION}.zip && \ + unzip pmd-bin-${PMD_VERSION}.zip && \ + rm pmd-bin-${PMD_VERSION}.zip && \ + mv pmd-bin-${PMD_VERSION} /usr/bin/pmd && \ + chmod +x /usr/bin/pmd/bin/run.sh \ +# +# ktlint installation + && curl --retry 5 --retry-delay 5 -sSLO https://github.com/pinterest/ktlint/releases/latest/download/ktlint && \ + chmod a+x ktlint && \ + mv "ktlint" /usr/bin/ + +# +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START +RUN apk add --update --no-cache \ + npm +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START +WORKDIR /node-deps +RUN npm --no-cache install --ignore-scripts --omit=dev \ + jscpd \ + stylelint \ + stylelint-config-standard \ + stylelint-config-sass-guidelines \ + stylelint-scss \ + graphql \ + graphql-schema-linter \ + npm-groovy-lint \ + htmlhint \ + @prantlf/jsonlint \ + eslint \ + eslint-plugin-jsonc \ + @microsoft/eslint-formatter-sarif \ + v8r \ + prettier \ + markdownlint-cli \ + markdown-link-check \ + markdown-table-formatter \ + @stoplight/spectral-cli \ + secretlint \ + @secretlint/secretlint-rule-preset-recommend \ + @secretlint/secretlint-formatter-sarif \ + cspell \ + sql-lint \ + tekton-lint && \ + echo "Cleaning npm cache…" \ + && npm cache clean --force || true \ + && echo "Changing owner of node_modules files…" \ + && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ + && echo "Removing extra node_module files…" \ + && rm -rf /root/.npm/_cacache \ + && find . -name "*.d.ts" -delete \ + && find . -name "*.map" -delete \ + && find . -name "*.npmignore" -delete \ + && find . -name "*.travis.yml" -delete \ + && find . -name "CHANGELOG.md" -delete \ + && find . -name "README.md" -delete \ + && find . -name ".package-lock.json" -delete \ + && find . -name "package-lock.json" -delete \ + && find . -name "README.md" -delete +WORKDIR / + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START +COPY --link --from=actionlint /usr/local/bin/actionlint /usr/bin/actionlint +# shellcheck is a dependency for actionlint + +COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck +COPY --link --from=build-platform /usr/bin/bash-exec /usr/bin/bash-exec +# Next COPY line commented because already managed by another linter +# COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck +COPY --link --from=shfmt /bin/shfmt /usr/bin/ +COPY --link --from=node_modules /node-deps /node-deps +COPY --link --from=hadolint /bin/hadolint /usr/bin/hadolint +COPY --link --from=editorconfig-checker /usr/bin/ec /usr/bin/editorconfig-checker +COPY --link --from=dotenvlinter /dotenv-linter /usr/bin/dotenv-linter +COPY --link --from=build-platform /usr/bin/pmd /usr/bin/pmd +COPY --link --from=build-platform /usr/bin/ktlint /usr/bin/ktlint +COPY --link --from=kubeconform /kubeconform /usr/bin/ +COPY --link --from=checkmake /checkmake /usr/bin/checkmake +COPY --link --from=protolint /usr/local/bin/protolint /usr/bin/ +COPY --link --from=gitleaks /usr/bin/gitleaks /usr/bin/ +COPY --link --from=trufflehog /usr/bin/trufflehog /usr/bin/ +COPY --link --from=vale /bin/vale /bin/vale +COPY --link --from=lychee /usr/local/bin/lychee /usr/bin/ +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev \ + g++ \ + cmake +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START +RUN --mount=type=cache,id=pip,sharing=locked,target=/var/cache/pip,uid=0 \ + mkdir /download \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --cache-dir=/var/cache/pip --upgrade pip crossenv wheel \ +&& pip download --cache-dir=/var/cache/pip --dest "/download" \ + ansible-lint \ + djlint \ + packaging \ + checkov \ + semgrep \ + snakemake \ + snakefmt \ + proselint \ + sqlfluff \ + yamllint + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/ansible-lint" \ + && cd "/venvs/ansible-lint" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip ansible-lint +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/djlint" \ + && cd "/venvs/djlint" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip djlint +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/checkov" \ + && cd "/venvs/checkov" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip packaging checkov +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/semgrep" \ + && cd "/venvs/semgrep" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip semgrep +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/snakemake" \ + && cd "/venvs/snakemake" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip snakemake +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/snakefmt" \ + && cd "/venvs/snakefmt" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip snakefmt +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/proselint" \ + && cd "/venvs/proselint" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip proselint +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/sqlfluff" \ + && cd "/venvs/sqlfluff" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip sqlfluff +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/yamllint" \ + && cd "/venvs/yamllint" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip yamllint + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -50,7 +313,7 @@ RUN apk add --update --no-cache libc6-compat \ ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START -ARG PMD_VERSION=6.55.0 + #ARG__END #################### @@ -105,6 +368,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -112,75 +377,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START -RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir --upgrade pip virtualenv \ - && mkdir -p "/venvs/ansible-lint" && cd "/venvs/ansible-lint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir ansible-lint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/djlint" && cd "/venvs/djlint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir djlint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/checkov" && cd "/venvs/checkov" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir packaging checkov && deactivate && cd ./../.. \ - && mkdir -p "/venvs/semgrep" && cd "/venvs/semgrep" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir semgrep && deactivate && cd ./../.. \ - && mkdir -p "/venvs/snakemake" && cd "/venvs/snakemake" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir snakemake && deactivate && cd ./../.. \ - && mkdir -p "/venvs/snakefmt" && cd "/venvs/snakefmt" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir snakefmt && deactivate && cd ./../.. \ - && mkdir -p "/venvs/proselint" && cd "/venvs/proselint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir proselint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/sqlfluff" && cd "/venvs/sqlfluff" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir sqlfluff && deactivate && cd ./../.. \ - && mkdir -p "/venvs/yamllint" && cd "/venvs/yamllint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir yamllint && deactivate && cd ./../.. \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf && rm -rf /root/.cache -ENV PATH="${PATH}":/venvs/ansible-lint/bin:/venvs/djlint/bin:/venvs/checkov/bin:/venvs/semgrep/bin:/venvs/snakemake/bin:/venvs/snakefmt/bin:/venvs/proselint/bin:/venvs/sqlfluff/bin:/venvs/yamllint/bin -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START -WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ - jscpd \ - stylelint \ - stylelint-config-standard \ - stylelint-config-sass-guidelines \ - stylelint-scss \ - graphql \ - graphql-schema-linter \ - npm-groovy-lint \ - htmlhint \ - @prantlf/jsonlint \ - eslint \ - eslint-plugin-jsonc \ - @microsoft/eslint-formatter-sarif \ - v8r \ - prettier \ - markdownlint-cli \ - markdown-link-check \ - markdown-table-formatter \ - @stoplight/spectral-cli \ - secretlint \ - @secretlint/secretlint-rule-preset-recommend \ - @secretlint/secretlint-formatter-sarif \ - cspell \ - sql-lint \ - tekton-lint && \ - echo "Cleaning npm cache…" \ - && npm cache clean --force || true \ - && echo "Changing owner of node_modules files…" \ - && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ - && echo "Removing extra node_module files…" \ - && rm -rf /root/.npm/_cacache \ - && find . -name "*.d.ts" -delete \ - && find . -name "*.map" -delete \ - && find . -name "*.npmignore" -delete \ - && find . -name "*.travis.yml" -delete \ - && find . -name "CHANGELOG.md" -delete \ - && find . -name "README.md" -delete \ - && find . -name ".package-lock.json" -delete \ - && find . -name "package-lock.json" -delete \ - && find . -name "README.md" -delete -WORKDIR / - -#NPM__END +#PIPVENV_PATH__START +ENV PATH="${PATH}":/venvs/ansible-lint/cross/bin:/venvs/djlint/cross/bin:/venvs/checkov/cross/bin:/venvs/semgrep/cross/bin:/venvs/snakemake/cross/bin:/venvs/snakefmt/cross/bin:/venvs/proselint/cross/bin:/venvs/sqlfluff/cross/bin:/venvs/yamllint/cross/bin +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -205,37 +404,11 @@ RUN echo 'gem: --no-document' >> ~/.gemrc && \ ############################################################################################# #CARGO__START -RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable \ - && export PATH="/root/.cargo/bin:${PATH}" \ - && cargo install --force --locked sarif-fmt shellcheck-sarif \ - && rm -rf /root/.cargo/registry /root/.cargo/git /root/.cache/sccache /root/.rustup -ENV PATH="/root/.cargo/bin:${PATH}" -#CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# +#CARGO__END -#COPY__START -COPY --link --from=actionlint /usr/local/bin/actionlint /usr/bin/actionlint -# shellcheck is a dependency for actionlint - -COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck -# Next COPY line commented because already managed by another linter -# COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck -COPY --link --from=shfmt /bin/shfmt /usr/bin/ -COPY --link --from=hadolint /bin/hadolint /usr/bin/hadolint -COPY --link --from=editorconfig-checker /usr/bin/ec /usr/bin/editorconfig-checker -COPY --link --from=kubeconform /kubeconform /usr/bin/ -COPY --link --from=checkmake /checkmake /usr/bin/checkmake -COPY --link --from=protolint /usr/local/bin/protolint /usr/bin/ -COPY --link --from=gitleaks /usr/bin/gitleaks /usr/bin/ -COPY --link --from=trufflehog /usr/bin/trufflehog /usr/bin/ -COPY --link --from=vale /bin/vale /bin/vale -COPY --link --from=lychee /usr/local/bin/lychee /usr/bin/ -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## @@ -283,46 +456,22 @@ RUN ALPINE_GLIBC_BASE_URL="https://github.com/sgerrand/alpine-pkg-glibc/releases "$ALPINE_GLIBC_BIN_PACKAGE_FILENAME" \ "$ALPINE_GLIBC_I18N_PACKAGE_FILENAME" - +# # JAVA installation ENV JAVA_HOME=/usr/lib/jvm/java-11-openjdk ENV PATH="$JAVA_HOME/bin:${PATH}" - -# actionlint installation -# Managed with COPY --link --from=actionlint /usr/local/bin/actionlint /usr/bin/actionlint -# # shellcheck is a dependency for actionlint -# Managed with COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck - -# bash-exec installation -RUN printf '#!/bin/bash \n\nif [[ -x "$1" ]]; then exit 0; else echo "Error: File:[$1] is not executable"; exit 1; fi' > /usr/bin/bash-exec \ - && chmod +x /usr/bin/bash-exec \ - -# shellcheck installation -# Managed with # Next COPY line commented because already managed by another linter -# # COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck - -# shfmt installation -# Managed with COPY --link --from=shfmt /bin/shfmt /usr/bin/ - +# # clj-kondo installation - && curl --retry 5 --retry-delay 5 -sLO https://raw.githubusercontent.com/clj-kondo/clj-kondo/master/script/install-clj-kondo \ +RUN curl --retry 5 --retry-delay 5 -sLO https://raw.githubusercontent.com/clj-kondo/clj-kondo/master/script/install-clj-kondo \ && chmod +x install-clj-kondo \ && ./install-clj-kondo \ - +# # cljstyle installation && curl --retry 5 --retry-delay 5 -sLO https://raw.githubusercontent.com/greglook/cljstyle/main/script/install-cljstyle \ && chmod +x install-cljstyle \ - && ./install-cljstyle \ - -# hadolint installation -# Managed with COPY --link --from=hadolint /bin/hadolint /usr/bin/hadolint - -# editorconfig-checker installation -# Managed with COPY --link --from=editorconfig-checker /usr/bin/ec /usr/bin/editorconfig-checker - -# dotenv-linter installation - && wget -q -O - https://raw.githubusercontent.com/dotenv-linter/dotenv-linter/master/install.sh | sh -s + && ./install-cljstyle +# # checkstyle installation RUN --mount=type=secret,id=GITHUB_TOKEN CHECKSTYLE_LATEST=$(curl -s \ -H "Accept: application/vnd.github+json" \ @@ -334,75 +483,24 @@ RUN --mount=type=secret,id=GITHUB_TOKEN CHECKSTYLE_LATEST=$(curl -s \ && curl --retry 5 --retry-delay 5 -sSL $CHECKSTYLE_LATEST \ --output /usr/bin/checkstyle - -# pmd installation -RUN wget --quiet https://github.com/pmd/pmd/releases/download/pmd_releases%2F${PMD_VERSION}/pmd-bin-${PMD_VERSION}.zip && \ - unzip pmd-bin-${PMD_VERSION}.zip && \ - rm pmd-bin-${PMD_VERSION}.zip && \ - mv pmd-bin-${PMD_VERSION} /usr/bin/pmd && \ - chmod +x /usr/bin/pmd/bin/run.sh \ - -# ktlint installation - && curl --retry 5 --retry-delay 5 -sSLO https://github.com/pinterest/ktlint/releases/latest/download/ktlint && \ - chmod a+x ktlint && \ - mv "ktlint" /usr/bin/ \ - -# kubeconform installation -# Managed with COPY --link --from=kubeconform /kubeconform /usr/bin/ - +# # kubescape installation - && ln -s /lib/libc.so.6 /usr/lib/libresolv.so.2 && \ +RUN ln -s /lib/libc.so.6 /usr/lib/libresolv.so.2 && \ curl --retry 5 --retry-delay 5 -sLv https://raw.githubusercontent.com/kubescape/kubescape/master/install.sh | /bin/bash -s -- -v v2.3.6 \ - -# checkmake installation -# Managed with COPY --link --from=checkmake /checkmake /usr/bin/checkmake - -# protolint installation -# Managed with COPY --link --from=protolint /usr/local/bin/protolint /usr/bin/ - -# gitleaks installation -# Managed with COPY --link --from=gitleaks /usr/bin/gitleaks /usr/bin/ - +# # grype installation && curl -sSfL https://raw.githubusercontent.com/anchore/grype/main/install.sh | sh -s -- -b /usr/local/bin v0.63.1 \ - +# # trivy installation && wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin - +# # trivy-sbom installation # Next line commented because already managed by another linter # RUN wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin - -# trufflehog installation -# Managed with COPY --link --from=trufflehog /usr/bin/trufflehog /usr/bin/ - -# vale installation -# Managed with COPY --link --from=vale /bin/vale /bin/vale - -# lychee installation -# Managed with COPY --link --from=lychee /usr/local/bin/lychee /usr/bin/ - +# #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### @@ -440,7 +538,6 @@ LABEL com.github.actions.name="MegaLinter" \ org.opencontainers.image.description="Lint your code base with GitHub Actions" #EXTRA_DOCKERFILE_LINES__START -COPY entrypoint.sh /entrypoint.sh -RUN chmod +x entrypoint.sh +COPY --chmod=755 entrypoint.sh /entrypoint.sh ENTRYPOINT ["/bin/bash", "/entrypoint.sh"] #EXTRA_DOCKERFILE_LINES__END diff --git a/flavors/javascript/Dockerfile b/flavors/javascript/Dockerfile index d2113d52d7a..0b29aed945d 100644 --- a/flavors/javascript/Dockerfile +++ b/flavors/javascript/Dockerfile @@ -21,6 +21,7 @@ FROM koalaman/shellcheck:stable as shellcheck FROM mvdan/shfmt:latest-alpine as shfmt FROM hadolint/hadolint:v2.12.0-alpine as hadolint FROM mstruebing/editorconfig-checker:2.7.0 as editorconfig-checker +FROM dotenvlinter/dotenv-linter:latest as dotenvlinter FROM ghcr.io/yannh/kubeconform:latest-alpine as kubeconform FROM yoheimuta/protolint:latest as protolint FROM zricethezav/gitleaks:v8.17.0 as gitleaks @@ -29,102 +30,34 @@ FROM jdkato/vale:latest as vale FROM lycheeverse/lychee:latest-alpine as lychee #FROM__END -################## -# Get base image # -################## -# https://stackoverflow.com/a/73711302/699056 -FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu - -FROM python:3.11.4-alpine3.17 -ARG GITHUB_TOKEN - -# https://stackoverflow.com/a/73711302/699056 -COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ -# https://stackoverflow.com/a/73711302/699056 -RUN apk add --update --no-cache libc6-compat \ - gcompat \ - qemu-x86_64 +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# -#ARG__START - -#ARG__END - -#################### -# Run APK installs # -#################### - -WORKDIR / +#BUILD_PLATFORM_APK__START -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# -#APK__START -RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ - openjdk11 \ - py3-pyflakes \ - nodejs \ - npm \ - yarn \ - helm \ - gcompat \ - libc6-compat \ - libstdc++ \ - libc-dev \ - libxml2-dev \ - libxml2-utils \ - libgcc \ - nodejs-current \ - ruby \ - ruby-dev \ - ruby-bundler \ - ruby-rdoc \ - && git config --global core.autocrlf true -#APK__END +#BUILD_PLATFORM_APK__END -# PATH for golang & python -ENV GOROOT=/usr/lib/go \ - GOPATH=/go - # PYTHONPYCACHEPREFIX="$HOME/.cache/cpython/" NV: not working for all packages :/ -# hadolint ignore=DL3044 -ENV PATH="$PATH":"$GOROOT"/bin:"$GOPATH"/bin -RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ - # Ignore npm package issues - yarn config set ignore-engines true || true +#BUILD_PLATFORM_OTHER__START +# bash-exec installation +RUN printf '#!/bin/bash \n\nif [[ -x "$1" ]]; then exit 0; else echo "Error: File:[$1] is not executable"; exit 1; fi' > /usr/bin/bash-exec \ + && chmod +x /usr/bin/bash-exec \ +# +# ktlint installation + && curl --retry 5 --retry-delay 5 -sSLO https://github.com/pinterest/ktlint/releases/latest/download/ktlint && \ + chmod a+x ktlint && \ + mv "ktlint" /usr/bin/ -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# -#PIP__START +# +#BUILD_PLATFORM_OTHER__END -#PIP__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules -#PIPVENV__START -RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir --upgrade pip virtualenv \ - && mkdir -p "/venvs/ansible-lint" && cd "/venvs/ansible-lint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir ansible-lint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/djlint" && cd "/venvs/djlint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir djlint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/checkov" && cd "/venvs/checkov" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir packaging checkov && deactivate && cd ./../.. \ - && mkdir -p "/venvs/semgrep" && cd "/venvs/semgrep" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir semgrep && deactivate && cd ./../.. \ - && mkdir -p "/venvs/snakemake" && cd "/venvs/snakemake" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir snakemake && deactivate && cd ./../.. \ - && mkdir -p "/venvs/snakefmt" && cd "/venvs/snakefmt" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir snakefmt && deactivate && cd ./../.. \ - && mkdir -p "/venvs/proselint" && cd "/venvs/proselint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir proselint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/sqlfluff" && cd "/venvs/sqlfluff" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir sqlfluff && deactivate && cd ./../.. \ - && mkdir -p "/venvs/yamllint" && cd "/venvs/yamllint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir yamllint && deactivate && cd ./../.. \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf && rm -rf /root/.cache -ENV PATH="${PATH}":/venvs/ansible-lint/bin:/venvs/djlint/bin:/venvs/checkov/bin:/venvs/semgrep/bin:/venvs/snakemake/bin:/venvs/snakefmt/bin:/venvs/proselint/bin:/venvs/sqlfluff/bin:/venvs/yamllint/bin -#PIPVENV__END +#NPM_APK__START +RUN apk add --update --no-cache \ + npm +#NPM_APK__END ############################ # Install NPM dependencies # @@ -203,35 +136,7 @@ WORKDIR / #NPM__END -# Add node packages to path # -ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ - NODE_PATH="/node-deps/node_modules" - -############################## -# Installs ruby dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#GEM__START -RUN echo 'gem: --no-document' >> ~/.gemrc && \ - gem install \ - scss_lint -#GEM__END - -############################## -# Installs rust dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#CARGO__START -RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable \ - && export PATH="/root/.cargo/bin:${PATH}" \ - && cargo install --force --locked sarif-fmt shellcheck-sarif \ - && rm -rf /root/.cargo/registry /root/.cargo/git /root/.cache/sccache /root/.rustup -ENV PATH="/root/.cargo/bin:${PATH}" -#CARGO__END +FROM scratch AS copy-collector ############################## # COPY instructions # @@ -240,15 +145,19 @@ ENV PATH="/root/.cargo/bin:${PATH}" ############################################################################################# #COPY__START +COPY --link --from=node_modules /node-deps /node-deps COPY --link --from=actionlint /usr/local/bin/actionlint /usr/bin/actionlint # shellcheck is a dependency for actionlint COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck +COPY --link --from=build-platform /usr/bin/bash-exec /usr/bin/bash-exec # Next COPY line commented because already managed by another linter # COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck COPY --link --from=shfmt /bin/shfmt /usr/bin/ COPY --link --from=hadolint /bin/hadolint /usr/bin/hadolint COPY --link --from=editorconfig-checker /usr/bin/ec /usr/bin/editorconfig-checker +COPY --link --from=dotenvlinter /dotenv-linter /usr/bin/dotenv-linter +COPY --link --from=build-platform /usr/bin/ktlint /usr/bin/ktlint COPY --link --from=kubeconform /kubeconform /usr/bin/ COPY --link --from=protolint /usr/local/bin/protolint /usr/bin/ COPY --link --from=gitleaks /usr/bin/gitleaks /usr/bin/ @@ -257,92 +166,280 @@ COPY --link --from=vale /bin/vale /bin/vale COPY --link --from=lychee /usr/local/bin/lychee /usr/bin/ #COPY__END +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# -#OTHER__START -# actionlint installation -# Managed with COPY --link --from=actionlint /usr/local/bin/actionlint /usr/bin/actionlint -# # shellcheck is a dependency for actionlint -# Managed with COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck -# bash-exec installation -RUN printf '#!/bin/bash \n\nif [[ -x "$1" ]]; then exit 0; else echo "Error: File:[$1] is not executable"; exit 1; fi' > /usr/bin/bash-exec \ - && chmod +x /usr/bin/bash-exec \ +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev \ + g++ \ + cmake +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START +RUN --mount=type=cache,id=pip,sharing=locked,target=/var/cache/pip,uid=0 \ + mkdir /download \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --cache-dir=/var/cache/pip --upgrade pip crossenv wheel \ +&& pip download --cache-dir=/var/cache/pip --dest "/download" \ + ansible-lint \ + djlint \ + packaging \ + checkov \ + semgrep \ + snakemake \ + snakefmt \ + proselint \ + sqlfluff \ + yamllint + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# -# shellcheck installation -# Managed with # Next COPY line commented because already managed by another linter -# # COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck +#PIPVENV__START +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/ansible-lint" \ + && cd "/venvs/ansible-lint" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip ansible-lint +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/djlint" \ + && cd "/venvs/djlint" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip djlint +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/checkov" \ + && cd "/venvs/checkov" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip packaging checkov +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/semgrep" \ + && cd "/venvs/semgrep" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip semgrep +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/snakemake" \ + && cd "/venvs/snakemake" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip snakemake +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/snakefmt" \ + && cd "/venvs/snakefmt" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip snakefmt +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/proselint" \ + && cd "/venvs/proselint" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip proselint +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/sqlfluff" \ + && cd "/venvs/sqlfluff" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip sqlfluff +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/yamllint" \ + && cd "/venvs/yamllint" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip yamllint -# shfmt installation -# Managed with COPY --link --from=shfmt /bin/shfmt /usr/bin/ +#PIPVENV__END -# hadolint installation -# Managed with COPY --link --from=hadolint /bin/hadolint /usr/bin/hadolint +################## +# Get base image # +################## + # https://stackoverflow.com/a/73711302/699056 +FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -# editorconfig-checker installation -# Managed with COPY --link --from=editorconfig-checker /usr/bin/ec /usr/bin/editorconfig-checker +FROM python:3.11.3-alpine3.17 AS final +ARG GITHUB_TOKEN -# dotenv-linter installation - && wget -q -O - https://raw.githubusercontent.com/dotenv-linter/dotenv-linter/master/install.sh | sh -s \ +# https://stackoverflow.com/a/73711302/699056 +COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ +# https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 +RUN apk add --update --no-cache libc6-compat \ + gcompat \ + qemu-x86_64 -# ktlint installation - && curl --retry 5 --retry-delay 5 -sSLO https://github.com/pinterest/ktlint/releases/latest/download/ktlint && \ - chmod a+x ktlint && \ - mv "ktlint" /usr/bin/ \ +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#ARG__START -# kubeconform installation -# Managed with COPY --link --from=kubeconform /kubeconform /usr/bin/ +#ARG__END -# kubescape installation - && ln -s /lib/libc.so.6 /usr/lib/libresolv.so.2 && \ - curl --retry 5 --retry-delay 5 -sLv https://raw.githubusercontent.com/kubescape/kubescape/master/install.sh | /bin/bash -s -- -v v2.3.6 \ +#################### +# Run APK installs # +#################### -# protolint installation -# Managed with COPY --link --from=protolint /usr/local/bin/protolint /usr/bin/ +WORKDIR / -# gitleaks installation -# Managed with COPY --link --from=gitleaks /usr/bin/gitleaks /usr/bin/ +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#APK__START +RUN apk add --no-cache \ + bash \ + ca-certificates \ + curl \ + gcc \ + git \ + git-lfs \ + libffi-dev \ + make \ + musl-dev \ + openssh \ + openjdk11 \ + py3-pyflakes \ + nodejs \ + npm \ + yarn \ + helm \ + gcompat \ + libc6-compat \ + libstdc++ \ + libc-dev \ + libxml2-dev \ + libxml2-utils \ + libgcc \ + nodejs-current \ + ruby \ + ruby-dev \ + ruby-bundler \ + ruby-rdoc \ + && git config --global core.autocrlf true +#APK__END -# grype installation - && curl -sSfL https://raw.githubusercontent.com/anchore/grype/main/install.sh | sh -s -- -b /usr/local/bin v0.63.1 \ +# PATH for golang & python +ENV GOROOT=/usr/lib/go \ + GOPATH=/go + # PYTHONPYCACHEPREFIX="$HOME/.cache/cpython/" NV: not working for all packages :/ +# hadolint ignore=DL3044 +ENV PATH="$PATH":"$GOROOT"/bin:"$GOPATH"/bin +RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ + # Ignore npm package issues + yarn config set ignore-engines true || true -# trivy installation - && wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin +COPY --link --from=python-venv /venvs /venvs +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#PIP__START -# trivy-sbom installation -# Next line commented because already managed by another linter -# RUN wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin +#PIP__END -# trufflehog installation -# Managed with COPY --link --from=trufflehog /usr/bin/trufflehog /usr/bin/ +#PIPVENV_PATH__START +ENV PATH="${PATH}":/venvs/ansible-lint/cross/bin:/venvs/djlint/cross/bin:/venvs/checkov/cross/bin:/venvs/semgrep/cross/bin:/venvs/snakemake/cross/bin:/venvs/snakefmt/cross/bin:/venvs/proselint/cross/bin:/venvs/sqlfluff/cross/bin:/venvs/yamllint/cross/bin +#PIPVENV_PATH__END -# vale installation -# Managed with COPY --link --from=vale /bin/vale /bin/vale +# Add node packages to path # +ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ + NODE_PATH="/node-deps/node_modules" -# lychee installation -# Managed with COPY --link --from=lychee /usr/local/bin/lychee /usr/bin/ +############################## +# Installs ruby dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# -#OTHER__END +#GEM__START +RUN echo 'gem: --no-document' >> ~/.gemrc && \ + gem install \ + scss_lint +#GEM__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf +############################## +# Installs rust dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation +#CARGO__START + +#CARGO__END + +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / -# Copy server scripts -COPY server /server +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#OTHER__START +# kubescape installation +RUN ln -s /lib/libc.so.6 /usr/lib/libresolv.so.2 && \ + curl --retry 5 --retry-delay 5 -sLv https://raw.githubusercontent.com/kubescape/kubescape/master/install.sh | /bin/bash -s -- -v v2.3.6 \ +# +# grype installation + && curl -sSfL https://raw.githubusercontent.com/anchore/grype/main/install.sh | sh -s -- -b /usr/local/bin v0.63.1 \ +# +# trivy installation + && wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin + +# +# trivy-sbom installation +# Next line commented because already managed by another linter +# RUN wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin +# +#OTHER__END ########################### # Get the build arguments # @@ -381,7 +478,6 @@ LABEL com.github.actions.name="MegaLinter" \ org.opencontainers.image.description="Lint your code base with GitHub Actions" #EXTRA_DOCKERFILE_LINES__START -COPY entrypoint.sh /entrypoint.sh -RUN chmod +x entrypoint.sh +COPY --chmod=755 entrypoint.sh /entrypoint.sh ENTRYPOINT ["/bin/bash", "/entrypoint.sh"] #EXTRA_DOCKERFILE_LINES__END diff --git a/flavors/php/Dockerfile b/flavors/php/Dockerfile index 07a21c69d6b..7434771dbb9 100644 --- a/flavors/php/Dockerfile +++ b/flavors/php/Dockerfile @@ -21,6 +21,7 @@ FROM koalaman/shellcheck:stable as shellcheck FROM mvdan/shfmt:latest-alpine as shfmt FROM hadolint/hadolint:v2.12.0-alpine as hadolint FROM mstruebing/editorconfig-checker:2.7.0 as editorconfig-checker +FROM dotenvlinter/dotenv-linter:latest as dotenvlinter FROM ghcr.io/yannh/kubeconform:latest-alpine as kubeconform FROM ghcr.io/phpstan/phpstan:latest-php8.1 as phpstan FROM yoheimuta/protolint:latest as protolint @@ -30,18 +31,288 @@ FROM jdkato/vale:latest as vale FROM lycheeverse/lychee:latest-alpine as lychee #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START +RUN apk add --update --no-cache \ + gnupg +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START +# PHP installation +RUN --mount=type=secret,id=GITHUB_TOKEN GITHUB_AUTH_TOKEN="$(cat /run/secrets/GITHUB_TOKEN)" \ + && export GITHUB_AUTH_TOKEN \ + && wget --tries=5 -q -O phive.phar https://phar.io/releases/phive.phar \ + && wget --tries=5 -q -O phive.phar.asc https://phar.io/releases/phive.phar.asc \ + && PHAR_KEY_ID="0x9D8A98B29B2D5D79" \ + && ( gpg --keyserver keyserver.pgp.com --recv-keys "$PHAR_KEY_ID" \ + || gpg --keyserver ha.pool.sks-keyservers.net --recv-keys "$PHAR_KEY_ID" \ + || gpg --keyserver pgp.mit.edu --recv-keys "$PHAR_KEY_ID" \ + || gpg --keyserver hkps://keyserver.ubuntu.com --recv-keys "$PHAR_KEY_ID" ) \ + && gpg --verify phive.phar.asc phive.phar \ + && chmod +x phive.phar \ + && mv phive.phar /usr/local/bin/phive \ + && rm phive.phar.asc + +# +# bash-exec installation +RUN printf '#!/bin/bash \n\nif [[ -x "$1" ]]; then exit 0; else echo "Error: File:[$1] is not executable"; exit 1; fi' > /usr/bin/bash-exec \ + && chmod +x /usr/bin/bash-exec \ +# +# ktlint installation + && curl --retry 5 --retry-delay 5 -sSLO https://github.com/pinterest/ktlint/releases/latest/download/ktlint && \ + chmod a+x ktlint && \ + mv "ktlint" /usr/bin/ + +# +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START +RUN apk add --update --no-cache \ + npm +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START +WORKDIR /node-deps +RUN npm --no-cache install --ignore-scripts --omit=dev \ + jscpd \ + stylelint \ + stylelint-config-standard \ + stylelint-config-sass-guidelines \ + stylelint-scss \ + graphql \ + graphql-schema-linter \ + npm-groovy-lint \ + htmlhint \ + @prantlf/jsonlint \ + eslint \ + eslint-plugin-jsonc \ + @microsoft/eslint-formatter-sarif \ + v8r \ + prettier \ + markdownlint-cli \ + markdown-link-check \ + markdown-table-formatter \ + @stoplight/spectral-cli \ + secretlint \ + @secretlint/secretlint-rule-preset-recommend \ + @secretlint/secretlint-formatter-sarif \ + cspell \ + sql-lint \ + tekton-lint && \ + echo "Cleaning npm cache…" \ + && npm cache clean --force || true \ + && echo "Changing owner of node_modules files…" \ + && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ + && echo "Removing extra node_module files…" \ + && rm -rf /root/.npm/_cacache \ + && find . -name "*.d.ts" -delete \ + && find . -name "*.map" -delete \ + && find . -name "*.npmignore" -delete \ + && find . -name "*.travis.yml" -delete \ + && find . -name "CHANGELOG.md" -delete \ + && find . -name "README.md" -delete \ + && find . -name ".package-lock.json" -delete \ + && find . -name "package-lock.json" -delete \ + && find . -name "README.md" -delete +WORKDIR / + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START +COPY --link --from=build-platform /usr/local/bin/phive /usr/local/bin/phive +COPY --link --from=actionlint /usr/local/bin/actionlint /usr/bin/actionlint +# shellcheck is a dependency for actionlint + +COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck +COPY --link --from=build-platform /usr/bin/bash-exec /usr/bin/bash-exec +# Next COPY line commented because already managed by another linter +# COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck +COPY --link --from=shfmt /bin/shfmt /usr/bin/ +COPY --link --from=node_modules /node-deps /node-deps +COPY --link --from=hadolint /bin/hadolint /usr/bin/hadolint +COPY --link --from=editorconfig-checker /usr/bin/ec /usr/bin/editorconfig-checker +COPY --link --from=dotenvlinter /dotenv-linter /usr/bin/dotenv-linter +COPY --link --from=build-platform /usr/bin/ktlint /usr/bin/ktlint +COPY --link --from=kubeconform /kubeconform /usr/bin/ +COPY --link --chmod=755 --from=phpstan /composer/vendor/phpstan/phpstan/phpstan.phar /usr/bin/phpstan +COPY --link --from=protolint /usr/local/bin/protolint /usr/bin/ +COPY --link --from=gitleaks /usr/bin/gitleaks /usr/bin/ +COPY --link --from=trufflehog /usr/bin/trufflehog /usr/bin/ +COPY --link --from=vale /bin/vale /bin/vale +COPY --link --from=lychee /usr/local/bin/lychee /usr/bin/ +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev \ + g++ \ + cmake +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START +RUN --mount=type=cache,id=pip,sharing=locked,target=/var/cache/pip,uid=0 \ + mkdir /download \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --cache-dir=/var/cache/pip --upgrade pip crossenv wheel \ +&& pip download --cache-dir=/var/cache/pip --dest "/download" \ + ansible-lint \ + djlint \ + packaging \ + checkov \ + semgrep \ + snakemake \ + snakefmt \ + proselint \ + sqlfluff \ + yamllint + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/ansible-lint" \ + && cd "/venvs/ansible-lint" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip ansible-lint +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/djlint" \ + && cd "/venvs/djlint" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip djlint +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/checkov" \ + && cd "/venvs/checkov" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip packaging checkov +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/semgrep" \ + && cd "/venvs/semgrep" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip semgrep +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/snakemake" \ + && cd "/venvs/snakemake" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip snakemake +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/snakefmt" \ + && cd "/venvs/snakefmt" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip snakefmt +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/proselint" \ + && cd "/venvs/proselint" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip proselint +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/sqlfluff" \ + && cd "/venvs/sqlfluff" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip sqlfluff +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/yamllint" \ + && cd "/venvs/yamllint" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip yamllint + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -116,6 +387,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -123,75 +396,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START -RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir --upgrade pip virtualenv \ - && mkdir -p "/venvs/ansible-lint" && cd "/venvs/ansible-lint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir ansible-lint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/djlint" && cd "/venvs/djlint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir djlint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/checkov" && cd "/venvs/checkov" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir packaging checkov && deactivate && cd ./../.. \ - && mkdir -p "/venvs/semgrep" && cd "/venvs/semgrep" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir semgrep && deactivate && cd ./../.. \ - && mkdir -p "/venvs/snakemake" && cd "/venvs/snakemake" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir snakemake && deactivate && cd ./../.. \ - && mkdir -p "/venvs/snakefmt" && cd "/venvs/snakefmt" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir snakefmt && deactivate && cd ./../.. \ - && mkdir -p "/venvs/proselint" && cd "/venvs/proselint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir proselint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/sqlfluff" && cd "/venvs/sqlfluff" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir sqlfluff && deactivate && cd ./../.. \ - && mkdir -p "/venvs/yamllint" && cd "/venvs/yamllint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir yamllint && deactivate && cd ./../.. \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf && rm -rf /root/.cache -ENV PATH="${PATH}":/venvs/ansible-lint/bin:/venvs/djlint/bin:/venvs/checkov/bin:/venvs/semgrep/bin:/venvs/snakemake/bin:/venvs/snakefmt/bin:/venvs/proselint/bin:/venvs/sqlfluff/bin:/venvs/yamllint/bin -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START -WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ - jscpd \ - stylelint \ - stylelint-config-standard \ - stylelint-config-sass-guidelines \ - stylelint-scss \ - graphql \ - graphql-schema-linter \ - npm-groovy-lint \ - htmlhint \ - @prantlf/jsonlint \ - eslint \ - eslint-plugin-jsonc \ - @microsoft/eslint-formatter-sarif \ - v8r \ - prettier \ - markdownlint-cli \ - markdown-link-check \ - markdown-table-formatter \ - @stoplight/spectral-cli \ - secretlint \ - @secretlint/secretlint-rule-preset-recommend \ - @secretlint/secretlint-formatter-sarif \ - cspell \ - sql-lint \ - tekton-lint && \ - echo "Cleaning npm cache…" \ - && npm cache clean --force || true \ - && echo "Changing owner of node_modules files…" \ - && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ - && echo "Removing extra node_module files…" \ - && rm -rf /root/.npm/_cacache \ - && find . -name "*.d.ts" -delete \ - && find . -name "*.map" -delete \ - && find . -name "*.npmignore" -delete \ - && find . -name "*.travis.yml" -delete \ - && find . -name "CHANGELOG.md" -delete \ - && find . -name "README.md" -delete \ - && find . -name ".package-lock.json" -delete \ - && find . -name "package-lock.json" -delete \ - && find . -name "README.md" -delete -WORKDIR / - -#NPM__END +#PIPVENV_PATH__START +ENV PATH="${PATH}":/venvs/ansible-lint/cross/bin:/venvs/djlint/cross/bin:/venvs/checkov/cross/bin:/venvs/semgrep/cross/bin:/venvs/snakemake/cross/bin:/venvs/snakefmt/cross/bin:/venvs/proselint/cross/bin:/venvs/sqlfluff/cross/bin:/venvs/yamllint/cross/bin +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -216,159 +423,49 @@ RUN echo 'gem: --no-document' >> ~/.gemrc && \ ############################################################################################# #CARGO__START -RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable \ - && export PATH="/root/.cargo/bin:${PATH}" \ - && cargo install --force --locked sarif-fmt shellcheck-sarif \ - && rm -rf /root/.cargo/registry /root/.cargo/git /root/.cache/sccache /root/.rustup -ENV PATH="/root/.cargo/bin:${PATH}" -#CARGO__END - -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# -#COPY__START -COPY --link --from=actionlint /usr/local/bin/actionlint /usr/bin/actionlint -# shellcheck is a dependency for actionlint +#CARGO__END -COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck -# Next COPY line commented because already managed by another linter -# COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck -COPY --link --from=shfmt /bin/shfmt /usr/bin/ -COPY --link --from=hadolint /bin/hadolint /usr/bin/hadolint -COPY --link --from=editorconfig-checker /usr/bin/ec /usr/bin/editorconfig-checker -COPY --link --from=kubeconform /kubeconform /usr/bin/ -COPY --link --from=phpstan /composer/vendor/phpstan/phpstan/phpstan.phar /usr/bin/phpstan -COPY --link --from=protolint /usr/local/bin/protolint /usr/bin/ -COPY --link --from=gitleaks /usr/bin/gitleaks /usr/bin/ -COPY --link --from=trufflehog /usr/bin/trufflehog /usr/bin/ -COPY --link --from=vale /bin/vale /bin/vale -COPY --link --from=lychee /usr/local/bin/lychee /usr/bin/ -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START # PHP installation -RUN --mount=type=secret,id=GITHUB_TOKEN GITHUB_AUTH_TOKEN="$(cat /run/secrets/GITHUB_TOKEN)" \ - && export GITHUB_AUTH_TOKEN \ - && wget --tries=5 -q -O phive.phar https://phar.io/releases/phive.phar \ - && wget --tries=5 -q -O phive.phar.asc https://phar.io/releases/phive.phar.asc \ - && PHAR_KEY_ID="0x9D8A98B29B2D5D79" \ - && ( gpg --keyserver keyserver.pgp.com --recv-keys "$PHAR_KEY_ID" \ - || gpg --keyserver ha.pool.sks-keyservers.net --recv-keys "$PHAR_KEY_ID" \ - || gpg --keyserver pgp.mit.edu --recv-keys "$PHAR_KEY_ID" \ - || gpg --keyserver hkps://keyserver.ubuntu.com --recv-keys "$PHAR_KEY_ID" ) \ - && gpg --verify phive.phar.asc phive.phar \ - && chmod +x phive.phar \ - && mv phive.phar /usr/local/bin/phive \ - && rm phive.phar.asc \ - && update-alternatives --install /usr/bin/php php /usr/bin/php81 110 - - -# actionlint installation -# Managed with COPY --link --from=actionlint /usr/local/bin/actionlint /usr/bin/actionlint -# # shellcheck is a dependency for actionlint -# Managed with COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck - -# bash-exec installation -RUN printf '#!/bin/bash \n\nif [[ -x "$1" ]]; then exit 0; else echo "Error: File:[$1] is not executable"; exit 1; fi' > /usr/bin/bash-exec \ - && chmod +x /usr/bin/bash-exec \ - -# shellcheck installation -# Managed with # Next COPY line commented because already managed by another linter -# # COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck - -# shfmt installation -# Managed with COPY --link --from=shfmt /bin/shfmt /usr/bin/ - -# hadolint installation -# Managed with COPY --link --from=hadolint /bin/hadolint /usr/bin/hadolint - -# editorconfig-checker installation -# Managed with COPY --link --from=editorconfig-checker /usr/bin/ec /usr/bin/editorconfig-checker - -# dotenv-linter installation - && wget -q -O - https://raw.githubusercontent.com/dotenv-linter/dotenv-linter/master/install.sh | sh -s \ - -# ktlint installation - && curl --retry 5 --retry-delay 5 -sSLO https://github.com/pinterest/ktlint/releases/latest/download/ktlint && \ - chmod a+x ktlint && \ - mv "ktlint" /usr/bin/ \ - -# kubeconform installation -# Managed with COPY --link --from=kubeconform /kubeconform /usr/bin/ - +RUN update-alternatives --install /usr/bin/php php /usr/bin/php81 110 \ +# # kubescape installation && ln -s /lib/libc.so.6 /usr/lib/libresolv.so.2 && \ curl --retry 5 --retry-delay 5 -sLv https://raw.githubusercontent.com/kubescape/kubescape/master/install.sh | /bin/bash -s -- -v v2.3.6 - +# # phpcs installation RUN --mount=type=secret,id=GITHUB_TOKEN GITHUB_AUTH_TOKEN="$(cat /run/secrets/GITHUB_TOKEN)" && export GITHUB_AUTH_TOKEN && phive --no-progress install phpcs -g --trust-gpg-keys 31C7E470E2138192 - -# phpstan installation -# Managed with COPY --link --from=phpstan /composer/vendor/phpstan/phpstan/phpstan.phar /usr/bin/phpstan -RUN chmod +x /usr/bin/phpstan - +# # psalm installation RUN --mount=type=secret,id=GITHUB_TOKEN GITHUB_AUTH_TOKEN="$(cat /run/secrets/GITHUB_TOKEN)" && export GITHUB_AUTH_TOKEN && phive --no-progress install psalm -g --trust-gpg-keys 8A03EA3B385DBAA1,12CE0F1D262429A5 - +# # phplint installation RUN --mount=type=secret,id=GITHUB_TOKEN GITHUB_AUTH_TOKEN="$(cat /run/secrets/GITHUB_TOKEN)" && export GITHUB_AUTH_TOKEN && phive --no-progress install overtrue/phplint --force-accept-unsigned -g - -# protolint installation -# Managed with COPY --link --from=protolint /usr/local/bin/protolint /usr/bin/ - -# gitleaks installation -# Managed with COPY --link --from=gitleaks /usr/bin/gitleaks /usr/bin/ - +# # grype installation RUN curl -sSfL https://raw.githubusercontent.com/anchore/grype/main/install.sh | sh -s -- -b /usr/local/bin v0.63.1 \ - +# # trivy installation && wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin - +# # trivy-sbom installation # Next line commented because already managed by another linter # RUN wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin - -# trufflehog installation -# Managed with COPY --link --from=trufflehog /usr/bin/trufflehog /usr/bin/ - -# vale installation -# Managed with COPY --link --from=vale /bin/vale /bin/vale - -# lychee installation -# Managed with COPY --link --from=lychee /usr/local/bin/lychee /usr/bin/ - +# #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### @@ -406,7 +503,6 @@ LABEL com.github.actions.name="MegaLinter" \ org.opencontainers.image.description="Lint your code base with GitHub Actions" #EXTRA_DOCKERFILE_LINES__START -COPY entrypoint.sh /entrypoint.sh -RUN chmod +x entrypoint.sh +COPY --chmod=755 entrypoint.sh /entrypoint.sh ENTRYPOINT ["/bin/bash", "/entrypoint.sh"] #EXTRA_DOCKERFILE_LINES__END diff --git a/flavors/python/Dockerfile b/flavors/python/Dockerfile index f11d26ccbcd..c4e86e3c3f3 100644 --- a/flavors/python/Dockerfile +++ b/flavors/python/Dockerfile @@ -21,27 +21,374 @@ FROM koalaman/shellcheck:stable as shellcheck FROM mvdan/shfmt:latest-alpine as shfmt FROM hadolint/hadolint:v2.12.0-alpine as hadolint FROM mstruebing/editorconfig-checker:2.7.0 as editorconfig-checker +FROM dotenvlinter/dotenv-linter:latest as dotenvlinter FROM ghcr.io/yannh/kubeconform:latest-alpine as kubeconform FROM mrtazz/checkmake:latest as checkmake FROM yoheimuta/protolint:latest as protolint +FROM --platform=$BUILDPLATFORM alpine:3 AS fetch-ruff +ARG BUILDARCH +RUN --mount=type=cache,target=/var/cache/apk,id=apk-${BUILDARCH},sharing=locked \ + apk add --update curl +WORKDIR / +ARG TARGETARCH +RUN export DL_LOCATION="https://github.com/charliermarsh/ruff/releases/latest/download/ruff-$([[ "${TARGETARCH}" == "amd64" ]] && echo "x86_64" || echo "aarch64")-unknown-linux-musl.tar.gz" \ + && echo "Downloading from ${DL_LOCATION}" \ + && curl --location "${DL_LOCATION}" | tar -xzv FROM zricethezav/gitleaks:v8.17.0 as gitleaks FROM trufflesecurity/trufflehog:latest as trufflehog FROM jdkato/vale:latest as vale FROM lycheeverse/lychee:latest-alpine as lychee #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START +# bash-exec installation +RUN printf '#!/bin/bash \n\nif [[ -x "$1" ]]; then exit 0; else echo "Error: File:[$1] is not executable"; exit 1; fi' > /usr/bin/bash-exec \ + && chmod +x /usr/bin/bash-exec \ +# +# ktlint installation + && curl --retry 5 --retry-delay 5 -sSLO https://github.com/pinterest/ktlint/releases/latest/download/ktlint && \ + chmod a+x ktlint && \ + mv "ktlint" /usr/bin/ + +# +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START +RUN apk add --update --no-cache \ + npm +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START +WORKDIR /node-deps +RUN npm --no-cache install --ignore-scripts --omit=dev \ + jscpd \ + stylelint \ + stylelint-config-standard \ + stylelint-config-sass-guidelines \ + stylelint-scss \ + graphql \ + graphql-schema-linter \ + npm-groovy-lint \ + htmlhint \ + @prantlf/jsonlint \ + eslint \ + eslint-plugin-jsonc \ + @microsoft/eslint-formatter-sarif \ + v8r \ + prettier \ + markdownlint-cli \ + markdown-link-check \ + markdown-table-formatter \ + @stoplight/spectral-cli \ + secretlint \ + @secretlint/secretlint-rule-preset-recommend \ + @secretlint/secretlint-formatter-sarif \ + cspell \ + sql-lint \ + tekton-lint && \ + echo "Cleaning npm cache…" \ + && npm cache clean --force || true \ + && echo "Changing owner of node_modules files…" \ + && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ + && echo "Removing extra node_module files…" \ + && rm -rf /root/.npm/_cacache \ + && find . -name "*.d.ts" -delete \ + && find . -name "*.map" -delete \ + && find . -name "*.npmignore" -delete \ + && find . -name "*.travis.yml" -delete \ + && find . -name "CHANGELOG.md" -delete \ + && find . -name "README.md" -delete \ + && find . -name ".package-lock.json" -delete \ + && find . -name "package-lock.json" -delete \ + && find . -name "README.md" -delete +WORKDIR / + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START +COPY --link --from=actionlint /usr/local/bin/actionlint /usr/bin/actionlint +# shellcheck is a dependency for actionlint + +COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck +COPY --link --from=build-platform /usr/bin/bash-exec /usr/bin/bash-exec +# Next COPY line commented because already managed by another linter +# COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck +COPY --link --from=shfmt /bin/shfmt /usr/bin/ +COPY --link --from=node_modules /node-deps /node-deps +COPY --link --from=hadolint /bin/hadolint /usr/bin/hadolint +COPY --link --from=editorconfig-checker /usr/bin/ec /usr/bin/editorconfig-checker +COPY --link --from=dotenvlinter /dotenv-linter /usr/bin/dotenv-linter +COPY --link --from=build-platform /usr/bin/ktlint /usr/bin/ktlint +COPY --link --from=kubeconform /kubeconform /usr/bin/ +COPY --link --from=checkmake /checkmake /usr/bin/checkmake +COPY --link --from=protolint /usr/local/bin/protolint /usr/bin/ +COPY --link --from=fetch-ruff /ruff /usr/bin/ruff +COPY --link --from=gitleaks /usr/bin/gitleaks /usr/bin/ +COPY --link --from=trufflehog /usr/bin/trufflehog /usr/bin/ +COPY --link --from=vale /bin/vale /bin/vale +COPY --link --from=lychee /usr/local/bin/lychee /usr/bin/ +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev \ + g++ \ + cmake +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START +RUN --mount=type=cache,id=pip,sharing=locked,target=/var/cache/pip,uid=0 \ + mkdir /download \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --cache-dir=/var/cache/pip --upgrade pip crossenv wheel \ +&& pip download --cache-dir=/var/cache/pip --dest "/download" \ + ansible-lint \ + djlint \ + pylint \ + typing-extensions \ + black \ + flake8 \ + isort \ + black \ + bandit \ + bandit_sarif_formatter \ + bandit[toml] \ + mypy \ + pyright \ + packaging \ + checkov \ + semgrep \ + restructuredtext_lint \ + rstcheck \ + rstfmt \ + snakemake \ + snakefmt \ + proselint \ + sqlfluff \ + yamllint + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/ansible-lint" \ + && cd "/venvs/ansible-lint" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip ansible-lint +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/djlint" \ + && cd "/venvs/djlint" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip djlint +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/pylint" \ + && cd "/venvs/pylint" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip pylint typing-extensions +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/black" \ + && cd "/venvs/black" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip black +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/flake8" \ + && cd "/venvs/flake8" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip flake8 +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/isort" \ + && cd "/venvs/isort" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip isort black +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/bandit" \ + && cd "/venvs/bandit" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip bandit bandit_sarif_formatter bandit[toml] +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/mypy" \ + && cd "/venvs/mypy" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip mypy +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/pyright" \ + && cd "/venvs/pyright" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip pyright +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/checkov" \ + && cd "/venvs/checkov" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip packaging checkov +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/semgrep" \ + && cd "/venvs/semgrep" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip semgrep +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/rst-lint" \ + && cd "/venvs/rst-lint" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip restructuredtext_lint +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/rstcheck" \ + && cd "/venvs/rstcheck" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip rstcheck +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/rstfmt" \ + && cd "/venvs/rstfmt" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip rstfmt +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/snakemake" \ + && cd "/venvs/snakemake" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip snakemake +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/snakefmt" \ + && cd "/venvs/snakefmt" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip snakefmt +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/proselint" \ + && cd "/venvs/proselint" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip proselint +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/sqlfluff" \ + && cd "/venvs/sqlfluff" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip sqlfluff +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/yamllint" \ + && cd "/venvs/yamllint" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip yamllint + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -105,6 +452,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -112,86 +461,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START -RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir --upgrade pip virtualenv \ - && mkdir -p "/venvs/ansible-lint" && cd "/venvs/ansible-lint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir ansible-lint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/djlint" && cd "/venvs/djlint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir djlint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/pylint" && cd "/venvs/pylint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir pylint typing-extensions && deactivate && cd ./../.. \ - && mkdir -p "/venvs/black" && cd "/venvs/black" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir black && deactivate && cd ./../.. \ - && mkdir -p "/venvs/flake8" && cd "/venvs/flake8" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir flake8 && deactivate && cd ./../.. \ - && mkdir -p "/venvs/isort" && cd "/venvs/isort" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir isort black && deactivate && cd ./../.. \ - && mkdir -p "/venvs/bandit" && cd "/venvs/bandit" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir bandit bandit_sarif_formatter bandit[toml] && deactivate && cd ./../.. \ - && mkdir -p "/venvs/mypy" && cd "/venvs/mypy" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir mypy && deactivate && cd ./../.. \ - && mkdir -p "/venvs/pyright" && cd "/venvs/pyright" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir pyright && deactivate && cd ./../.. \ - && mkdir -p "/venvs/ruff" && cd "/venvs/ruff" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir ruff && deactivate && cd ./../.. \ - && mkdir -p "/venvs/checkov" && cd "/venvs/checkov" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir packaging checkov && deactivate && cd ./../.. \ - && mkdir -p "/venvs/semgrep" && cd "/venvs/semgrep" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir semgrep && deactivate && cd ./../.. \ - && mkdir -p "/venvs/rst-lint" && cd "/venvs/rst-lint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir restructuredtext_lint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/rstcheck" && cd "/venvs/rstcheck" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir rstcheck && deactivate && cd ./../.. \ - && mkdir -p "/venvs/rstfmt" && cd "/venvs/rstfmt" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir rstfmt && deactivate && cd ./../.. \ - && mkdir -p "/venvs/snakemake" && cd "/venvs/snakemake" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir snakemake && deactivate && cd ./../.. \ - && mkdir -p "/venvs/snakefmt" && cd "/venvs/snakefmt" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir snakefmt && deactivate && cd ./../.. \ - && mkdir -p "/venvs/proselint" && cd "/venvs/proselint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir proselint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/sqlfluff" && cd "/venvs/sqlfluff" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir sqlfluff && deactivate && cd ./../.. \ - && mkdir -p "/venvs/yamllint" && cd "/venvs/yamllint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir yamllint && deactivate && cd ./../.. \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf && rm -rf /root/.cache -ENV PATH="${PATH}":/venvs/ansible-lint/bin:/venvs/djlint/bin:/venvs/pylint/bin:/venvs/black/bin:/venvs/flake8/bin:/venvs/isort/bin:/venvs/bandit/bin:/venvs/mypy/bin:/venvs/pyright/bin:/venvs/ruff/bin:/venvs/checkov/bin:/venvs/semgrep/bin:/venvs/rst-lint/bin:/venvs/rstcheck/bin:/venvs/rstfmt/bin:/venvs/snakemake/bin:/venvs/snakefmt/bin:/venvs/proselint/bin:/venvs/sqlfluff/bin:/venvs/yamllint/bin -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START -WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ - jscpd \ - stylelint \ - stylelint-config-standard \ - stylelint-config-sass-guidelines \ - stylelint-scss \ - graphql \ - graphql-schema-linter \ - npm-groovy-lint \ - htmlhint \ - @prantlf/jsonlint \ - eslint \ - eslint-plugin-jsonc \ - @microsoft/eslint-formatter-sarif \ - v8r \ - prettier \ - markdownlint-cli \ - markdown-link-check \ - markdown-table-formatter \ - @stoplight/spectral-cli \ - secretlint \ - @secretlint/secretlint-rule-preset-recommend \ - @secretlint/secretlint-formatter-sarif \ - cspell \ - sql-lint \ - tekton-lint && \ - echo "Cleaning npm cache…" \ - && npm cache clean --force || true \ - && echo "Changing owner of node_modules files…" \ - && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ - && echo "Removing extra node_module files…" \ - && rm -rf /root/.npm/_cacache \ - && find . -name "*.d.ts" -delete \ - && find . -name "*.map" -delete \ - && find . -name "*.npmignore" -delete \ - && find . -name "*.travis.yml" -delete \ - && find . -name "CHANGELOG.md" -delete \ - && find . -name "README.md" -delete \ - && find . -name ".package-lock.json" -delete \ - && find . -name "package-lock.json" -delete \ - && find . -name "README.md" -delete -WORKDIR / - -#NPM__END +#PIPVENV_PATH__START +ENV PATH="${PATH}":/venvs/ansible-lint/cross/bin:/venvs/djlint/cross/bin:/venvs/pylint/cross/bin:/venvs/black/cross/bin:/venvs/flake8/cross/bin:/venvs/isort/cross/bin:/venvs/bandit/cross/bin:/venvs/mypy/cross/bin:/venvs/pyright/cross/bin:/venvs/checkov/cross/bin:/venvs/semgrep/cross/bin:/venvs/rst-lint/cross/bin:/venvs/rstcheck/cross/bin:/venvs/rstfmt/cross/bin:/venvs/snakemake/cross/bin:/venvs/snakefmt/cross/bin:/venvs/proselint/cross/bin:/venvs/sqlfluff/cross/bin:/venvs/yamllint/cross/bin +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -216,132 +488,37 @@ RUN echo 'gem: --no-document' >> ~/.gemrc && \ ############################################################################################# #CARGO__START -RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable \ - && export PATH="/root/.cargo/bin:${PATH}" \ - && cargo install --force --locked sarif-fmt shellcheck-sarif \ - && rm -rf /root/.cargo/registry /root/.cargo/git /root/.cache/sccache /root/.rustup -ENV PATH="/root/.cargo/bin:${PATH}" -#CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# +#CARGO__END -#COPY__START -COPY --link --from=actionlint /usr/local/bin/actionlint /usr/bin/actionlint -# shellcheck is a dependency for actionlint - -COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck -# Next COPY line commented because already managed by another linter -# COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck -COPY --link --from=shfmt /bin/shfmt /usr/bin/ -COPY --link --from=hadolint /bin/hadolint /usr/bin/hadolint -COPY --link --from=editorconfig-checker /usr/bin/ec /usr/bin/editorconfig-checker -COPY --link --from=kubeconform /kubeconform /usr/bin/ -COPY --link --from=checkmake /checkmake /usr/bin/checkmake -COPY --link --from=protolint /usr/local/bin/protolint /usr/bin/ -COPY --link --from=gitleaks /usr/bin/gitleaks /usr/bin/ -COPY --link --from=trufflehog /usr/bin/trufflehog /usr/bin/ -COPY --link --from=vale /bin/vale /bin/vale -COPY --link --from=lychee /usr/local/bin/lychee /usr/bin/ -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START -# actionlint installation -# Managed with COPY --link --from=actionlint /usr/local/bin/actionlint /usr/bin/actionlint -# # shellcheck is a dependency for actionlint -# Managed with COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck - -# bash-exec installation -RUN printf '#!/bin/bash \n\nif [[ -x "$1" ]]; then exit 0; else echo "Error: File:[$1] is not executable"; exit 1; fi' > /usr/bin/bash-exec \ - && chmod +x /usr/bin/bash-exec \ - -# shellcheck installation -# Managed with # Next COPY line commented because already managed by another linter -# # COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck - -# shfmt installation -# Managed with COPY --link --from=shfmt /bin/shfmt /usr/bin/ - -# hadolint installation -# Managed with COPY --link --from=hadolint /bin/hadolint /usr/bin/hadolint - -# editorconfig-checker installation -# Managed with COPY --link --from=editorconfig-checker /usr/bin/ec /usr/bin/editorconfig-checker - -# dotenv-linter installation - && wget -q -O - https://raw.githubusercontent.com/dotenv-linter/dotenv-linter/master/install.sh | sh -s \ - -# ktlint installation - && curl --retry 5 --retry-delay 5 -sSLO https://github.com/pinterest/ktlint/releases/latest/download/ktlint && \ - chmod a+x ktlint && \ - mv "ktlint" /usr/bin/ \ - -# kubeconform installation -# Managed with COPY --link --from=kubeconform /kubeconform /usr/bin/ - # kubescape installation - && ln -s /lib/libc.so.6 /usr/lib/libresolv.so.2 && \ +RUN ln -s /lib/libc.so.6 /usr/lib/libresolv.so.2 && \ curl --retry 5 --retry-delay 5 -sLv https://raw.githubusercontent.com/kubescape/kubescape/master/install.sh | /bin/bash -s -- -v v2.3.6 - -# checkmake installation -# Managed with COPY --link --from=checkmake /checkmake /usr/bin/checkmake - -# protolint installation -# Managed with COPY --link --from=protolint /usr/local/bin/protolint /usr/bin/ - +# # mypy installation ENV MYPY_CACHE_DIR=/tmp - -# gitleaks installation -# Managed with COPY --link --from=gitleaks /usr/bin/gitleaks /usr/bin/ - +# # grype installation RUN curl -sSfL https://raw.githubusercontent.com/anchore/grype/main/install.sh | sh -s -- -b /usr/local/bin v0.63.1 \ - +# # trivy installation && wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin - +# # trivy-sbom installation # Next line commented because already managed by another linter # RUN wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin - -# trufflehog installation -# Managed with COPY --link --from=trufflehog /usr/bin/trufflehog /usr/bin/ - -# vale installation -# Managed with COPY --link --from=vale /bin/vale /bin/vale - -# lychee installation -# Managed with COPY --link --from=lychee /usr/local/bin/lychee /usr/bin/ - +# #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### @@ -379,7 +556,6 @@ LABEL com.github.actions.name="MegaLinter" \ org.opencontainers.image.description="Lint your code base with GitHub Actions" #EXTRA_DOCKERFILE_LINES__START -COPY entrypoint.sh /entrypoint.sh -RUN chmod +x entrypoint.sh +COPY --chmod=755 entrypoint.sh /entrypoint.sh ENTRYPOINT ["/bin/bash", "/entrypoint.sh"] #EXTRA_DOCKERFILE_LINES__END diff --git a/flavors/ruby/Dockerfile b/flavors/ruby/Dockerfile index 9bb0147e79b..f736318e845 100644 --- a/flavors/ruby/Dockerfile +++ b/flavors/ruby/Dockerfile @@ -21,6 +21,7 @@ FROM koalaman/shellcheck:stable as shellcheck FROM mvdan/shfmt:latest-alpine as shfmt FROM hadolint/hadolint:v2.12.0-alpine as hadolint FROM mstruebing/editorconfig-checker:2.7.0 as editorconfig-checker +FROM dotenvlinter/dotenv-linter:latest as dotenvlinter FROM ghcr.io/yannh/kubeconform:latest-alpine as kubeconform FROM yoheimuta/protolint:latest as protolint FROM zricethezav/gitleaks:v8.17.0 as gitleaks @@ -29,18 +30,269 @@ FROM jdkato/vale:latest as vale FROM lycheeverse/lychee:latest-alpine as lychee #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START +# bash-exec installation +RUN printf '#!/bin/bash \n\nif [[ -x "$1" ]]; then exit 0; else echo "Error: File:[$1] is not executable"; exit 1; fi' > /usr/bin/bash-exec \ + && chmod +x /usr/bin/bash-exec \ +# +# ktlint installation + && curl --retry 5 --retry-delay 5 -sSLO https://github.com/pinterest/ktlint/releases/latest/download/ktlint && \ + chmod a+x ktlint && \ + mv "ktlint" /usr/bin/ + +# +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START +RUN apk add --update --no-cache \ + npm +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START +WORKDIR /node-deps +RUN npm --no-cache install --ignore-scripts --omit=dev \ + jscpd \ + stylelint \ + stylelint-config-standard \ + stylelint-config-sass-guidelines \ + stylelint-scss \ + graphql \ + graphql-schema-linter \ + npm-groovy-lint \ + htmlhint \ + @prantlf/jsonlint \ + eslint \ + eslint-plugin-jsonc \ + @microsoft/eslint-formatter-sarif \ + v8r \ + prettier \ + markdownlint-cli \ + markdown-link-check \ + markdown-table-formatter \ + @stoplight/spectral-cli \ + secretlint \ + @secretlint/secretlint-rule-preset-recommend \ + @secretlint/secretlint-formatter-sarif \ + cspell \ + sql-lint \ + tekton-lint && \ + echo "Cleaning npm cache…" \ + && npm cache clean --force || true \ + && echo "Changing owner of node_modules files…" \ + && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ + && echo "Removing extra node_module files…" \ + && rm -rf /root/.npm/_cacache \ + && find . -name "*.d.ts" -delete \ + && find . -name "*.map" -delete \ + && find . -name "*.npmignore" -delete \ + && find . -name "*.travis.yml" -delete \ + && find . -name "CHANGELOG.md" -delete \ + && find . -name "README.md" -delete \ + && find . -name ".package-lock.json" -delete \ + && find . -name "package-lock.json" -delete \ + && find . -name "README.md" -delete +WORKDIR / + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START +COPY --link --from=actionlint /usr/local/bin/actionlint /usr/bin/actionlint +# shellcheck is a dependency for actionlint + +COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck +COPY --link --from=build-platform /usr/bin/bash-exec /usr/bin/bash-exec +# Next COPY line commented because already managed by another linter +# COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck +COPY --link --from=shfmt /bin/shfmt /usr/bin/ +COPY --link --from=node_modules /node-deps /node-deps +COPY --link --from=hadolint /bin/hadolint /usr/bin/hadolint +COPY --link --from=editorconfig-checker /usr/bin/ec /usr/bin/editorconfig-checker +COPY --link --from=dotenvlinter /dotenv-linter /usr/bin/dotenv-linter +COPY --link --from=build-platform /usr/bin/ktlint /usr/bin/ktlint +COPY --link --from=kubeconform /kubeconform /usr/bin/ +COPY --link --from=protolint /usr/local/bin/protolint /usr/bin/ +COPY --link --from=gitleaks /usr/bin/gitleaks /usr/bin/ +COPY --link --from=trufflehog /usr/bin/trufflehog /usr/bin/ +COPY --link --from=vale /bin/vale /bin/vale +COPY --link --from=lychee /usr/local/bin/lychee /usr/bin/ +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev \ + g++ \ + cmake +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START +RUN --mount=type=cache,id=pip,sharing=locked,target=/var/cache/pip,uid=0 \ + mkdir /download \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --cache-dir=/var/cache/pip --upgrade pip crossenv wheel \ +&& pip download --cache-dir=/var/cache/pip --dest "/download" \ + ansible-lint \ + djlint \ + packaging \ + checkov \ + semgrep \ + snakemake \ + snakefmt \ + proselint \ + sqlfluff \ + yamllint + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/ansible-lint" \ + && cd "/venvs/ansible-lint" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip ansible-lint +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/djlint" \ + && cd "/venvs/djlint" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip djlint +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/checkov" \ + && cd "/venvs/checkov" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip packaging checkov +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/semgrep" \ + && cd "/venvs/semgrep" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip semgrep +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/snakemake" \ + && cd "/venvs/snakemake" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip snakemake +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/snakefmt" \ + && cd "/venvs/snakefmt" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip snakefmt +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/proselint" \ + && cd "/venvs/proselint" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip proselint +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/sqlfluff" \ + && cd "/venvs/sqlfluff" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip sqlfluff +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/yamllint" \ + && cd "/venvs/yamllint" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip yamllint + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -104,6 +356,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -111,75 +365,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START -RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir --upgrade pip virtualenv \ - && mkdir -p "/venvs/ansible-lint" && cd "/venvs/ansible-lint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir ansible-lint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/djlint" && cd "/venvs/djlint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir djlint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/checkov" && cd "/venvs/checkov" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir packaging checkov && deactivate && cd ./../.. \ - && mkdir -p "/venvs/semgrep" && cd "/venvs/semgrep" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir semgrep && deactivate && cd ./../.. \ - && mkdir -p "/venvs/snakemake" && cd "/venvs/snakemake" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir snakemake && deactivate && cd ./../.. \ - && mkdir -p "/venvs/snakefmt" && cd "/venvs/snakefmt" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir snakefmt && deactivate && cd ./../.. \ - && mkdir -p "/venvs/proselint" && cd "/venvs/proselint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir proselint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/sqlfluff" && cd "/venvs/sqlfluff" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir sqlfluff && deactivate && cd ./../.. \ - && mkdir -p "/venvs/yamllint" && cd "/venvs/yamllint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir yamllint && deactivate && cd ./../.. \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf && rm -rf /root/.cache -ENV PATH="${PATH}":/venvs/ansible-lint/bin:/venvs/djlint/bin:/venvs/checkov/bin:/venvs/semgrep/bin:/venvs/snakemake/bin:/venvs/snakefmt/bin:/venvs/proselint/bin:/venvs/sqlfluff/bin:/venvs/yamllint/bin -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START -WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ - jscpd \ - stylelint \ - stylelint-config-standard \ - stylelint-config-sass-guidelines \ - stylelint-scss \ - graphql \ - graphql-schema-linter \ - npm-groovy-lint \ - htmlhint \ - @prantlf/jsonlint \ - eslint \ - eslint-plugin-jsonc \ - @microsoft/eslint-formatter-sarif \ - v8r \ - prettier \ - markdownlint-cli \ - markdown-link-check \ - markdown-table-formatter \ - @stoplight/spectral-cli \ - secretlint \ - @secretlint/secretlint-rule-preset-recommend \ - @secretlint/secretlint-formatter-sarif \ - cspell \ - sql-lint \ - tekton-lint && \ - echo "Cleaning npm cache…" \ - && npm cache clean --force || true \ - && echo "Changing owner of node_modules files…" \ - && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ - && echo "Removing extra node_module files…" \ - && rm -rf /root/.npm/_cacache \ - && find . -name "*.d.ts" -delete \ - && find . -name "*.map" -delete \ - && find . -name "*.npmignore" -delete \ - && find . -name "*.travis.yml" -delete \ - && find . -name "CHANGELOG.md" -delete \ - && find . -name "README.md" -delete \ - && find . -name ".package-lock.json" -delete \ - && find . -name "package-lock.json" -delete \ - && find . -name "README.md" -delete -WORKDIR / - -#NPM__END +#PIPVENV_PATH__START +ENV PATH="${PATH}":/venvs/ansible-lint/cross/bin:/venvs/djlint/cross/bin:/venvs/checkov/cross/bin:/venvs/semgrep/cross/bin:/venvs/snakemake/cross/bin:/venvs/snakefmt/cross/bin:/venvs/proselint/cross/bin:/venvs/sqlfluff/cross/bin:/venvs/yamllint/cross/bin +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -210,124 +398,33 @@ RUN echo 'gem: --no-document' >> ~/.gemrc && \ ############################################################################################# #CARGO__START -RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable \ - && export PATH="/root/.cargo/bin:${PATH}" \ - && cargo install --force --locked sarif-fmt shellcheck-sarif \ - && rm -rf /root/.cargo/registry /root/.cargo/git /root/.cache/sccache /root/.rustup -ENV PATH="/root/.cargo/bin:${PATH}" -#CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START -COPY --link --from=actionlint /usr/local/bin/actionlint /usr/bin/actionlint -# shellcheck is a dependency for actionlint +#CARGO__END -COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck -# Next COPY line commented because already managed by another linter -# COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck -COPY --link --from=shfmt /bin/shfmt /usr/bin/ -COPY --link --from=hadolint /bin/hadolint /usr/bin/hadolint -COPY --link --from=editorconfig-checker /usr/bin/ec /usr/bin/editorconfig-checker -COPY --link --from=kubeconform /kubeconform /usr/bin/ -COPY --link --from=protolint /usr/local/bin/protolint /usr/bin/ -COPY --link --from=gitleaks /usr/bin/gitleaks /usr/bin/ -COPY --link --from=trufflehog /usr/bin/trufflehog /usr/bin/ -COPY --link --from=vale /bin/vale /bin/vale -COPY --link --from=lychee /usr/local/bin/lychee /usr/bin/ -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START -# actionlint installation -# Managed with COPY --link --from=actionlint /usr/local/bin/actionlint /usr/bin/actionlint -# # shellcheck is a dependency for actionlint -# Managed with COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck - -# bash-exec installation -RUN printf '#!/bin/bash \n\nif [[ -x "$1" ]]; then exit 0; else echo "Error: File:[$1] is not executable"; exit 1; fi' > /usr/bin/bash-exec \ - && chmod +x /usr/bin/bash-exec \ - -# shellcheck installation -# Managed with # Next COPY line commented because already managed by another linter -# # COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck - -# shfmt installation -# Managed with COPY --link --from=shfmt /bin/shfmt /usr/bin/ - -# hadolint installation -# Managed with COPY --link --from=hadolint /bin/hadolint /usr/bin/hadolint - -# editorconfig-checker installation -# Managed with COPY --link --from=editorconfig-checker /usr/bin/ec /usr/bin/editorconfig-checker - -# dotenv-linter installation - && wget -q -O - https://raw.githubusercontent.com/dotenv-linter/dotenv-linter/master/install.sh | sh -s \ - -# ktlint installation - && curl --retry 5 --retry-delay 5 -sSLO https://github.com/pinterest/ktlint/releases/latest/download/ktlint && \ - chmod a+x ktlint && \ - mv "ktlint" /usr/bin/ \ - -# kubeconform installation -# Managed with COPY --link --from=kubeconform /kubeconform /usr/bin/ - # kubescape installation - && ln -s /lib/libc.so.6 /usr/lib/libresolv.so.2 && \ +RUN ln -s /lib/libc.so.6 /usr/lib/libresolv.so.2 && \ curl --retry 5 --retry-delay 5 -sLv https://raw.githubusercontent.com/kubescape/kubescape/master/install.sh | /bin/bash -s -- -v v2.3.6 \ - -# protolint installation -# Managed with COPY --link --from=protolint /usr/local/bin/protolint /usr/bin/ - -# gitleaks installation -# Managed with COPY --link --from=gitleaks /usr/bin/gitleaks /usr/bin/ - +# # grype installation && curl -sSfL https://raw.githubusercontent.com/anchore/grype/main/install.sh | sh -s -- -b /usr/local/bin v0.63.1 \ - +# # trivy installation && wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin - +# # trivy-sbom installation # Next line commented because already managed by another linter # RUN wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin - -# trufflehog installation -# Managed with COPY --link --from=trufflehog /usr/bin/trufflehog /usr/bin/ - -# vale installation -# Managed with COPY --link --from=vale /bin/vale /bin/vale - -# lychee installation -# Managed with COPY --link --from=lychee /usr/local/bin/lychee /usr/bin/ - +# #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### @@ -365,7 +462,6 @@ LABEL com.github.actions.name="MegaLinter" \ org.opencontainers.image.description="Lint your code base with GitHub Actions" #EXTRA_DOCKERFILE_LINES__START -COPY entrypoint.sh /entrypoint.sh -RUN chmod +x entrypoint.sh +COPY --chmod=755 entrypoint.sh /entrypoint.sh ENTRYPOINT ["/bin/bash", "/entrypoint.sh"] #EXTRA_DOCKERFILE_LINES__END diff --git a/flavors/rust/Dockerfile b/flavors/rust/Dockerfile index 07b58b494c3..ec5a479b55d 100644 --- a/flavors/rust/Dockerfile +++ b/flavors/rust/Dockerfile @@ -21,26 +21,316 @@ FROM koalaman/shellcheck:stable as shellcheck FROM mvdan/shfmt:latest-alpine as shfmt FROM hadolint/hadolint:v2.12.0-alpine as hadolint FROM mstruebing/editorconfig-checker:2.7.0 as editorconfig-checker +FROM dotenvlinter/dotenv-linter:latest as dotenvlinter FROM ghcr.io/yannh/kubeconform:latest-alpine as kubeconform FROM yoheimuta/protolint:latest as protolint FROM zricethezav/gitleaks:v8.17.0 as gitleaks FROM trufflesecurity/trufflehog:latest as trufflehog FROM jdkato/vale:latest as vale FROM lycheeverse/lychee:latest-alpine as lychee +FROM --platform=$BUILDPLATFORM alpine:3 AS cargo-build +WORKDIR /cargo +ENV HOME=/cargo +USER 0 +RUN --mount=type=cache,target=/var/cache/apk,id=apk-${BUILDARCH},sharing=locked \ + apk add --update \ + gcc \ + rustup \ + bash \ + git \ + musl-dev \ + llvm \ + clang \ + curl +RUN curl --location "https://github.com/cargo-bins/cargo-binstall/releases/latest/download/cargo-binstall-$([[ "${TARGETARCH}" == "amd64" ]] && echo "x86_64" || echo "aarch64")-unknown-linux-musl.tgz" | tar -xzv \ + && mkdir -p /cargo/.cargo/bin \ + && mv cargo-binstall /cargo/.cargo/bin \ + && chown -R 63425:63425 /cargo +USER 63425 +ENV CC_aarch64_unknown_linux_musl=clang \ + AR_aarch64_unknown_linux_musl=llvm-ar \ + CARGO_TARGET_AARCH64_UNKNOWN_LINUX_MUSL_RUSTFLAGS="-Clink-self-contained=yes -Clinker=rust-lld" \ + CC_x86_64_unknown_linux_musl=clang \ + AR_x86_64_unknown_linux_musl=llvm-ar \ + CARGO_TARGET_X86_64_UNKNOWN_LINUX_MUSL_RUSTFLAGS="-Clink-self-contained=yes -Clinker=rust-lld" +ARG TARGETARCH +RUN rustup-init -y --target $([[ "${TARGETARCH}" == "amd64" ]] && echo "x86_64-unknown-linux-musl" || echo "aarch64-unknown-linux-musl") + +RUN --mount=type=cache,id=cargo-${TARGETARCH},sharing=locked,target=/cargo/.cargo/registry/,uid=63425 \ + . /cargo/.cargo/env \ + && cargo binstall --no-confirm --no-symlinks sarif-fmt shellcheck-sarif --root /tmp --target $([[ "${TARGETARCH}" == "amd64" ]] && echo "x86_64-unknown-linux-musl" || echo "aarch64-unknown-linux-musl") + +FROM scratch AS cargo +COPY --link --from=cargo-build /tmp/bin/* /bin/ +RUN ["/bin/sarif-fmt", "--help"] +RUN ["/bin/shellcheck-sarif", "--help"] + #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START +# bash-exec installation +RUN printf '#!/bin/bash \n\nif [[ -x "$1" ]]; then exit 0; else echo "Error: File:[$1] is not executable"; exit 1; fi' > /usr/bin/bash-exec \ + && chmod +x /usr/bin/bash-exec \ +# +# ktlint installation + && curl --retry 5 --retry-delay 5 -sSLO https://github.com/pinterest/ktlint/releases/latest/download/ktlint && \ + chmod a+x ktlint && \ + mv "ktlint" /usr/bin/ + +# +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START +RUN apk add --update --no-cache \ + npm +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START +WORKDIR /node-deps +RUN npm --no-cache install --ignore-scripts --omit=dev \ + jscpd \ + stylelint \ + stylelint-config-standard \ + stylelint-config-sass-guidelines \ + stylelint-scss \ + graphql \ + graphql-schema-linter \ + npm-groovy-lint \ + htmlhint \ + @prantlf/jsonlint \ + eslint \ + eslint-plugin-jsonc \ + @microsoft/eslint-formatter-sarif \ + v8r \ + prettier \ + markdownlint-cli \ + markdown-link-check \ + markdown-table-formatter \ + @stoplight/spectral-cli \ + secretlint \ + @secretlint/secretlint-rule-preset-recommend \ + @secretlint/secretlint-formatter-sarif \ + cspell \ + sql-lint \ + tekton-lint && \ + echo "Cleaning npm cache…" \ + && npm cache clean --force || true \ + && echo "Changing owner of node_modules files…" \ + && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ + && echo "Removing extra node_module files…" \ + && rm -rf /root/.npm/_cacache \ + && find . -name "*.d.ts" -delete \ + && find . -name "*.map" -delete \ + && find . -name "*.npmignore" -delete \ + && find . -name "*.travis.yml" -delete \ + && find . -name "CHANGELOG.md" -delete \ + && find . -name "README.md" -delete \ + && find . -name ".package-lock.json" -delete \ + && find . -name "package-lock.json" -delete \ + && find . -name "README.md" -delete +WORKDIR / + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START +COPY --link --from=actionlint /usr/local/bin/actionlint /usr/bin/actionlint +# shellcheck is a dependency for actionlint + +COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck +COPY --link --from=build-platform /usr/bin/bash-exec /usr/bin/bash-exec +# Next COPY line commented because already managed by another linter +# COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck +COPY --link --from=shfmt /bin/shfmt /usr/bin/ +COPY --link --from=node_modules /node-deps /node-deps +COPY --link --from=hadolint /bin/hadolint /usr/bin/hadolint +COPY --link --from=editorconfig-checker /usr/bin/ec /usr/bin/editorconfig-checker +COPY --link --from=dotenvlinter /dotenv-linter /usr/bin/dotenv-linter +COPY --link --from=build-platform /usr/bin/ktlint /usr/bin/ktlint +COPY --link --from=kubeconform /kubeconform /usr/bin/ +COPY --link --from=protolint /usr/local/bin/protolint /usr/bin/ +COPY --link --from=gitleaks /usr/bin/gitleaks /usr/bin/ +COPY --link --from=trufflehog /usr/bin/trufflehog /usr/bin/ +COPY --link --from=vale /bin/vale /bin/vale +COPY --link --from=lychee /usr/local/bin/lychee /usr/bin/ +COPY --link --from=cargo /bin/* /usr/bin/ +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev \ + g++ \ + cmake +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START +RUN --mount=type=cache,id=pip,sharing=locked,target=/var/cache/pip,uid=0 \ + mkdir /download \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --cache-dir=/var/cache/pip --upgrade pip crossenv wheel \ +&& pip download --cache-dir=/var/cache/pip --dest "/download" \ + ansible-lint \ + djlint \ + packaging \ + checkov \ + semgrep \ + snakemake \ + snakefmt \ + proselint \ + sqlfluff \ + yamllint + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/ansible-lint" \ + && cd "/venvs/ansible-lint" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip ansible-lint +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/djlint" \ + && cd "/venvs/djlint" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip djlint +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/checkov" \ + && cd "/venvs/checkov" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip packaging checkov +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/semgrep" \ + && cd "/venvs/semgrep" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip semgrep +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/snakemake" \ + && cd "/venvs/snakemake" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip snakemake +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/snakefmt" \ + && cd "/venvs/snakefmt" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip snakefmt +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/proselint" \ + && cd "/venvs/proselint" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip proselint +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/sqlfluff" \ + && cd "/venvs/sqlfluff" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip sqlfluff +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/yamllint" \ + && cd "/venvs/yamllint" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip yamllint + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -104,6 +394,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -111,75 +403,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START -RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir --upgrade pip virtualenv \ - && mkdir -p "/venvs/ansible-lint" && cd "/venvs/ansible-lint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir ansible-lint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/djlint" && cd "/venvs/djlint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir djlint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/checkov" && cd "/venvs/checkov" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir packaging checkov && deactivate && cd ./../.. \ - && mkdir -p "/venvs/semgrep" && cd "/venvs/semgrep" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir semgrep && deactivate && cd ./../.. \ - && mkdir -p "/venvs/snakemake" && cd "/venvs/snakemake" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir snakemake && deactivate && cd ./../.. \ - && mkdir -p "/venvs/snakefmt" && cd "/venvs/snakefmt" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir snakefmt && deactivate && cd ./../.. \ - && mkdir -p "/venvs/proselint" && cd "/venvs/proselint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir proselint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/sqlfluff" && cd "/venvs/sqlfluff" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir sqlfluff && deactivate && cd ./../.. \ - && mkdir -p "/venvs/yamllint" && cd "/venvs/yamllint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir yamllint && deactivate && cd ./../.. \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf && rm -rf /root/.cache -ENV PATH="${PATH}":/venvs/ansible-lint/bin:/venvs/djlint/bin:/venvs/checkov/bin:/venvs/semgrep/bin:/venvs/snakemake/bin:/venvs/snakefmt/bin:/venvs/proselint/bin:/venvs/sqlfluff/bin:/venvs/yamllint/bin -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START -WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ - jscpd \ - stylelint \ - stylelint-config-standard \ - stylelint-config-sass-guidelines \ - stylelint-scss \ - graphql \ - graphql-schema-linter \ - npm-groovy-lint \ - htmlhint \ - @prantlf/jsonlint \ - eslint \ - eslint-plugin-jsonc \ - @microsoft/eslint-formatter-sarif \ - v8r \ - prettier \ - markdownlint-cli \ - markdown-link-check \ - markdown-table-formatter \ - @stoplight/spectral-cli \ - secretlint \ - @secretlint/secretlint-rule-preset-recommend \ - @secretlint/secretlint-formatter-sarif \ - cspell \ - sql-lint \ - tekton-lint && \ - echo "Cleaning npm cache…" \ - && npm cache clean --force || true \ - && echo "Changing owner of node_modules files…" \ - && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ - && echo "Removing extra node_module files…" \ - && rm -rf /root/.npm/_cacache \ - && find . -name "*.d.ts" -delete \ - && find . -name "*.map" -delete \ - && find . -name "*.npmignore" -delete \ - && find . -name "*.travis.yml" -delete \ - && find . -name "CHANGELOG.md" -delete \ - && find . -name "README.md" -delete \ - && find . -name ".package-lock.json" -delete \ - && find . -name "package-lock.json" -delete \ - && find . -name "README.md" -delete -WORKDIR / - -#NPM__END +#PIPVENV_PATH__START +ENV PATH="${PATH}":/venvs/ansible-lint/cross/bin:/venvs/djlint/cross/bin:/venvs/checkov/cross/bin:/venvs/semgrep/cross/bin:/venvs/snakemake/cross/bin:/venvs/snakefmt/cross/bin:/venvs/proselint/cross/bin:/venvs/sqlfluff/cross/bin:/venvs/yamllint/cross/bin +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -206,122 +432,35 @@ RUN echo 'gem: --no-document' >> ~/.gemrc && \ #CARGO__START RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable \ && export PATH="/root/.cargo/bin:${PATH}" \ - && rustup component add clippy && cargo install --force --locked sarif-fmt shellcheck-sarif \ + && rustup component add clippy \ && rm -rf /root/.cargo/registry /root/.cargo/git /root/.cache/sccache ENV PATH="/root/.cargo/bin:${PATH}" #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START -COPY --link --from=actionlint /usr/local/bin/actionlint /usr/bin/actionlint -# shellcheck is a dependency for actionlint - -COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck -# Next COPY line commented because already managed by another linter -# COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck -COPY --link --from=shfmt /bin/shfmt /usr/bin/ -COPY --link --from=hadolint /bin/hadolint /usr/bin/hadolint -COPY --link --from=editorconfig-checker /usr/bin/ec /usr/bin/editorconfig-checker -COPY --link --from=kubeconform /kubeconform /usr/bin/ -COPY --link --from=protolint /usr/local/bin/protolint /usr/bin/ -COPY --link --from=gitleaks /usr/bin/gitleaks /usr/bin/ -COPY --link --from=trufflehog /usr/bin/trufflehog /usr/bin/ -COPY --link --from=vale /bin/vale /bin/vale -COPY --link --from=lychee /usr/local/bin/lychee /usr/bin/ -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START -# actionlint installation -# Managed with COPY --link --from=actionlint /usr/local/bin/actionlint /usr/bin/actionlint -# # shellcheck is a dependency for actionlint -# Managed with COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck - -# bash-exec installation -RUN printf '#!/bin/bash \n\nif [[ -x "$1" ]]; then exit 0; else echo "Error: File:[$1] is not executable"; exit 1; fi' > /usr/bin/bash-exec \ - && chmod +x /usr/bin/bash-exec \ - -# shellcheck installation -# Managed with # Next COPY line commented because already managed by another linter -# # COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck - -# shfmt installation -# Managed with COPY --link --from=shfmt /bin/shfmt /usr/bin/ - -# hadolint installation -# Managed with COPY --link --from=hadolint /bin/hadolint /usr/bin/hadolint - -# editorconfig-checker installation -# Managed with COPY --link --from=editorconfig-checker /usr/bin/ec /usr/bin/editorconfig-checker - -# dotenv-linter installation - && wget -q -O - https://raw.githubusercontent.com/dotenv-linter/dotenv-linter/master/install.sh | sh -s \ - -# ktlint installation - && curl --retry 5 --retry-delay 5 -sSLO https://github.com/pinterest/ktlint/releases/latest/download/ktlint && \ - chmod a+x ktlint && \ - mv "ktlint" /usr/bin/ \ - -# kubeconform installation -# Managed with COPY --link --from=kubeconform /kubeconform /usr/bin/ - # kubescape installation - && ln -s /lib/libc.so.6 /usr/lib/libresolv.so.2 && \ +RUN ln -s /lib/libc.so.6 /usr/lib/libresolv.so.2 && \ curl --retry 5 --retry-delay 5 -sLv https://raw.githubusercontent.com/kubescape/kubescape/master/install.sh | /bin/bash -s -- -v v2.3.6 \ - -# protolint installation -# Managed with COPY --link --from=protolint /usr/local/bin/protolint /usr/bin/ - -# gitleaks installation -# Managed with COPY --link --from=gitleaks /usr/bin/gitleaks /usr/bin/ - +# # grype installation && curl -sSfL https://raw.githubusercontent.com/anchore/grype/main/install.sh | sh -s -- -b /usr/local/bin v0.63.1 \ - +# # trivy installation && wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin - +# # trivy-sbom installation # Next line commented because already managed by another linter # RUN wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin - -# trufflehog installation -# Managed with COPY --link --from=trufflehog /usr/bin/trufflehog /usr/bin/ - -# vale installation -# Managed with COPY --link --from=vale /bin/vale /bin/vale - -# lychee installation -# Managed with COPY --link --from=lychee /usr/local/bin/lychee /usr/bin/ - +# #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### @@ -359,7 +498,6 @@ LABEL com.github.actions.name="MegaLinter" \ org.opencontainers.image.description="Lint your code base with GitHub Actions" #EXTRA_DOCKERFILE_LINES__START -COPY entrypoint.sh /entrypoint.sh -RUN chmod +x entrypoint.sh +COPY --chmod=755 entrypoint.sh /entrypoint.sh ENTRYPOINT ["/bin/bash", "/entrypoint.sh"] #EXTRA_DOCKERFILE_LINES__END diff --git a/flavors/salesforce/Dockerfile b/flavors/salesforce/Dockerfile index 5713ae3435c..4236667cc9f 100644 --- a/flavors/salesforce/Dockerfile +++ b/flavors/salesforce/Dockerfile @@ -21,6 +21,7 @@ FROM koalaman/shellcheck:stable as shellcheck FROM mvdan/shfmt:latest-alpine as shfmt FROM hadolint/hadolint:v2.12.0-alpine as hadolint FROM mstruebing/editorconfig-checker:2.7.0 as editorconfig-checker +FROM dotenvlinter/dotenv-linter:latest as dotenvlinter FROM ghcr.io/yannh/kubeconform:latest-alpine as kubeconform FROM yoheimuta/protolint:latest as protolint FROM zricethezav/gitleaks:v8.17.0 as gitleaks @@ -29,18 +30,272 @@ FROM jdkato/vale:latest as vale FROM lycheeverse/lychee:latest-alpine as lychee #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START +# bash-exec installation +RUN printf '#!/bin/bash \n\nif [[ -x "$1" ]]; then exit 0; else echo "Error: File:[$1] is not executable"; exit 1; fi' > /usr/bin/bash-exec \ + && chmod +x /usr/bin/bash-exec \ +# +# ktlint installation + && curl --retry 5 --retry-delay 5 -sSLO https://github.com/pinterest/ktlint/releases/latest/download/ktlint && \ + chmod a+x ktlint && \ + mv "ktlint" /usr/bin/ + +# +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START +RUN apk add --update --no-cache \ + npm +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START +WORKDIR /node-deps +RUN npm --no-cache install --ignore-scripts --omit=dev \ + @salesforce/cli \ + jscpd \ + stylelint \ + stylelint-config-standard \ + stylelint-config-sass-guidelines \ + stylelint-scss \ + graphql \ + graphql-schema-linter \ + npm-groovy-lint \ + htmlhint \ + @prantlf/jsonlint \ + eslint \ + eslint-plugin-jsonc \ + @microsoft/eslint-formatter-sarif \ + v8r \ + prettier \ + npm-package-json-lint \ + npm-package-json-lint-config-default \ + markdownlint-cli \ + markdown-link-check \ + markdown-table-formatter \ + @stoplight/spectral-cli \ + secretlint \ + @secretlint/secretlint-rule-preset-recommend \ + @secretlint/secretlint-formatter-sarif \ + cspell \ + sql-lint \ + tekton-lint && \ + echo "Cleaning npm cache…" \ + && npm cache clean --force || true \ + && echo "Changing owner of node_modules files…" \ + && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ + && echo "Removing extra node_module files…" \ + && rm -rf /root/.npm/_cacache \ + && find . -name "*.d.ts" -delete \ + && find . -name "*.map" -delete \ + && find . -name "*.npmignore" -delete \ + && find . -name "*.travis.yml" -delete \ + && find . -name "CHANGELOG.md" -delete \ + && find . -name "README.md" -delete \ + && find . -name ".package-lock.json" -delete \ + && find . -name "package-lock.json" -delete \ + && find . -name "README.md" -delete +WORKDIR / + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START +COPY --link --from=node_modules /node-deps /node-deps +COPY --link --from=actionlint /usr/local/bin/actionlint /usr/bin/actionlint +# shellcheck is a dependency for actionlint + +COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck +COPY --link --from=build-platform /usr/bin/bash-exec /usr/bin/bash-exec +# Next COPY line commented because already managed by another linter +# COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck +COPY --link --from=shfmt /bin/shfmt /usr/bin/ +COPY --link --from=hadolint /bin/hadolint /usr/bin/hadolint +COPY --link --from=editorconfig-checker /usr/bin/ec /usr/bin/editorconfig-checker +COPY --link --from=dotenvlinter /dotenv-linter /usr/bin/dotenv-linter +COPY --link --from=build-platform /usr/bin/ktlint /usr/bin/ktlint +COPY --link --from=kubeconform /kubeconform /usr/bin/ +COPY --link --from=protolint /usr/local/bin/protolint /usr/bin/ +COPY --link --from=gitleaks /usr/bin/gitleaks /usr/bin/ +COPY --link --from=trufflehog /usr/bin/trufflehog /usr/bin/ +COPY --link --from=vale /bin/vale /bin/vale +COPY --link --from=lychee /usr/local/bin/lychee /usr/bin/ +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev \ + g++ \ + cmake +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START +RUN --mount=type=cache,id=pip,sharing=locked,target=/var/cache/pip,uid=0 \ + mkdir /download \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --cache-dir=/var/cache/pip --upgrade pip crossenv wheel \ +&& pip download --cache-dir=/var/cache/pip --dest "/download" \ + ansible-lint \ + djlint \ + packaging \ + checkov \ + semgrep \ + snakemake \ + snakefmt \ + proselint \ + sqlfluff \ + yamllint + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/ansible-lint" \ + && cd "/venvs/ansible-lint" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip ansible-lint +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/djlint" \ + && cd "/venvs/djlint" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip djlint +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/checkov" \ + && cd "/venvs/checkov" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip packaging checkov +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/semgrep" \ + && cd "/venvs/semgrep" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip semgrep +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/snakemake" \ + && cd "/venvs/snakemake" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip snakemake +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/snakefmt" \ + && cd "/venvs/snakefmt" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip snakefmt +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/proselint" \ + && cd "/venvs/proselint" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip proselint +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/sqlfluff" \ + && cd "/venvs/sqlfluff" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip sqlfluff +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/yamllint" \ + && cd "/venvs/yamllint" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip yamllint + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -104,6 +359,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -111,78 +368,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START -RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir --upgrade pip virtualenv \ - && mkdir -p "/venvs/ansible-lint" && cd "/venvs/ansible-lint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir ansible-lint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/djlint" && cd "/venvs/djlint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir djlint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/checkov" && cd "/venvs/checkov" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir packaging checkov && deactivate && cd ./../.. \ - && mkdir -p "/venvs/semgrep" && cd "/venvs/semgrep" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir semgrep && deactivate && cd ./../.. \ - && mkdir -p "/venvs/snakemake" && cd "/venvs/snakemake" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir snakemake && deactivate && cd ./../.. \ - && mkdir -p "/venvs/snakefmt" && cd "/venvs/snakefmt" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir snakefmt && deactivate && cd ./../.. \ - && mkdir -p "/venvs/proselint" && cd "/venvs/proselint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir proselint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/sqlfluff" && cd "/venvs/sqlfluff" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir sqlfluff && deactivate && cd ./../.. \ - && mkdir -p "/venvs/yamllint" && cd "/venvs/yamllint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir yamllint && deactivate && cd ./../.. \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf && rm -rf /root/.cache -ENV PATH="${PATH}":/venvs/ansible-lint/bin:/venvs/djlint/bin:/venvs/checkov/bin:/venvs/semgrep/bin:/venvs/snakemake/bin:/venvs/snakefmt/bin:/venvs/proselint/bin:/venvs/sqlfluff/bin:/venvs/yamllint/bin -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START -WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ - sfdx-cli \ - jscpd \ - stylelint \ - stylelint-config-standard \ - stylelint-config-sass-guidelines \ - stylelint-scss \ - graphql \ - graphql-schema-linter \ - npm-groovy-lint \ - htmlhint \ - @prantlf/jsonlint \ - eslint \ - eslint-plugin-jsonc \ - @microsoft/eslint-formatter-sarif \ - v8r \ - prettier \ - npm-package-json-lint \ - npm-package-json-lint-config-default \ - markdownlint-cli \ - markdown-link-check \ - markdown-table-formatter \ - @stoplight/spectral-cli \ - secretlint \ - @secretlint/secretlint-rule-preset-recommend \ - @secretlint/secretlint-formatter-sarif \ - cspell \ - sql-lint \ - tekton-lint && \ - echo "Cleaning npm cache…" \ - && npm cache clean --force || true \ - && echo "Changing owner of node_modules files…" \ - && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ - && echo "Removing extra node_module files…" \ - && rm -rf /root/.npm/_cacache \ - && find . -name "*.d.ts" -delete \ - && find . -name "*.map" -delete \ - && find . -name "*.npmignore" -delete \ - && find . -name "*.travis.yml" -delete \ - && find . -name "CHANGELOG.md" -delete \ - && find . -name "README.md" -delete \ - && find . -name ".package-lock.json" -delete \ - && find . -name "package-lock.json" -delete \ - && find . -name "README.md" -delete -WORKDIR / - -#NPM__END +#PIPVENV_PATH__START +ENV PATH="${PATH}":/venvs/ansible-lint/cross/bin:/venvs/djlint/cross/bin:/venvs/checkov/cross/bin:/venvs/semgrep/cross/bin:/venvs/snakemake/cross/bin:/venvs/snakefmt/cross/bin:/venvs/proselint/cross/bin:/venvs/sqlfluff/cross/bin:/venvs/yamllint/cross/bin +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -207,36 +395,11 @@ RUN echo 'gem: --no-document' >> ~/.gemrc && \ ############################################################################################# #CARGO__START -RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable \ - && export PATH="/root/.cargo/bin:${PATH}" \ - && cargo install --force --locked sarif-fmt shellcheck-sarif \ - && rm -rf /root/.cargo/registry /root/.cargo/git /root/.cache/sccache /root/.rustup -ENV PATH="/root/.cargo/bin:${PATH}" -#CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# +#CARGO__END -#COPY__START -COPY --link --from=actionlint /usr/local/bin/actionlint /usr/bin/actionlint -# shellcheck is a dependency for actionlint - -COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck -# Next COPY line commented because already managed by another linter -# COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck -COPY --link --from=shfmt /bin/shfmt /usr/bin/ -COPY --link --from=hadolint /bin/hadolint /usr/bin/hadolint -COPY --link --from=editorconfig-checker /usr/bin/ec /usr/bin/editorconfig-checker -COPY --link --from=kubeconform /kubeconform /usr/bin/ -COPY --link --from=protolint /usr/local/bin/protolint /usr/bin/ -COPY --link --from=gitleaks /usr/bin/gitleaks /usr/bin/ -COPY --link --from=trufflehog /usr/bin/trufflehog /usr/bin/ -COPY --link --from=vale /bin/vale /bin/vale -COPY --link --from=lychee /usr/local/bin/lychee /usr/bin/ -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## @@ -245,110 +408,41 @@ COPY --link --from=lychee /usr/local/bin/lychee /usr/bin/ # SALESFORCE installation ENV JAVA_HOME=/usr/lib/jvm/java-11-openjdk ENV PATH="$JAVA_HOME/bin:${PATH}" -RUN echo y|sfdx plugins:install sfdx-hardis \ - && npm cache clean --force || true \ - && rm -rf /root/.npm/_cacache \ - -# actionlint installation -# Managed with COPY --link --from=actionlint /usr/local/bin/actionlint /usr/bin/actionlint -# # shellcheck is a dependency for actionlint -# Managed with COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck - -# bash-exec installation - && printf '#!/bin/bash \n\nif [[ -x "$1" ]]; then exit 0; else echo "Error: File:[$1] is not executable"; exit 1; fi' > /usr/bin/bash-exec \ - && chmod +x /usr/bin/bash-exec \ - -# shellcheck installation -# Managed with # Next COPY line commented because already managed by another linter -# # COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck - -# shfmt installation -# Managed with COPY --link --from=shfmt /bin/shfmt /usr/bin/ - -# hadolint installation -# Managed with COPY --link --from=hadolint /bin/hadolint /usr/bin/hadolint - -# editorconfig-checker installation -# Managed with COPY --link --from=editorconfig-checker /usr/bin/ec /usr/bin/editorconfig-checker - -# dotenv-linter installation - && wget -q -O - https://raw.githubusercontent.com/dotenv-linter/dotenv-linter/master/install.sh | sh -s \ - -# ktlint installation - && curl --retry 5 --retry-delay 5 -sSLO https://github.com/pinterest/ktlint/releases/latest/download/ktlint && \ - chmod a+x ktlint && \ - mv "ktlint" /usr/bin/ \ - -# kubeconform installation -# Managed with COPY --link --from=kubeconform /kubeconform /usr/bin/ - +# # kubescape installation - && ln -s /lib/libc.so.6 /usr/lib/libresolv.so.2 && \ +RUN ln -s /lib/libc.so.6 /usr/lib/libresolv.so.2 && \ curl --retry 5 --retry-delay 5 -sLv https://raw.githubusercontent.com/kubescape/kubescape/master/install.sh | /bin/bash -s -- -v v2.3.6 \ - -# protolint installation -# Managed with COPY --link --from=protolint /usr/local/bin/protolint /usr/bin/ - -# gitleaks installation -# Managed with COPY --link --from=gitleaks /usr/bin/gitleaks /usr/bin/ - +# # grype installation && curl -sSfL https://raw.githubusercontent.com/anchore/grype/main/install.sh | sh -s -- -b /usr/local/bin v0.63.1 \ - +# # trivy installation && wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin \ - +# # trivy-sbom installation # Next line commented because already managed by another linter # RUN wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin - -# trufflehog installation -# Managed with COPY --link --from=trufflehog /usr/bin/trufflehog /usr/bin/ - +# # sfdx-scanner-apex installation && sfdx plugins:install @salesforce/sfdx-scanner \ && npm cache clean --force || true \ && rm -rf /root/.npm/_cacache - +# # sfdx-scanner-aura installation # Next line commented because already managed by another linter # RUN sfdx plugins:install @salesforce/sfdx-scanner \ # && npm cache clean --force || true \ # && rm -rf /root/.npm/_cacache - +# # sfdx-scanner-lwc installation # Next line commented because already managed by another linter # RUN sfdx plugins:install @salesforce/sfdx-scanner \ # && npm cache clean --force || true \ # && rm -rf /root/.npm/_cacache - -# vale installation -# Managed with COPY --link --from=vale /bin/vale /bin/vale - -# lychee installation -# Managed with COPY --link --from=lychee /usr/local/bin/lychee /usr/bin/ - +# #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### @@ -386,7 +480,6 @@ LABEL com.github.actions.name="MegaLinter" \ org.opencontainers.image.description="Lint your code base with GitHub Actions" #EXTRA_DOCKERFILE_LINES__START -COPY entrypoint.sh /entrypoint.sh -RUN chmod +x entrypoint.sh +COPY --chmod=755 entrypoint.sh /entrypoint.sh ENTRYPOINT ["/bin/bash", "/entrypoint.sh"] #EXTRA_DOCKERFILE_LINES__END diff --git a/flavors/security/Dockerfile b/flavors/security/Dockerfile index 4093ce3dbf4..7cca4d546ed 100644 --- a/flavors/security/Dockerfile +++ b/flavors/security/Dockerfile @@ -15,8 +15,16 @@ FROM koalaman/shellcheck:stable as shellcheck FROM hadolint/hadolint:v2.12.0-alpine as hadolint FROM ghcr.io/yannh/kubeconform:latest-alpine as kubeconform +FROM --platform=$BUILDPLATFORM golang:alpine as dustilock-build +RUN mkdir temp && cd temp && go mod init temp && go get -d github.com/checkmarx/dustilock@v1.2.0 +ARG BUILDARCH +ARG TARGETARCH +RUN GOOS=linux GOARCH=${TARGETARCH} go install github.com/checkmarx/dustilock@v1.2.0 \ +&& ([[ "${BUILDARCH}" == "${TARGETARCH}" ]] && mv bin/dustilock /usr/bin) || mv bin/linux_${TARGETARCH}/dustilock /usr/bin FROM golang:alpine as dustilock -RUN GOBIN=/usr/bin go install github.com/checkmarx/dustilock@v1.2.0 +COPY --from=dustilock-build /usr/bin/dustilock /usr/bin/dustilock +# Verify Binary +RUN /usr/bin/dustilock --version FROM zricethezav/gitleaks:v8.17.0 as gitleaks FROM checkmarx/kics:alpine as kics @@ -26,18 +34,206 @@ FROM tenable/terrascan:1.18.1 as terrascan FROM alpine/terragrunt:latest as terragrunt #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START +# bash-exec installation +RUN printf '#!/bin/bash \n\nif [[ -x "$1" ]]; then exit 0; else echo "Error: File:[$1] is not executable"; exit 1; fi' > /usr/bin/bash-exec \ + && chmod +x /usr/bin/bash-exec + +# +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START +RUN apk add --update --no-cache \ + npm +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START +WORKDIR /node-deps +RUN npm --no-cache install --ignore-scripts --omit=dev \ + secretlint \ + @secretlint/secretlint-rule-preset-recommend \ + @secretlint/secretlint-formatter-sarif && \ + echo "Cleaning npm cache…" \ + && npm cache clean --force || true \ + && echo "Changing owner of node_modules files…" \ + && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ + && echo "Removing extra node_module files…" \ + && rm -rf /root/.npm/_cacache \ + && find . -name "*.d.ts" -delete \ + && find . -name "*.map" -delete \ + && find . -name "*.npmignore" -delete \ + && find . -name "*.travis.yml" -delete \ + && find . -name "CHANGELOG.md" -delete \ + && find . -name "README.md" -delete \ + && find . -name ".package-lock.json" -delete \ + && find . -name "package-lock.json" -delete \ + && find . -name "README.md" -delete +WORKDIR / + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START +COPY --link --from=build-platform /usr/bin/bash-exec /usr/bin/bash-exec +COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck +COPY --link --from=hadolint /bin/hadolint /usr/bin/hadolint +COPY --link --from=kubeconform /kubeconform /usr/bin/ +COPY --link --from=dustilock /usr/bin/dustilock /usr/bin/dustilock +COPY --link --from=gitleaks /usr/bin/gitleaks /usr/bin/ +COPY --link --from=kics /app/bin/kics /usr/bin/ +COPY --from=kics /app/bin/assets /opt/kics/assets/ +COPY --link --from=node_modules /node-deps /node-deps +COPY --link --from=trufflehog /usr/bin/trufflehog /usr/bin/ +COPY --link --from=tflint /usr/local/bin/tflint /usr/bin/ +COPY --link --from=terrascan /go/bin/terrascan /usr/bin/ +COPY --link --from=terragrunt /usr/local/bin/terragrunt /usr/bin/ +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev \ + g++ \ + cmake +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START +RUN --mount=type=cache,id=pip,sharing=locked,target=/var/cache/pip,uid=0 \ + mkdir /download \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --cache-dir=/var/cache/pip --upgrade pip crossenv wheel \ +&& pip download --cache-dir=/var/cache/pip --dest "/download" \ + ansible-lint \ + cfn-lint \ + bandit \ + bandit_sarif_formatter \ + bandit[toml] \ + packaging \ + checkov \ + semgrep + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/ansible-lint" \ + && cd "/venvs/ansible-lint" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip ansible-lint +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/cfn-lint" \ + && cd "/venvs/cfn-lint" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip cfn-lint +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/bandit" \ + && cd "/venvs/bandit" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip bandit bandit_sarif_formatter bandit[toml] +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/checkov" \ + && cd "/venvs/checkov" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip packaging checkov +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/semgrep" \ + && cd "/venvs/semgrep" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip semgrep + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -97,6 +293,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -104,49 +302,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START -RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir --upgrade pip virtualenv \ - && mkdir -p "/venvs/ansible-lint" && cd "/venvs/ansible-lint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir ansible-lint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/cfn-lint" && cd "/venvs/cfn-lint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir cfn-lint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/bandit" && cd "/venvs/bandit" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir bandit bandit_sarif_formatter bandit[toml] && deactivate && cd ./../.. \ - && mkdir -p "/venvs/checkov" && cd "/venvs/checkov" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir packaging checkov && deactivate && cd ./../.. \ - && mkdir -p "/venvs/semgrep" && cd "/venvs/semgrep" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir semgrep && deactivate && cd ./../.. \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf && rm -rf /root/.cache -ENV PATH="${PATH}":/venvs/ansible-lint/bin:/venvs/cfn-lint/bin:/venvs/bandit/bin:/venvs/checkov/bin:/venvs/semgrep/bin -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START -WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ - secretlint \ - @secretlint/secretlint-rule-preset-recommend \ - @secretlint/secretlint-formatter-sarif && \ - echo "Cleaning npm cache…" \ - && npm cache clean --force || true \ - && echo "Changing owner of node_modules files…" \ - && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ - && echo "Removing extra node_module files…" \ - && rm -rf /root/.npm/_cacache \ - && find . -name "*.d.ts" -delete \ - && find . -name "*.map" -delete \ - && find . -name "*.npmignore" -delete \ - && find . -name "*.travis.yml" -delete \ - && find . -name "CHANGELOG.md" -delete \ - && find . -name "README.md" -delete \ - && find . -name ".package-lock.json" -delete \ - && find . -name "package-lock.json" -delete \ - && find . -name "README.md" -delete -WORKDIR / - -#NPM__END +#PIPVENV_PATH__START +ENV PATH="${PATH}":/venvs/ansible-lint/cross/bin:/venvs/cfn-lint/cross/bin:/venvs/bandit/cross/bin:/venvs/checkov/cross/bin:/venvs/semgrep/cross/bin +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -169,54 +327,20 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ ############################################################################################# #CARGO__START -RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable \ - && export PATH="/root/.cargo/bin:${PATH}" \ - && cargo install --force --locked sarif-fmt shellcheck-sarif \ - && rm -rf /root/.cargo/registry /root/.cargo/git /root/.cache/sccache /root/.rustup -ENV PATH="/root/.cargo/bin:${PATH}" -#CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# +#CARGO__END -#COPY__START -COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck -COPY --link --from=hadolint /bin/hadolint /usr/bin/hadolint -COPY --link --from=kubeconform /kubeconform /usr/bin/ -COPY --link --from=dustilock /usr/bin/dustilock /usr/bin/dustilock -COPY --link --from=gitleaks /usr/bin/gitleaks /usr/bin/ -COPY --link --from=kics /app/bin/kics /usr/bin/ -COPY --from=kics /app/bin/assets /opt/kics/assets/ -COPY --link --from=trufflehog /usr/bin/trufflehog /usr/bin/ -COPY --link --from=tflint /usr/local/bin/tflint /usr/bin/ -COPY --link --from=terrascan /go/bin/terrascan /usr/bin/ -COPY --link --from=terragrunt /usr/local/bin/terragrunt /usr/bin/ -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START -# bash-exec installation -RUN printf '#!/bin/bash \n\nif [[ -x "$1" ]]; then exit 0; else echo "Error: File:[$1] is not executable"; exit 1; fi' > /usr/bin/bash-exec \ - && chmod +x /usr/bin/bash-exec \ - -# shellcheck installation -# Managed with COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck - -# hadolint installation -# Managed with COPY --link --from=hadolint /bin/hadolint /usr/bin/hadolint - -# kubeconform installation -# Managed with COPY --link --from=kubeconform /kubeconform /usr/bin/ - # kubescape installation - && ln -s /lib/libc.so.6 /usr/lib/libresolv.so.2 && \ +RUN ln -s /lib/libc.so.6 /usr/lib/libresolv.so.2 && \ curl --retry 5 --retry-delay 5 -sLv https://raw.githubusercontent.com/kubescape/kubescape/master/install.sh | /bin/bash -s -- -v v2.3.6 \ - +# # devskim installation && wget --tries=5 -q -O dotnet-install.sh https://dot.net/v1/dotnet-install.sh \ && chmod +x dotnet-install.sh \ @@ -224,65 +348,27 @@ RUN printf '#!/bin/bash \n\nif [[ -x "$1" ]]; then exit 0; else echo "Error: Fil ENV PATH="${PATH}:/root/.dotnet/tools:/usr/share/dotnet" RUN dotnet tool install --global Microsoft.CST.DevSkim.CLI \ - -# dustilock installation -# Managed with COPY --link --from=dustilock /usr/bin/dustilock /usr/bin/dustilock - -# gitleaks installation -# Managed with COPY --link --from=gitleaks /usr/bin/gitleaks /usr/bin/ - +# # grype installation && curl -sSfL https://raw.githubusercontent.com/anchore/grype/main/install.sh | sh -s -- -b /usr/local/bin v0.63.1 \ - +# # kics installation -# Managed with COPY --link --from=kics /app/bin/kics /usr/bin/ && mkdir -p /opt/kics/assets ENV KICS_QUERIES_PATH=/opt/kics/assets/queries KICS_LIBRARIES_PATH=/opt/kics/assets/libraries -# Managed with COPY --from=kics /app/bin/assets /opt/kics/assets/ - +# # syft installation RUN curl -sSfL https://raw.githubusercontent.com/anchore/syft/main/install.sh | sh -s -- -b /usr/local/bin \ - +# # trivy installation && wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin - +# # trivy-sbom installation # Next line commented because already managed by another linter # RUN wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin - -# trufflehog installation -# Managed with COPY --link --from=trufflehog /usr/bin/trufflehog /usr/bin/ - -# tflint installation -# Managed with COPY --link --from=tflint /usr/local/bin/tflint /usr/bin/ - -# terrascan installation -# Managed with COPY --link --from=terrascan /go/bin/terrascan /usr/bin/ - -# terragrunt installation -# Managed with COPY --link --from=terragrunt /usr/local/bin/terragrunt /usr/bin/ - +# #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### @@ -320,7 +406,6 @@ LABEL com.github.actions.name="MegaLinter" \ org.opencontainers.image.description="Lint your code base with GitHub Actions" #EXTRA_DOCKERFILE_LINES__START -COPY entrypoint.sh /entrypoint.sh -RUN chmod +x entrypoint.sh +COPY --chmod=755 entrypoint.sh /entrypoint.sh ENTRYPOINT ["/bin/bash", "/entrypoint.sh"] #EXTRA_DOCKERFILE_LINES__END diff --git a/flavors/swift/Dockerfile b/flavors/swift/Dockerfile index 2164f58a4e6..06968d75ada 100644 --- a/flavors/swift/Dockerfile +++ b/flavors/swift/Dockerfile @@ -21,6 +21,7 @@ FROM koalaman/shellcheck:stable as shellcheck FROM mvdan/shfmt:latest-alpine as shfmt FROM hadolint/hadolint:v2.12.0-alpine as hadolint FROM mstruebing/editorconfig-checker:2.7.0 as editorconfig-checker +FROM dotenvlinter/dotenv-linter:latest as dotenvlinter FROM ghcr.io/yannh/kubeconform:latest-alpine as kubeconform FROM yoheimuta/protolint:latest as protolint FROM zricethezav/gitleaks:v8.17.0 as gitleaks @@ -29,18 +30,269 @@ FROM jdkato/vale:latest as vale FROM lycheeverse/lychee:latest-alpine as lychee #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START +# bash-exec installation +RUN printf '#!/bin/bash \n\nif [[ -x "$1" ]]; then exit 0; else echo "Error: File:[$1] is not executable"; exit 1; fi' > /usr/bin/bash-exec \ + && chmod +x /usr/bin/bash-exec \ +# +# ktlint installation + && curl --retry 5 --retry-delay 5 -sSLO https://github.com/pinterest/ktlint/releases/latest/download/ktlint && \ + chmod a+x ktlint && \ + mv "ktlint" /usr/bin/ + +# +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START +RUN apk add --update --no-cache \ + npm +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START +WORKDIR /node-deps +RUN npm --no-cache install --ignore-scripts --omit=dev \ + jscpd \ + stylelint \ + stylelint-config-standard \ + stylelint-config-sass-guidelines \ + stylelint-scss \ + graphql \ + graphql-schema-linter \ + npm-groovy-lint \ + htmlhint \ + @prantlf/jsonlint \ + eslint \ + eslint-plugin-jsonc \ + @microsoft/eslint-formatter-sarif \ + v8r \ + prettier \ + markdownlint-cli \ + markdown-link-check \ + markdown-table-formatter \ + @stoplight/spectral-cli \ + secretlint \ + @secretlint/secretlint-rule-preset-recommend \ + @secretlint/secretlint-formatter-sarif \ + cspell \ + sql-lint \ + tekton-lint && \ + echo "Cleaning npm cache…" \ + && npm cache clean --force || true \ + && echo "Changing owner of node_modules files…" \ + && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ + && echo "Removing extra node_module files…" \ + && rm -rf /root/.npm/_cacache \ + && find . -name "*.d.ts" -delete \ + && find . -name "*.map" -delete \ + && find . -name "*.npmignore" -delete \ + && find . -name "*.travis.yml" -delete \ + && find . -name "CHANGELOG.md" -delete \ + && find . -name "README.md" -delete \ + && find . -name ".package-lock.json" -delete \ + && find . -name "package-lock.json" -delete \ + && find . -name "README.md" -delete +WORKDIR / + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START +COPY --link --from=actionlint /usr/local/bin/actionlint /usr/bin/actionlint +# shellcheck is a dependency for actionlint + +COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck +COPY --link --from=build-platform /usr/bin/bash-exec /usr/bin/bash-exec +# Next COPY line commented because already managed by another linter +# COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck +COPY --link --from=shfmt /bin/shfmt /usr/bin/ +COPY --link --from=node_modules /node-deps /node-deps +COPY --link --from=hadolint /bin/hadolint /usr/bin/hadolint +COPY --link --from=editorconfig-checker /usr/bin/ec /usr/bin/editorconfig-checker +COPY --link --from=dotenvlinter /dotenv-linter /usr/bin/dotenv-linter +COPY --link --from=build-platform /usr/bin/ktlint /usr/bin/ktlint +COPY --link --from=kubeconform /kubeconform /usr/bin/ +COPY --link --from=protolint /usr/local/bin/protolint /usr/bin/ +COPY --link --from=gitleaks /usr/bin/gitleaks /usr/bin/ +COPY --link --from=trufflehog /usr/bin/trufflehog /usr/bin/ +COPY --link --from=vale /bin/vale /bin/vale +COPY --link --from=lychee /usr/local/bin/lychee /usr/bin/ +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev \ + g++ \ + cmake +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START +RUN --mount=type=cache,id=pip,sharing=locked,target=/var/cache/pip,uid=0 \ + mkdir /download \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --cache-dir=/var/cache/pip --upgrade pip crossenv wheel \ +&& pip download --cache-dir=/var/cache/pip --dest "/download" \ + ansible-lint \ + djlint \ + packaging \ + checkov \ + semgrep \ + snakemake \ + snakefmt \ + proselint \ + sqlfluff \ + yamllint + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/ansible-lint" \ + && cd "/venvs/ansible-lint" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip ansible-lint +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/djlint" \ + && cd "/venvs/djlint" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip djlint +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/checkov" \ + && cd "/venvs/checkov" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip packaging checkov +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/semgrep" \ + && cd "/venvs/semgrep" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip semgrep +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/snakemake" \ + && cd "/venvs/snakemake" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip snakemake +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/snakefmt" \ + && cd "/venvs/snakefmt" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip snakefmt +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/proselint" \ + && cd "/venvs/proselint" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip proselint +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/sqlfluff" \ + && cd "/venvs/sqlfluff" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip sqlfluff +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/yamllint" \ + && cd "/venvs/yamllint" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip yamllint + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -106,6 +358,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -113,75 +367,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START -RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir --upgrade pip virtualenv \ - && mkdir -p "/venvs/ansible-lint" && cd "/venvs/ansible-lint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir ansible-lint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/djlint" && cd "/venvs/djlint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir djlint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/checkov" && cd "/venvs/checkov" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir packaging checkov && deactivate && cd ./../.. \ - && mkdir -p "/venvs/semgrep" && cd "/venvs/semgrep" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir semgrep && deactivate && cd ./../.. \ - && mkdir -p "/venvs/snakemake" && cd "/venvs/snakemake" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir snakemake && deactivate && cd ./../.. \ - && mkdir -p "/venvs/snakefmt" && cd "/venvs/snakefmt" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir snakefmt && deactivate && cd ./../.. \ - && mkdir -p "/venvs/proselint" && cd "/venvs/proselint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir proselint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/sqlfluff" && cd "/venvs/sqlfluff" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir sqlfluff && deactivate && cd ./../.. \ - && mkdir -p "/venvs/yamllint" && cd "/venvs/yamllint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir yamllint && deactivate && cd ./../.. \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf && rm -rf /root/.cache -ENV PATH="${PATH}":/venvs/ansible-lint/bin:/venvs/djlint/bin:/venvs/checkov/bin:/venvs/semgrep/bin:/venvs/snakemake/bin:/venvs/snakefmt/bin:/venvs/proselint/bin:/venvs/sqlfluff/bin:/venvs/yamllint/bin -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START -WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ - jscpd \ - stylelint \ - stylelint-config-standard \ - stylelint-config-sass-guidelines \ - stylelint-scss \ - graphql \ - graphql-schema-linter \ - npm-groovy-lint \ - htmlhint \ - @prantlf/jsonlint \ - eslint \ - eslint-plugin-jsonc \ - @microsoft/eslint-formatter-sarif \ - v8r \ - prettier \ - markdownlint-cli \ - markdown-link-check \ - markdown-table-formatter \ - @stoplight/spectral-cli \ - secretlint \ - @secretlint/secretlint-rule-preset-recommend \ - @secretlint/secretlint-formatter-sarif \ - cspell \ - sql-lint \ - tekton-lint && \ - echo "Cleaning npm cache…" \ - && npm cache clean --force || true \ - && echo "Changing owner of node_modules files…" \ - && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ - && echo "Removing extra node_module files…" \ - && rm -rf /root/.npm/_cacache \ - && find . -name "*.d.ts" -delete \ - && find . -name "*.map" -delete \ - && find . -name "*.npmignore" -delete \ - && find . -name "*.travis.yml" -delete \ - && find . -name "CHANGELOG.md" -delete \ - && find . -name "README.md" -delete \ - && find . -name ".package-lock.json" -delete \ - && find . -name "package-lock.json" -delete \ - && find . -name "README.md" -delete -WORKDIR / - -#NPM__END +#PIPVENV_PATH__START +ENV PATH="${PATH}":/venvs/ansible-lint/cross/bin:/venvs/djlint/cross/bin:/venvs/checkov/cross/bin:/venvs/semgrep/cross/bin:/venvs/snakemake/cross/bin:/venvs/snakefmt/cross/bin:/venvs/proselint/cross/bin:/venvs/sqlfluff/cross/bin:/venvs/yamllint/cross/bin +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -206,125 +394,34 @@ RUN echo 'gem: --no-document' >> ~/.gemrc && \ ############################################################################################# #CARGO__START -RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable \ - && export PATH="/root/.cargo/bin:${PATH}" \ - && cargo install --force --locked sarif-fmt shellcheck-sarif \ - && rm -rf /root/.cargo/registry /root/.cargo/git /root/.cache/sccache /root/.rustup -ENV PATH="/root/.cargo/bin:${PATH}" -#CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START -COPY --link --from=actionlint /usr/local/bin/actionlint /usr/bin/actionlint -# shellcheck is a dependency for actionlint +#CARGO__END -COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck -# Next COPY line commented because already managed by another linter -# COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck -COPY --link --from=shfmt /bin/shfmt /usr/bin/ -COPY --link --from=hadolint /bin/hadolint /usr/bin/hadolint -COPY --link --from=editorconfig-checker /usr/bin/ec /usr/bin/editorconfig-checker -COPY --link --from=kubeconform /kubeconform /usr/bin/ -COPY --link --from=protolint /usr/local/bin/protolint /usr/bin/ -COPY --link --from=gitleaks /usr/bin/gitleaks /usr/bin/ -COPY --link --from=trufflehog /usr/bin/trufflehog /usr/bin/ -COPY --link --from=vale /bin/vale /bin/vale -COPY --link --from=lychee /usr/local/bin/lychee /usr/bin/ -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START RUN rc-update add docker boot && rc-service docker start || true \ -# actionlint installation -# Managed with COPY --link --from=actionlint /usr/local/bin/actionlint /usr/bin/actionlint -# # shellcheck is a dependency for actionlint -# Managed with COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck - -# bash-exec installation - && printf '#!/bin/bash \n\nif [[ -x "$1" ]]; then exit 0; else echo "Error: File:[$1] is not executable"; exit 1; fi' > /usr/bin/bash-exec \ - && chmod +x /usr/bin/bash-exec \ - -# shellcheck installation -# Managed with # Next COPY line commented because already managed by another linter -# # COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck - -# shfmt installation -# Managed with COPY --link --from=shfmt /bin/shfmt /usr/bin/ - -# hadolint installation -# Managed with COPY --link --from=hadolint /bin/hadolint /usr/bin/hadolint - -# editorconfig-checker installation -# Managed with COPY --link --from=editorconfig-checker /usr/bin/ec /usr/bin/editorconfig-checker - -# dotenv-linter installation - && wget -q -O - https://raw.githubusercontent.com/dotenv-linter/dotenv-linter/master/install.sh | sh -s \ - -# ktlint installation - && curl --retry 5 --retry-delay 5 -sSLO https://github.com/pinterest/ktlint/releases/latest/download/ktlint && \ - chmod a+x ktlint && \ - mv "ktlint" /usr/bin/ \ - -# kubeconform installation -# Managed with COPY --link --from=kubeconform /kubeconform /usr/bin/ - # kubescape installation && ln -s /lib/libc.so.6 /usr/lib/libresolv.so.2 && \ curl --retry 5 --retry-delay 5 -sLv https://raw.githubusercontent.com/kubescape/kubescape/master/install.sh | /bin/bash -s -- -v v2.3.6 \ - -# protolint installation -# Managed with COPY --link --from=protolint /usr/local/bin/protolint /usr/bin/ - -# gitleaks installation -# Managed with COPY --link --from=gitleaks /usr/bin/gitleaks /usr/bin/ - +# # grype installation && curl -sSfL https://raw.githubusercontent.com/anchore/grype/main/install.sh | sh -s -- -b /usr/local/bin v0.63.1 \ - +# # trivy installation && wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin - +# # trivy-sbom installation # Next line commented because already managed by another linter # RUN wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin - -# trufflehog installation -# Managed with COPY --link --from=trufflehog /usr/bin/trufflehog /usr/bin/ - -# vale installation -# Managed with COPY --link --from=vale /bin/vale /bin/vale - -# lychee installation -# Managed with COPY --link --from=lychee /usr/local/bin/lychee /usr/bin/ - +# #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### @@ -362,7 +459,6 @@ LABEL com.github.actions.name="MegaLinter" \ org.opencontainers.image.description="Lint your code base with GitHub Actions" #EXTRA_DOCKERFILE_LINES__START -COPY entrypoint.sh /entrypoint.sh -RUN chmod +x entrypoint.sh +COPY --chmod=755 entrypoint.sh /entrypoint.sh ENTRYPOINT ["/bin/bash", "/entrypoint.sh"] #EXTRA_DOCKERFILE_LINES__END diff --git a/flavors/terraform/Dockerfile b/flavors/terraform/Dockerfile index ee2237ee838..5af3c89d78f 100644 --- a/flavors/terraform/Dockerfile +++ b/flavors/terraform/Dockerfile @@ -21,6 +21,7 @@ FROM koalaman/shellcheck:stable as shellcheck FROM mvdan/shfmt:latest-alpine as shfmt FROM hadolint/hadolint:v2.12.0-alpine as hadolint FROM mstruebing/editorconfig-checker:2.7.0 as editorconfig-checker +FROM dotenvlinter/dotenv-linter:latest as dotenvlinter FROM ghcr.io/yannh/kubeconform:latest-alpine as kubeconform FROM yoheimuta/protolint:latest as protolint FROM zricethezav/gitleaks:v8.17.0 as gitleaks @@ -35,102 +36,34 @@ FROM alpine/terragrunt:latest as terragrunt # FROM alpine/terragrunt:latest as terragrunt #FROM__END -################## -# Get base image # -################## -# https://stackoverflow.com/a/73711302/699056 -FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu - -FROM python:3.11.4-alpine3.17 -ARG GITHUB_TOKEN - -# https://stackoverflow.com/a/73711302/699056 -COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ -# https://stackoverflow.com/a/73711302/699056 -RUN apk add --update --no-cache libc6-compat \ - gcompat \ - qemu-x86_64 +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# -#ARG__START - -#ARG__END - -#################### -# Run APK installs # -#################### - -WORKDIR / +#BUILD_PLATFORM_APK__START -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# -#APK__START -RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ - openjdk11 \ - py3-pyflakes \ - nodejs \ - npm \ - yarn \ - helm \ - gcompat \ - libc6-compat \ - libstdc++ \ - libc-dev \ - libxml2-dev \ - libxml2-utils \ - libgcc \ - nodejs-current \ - ruby \ - ruby-dev \ - ruby-bundler \ - ruby-rdoc \ - && git config --global core.autocrlf true -#APK__END +#BUILD_PLATFORM_APK__END -# PATH for golang & python -ENV GOROOT=/usr/lib/go \ - GOPATH=/go - # PYTHONPYCACHEPREFIX="$HOME/.cache/cpython/" NV: not working for all packages :/ -# hadolint ignore=DL3044 -ENV PATH="$PATH":"$GOROOT"/bin:"$GOPATH"/bin -RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ - # Ignore npm package issues - yarn config set ignore-engines true || true +#BUILD_PLATFORM_OTHER__START +# bash-exec installation +RUN printf '#!/bin/bash \n\nif [[ -x "$1" ]]; then exit 0; else echo "Error: File:[$1] is not executable"; exit 1; fi' > /usr/bin/bash-exec \ + && chmod +x /usr/bin/bash-exec \ +# +# ktlint installation + && curl --retry 5 --retry-delay 5 -sSLO https://github.com/pinterest/ktlint/releases/latest/download/ktlint && \ + chmod a+x ktlint && \ + mv "ktlint" /usr/bin/ -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# -#PIP__START +# +#BUILD_PLATFORM_OTHER__END -#PIP__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules -#PIPVENV__START -RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir --upgrade pip virtualenv \ - && mkdir -p "/venvs/ansible-lint" && cd "/venvs/ansible-lint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir ansible-lint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/djlint" && cd "/venvs/djlint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir djlint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/checkov" && cd "/venvs/checkov" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir packaging checkov && deactivate && cd ./../.. \ - && mkdir -p "/venvs/semgrep" && cd "/venvs/semgrep" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir semgrep && deactivate && cd ./../.. \ - && mkdir -p "/venvs/snakemake" && cd "/venvs/snakemake" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir snakemake && deactivate && cd ./../.. \ - && mkdir -p "/venvs/snakefmt" && cd "/venvs/snakefmt" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir snakefmt && deactivate && cd ./../.. \ - && mkdir -p "/venvs/proselint" && cd "/venvs/proselint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir proselint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/sqlfluff" && cd "/venvs/sqlfluff" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir sqlfluff && deactivate && cd ./../.. \ - && mkdir -p "/venvs/yamllint" && cd "/venvs/yamllint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir yamllint && deactivate && cd ./../.. \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf && rm -rf /root/.cache -ENV PATH="${PATH}":/venvs/ansible-lint/bin:/venvs/djlint/bin:/venvs/checkov/bin:/venvs/semgrep/bin:/venvs/snakemake/bin:/venvs/snakefmt/bin:/venvs/proselint/bin:/venvs/sqlfluff/bin:/venvs/yamllint/bin -#PIPVENV__END +#NPM_APK__START +RUN apk add --update --no-cache \ + npm +#NPM_APK__END ############################ # Install NPM dependencies # @@ -187,35 +120,7 @@ WORKDIR / #NPM__END -# Add node packages to path # -ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ - NODE_PATH="/node-deps/node_modules" - -############################## -# Installs ruby dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#GEM__START -RUN echo 'gem: --no-document' >> ~/.gemrc && \ - gem install \ - scss_lint -#GEM__END - -############################## -# Installs rust dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#CARGO__START -RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable \ - && export PATH="/root/.cargo/bin:${PATH}" \ - && cargo install --force --locked sarif-fmt shellcheck-sarif \ - && rm -rf /root/.cargo/registry /root/.cargo/git /root/.cache/sccache /root/.rustup -ENV PATH="/root/.cargo/bin:${PATH}" -#CARGO__END +FROM scratch AS copy-collector ############################## # COPY instructions # @@ -228,11 +133,15 @@ COPY --link --from=actionlint /usr/local/bin/actionlint /usr/bin/actionlint # shellcheck is a dependency for actionlint COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck +COPY --link --from=build-platform /usr/bin/bash-exec /usr/bin/bash-exec # Next COPY line commented because already managed by another linter # COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck COPY --link --from=shfmt /bin/shfmt /usr/bin/ +COPY --link --from=node_modules /node-deps /node-deps COPY --link --from=hadolint /bin/hadolint /usr/bin/hadolint COPY --link --from=editorconfig-checker /usr/bin/ec /usr/bin/editorconfig-checker +COPY --link --from=dotenvlinter /dotenv-linter /usr/bin/dotenv-linter +COPY --link --from=build-platform /usr/bin/ktlint /usr/bin/ktlint COPY --link --from=kubeconform /kubeconform /usr/bin/ COPY --link --from=protolint /usr/local/bin/protolint /usr/bin/ COPY --link --from=gitleaks /usr/bin/gitleaks /usr/bin/ @@ -247,110 +156,284 @@ COPY --link --from=terragrunt /usr/local/bin/terragrunt /usr/bin/ COPY --link --from=terragrunt /bin/terraform /usr/bin/ #COPY__END +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# -#OTHER__START -# actionlint installation -# Managed with COPY --link --from=actionlint /usr/local/bin/actionlint /usr/bin/actionlint -# # shellcheck is a dependency for actionlint -# Managed with COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck -# bash-exec installation -RUN printf '#!/bin/bash \n\nif [[ -x "$1" ]]; then exit 0; else echo "Error: File:[$1] is not executable"; exit 1; fi' > /usr/bin/bash-exec \ - && chmod +x /usr/bin/bash-exec \ +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev \ + g++ \ + cmake +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START +RUN --mount=type=cache,id=pip,sharing=locked,target=/var/cache/pip,uid=0 \ + mkdir /download \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --cache-dir=/var/cache/pip --upgrade pip crossenv wheel \ +&& pip download --cache-dir=/var/cache/pip --dest "/download" \ + ansible-lint \ + djlint \ + packaging \ + checkov \ + semgrep \ + snakemake \ + snakefmt \ + proselint \ + sqlfluff \ + yamllint + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 -# shellcheck installation -# Managed with # Next COPY line commented because already managed by another linter -# # COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter -# shfmt installation -# Managed with COPY --link --from=shfmt /bin/shfmt /usr/bin/ +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# -# hadolint installation -# Managed with COPY --link --from=hadolint /bin/hadolint /usr/bin/hadolint +#PIPVENV__START +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/ansible-lint" \ + && cd "/venvs/ansible-lint" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip ansible-lint +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/djlint" \ + && cd "/venvs/djlint" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip djlint +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/checkov" \ + && cd "/venvs/checkov" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip packaging checkov +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/semgrep" \ + && cd "/venvs/semgrep" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip semgrep +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/snakemake" \ + && cd "/venvs/snakemake" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip snakemake +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/snakefmt" \ + && cd "/venvs/snakefmt" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip snakefmt +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/proselint" \ + && cd "/venvs/proselint" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip proselint +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/sqlfluff" \ + && cd "/venvs/sqlfluff" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip sqlfluff +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/yamllint" \ + && cd "/venvs/yamllint" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip yamllint -# editorconfig-checker installation -# Managed with COPY --link --from=editorconfig-checker /usr/bin/ec /usr/bin/editorconfig-checker +#PIPVENV__END -# dotenv-linter installation - && wget -q -O - https://raw.githubusercontent.com/dotenv-linter/dotenv-linter/master/install.sh | sh -s \ +################## +# Get base image # +################## + # https://stackoverflow.com/a/73711302/699056 +FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -# ktlint installation - && curl --retry 5 --retry-delay 5 -sSLO https://github.com/pinterest/ktlint/releases/latest/download/ktlint && \ - chmod a+x ktlint && \ - mv "ktlint" /usr/bin/ \ +FROM python:3.11.3-alpine3.17 AS final +ARG GITHUB_TOKEN -# kubeconform installation -# Managed with COPY --link --from=kubeconform /kubeconform /usr/bin/ +# https://stackoverflow.com/a/73711302/699056 +COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ +# https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 +RUN apk add --update --no-cache libc6-compat \ + gcompat \ + qemu-x86_64 -# kubescape installation - && ln -s /lib/libc.so.6 /usr/lib/libresolv.so.2 && \ - curl --retry 5 --retry-delay 5 -sLv https://raw.githubusercontent.com/kubescape/kubescape/master/install.sh | /bin/bash -s -- -v v2.3.6 \ +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#ARG__START -# protolint installation -# Managed with COPY --link --from=protolint /usr/local/bin/protolint /usr/bin/ +#ARG__END -# gitleaks installation -# Managed with COPY --link --from=gitleaks /usr/bin/gitleaks /usr/bin/ +#################### +# Run APK installs # +#################### -# grype installation - && curl -sSfL https://raw.githubusercontent.com/anchore/grype/main/install.sh | sh -s -- -b /usr/local/bin v0.63.1 \ +WORKDIR / -# kics installation -# Managed with COPY --link --from=kics /app/bin/kics /usr/bin/ - && mkdir -p /opt/kics/assets -ENV KICS_QUERIES_PATH=/opt/kics/assets/queries KICS_LIBRARIES_PATH=/opt/kics/assets/libraries -# Managed with COPY --from=kics /app/bin/assets /opt/kics/assets/ +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#APK__START +RUN apk add --no-cache \ + bash \ + ca-certificates \ + curl \ + gcc \ + git \ + git-lfs \ + libffi-dev \ + make \ + musl-dev \ + openssh \ + openjdk11 \ + py3-pyflakes \ + nodejs \ + npm \ + yarn \ + helm \ + gcompat \ + libc6-compat \ + libstdc++ \ + libc-dev \ + libxml2-dev \ + libxml2-utils \ + libgcc \ + nodejs-current \ + ruby \ + ruby-dev \ + ruby-bundler \ + ruby-rdoc \ + && git config --global core.autocrlf true +#APK__END -# trivy installation -RUN wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin +# PATH for golang & python +ENV GOROOT=/usr/lib/go \ + GOPATH=/go + # PYTHONPYCACHEPREFIX="$HOME/.cache/cpython/" NV: not working for all packages :/ +# hadolint ignore=DL3044 +ENV PATH="$PATH":"$GOROOT"/bin:"$GOPATH"/bin +RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ + # Ignore npm package issues + yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs -# trivy-sbom installation -# Next line commented because already managed by another linter -# RUN wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#PIP__START -# trufflehog installation -# Managed with COPY --link --from=trufflehog /usr/bin/trufflehog /usr/bin/ +#PIP__END -# vale installation -# Managed with COPY --link --from=vale /bin/vale /bin/vale +#PIPVENV_PATH__START +ENV PATH="${PATH}":/venvs/ansible-lint/cross/bin:/venvs/djlint/cross/bin:/venvs/checkov/cross/bin:/venvs/semgrep/cross/bin:/venvs/snakemake/cross/bin:/venvs/snakefmt/cross/bin:/venvs/proselint/cross/bin:/venvs/sqlfluff/cross/bin:/venvs/yamllint/cross/bin +#PIPVENV_PATH__END -# lychee installation -# Managed with COPY --link --from=lychee /usr/local/bin/lychee /usr/bin/ +# Add node packages to path # +ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ + NODE_PATH="/node-deps/node_modules" -# tflint installation -# Managed with COPY --link --from=tflint /usr/local/bin/tflint /usr/bin/ +############################## +# Installs ruby dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# -# terrascan installation -# Managed with COPY --link --from=terrascan /go/bin/terrascan /usr/bin/ +#GEM__START +RUN echo 'gem: --no-document' >> ~/.gemrc && \ + gem install \ + scss_lint +#GEM__END -# terragrunt installation -# Managed with COPY --link --from=terragrunt /usr/local/bin/terragrunt /usr/bin/ +############################## +# Installs rust dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# -# terraform-fmt installation -# Managed with COPY --link --from=terragrunt /bin/terraform /usr/bin/ +#CARGO__START -#OTHER__END +#CARGO__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#OTHER__START +# kubescape installation +RUN ln -s /lib/libc.so.6 /usr/lib/libresolv.so.2 && \ + curl --retry 5 --retry-delay 5 -sLv https://raw.githubusercontent.com/kubescape/kubescape/master/install.sh | /bin/bash -s -- -v v2.3.6 \ +# +# grype installation + && curl -sSfL https://raw.githubusercontent.com/anchore/grype/main/install.sh | sh -s -- -b /usr/local/bin v0.63.1 \ +# +# kics installation + && mkdir -p /opt/kics/assets +ENV KICS_QUERIES_PATH=/opt/kics/assets/queries KICS_LIBRARIES_PATH=/opt/kics/assets/libraries +# +# trivy installation +RUN wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin -# Copy server scripts -COPY server /server +# +# trivy-sbom installation +# Next line commented because already managed by another linter +# RUN wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin +# +#OTHER__END ########################### # Get the build arguments # @@ -389,7 +472,6 @@ LABEL com.github.actions.name="MegaLinter" \ org.opencontainers.image.description="Lint your code base with GitHub Actions" #EXTRA_DOCKERFILE_LINES__START -COPY entrypoint.sh /entrypoint.sh -RUN chmod +x entrypoint.sh +COPY --chmod=755 entrypoint.sh /entrypoint.sh ENTRYPOINT ["/bin/bash", "/entrypoint.sh"] #EXTRA_DOCKERFILE_LINES__END diff --git a/linters/action_actionlint/Dockerfile b/linters/action_actionlint/Dockerfile index 96ae36393df..33aa363d9bc 100644 --- a/linters/action_actionlint/Dockerfile +++ b/linters/action_actionlint/Dockerfile @@ -17,18 +17,122 @@ FROM rhysd/actionlint:latest as actionlint FROM koalaman/shellcheck:stable as shellcheck #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START + +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START +COPY --link --from=actionlint /usr/local/bin/actionlint /usr/bin/actionlint +# shellcheck is a dependency for actionlint + +COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -75,6 +179,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -82,21 +188,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START +#PIPVENV_PATH__START -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START - -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -122,48 +216,16 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START -COPY --link --from=actionlint /usr/local/bin/actionlint /usr/bin/actionlint -# shellcheck is a dependency for actionlint - -COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START -# actionlint installation -# Managed with COPY --link --from=actionlint /usr/local/bin/actionlint /usr/bin/actionlint -# # shellcheck is a dependency for actionlint -# Managed with COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/ansible_ansible_lint/Dockerfile b/linters/ansible_ansible_lint/Dockerfile index a67bc68da4f..e869bacb90e 100644 --- a/linters/ansible_ansible_lint/Dockerfile +++ b/linters/ansible_ansible_lint/Dockerfile @@ -14,18 +14,131 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START + +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START + +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START +RUN --mount=type=cache,id=pip,sharing=locked,target=/var/cache/pip,uid=0 \ + mkdir /download \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --cache-dir=/var/cache/pip --upgrade pip crossenv wheel \ +&& pip download --cache-dir=/var/cache/pip --dest "/download" \ + ansible-lint + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/ansible-lint" \ + && cd "/venvs/ansible-lint" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip ansible-lint + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -71,6 +184,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -78,24 +193,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START -RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir --upgrade pip virtualenv \ - && mkdir -p "/venvs/ansible-lint" && cd "/venvs/ansible-lint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir ansible-lint && deactivate && cd ./../.. \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf && rm -rf /root/.cache -ENV PATH="${PATH}":/venvs/ansible-lint/bin -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START - -#NPM__END +#PIPVENV_PATH__START +ENV PATH="${PATH}":/venvs/ansible-lint/cross/bin +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -121,15 +221,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## @@ -138,24 +231,6 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/arm_arm_ttk/Dockerfile b/linters/arm_arm_ttk/Dockerfile index f4fc9e5537a..707c112a1fd 100644 --- a/linters/arm_arm_ttk/Dockerfile +++ b/linters/arm_arm_ttk/Dockerfile @@ -14,18 +14,130 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START +# arm-ttk installation +ARG ARM_TTK_NAME='master.zip' +ARG ARM_TTK_URI='https://github.com/Azure/arm-ttk/archive/master.zip' +ARG ARM_TTK_DIRECTORY='/opt/microsoft' +ENV ARM_TTK_PSD1="${ARM_TTK_DIRECTORY}/arm-ttk-master/arm-ttk/arm-ttk.psd1" +RUN curl --retry 5 --retry-delay 5 -sLO "${ARM_TTK_URI}" \ + && unzip "${ARM_TTK_NAME}" -d "${ARM_TTK_DIRECTORY}" \ + && rm "${ARM_TTK_NAME}" \ + && ln -sTf "${ARM_TTK_PSD1}" /usr/bin/arm-ttk \ + && chmod a+x /usr/bin/arm-ttk + +# +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START + +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START +COPY --link --from=build-platform /usr/bin/arm-ttk /usr/bin/arm-ttk +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -37,9 +149,6 @@ RUN apk add --update --no-cache libc6-compat \ ARG TARGETPLATFORM ARG PWSH_VERSION='latest' ARG PWSH_DIRECTORY='/opt/microsoft/powershell' -ARG ARM_TTK_NAME='master.zip' -ARG ARM_TTK_URI='https://github.com/Azure/arm-ttk/archive/master.zip' -ARG ARM_TTK_DIRECTORY='/opt/microsoft' #ARG__END #################### @@ -77,6 +186,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -84,21 +195,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START - -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START +#PIPVENV_PATH__START -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -124,24 +223,18 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START # ARM installation -RUN --mount=type=secret,id=GITHUB_TOKEN case ${TARGETPLATFORM} in \ +RUN --mount=type=secret,id=GITHUB_TOKEN ([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && exit 0) || \ + case ${TARGETPLATFORM} in \ "linux/amd64") POWERSHELL_ARCH=alpine-x64 ;; \ - "linux/arm64") POWERSHELL_ARCH=arm64 ;; \ + "linux/arm64") POWERSHELL_ARCH=alpine-arm64 ;; \ esac \ && mkdir -p ${PWSH_DIRECTORY} \ && curl --retry 5 --retry-delay 5 -s \ @@ -153,38 +246,12 @@ RUN --mount=type=secret,id=GITHUB_TOKEN case ${TARGETPLATFORM} in \ | cut -d '"' -f 4 \ | xargs -n 1 wget -O - \ | tar -xzC ${PWSH_DIRECTORY} \ - && ln -sf ${PWSH_DIRECTORY}/pwsh /usr/bin/pwsh - - -# arm-ttk installation -ENV ARM_TTK_PSD1="${ARM_TTK_DIRECTORY}/arm-ttk-master/arm-ttk/arm-ttk.psd1" -RUN curl --retry 5 --retry-delay 5 -sLO "${ARM_TTK_URI}" \ - && unzip "${ARM_TTK_NAME}" -d "${ARM_TTK_DIRECTORY}" \ - && rm "${ARM_TTK_NAME}" \ - && ln -sTf "${ARM_TTK_PSD1}" /usr/bin/arm-ttk \ - && chmod a+x /usr/bin/arm-ttk - + && ln -sf ${PWSH_DIRECTORY}/pwsh /usr/bin/pwsh \ + && chmod +x /usr/bin/pwsh +# #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/bash_exec/Dockerfile b/linters/bash_exec/Dockerfile index d7418f9b452..0ded0db172a 100644 --- a/linters/bash_exec/Dockerfile +++ b/linters/bash_exec/Dockerfile @@ -14,18 +14,123 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START +# bash-exec installation +RUN printf '#!/bin/bash \n\nif [[ -x "$1" ]]; then exit 0; else echo "Error: File:[$1] is not executable"; exit 1; fi' > /usr/bin/bash-exec \ + && chmod +x /usr/bin/bash-exec + +# +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START + +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START +COPY --link --from=build-platform /usr/bin/bash-exec /usr/bin/bash-exec +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -71,6 +176,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -78,21 +185,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START +#PIPVENV_PATH__START -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START - -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -118,45 +213,16 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START -# bash-exec installation -RUN printf '#!/bin/bash \n\nif [[ -x "$1" ]]; then exit 0; else echo "Error: File:[$1] is not executable"; exit 1; fi' > /usr/bin/bash-exec \ - && chmod +x /usr/bin/bash-exec - #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/bash_shellcheck/Dockerfile b/linters/bash_shellcheck/Dockerfile index 7e02f08b634..cc7eda56e83 100644 --- a/linters/bash_shellcheck/Dockerfile +++ b/linters/bash_shellcheck/Dockerfile @@ -14,18 +14,119 @@ FROM koalaman/shellcheck:stable as shellcheck #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START + +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START +COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -71,6 +172,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -78,21 +181,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START +#PIPVENV_PATH__START -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START - -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -115,50 +206,19 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ ############################################################################################# #CARGO__START -RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable \ - && export PATH="/root/.cargo/bin:${PATH}" \ - && cargo install --force --locked shellcheck-sarif \ - && rm -rf /root/.cargo/registry /root/.cargo/git /root/.cache/sccache /root/.rustup -ENV PATH="/root/.cargo/bin:${PATH}" + #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START -COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START -# shellcheck installation -# Managed with COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/bash_shfmt/Dockerfile b/linters/bash_shfmt/Dockerfile index 65d8370c923..42ee718564a 100644 --- a/linters/bash_shfmt/Dockerfile +++ b/linters/bash_shfmt/Dockerfile @@ -14,18 +14,119 @@ FROM mvdan/shfmt:latest-alpine as shfmt #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START + +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START +COPY --link --from=shfmt /bin/shfmt /usr/bin/ +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -71,6 +172,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -78,21 +181,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START - -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START +#PIPVENV_PATH__START -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -118,43 +209,16 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START -COPY --link --from=shfmt /bin/shfmt /usr/bin/ -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START -# shfmt installation -# Managed with COPY --link --from=shfmt /bin/shfmt /usr/bin/ #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/bicep_bicep_linter/Dockerfile b/linters/bicep_bicep_linter/Dockerfile index de9dd6a6ac5..d402a1469e6 100644 --- a/linters/bicep_bicep_linter/Dockerfile +++ b/linters/bicep_bicep_linter/Dockerfile @@ -14,18 +14,119 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START + +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START + +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -74,6 +175,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -81,21 +184,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START +#PIPVENV_PATH__START -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START - -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -121,15 +212,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## @@ -144,27 +228,9 @@ esac \ && chmod +x "${BICEP_EXE}" \ && mv "${BICEP_EXE}" "${BICEP_DIR}" - +# #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/c_cpplint/Dockerfile b/linters/c_cpplint/Dockerfile index c37da991433..28265a98180 100644 --- a/linters/c_cpplint/Dockerfile +++ b/linters/c_cpplint/Dockerfile @@ -14,18 +14,131 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START + +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START + +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START +RUN --mount=type=cache,id=pip,sharing=locked,target=/var/cache/pip,uid=0 \ + mkdir /download \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --cache-dir=/var/cache/pip --upgrade pip crossenv wheel \ +&& pip download --cache-dir=/var/cache/pip --dest "/download" \ + cpplint + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/cpplint" \ + && cd "/venvs/cpplint" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip cpplint + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -71,6 +184,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -78,24 +193,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START -RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir --upgrade pip virtualenv \ - && mkdir -p "/venvs/cpplint" && cd "/venvs/cpplint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir cpplint && deactivate && cd ./../.. \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf && rm -rf /root/.cache -ENV PATH="${PATH}":/venvs/cpplint/bin -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START - -#NPM__END +#PIPVENV_PATH__START +ENV PATH="${PATH}":/venvs/cpplint/cross/bin +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -121,15 +221,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## @@ -138,24 +231,6 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/clojure_clj_kondo/Dockerfile b/linters/clojure_clj_kondo/Dockerfile index 3085bcfa2d0..f3df8200c86 100644 --- a/linters/clojure_clj_kondo/Dockerfile +++ b/linters/clojure_clj_kondo/Dockerfile @@ -14,18 +14,119 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START + +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START + +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -71,6 +172,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -78,21 +181,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START +#PIPVENV_PATH__START -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START - -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -118,15 +209,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## @@ -173,33 +257,15 @@ RUN ALPINE_GLIBC_BASE_URL="https://github.com/sgerrand/alpine-pkg-glibc/releases "$ALPINE_GLIBC_BASE_PACKAGE_FILENAME" \ "$ALPINE_GLIBC_BIN_PACKAGE_FILENAME" \ "$ALPINE_GLIBC_I18N_PACKAGE_FILENAME" \ - +# # clj-kondo installation && curl --retry 5 --retry-delay 5 -sLO https://raw.githubusercontent.com/clj-kondo/clj-kondo/master/script/install-clj-kondo \ && chmod +x install-clj-kondo \ && ./install-clj-kondo - +# #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/clojure_cljstyle/Dockerfile b/linters/clojure_cljstyle/Dockerfile index c306add18be..9c574d365ee 100644 --- a/linters/clojure_cljstyle/Dockerfile +++ b/linters/clojure_cljstyle/Dockerfile @@ -14,18 +14,119 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START + +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START + +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -71,6 +172,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -78,21 +181,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START +#PIPVENV_PATH__START -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START - -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -118,15 +209,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## @@ -173,33 +257,15 @@ RUN ALPINE_GLIBC_BASE_URL="https://github.com/sgerrand/alpine-pkg-glibc/releases "$ALPINE_GLIBC_BASE_PACKAGE_FILENAME" \ "$ALPINE_GLIBC_BIN_PACKAGE_FILENAME" \ "$ALPINE_GLIBC_I18N_PACKAGE_FILENAME" \ - +# # cljstyle installation && curl --retry 5 --retry-delay 5 -sLO https://raw.githubusercontent.com/greglook/cljstyle/main/script/install-cljstyle \ && chmod +x install-cljstyle \ && ./install-cljstyle - +# #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/cloudformation_cfn_lint/Dockerfile b/linters/cloudformation_cfn_lint/Dockerfile index 6f2a696485d..343ee289590 100644 --- a/linters/cloudformation_cfn_lint/Dockerfile +++ b/linters/cloudformation_cfn_lint/Dockerfile @@ -14,18 +14,131 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START + +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START + +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START +RUN --mount=type=cache,id=pip,sharing=locked,target=/var/cache/pip,uid=0 \ + mkdir /download \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --cache-dir=/var/cache/pip --upgrade pip crossenv wheel \ +&& pip download --cache-dir=/var/cache/pip --dest "/download" \ + cfn-lint + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/cfn-lint" \ + && cd "/venvs/cfn-lint" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip cfn-lint + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -71,6 +184,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -78,24 +193,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START -RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir --upgrade pip virtualenv \ - && mkdir -p "/venvs/cfn-lint" && cd "/venvs/cfn-lint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir cfn-lint && deactivate && cd ./../.. \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf && rm -rf /root/.cache -ENV PATH="${PATH}":/venvs/cfn-lint/bin -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START - -#NPM__END +#PIPVENV_PATH__START +ENV PATH="${PATH}":/venvs/cfn-lint/cross/bin +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -121,15 +221,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## @@ -138,24 +231,6 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/coffee_coffeelint/Dockerfile b/linters/coffee_coffeelint/Dockerfile index 9d8fc753127..500ec75aae6 100644 --- a/linters/coffee_coffeelint/Dockerfile +++ b/linters/coffee_coffeelint/Dockerfile @@ -14,18 +14,139 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START +RUN apk add --update --no-cache \ + npm +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START +WORKDIR /node-deps +RUN npm --no-cache install --ignore-scripts --omit=dev \ + @coffeelint/cli && \ + echo "Cleaning npm cache…" \ + && npm cache clean --force || true \ + && echo "Changing owner of node_modules files…" \ + && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ + && echo "Removing extra node_module files…" \ + && rm -rf /root/.npm/_cacache \ + && find . -name "*.d.ts" -delete \ + && find . -name "*.map" -delete \ + && find . -name "*.npmignore" -delete \ + && find . -name "*.travis.yml" -delete \ + && find . -name "CHANGELOG.md" -delete \ + && find . -name "README.md" -delete \ + && find . -name ".package-lock.json" -delete \ + && find . -name "package-lock.json" -delete \ + && find . -name "README.md" -delete +WORKDIR / + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START +COPY --link --from=node_modules /node-deps /node-deps +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -74,6 +195,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -81,40 +204,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START - -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START -WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ - @coffeelint/cli && \ - echo "Cleaning npm cache…" \ - && npm cache clean --force || true \ - && echo "Changing owner of node_modules files…" \ - && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ - && echo "Removing extra node_module files…" \ - && rm -rf /root/.npm/_cacache \ - && find . -name "*.d.ts" -delete \ - && find . -name "*.map" -delete \ - && find . -name "*.npmignore" -delete \ - && find . -name "*.travis.yml" -delete \ - && find . -name "CHANGELOG.md" -delete \ - && find . -name "README.md" -delete \ - && find . -name ".package-lock.json" -delete \ - && find . -name "package-lock.json" -delete \ - && find . -name "README.md" -delete -WORKDIR / +#PIPVENV_PATH__START -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -140,15 +232,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## @@ -157,24 +242,6 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/copypaste_jscpd/Dockerfile b/linters/copypaste_jscpd/Dockerfile index bf102fd3049..68500dba150 100644 --- a/linters/copypaste_jscpd/Dockerfile +++ b/linters/copypaste_jscpd/Dockerfile @@ -14,18 +14,139 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START +RUN apk add --update --no-cache \ + npm +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START +WORKDIR /node-deps +RUN npm --no-cache install --ignore-scripts --omit=dev \ + jscpd && \ + echo "Cleaning npm cache…" \ + && npm cache clean --force || true \ + && echo "Changing owner of node_modules files…" \ + && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ + && echo "Removing extra node_module files…" \ + && rm -rf /root/.npm/_cacache \ + && find . -name "*.d.ts" -delete \ + && find . -name "*.map" -delete \ + && find . -name "*.npmignore" -delete \ + && find . -name "*.travis.yml" -delete \ + && find . -name "CHANGELOG.md" -delete \ + && find . -name "README.md" -delete \ + && find . -name ".package-lock.json" -delete \ + && find . -name "package-lock.json" -delete \ + && find . -name "README.md" -delete +WORKDIR / + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START +COPY --link --from=node_modules /node-deps /node-deps +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -75,6 +196,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -82,40 +205,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START - -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START -WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ - jscpd && \ - echo "Cleaning npm cache…" \ - && npm cache clean --force || true \ - && echo "Changing owner of node_modules files…" \ - && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ - && echo "Removing extra node_module files…" \ - && rm -rf /root/.npm/_cacache \ - && find . -name "*.d.ts" -delete \ - && find . -name "*.map" -delete \ - && find . -name "*.npmignore" -delete \ - && find . -name "*.travis.yml" -delete \ - && find . -name "CHANGELOG.md" -delete \ - && find . -name "README.md" -delete \ - && find . -name ".package-lock.json" -delete \ - && find . -name "package-lock.json" -delete \ - && find . -name "README.md" -delete -WORKDIR / +#PIPVENV_PATH__START -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -141,15 +233,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## @@ -158,24 +243,6 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/cpp_cpplint/Dockerfile b/linters/cpp_cpplint/Dockerfile index 05277e19099..7a929455fe4 100644 --- a/linters/cpp_cpplint/Dockerfile +++ b/linters/cpp_cpplint/Dockerfile @@ -14,18 +14,131 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START + +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START + +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START +RUN --mount=type=cache,id=pip,sharing=locked,target=/var/cache/pip,uid=0 \ + mkdir /download \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --cache-dir=/var/cache/pip --upgrade pip crossenv wheel \ +&& pip download --cache-dir=/var/cache/pip --dest "/download" \ + cpplint + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/cpplint" \ + && cd "/venvs/cpplint" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip cpplint + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -71,6 +184,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -78,24 +193,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START -RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir --upgrade pip virtualenv \ - && mkdir -p "/venvs/cpplint" && cd "/venvs/cpplint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir cpplint && deactivate && cd ./../.. \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf && rm -rf /root/.cache -ENV PATH="${PATH}":/venvs/cpplint/bin -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START - -#NPM__END +#PIPVENV_PATH__START +ENV PATH="${PATH}":/venvs/cpplint/cross/bin +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -121,15 +221,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## @@ -138,24 +231,6 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/csharp_csharpier/Dockerfile b/linters/csharp_csharpier/Dockerfile index 05fa7b68e7b..5fa1a375ecb 100644 --- a/linters/csharp_csharpier/Dockerfile +++ b/linters/csharp_csharpier/Dockerfile @@ -14,18 +14,119 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START + +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START + +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -79,6 +180,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -86,21 +189,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START +#PIPVENV_PATH__START -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START - -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -126,15 +217,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## @@ -146,30 +230,12 @@ RUN wget --tries=5 -q -O dotnet-install.sh https://dot.net/v1/dotnet-install.sh && ./dotnet-install.sh --install-dir /usr/share/dotnet -channel 6.0 -version latest ENV PATH="${PATH}:/root/.dotnet/tools:/usr/share/dotnet" - +# # csharpier installation RUN /usr/share/dotnet/dotnet tool install -g csharpier - +# #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/csharp_dotnet_format/Dockerfile b/linters/csharp_dotnet_format/Dockerfile index d703f9b23e7..cdf6ed2dfab 100644 --- a/linters/csharp_dotnet_format/Dockerfile +++ b/linters/csharp_dotnet_format/Dockerfile @@ -14,18 +14,119 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START + +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START + +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -79,6 +180,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -86,21 +189,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START +#PIPVENV_PATH__START -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START - -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -126,15 +217,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## @@ -146,27 +230,9 @@ RUN wget --tries=5 -q -O dotnet-install.sh https://dot.net/v1/dotnet-install.sh && ./dotnet-install.sh --install-dir /usr/share/dotnet -channel 6.0 -version latest ENV PATH="${PATH}:/root/.dotnet/tools:/usr/share/dotnet" - +# #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/css_scss_lint/Dockerfile b/linters/css_scss_lint/Dockerfile index 29f042f8377..cb64493771b 100644 --- a/linters/css_scss_lint/Dockerfile +++ b/linters/css_scss_lint/Dockerfile @@ -14,18 +14,119 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START + +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START + +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -75,6 +176,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -82,21 +185,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START - -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START +#PIPVENV_PATH__START -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -124,15 +215,8 @@ RUN echo 'gem: --no-document' >> ~/.gemrc && \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## @@ -141,24 +225,6 @@ RUN echo 'gem: --no-document' >> ~/.gemrc && \ #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/css_stylelint/Dockerfile b/linters/css_stylelint/Dockerfile index fe8f03dedbf..99913ee4070 100644 --- a/linters/css_stylelint/Dockerfile +++ b/linters/css_stylelint/Dockerfile @@ -14,18 +14,142 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START +RUN apk add --update --no-cache \ + npm +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START +WORKDIR /node-deps +RUN npm --no-cache install --ignore-scripts --omit=dev \ + stylelint \ + stylelint-config-standard \ + stylelint-config-sass-guidelines \ + stylelint-scss && \ + echo "Cleaning npm cache…" \ + && npm cache clean --force || true \ + && echo "Changing owner of node_modules files…" \ + && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ + && echo "Removing extra node_module files…" \ + && rm -rf /root/.npm/_cacache \ + && find . -name "*.d.ts" -delete \ + && find . -name "*.map" -delete \ + && find . -name "*.npmignore" -delete \ + && find . -name "*.travis.yml" -delete \ + && find . -name "CHANGELOG.md" -delete \ + && find . -name "README.md" -delete \ + && find . -name ".package-lock.json" -delete \ + && find . -name "package-lock.json" -delete \ + && find . -name "README.md" -delete +WORKDIR / + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START +COPY --link --from=node_modules /node-deps /node-deps +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -74,6 +198,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -81,43 +207,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START - -#PIPVENV__END +#PIPVENV_PATH__START -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START -WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ - stylelint \ - stylelint-config-standard \ - stylelint-config-sass-guidelines \ - stylelint-scss && \ - echo "Cleaning npm cache…" \ - && npm cache clean --force || true \ - && echo "Changing owner of node_modules files…" \ - && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ - && echo "Removing extra node_module files…" \ - && rm -rf /root/.npm/_cacache \ - && find . -name "*.d.ts" -delete \ - && find . -name "*.map" -delete \ - && find . -name "*.npmignore" -delete \ - && find . -name "*.travis.yml" -delete \ - && find . -name "CHANGELOG.md" -delete \ - && find . -name "README.md" -delete \ - && find . -name ".package-lock.json" -delete \ - && find . -name "package-lock.json" -delete \ - && find . -name "README.md" -delete -WORKDIR / - -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -143,15 +235,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## @@ -160,24 +245,6 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/dart_dartanalyzer/Dockerfile b/linters/dart_dartanalyzer/Dockerfile index bd41e85d8f2..e79b7842ada 100644 --- a/linters/dart_dartanalyzer/Dockerfile +++ b/linters/dart_dartanalyzer/Dockerfile @@ -14,18 +14,119 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START + +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START + +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -72,6 +173,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -79,21 +182,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START - -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START +#PIPVENV_PATH__START -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -119,15 +210,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## @@ -174,7 +258,7 @@ RUN ALPINE_GLIBC_BASE_URL="https://github.com/sgerrand/alpine-pkg-glibc/releases "$ALPINE_GLIBC_BASE_PACKAGE_FILENAME" \ "$ALPINE_GLIBC_BIN_PACKAGE_FILENAME" \ "$ALPINE_GLIBC_I18N_PACKAGE_FILENAME" \ - +# # dartanalyzer installation && case ${TARGETPLATFORM} in \ "linux/amd64") DART_ARCH=x64 ;; \ @@ -185,27 +269,9 @@ RUN ALPINE_GLIBC_BASE_URL="https://github.com/sgerrand/alpine-pkg-glibc/releases && mv dart-sdk/bin/* /usr/bin/ && mv dart-sdk/lib/* /usr/lib/ && mv dart-sdk/include/* /usr/include/ \ && rm -r dart-sdk/ - +# #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/dockerfile_hadolint/Dockerfile b/linters/dockerfile_hadolint/Dockerfile index 61d8e81d10f..21f591f477d 100644 --- a/linters/dockerfile_hadolint/Dockerfile +++ b/linters/dockerfile_hadolint/Dockerfile @@ -14,18 +14,119 @@ FROM hadolint/hadolint:v2.12.0-alpine as hadolint #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START + +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START +COPY --link --from=hadolint /bin/hadolint /usr/bin/hadolint +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -71,6 +172,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -78,21 +181,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START - -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START +#PIPVENV_PATH__START -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -118,43 +209,16 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START -COPY --link --from=hadolint /bin/hadolint /usr/bin/hadolint -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START -# hadolint installation -# Managed with COPY --link --from=hadolint /bin/hadolint /usr/bin/hadolint #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/editorconfig_editorconfig_checker/Dockerfile b/linters/editorconfig_editorconfig_checker/Dockerfile index 23e1978dcd5..cc260accccd 100644 --- a/linters/editorconfig_editorconfig_checker/Dockerfile +++ b/linters/editorconfig_editorconfig_checker/Dockerfile @@ -14,18 +14,119 @@ FROM mstruebing/editorconfig-checker:2.7.0 as editorconfig-checker #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START + +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START +COPY --link --from=editorconfig-checker /usr/bin/ec /usr/bin/editorconfig-checker +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -71,6 +172,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -78,21 +181,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START - -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START +#PIPVENV_PATH__START -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -118,43 +209,16 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START -COPY --link --from=editorconfig-checker /usr/bin/ec /usr/bin/editorconfig-checker -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START -# editorconfig-checker installation -# Managed with COPY --link --from=editorconfig-checker /usr/bin/ec /usr/bin/editorconfig-checker #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/env_dotenv_linter/Dockerfile b/linters/env_dotenv_linter/Dockerfile index edc755ab5d6..44fb24ba605 100644 --- a/linters/env_dotenv_linter/Dockerfile +++ b/linters/env_dotenv_linter/Dockerfile @@ -11,21 +11,122 @@ ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #FROM__START - +FROM dotenvlinter/dotenv-linter:latest as dotenvlinter #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START + +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START +COPY --link --from=dotenvlinter /dotenv-linter /usr/bin/dotenv-linter +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -71,6 +172,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -78,21 +181,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START - -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START +#PIPVENV_PATH__START -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -118,43 +209,16 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START -# dotenv-linter installation -RUN wget -q -O - https://raw.githubusercontent.com/dotenv-linter/dotenv-linter/master/install.sh | sh -s #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/gherkin_gherkin_lint/Dockerfile b/linters/gherkin_gherkin_lint/Dockerfile index e295b6ba33a..fb02f7f44df 100644 --- a/linters/gherkin_gherkin_lint/Dockerfile +++ b/linters/gherkin_gherkin_lint/Dockerfile @@ -14,18 +14,139 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START +RUN apk add --update --no-cache \ + npm +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START +WORKDIR /node-deps +RUN npm --no-cache install --ignore-scripts --omit=dev \ + gherkin-lint && \ + echo "Cleaning npm cache…" \ + && npm cache clean --force || true \ + && echo "Changing owner of node_modules files…" \ + && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ + && echo "Removing extra node_module files…" \ + && rm -rf /root/.npm/_cacache \ + && find . -name "*.d.ts" -delete \ + && find . -name "*.map" -delete \ + && find . -name "*.npmignore" -delete \ + && find . -name "*.travis.yml" -delete \ + && find . -name "CHANGELOG.md" -delete \ + && find . -name "README.md" -delete \ + && find . -name ".package-lock.json" -delete \ + && find . -name "package-lock.json" -delete \ + && find . -name "README.md" -delete +WORKDIR / + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START +COPY --link --from=node_modules /node-deps /node-deps +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -74,6 +195,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -81,40 +204,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START - -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START -WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ - gherkin-lint && \ - echo "Cleaning npm cache…" \ - && npm cache clean --force || true \ - && echo "Changing owner of node_modules files…" \ - && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ - && echo "Removing extra node_module files…" \ - && rm -rf /root/.npm/_cacache \ - && find . -name "*.d.ts" -delete \ - && find . -name "*.map" -delete \ - && find . -name "*.npmignore" -delete \ - && find . -name "*.travis.yml" -delete \ - && find . -name "CHANGELOG.md" -delete \ - && find . -name "README.md" -delete \ - && find . -name ".package-lock.json" -delete \ - && find . -name "package-lock.json" -delete \ - && find . -name "README.md" -delete -WORKDIR / +#PIPVENV_PATH__START -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -140,15 +232,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## @@ -157,24 +242,6 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/go_golangci_lint/Dockerfile b/linters/go_golangci_lint/Dockerfile index 275abbf7829..3ea391d858e 100644 --- a/linters/go_golangci_lint/Dockerfile +++ b/linters/go_golangci_lint/Dockerfile @@ -14,18 +14,119 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START + +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START + +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -72,6 +173,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -79,21 +182,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START +#PIPVENV_PATH__START -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START - -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -119,15 +210,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## @@ -137,27 +221,9 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ RUN wget -O- -nv https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh \ && golangci-lint --version - +# #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/go_revive/Dockerfile b/linters/go_revive/Dockerfile index 934e478cfe5..b627a38dcb9 100644 --- a/linters/go_revive/Dockerfile +++ b/linters/go_revive/Dockerfile @@ -11,26 +11,136 @@ ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #FROM__START -FROM golang:1-alpine as revive +FROM --platform=$BUILDPLATFORM golang:1-alpine as revive-build ## The golang image used as a builder is a temporary workaround ## for the released revive binaries not returning version numbers (devel). ## The install command should then be what is commented in the go.megalinter-descriptor.yml -RUN GOBIN=/usr/bin go install github.com/mgechev/revive@latest +## See https://github.com/mgechev/revive/issues/787 +RUN mkdir temp && cd temp && go mod init temp && go get -d github.com/mgechev/revive@latest +ARG BUILDARCH +ARG TARGETARCH +RUN GOOS=linux GOARCH=${TARGETARCH} go install github.com/mgechev/revive@latest \ +&& ([[ "${BUILDARCH}" == "${TARGETARCH}" ]] && mv bin/revive /usr/bin) || mv bin/linux_${TARGETARCH}/revive /usr/bin +FROM golang:1-alpine as revive +COPY --from=revive-build /usr/bin/revive /usr/bin/revive +# Verify Binary +RUN /usr/bin/revive --version #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START + +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START +COPY --link --from=revive /usr/bin/revive /usr/bin/revive +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -76,6 +186,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -83,21 +195,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START +#PIPVENV_PATH__START -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START - -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -123,43 +223,16 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START -COPY --link --from=revive /usr/bin/revive /usr/bin/revive -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START -# revive installation -# Managed with COPY --link --from=revive /usr/bin/revive /usr/bin/revive #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/graphql_graphql_schema_linter/Dockerfile b/linters/graphql_graphql_schema_linter/Dockerfile index 18d271c8051..cc6d356c553 100644 --- a/linters/graphql_graphql_schema_linter/Dockerfile +++ b/linters/graphql_graphql_schema_linter/Dockerfile @@ -14,18 +14,140 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START +RUN apk add --update --no-cache \ + npm +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START +WORKDIR /node-deps +RUN npm --no-cache install --ignore-scripts --omit=dev \ + graphql \ + graphql-schema-linter && \ + echo "Cleaning npm cache…" \ + && npm cache clean --force || true \ + && echo "Changing owner of node_modules files…" \ + && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ + && echo "Removing extra node_module files…" \ + && rm -rf /root/.npm/_cacache \ + && find . -name "*.d.ts" -delete \ + && find . -name "*.map" -delete \ + && find . -name "*.npmignore" -delete \ + && find . -name "*.travis.yml" -delete \ + && find . -name "CHANGELOG.md" -delete \ + && find . -name "README.md" -delete \ + && find . -name ".package-lock.json" -delete \ + && find . -name "package-lock.json" -delete \ + && find . -name "README.md" -delete +WORKDIR / + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START +COPY --link --from=node_modules /node-deps /node-deps +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -74,6 +196,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -81,41 +205,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START +#PIPVENV_PATH__START -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START -WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ - graphql \ - graphql-schema-linter && \ - echo "Cleaning npm cache…" \ - && npm cache clean --force || true \ - && echo "Changing owner of node_modules files…" \ - && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ - && echo "Removing extra node_module files…" \ - && rm -rf /root/.npm/_cacache \ - && find . -name "*.d.ts" -delete \ - && find . -name "*.map" -delete \ - && find . -name "*.npmignore" -delete \ - && find . -name "*.travis.yml" -delete \ - && find . -name "CHANGELOG.md" -delete \ - && find . -name "README.md" -delete \ - && find . -name ".package-lock.json" -delete \ - && find . -name "package-lock.json" -delete \ - && find . -name "README.md" -delete -WORKDIR / - -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -141,15 +233,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## @@ -158,24 +243,6 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/groovy_npm_groovy_lint/Dockerfile b/linters/groovy_npm_groovy_lint/Dockerfile index 1d37b083737..8410e630263 100644 --- a/linters/groovy_npm_groovy_lint/Dockerfile +++ b/linters/groovy_npm_groovy_lint/Dockerfile @@ -14,18 +14,139 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START +RUN apk add --update --no-cache \ + npm +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START +WORKDIR /node-deps +RUN npm --no-cache install --ignore-scripts --omit=dev \ + npm-groovy-lint && \ + echo "Cleaning npm cache…" \ + && npm cache clean --force || true \ + && echo "Changing owner of node_modules files…" \ + && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ + && echo "Removing extra node_module files…" \ + && rm -rf /root/.npm/_cacache \ + && find . -name "*.d.ts" -delete \ + && find . -name "*.map" -delete \ + && find . -name "*.npmignore" -delete \ + && find . -name "*.travis.yml" -delete \ + && find . -name "CHANGELOG.md" -delete \ + && find . -name "README.md" -delete \ + && find . -name ".package-lock.json" -delete \ + && find . -name "package-lock.json" -delete \ + && find . -name "README.md" -delete +WORKDIR / + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START +COPY --link --from=node_modules /node-deps /node-deps +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -75,6 +196,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -82,40 +205,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START - -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START -WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ - npm-groovy-lint && \ - echo "Cleaning npm cache…" \ - && npm cache clean --force || true \ - && echo "Changing owner of node_modules files…" \ - && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ - && echo "Removing extra node_module files…" \ - && rm -rf /root/.npm/_cacache \ - && find . -name "*.d.ts" -delete \ - && find . -name "*.map" -delete \ - && find . -name "*.npmignore" -delete \ - && find . -name "*.travis.yml" -delete \ - && find . -name "CHANGELOG.md" -delete \ - && find . -name "README.md" -delete \ - && find . -name ".package-lock.json" -delete \ - && find . -name "package-lock.json" -delete \ - && find . -name "README.md" -delete -WORKDIR / +#PIPVENV_PATH__START -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -141,15 +233,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## @@ -158,24 +243,6 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/html_djlint/Dockerfile b/linters/html_djlint/Dockerfile index 5e646e71ed4..0796f134084 100644 --- a/linters/html_djlint/Dockerfile +++ b/linters/html_djlint/Dockerfile @@ -14,18 +14,131 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START + +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START + +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START +RUN --mount=type=cache,id=pip,sharing=locked,target=/var/cache/pip,uid=0 \ + mkdir /download \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --cache-dir=/var/cache/pip --upgrade pip crossenv wheel \ +&& pip download --cache-dir=/var/cache/pip --dest "/download" \ + djlint + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/djlint" \ + && cd "/venvs/djlint" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip djlint + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -71,6 +184,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -78,24 +193,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START -RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir --upgrade pip virtualenv \ - && mkdir -p "/venvs/djlint" && cd "/venvs/djlint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir djlint && deactivate && cd ./../.. \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf && rm -rf /root/.cache -ENV PATH="${PATH}":/venvs/djlint/bin -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START - -#NPM__END +#PIPVENV_PATH__START +ENV PATH="${PATH}":/venvs/djlint/cross/bin +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -121,15 +221,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## @@ -138,24 +231,6 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/html_htmlhint/Dockerfile b/linters/html_htmlhint/Dockerfile index 57eab7de3c1..0c46c23fcd7 100644 --- a/linters/html_htmlhint/Dockerfile +++ b/linters/html_htmlhint/Dockerfile @@ -14,18 +14,139 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START +RUN apk add --update --no-cache \ + npm +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START +WORKDIR /node-deps +RUN npm --no-cache install --ignore-scripts --omit=dev \ + htmlhint && \ + echo "Cleaning npm cache…" \ + && npm cache clean --force || true \ + && echo "Changing owner of node_modules files…" \ + && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ + && echo "Removing extra node_module files…" \ + && rm -rf /root/.npm/_cacache \ + && find . -name "*.d.ts" -delete \ + && find . -name "*.map" -delete \ + && find . -name "*.npmignore" -delete \ + && find . -name "*.travis.yml" -delete \ + && find . -name "CHANGELOG.md" -delete \ + && find . -name "README.md" -delete \ + && find . -name ".package-lock.json" -delete \ + && find . -name "package-lock.json" -delete \ + && find . -name "README.md" -delete +WORKDIR / + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START +COPY --link --from=node_modules /node-deps /node-deps +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -74,6 +195,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -81,40 +204,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START - -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START -WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ - htmlhint && \ - echo "Cleaning npm cache…" \ - && npm cache clean --force || true \ - && echo "Changing owner of node_modules files…" \ - && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ - && echo "Removing extra node_module files…" \ - && rm -rf /root/.npm/_cacache \ - && find . -name "*.d.ts" -delete \ - && find . -name "*.map" -delete \ - && find . -name "*.npmignore" -delete \ - && find . -name "*.travis.yml" -delete \ - && find . -name "CHANGELOG.md" -delete \ - && find . -name "README.md" -delete \ - && find . -name ".package-lock.json" -delete \ - && find . -name "package-lock.json" -delete \ - && find . -name "README.md" -delete -WORKDIR / +#PIPVENV_PATH__START -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -140,15 +232,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## @@ -157,24 +242,6 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/java_checkstyle/Dockerfile b/linters/java_checkstyle/Dockerfile index ec02973dbec..a746e120a0f 100644 --- a/linters/java_checkstyle/Dockerfile +++ b/linters/java_checkstyle/Dockerfile @@ -14,18 +14,119 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START + +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START + +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -72,6 +173,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -79,21 +182,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START +#PIPVENV_PATH__START -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START - -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -119,15 +210,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## @@ -136,7 +220,7 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ # JAVA installation ENV JAVA_HOME=/usr/lib/jvm/java-11-openjdk ENV PATH="$JAVA_HOME/bin:${PATH}" - +# # checkstyle installation RUN --mount=type=secret,id=GITHUB_TOKEN CHECKSTYLE_LATEST=$(curl -s \ -H "Accept: application/vnd.github+json" \ @@ -148,27 +232,9 @@ RUN --mount=type=secret,id=GITHUB_TOKEN CHECKSTYLE_LATEST=$(curl -s \ && curl --retry 5 --retry-delay 5 -sSL $CHECKSTYLE_LATEST \ --output /usr/bin/checkstyle - +# #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/java_pmd/Dockerfile b/linters/java_pmd/Dockerfile index b88cacb541e..5d53b501b0d 100644 --- a/linters/java_pmd/Dockerfile +++ b/linters/java_pmd/Dockerfile @@ -14,18 +14,127 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START +# pmd installation +ARG PMD_VERSION=6.55.0 +RUN wget --quiet https://github.com/pmd/pmd/releases/download/pmd_releases%2F${PMD_VERSION}/pmd-bin-${PMD_VERSION}.zip && \ + unzip pmd-bin-${PMD_VERSION}.zip && \ + rm pmd-bin-${PMD_VERSION}.zip && \ + mv pmd-bin-${PMD_VERSION} /usr/bin/pmd && \ + chmod +x /usr/bin/pmd/bin/run.sh + +# +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START + +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START +COPY --link --from=build-platform /usr/bin/pmd /usr/bin/pmd +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -34,7 +143,7 @@ RUN apk add --update --no-cache libc6-compat \ ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START -ARG PMD_VERSION=6.55.0 + #ARG__END #################### @@ -72,6 +181,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -79,21 +190,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START - -#PIPVENV__END +#PIPVENV_PATH__START -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START - -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -119,15 +218,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## @@ -136,35 +228,9 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ # JAVA installation ENV JAVA_HOME=/usr/lib/jvm/java-11-openjdk ENV PATH="$JAVA_HOME/bin:${PATH}" - -# pmd installation -RUN wget --quiet https://github.com/pmd/pmd/releases/download/pmd_releases%2F${PMD_VERSION}/pmd-bin-${PMD_VERSION}.zip && \ - unzip pmd-bin-${PMD_VERSION}.zip && \ - rm pmd-bin-${PMD_VERSION}.zip && \ - mv pmd-bin-${PMD_VERSION} /usr/bin/pmd && \ - chmod +x /usr/bin/pmd/bin/run.sh - - +# #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/javascript_es/Dockerfile b/linters/javascript_es/Dockerfile index fd45b6a7710..835d627ea44 100644 --- a/linters/javascript_es/Dockerfile +++ b/linters/javascript_es/Dockerfile @@ -14,18 +14,151 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START +RUN apk add --update --no-cache \ + npm +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START +WORKDIR /node-deps +RUN npm --no-cache install --ignore-scripts --omit=dev \ + eslint \ + eslint-config-airbnb \ + eslint-config-prettier \ + eslint-config-standard \ + eslint-plugin-import \ + eslint-plugin-jest \ + eslint-plugin-node \ + eslint-plugin-prettier \ + eslint-plugin-promise \ + eslint-plugin-vue \ + @babel/core \ + @babel/eslint-parser \ + @microsoft/eslint-formatter-sarif && \ + echo "Cleaning npm cache…" \ + && npm cache clean --force || true \ + && echo "Changing owner of node_modules files…" \ + && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ + && echo "Removing extra node_module files…" \ + && rm -rf /root/.npm/_cacache \ + && find . -name "*.d.ts" -delete \ + && find . -name "*.map" -delete \ + && find . -name "*.npmignore" -delete \ + && find . -name "*.travis.yml" -delete \ + && find . -name "CHANGELOG.md" -delete \ + && find . -name "README.md" -delete \ + && find . -name ".package-lock.json" -delete \ + && find . -name "package-lock.json" -delete \ + && find . -name "README.md" -delete +WORKDIR / + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START +COPY --link --from=node_modules /node-deps /node-deps +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -74,6 +207,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -81,52 +216,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START - -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START -WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ - eslint \ - eslint-config-airbnb \ - eslint-config-prettier \ - eslint-config-standard \ - eslint-plugin-import \ - eslint-plugin-jest \ - eslint-plugin-node \ - eslint-plugin-prettier \ - eslint-plugin-promise \ - eslint-plugin-vue \ - @babel/core \ - @babel/eslint-parser \ - @microsoft/eslint-formatter-sarif && \ - echo "Cleaning npm cache…" \ - && npm cache clean --force || true \ - && echo "Changing owner of node_modules files…" \ - && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ - && echo "Removing extra node_module files…" \ - && rm -rf /root/.npm/_cacache \ - && find . -name "*.d.ts" -delete \ - && find . -name "*.map" -delete \ - && find . -name "*.npmignore" -delete \ - && find . -name "*.travis.yml" -delete \ - && find . -name "CHANGELOG.md" -delete \ - && find . -name "README.md" -delete \ - && find . -name ".package-lock.json" -delete \ - && find . -name "package-lock.json" -delete \ - && find . -name "README.md" -delete -WORKDIR / +#PIPVENV_PATH__START -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -152,15 +244,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## @@ -169,24 +254,6 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/javascript_prettier/Dockerfile b/linters/javascript_prettier/Dockerfile index 1ec52c59373..604686ed83c 100644 --- a/linters/javascript_prettier/Dockerfile +++ b/linters/javascript_prettier/Dockerfile @@ -14,18 +14,139 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START +RUN apk add --update --no-cache \ + npm +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START +WORKDIR /node-deps +RUN npm --no-cache install --ignore-scripts --omit=dev \ + prettier && \ + echo "Cleaning npm cache…" \ + && npm cache clean --force || true \ + && echo "Changing owner of node_modules files…" \ + && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ + && echo "Removing extra node_module files…" \ + && rm -rf /root/.npm/_cacache \ + && find . -name "*.d.ts" -delete \ + && find . -name "*.map" -delete \ + && find . -name "*.npmignore" -delete \ + && find . -name "*.travis.yml" -delete \ + && find . -name "CHANGELOG.md" -delete \ + && find . -name "README.md" -delete \ + && find . -name ".package-lock.json" -delete \ + && find . -name "package-lock.json" -delete \ + && find . -name "README.md" -delete +WORKDIR / + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START +COPY --link --from=node_modules /node-deps /node-deps +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -74,6 +195,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -81,40 +204,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START - -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START -WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ - prettier && \ - echo "Cleaning npm cache…" \ - && npm cache clean --force || true \ - && echo "Changing owner of node_modules files…" \ - && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ - && echo "Removing extra node_module files…" \ - && rm -rf /root/.npm/_cacache \ - && find . -name "*.d.ts" -delete \ - && find . -name "*.map" -delete \ - && find . -name "*.npmignore" -delete \ - && find . -name "*.travis.yml" -delete \ - && find . -name "CHANGELOG.md" -delete \ - && find . -name "README.md" -delete \ - && find . -name ".package-lock.json" -delete \ - && find . -name "package-lock.json" -delete \ - && find . -name "README.md" -delete -WORKDIR / +#PIPVENV_PATH__START -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -140,15 +232,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## @@ -157,24 +242,6 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/javascript_standard/Dockerfile b/linters/javascript_standard/Dockerfile index 300717c04ec..7724925c955 100644 --- a/linters/javascript_standard/Dockerfile +++ b/linters/javascript_standard/Dockerfile @@ -14,18 +14,139 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START +RUN apk add --update --no-cache \ + npm +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START +WORKDIR /node-deps +RUN npm --no-cache install --ignore-scripts --omit=dev \ + standard && \ + echo "Cleaning npm cache…" \ + && npm cache clean --force || true \ + && echo "Changing owner of node_modules files…" \ + && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ + && echo "Removing extra node_module files…" \ + && rm -rf /root/.npm/_cacache \ + && find . -name "*.d.ts" -delete \ + && find . -name "*.map" -delete \ + && find . -name "*.npmignore" -delete \ + && find . -name "*.travis.yml" -delete \ + && find . -name "CHANGELOG.md" -delete \ + && find . -name "README.md" -delete \ + && find . -name ".package-lock.json" -delete \ + && find . -name "package-lock.json" -delete \ + && find . -name "README.md" -delete +WORKDIR / + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START +COPY --link --from=node_modules /node-deps /node-deps +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -74,6 +195,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -81,40 +204,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START - -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START -WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ - standard && \ - echo "Cleaning npm cache…" \ - && npm cache clean --force || true \ - && echo "Changing owner of node_modules files…" \ - && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ - && echo "Removing extra node_module files…" \ - && rm -rf /root/.npm/_cacache \ - && find . -name "*.d.ts" -delete \ - && find . -name "*.map" -delete \ - && find . -name "*.npmignore" -delete \ - && find . -name "*.travis.yml" -delete \ - && find . -name "CHANGELOG.md" -delete \ - && find . -name "README.md" -delete \ - && find . -name ".package-lock.json" -delete \ - && find . -name "package-lock.json" -delete \ - && find . -name "README.md" -delete -WORKDIR / +#PIPVENV_PATH__START -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -140,15 +232,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## @@ -157,24 +242,6 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/json_eslint_plugin_jsonc/Dockerfile b/linters/json_eslint_plugin_jsonc/Dockerfile index 0157ee34423..f6141f8790b 100644 --- a/linters/json_eslint_plugin_jsonc/Dockerfile +++ b/linters/json_eslint_plugin_jsonc/Dockerfile @@ -14,18 +14,141 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START +RUN apk add --update --no-cache \ + npm +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START +WORKDIR /node-deps +RUN npm --no-cache install --ignore-scripts --omit=dev \ + eslint \ + eslint-plugin-jsonc \ + @microsoft/eslint-formatter-sarif && \ + echo "Cleaning npm cache…" \ + && npm cache clean --force || true \ + && echo "Changing owner of node_modules files…" \ + && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ + && echo "Removing extra node_module files…" \ + && rm -rf /root/.npm/_cacache \ + && find . -name "*.d.ts" -delete \ + && find . -name "*.map" -delete \ + && find . -name "*.npmignore" -delete \ + && find . -name "*.travis.yml" -delete \ + && find . -name "CHANGELOG.md" -delete \ + && find . -name "README.md" -delete \ + && find . -name ".package-lock.json" -delete \ + && find . -name "package-lock.json" -delete \ + && find . -name "README.md" -delete +WORKDIR / + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START +COPY --link --from=node_modules /node-deps /node-deps +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -74,6 +197,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -81,42 +206,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START - -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START -WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ - eslint \ - eslint-plugin-jsonc \ - @microsoft/eslint-formatter-sarif && \ - echo "Cleaning npm cache…" \ - && npm cache clean --force || true \ - && echo "Changing owner of node_modules files…" \ - && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ - && echo "Removing extra node_module files…" \ - && rm -rf /root/.npm/_cacache \ - && find . -name "*.d.ts" -delete \ - && find . -name "*.map" -delete \ - && find . -name "*.npmignore" -delete \ - && find . -name "*.travis.yml" -delete \ - && find . -name "CHANGELOG.md" -delete \ - && find . -name "README.md" -delete \ - && find . -name ".package-lock.json" -delete \ - && find . -name "package-lock.json" -delete \ - && find . -name "README.md" -delete -WORKDIR / +#PIPVENV_PATH__START -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -142,15 +234,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## @@ -159,24 +244,6 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/json_jsonlint/Dockerfile b/linters/json_jsonlint/Dockerfile index 1223207beb3..aa0f8705151 100644 --- a/linters/json_jsonlint/Dockerfile +++ b/linters/json_jsonlint/Dockerfile @@ -14,18 +14,139 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START +RUN apk add --update --no-cache \ + npm +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START +WORKDIR /node-deps +RUN npm --no-cache install --ignore-scripts --omit=dev \ + @prantlf/jsonlint && \ + echo "Cleaning npm cache…" \ + && npm cache clean --force || true \ + && echo "Changing owner of node_modules files…" \ + && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ + && echo "Removing extra node_module files…" \ + && rm -rf /root/.npm/_cacache \ + && find . -name "*.d.ts" -delete \ + && find . -name "*.map" -delete \ + && find . -name "*.npmignore" -delete \ + && find . -name "*.travis.yml" -delete \ + && find . -name "CHANGELOG.md" -delete \ + && find . -name "README.md" -delete \ + && find . -name ".package-lock.json" -delete \ + && find . -name "package-lock.json" -delete \ + && find . -name "README.md" -delete +WORKDIR / + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START +COPY --link --from=node_modules /node-deps /node-deps +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -74,6 +195,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -81,40 +204,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START - -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START -WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ - @prantlf/jsonlint && \ - echo "Cleaning npm cache…" \ - && npm cache clean --force || true \ - && echo "Changing owner of node_modules files…" \ - && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ - && echo "Removing extra node_module files…" \ - && rm -rf /root/.npm/_cacache \ - && find . -name "*.d.ts" -delete \ - && find . -name "*.map" -delete \ - && find . -name "*.npmignore" -delete \ - && find . -name "*.travis.yml" -delete \ - && find . -name "CHANGELOG.md" -delete \ - && find . -name "README.md" -delete \ - && find . -name ".package-lock.json" -delete \ - && find . -name "package-lock.json" -delete \ - && find . -name "README.md" -delete -WORKDIR / +#PIPVENV_PATH__START -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -140,15 +232,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## @@ -157,24 +242,6 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/json_npm_package_json_lint/Dockerfile b/linters/json_npm_package_json_lint/Dockerfile index af1c6646ab3..93057bcdc7d 100644 --- a/linters/json_npm_package_json_lint/Dockerfile +++ b/linters/json_npm_package_json_lint/Dockerfile @@ -14,18 +14,140 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START +RUN apk add --update --no-cache \ + npm +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START +WORKDIR /node-deps +RUN npm --no-cache install --ignore-scripts --omit=dev \ + npm-package-json-lint \ + npm-package-json-lint-config-default && \ + echo "Cleaning npm cache…" \ + && npm cache clean --force || true \ + && echo "Changing owner of node_modules files…" \ + && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ + && echo "Removing extra node_module files…" \ + && rm -rf /root/.npm/_cacache \ + && find . -name "*.d.ts" -delete \ + && find . -name "*.map" -delete \ + && find . -name "*.npmignore" -delete \ + && find . -name "*.travis.yml" -delete \ + && find . -name "CHANGELOG.md" -delete \ + && find . -name "README.md" -delete \ + && find . -name ".package-lock.json" -delete \ + && find . -name "package-lock.json" -delete \ + && find . -name "README.md" -delete +WORKDIR / + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START +COPY --link --from=node_modules /node-deps /node-deps +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -74,6 +196,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -81,41 +205,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START +#PIPVENV_PATH__START -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START -WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ - npm-package-json-lint \ - npm-package-json-lint-config-default && \ - echo "Cleaning npm cache…" \ - && npm cache clean --force || true \ - && echo "Changing owner of node_modules files…" \ - && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ - && echo "Removing extra node_module files…" \ - && rm -rf /root/.npm/_cacache \ - && find . -name "*.d.ts" -delete \ - && find . -name "*.map" -delete \ - && find . -name "*.npmignore" -delete \ - && find . -name "*.travis.yml" -delete \ - && find . -name "CHANGELOG.md" -delete \ - && find . -name "README.md" -delete \ - && find . -name ".package-lock.json" -delete \ - && find . -name "package-lock.json" -delete \ - && find . -name "README.md" -delete -WORKDIR / - -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -141,15 +233,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## @@ -158,24 +243,6 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/json_prettier/Dockerfile b/linters/json_prettier/Dockerfile index e94e77f139a..ad02a6cc43e 100644 --- a/linters/json_prettier/Dockerfile +++ b/linters/json_prettier/Dockerfile @@ -14,18 +14,139 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START +RUN apk add --update --no-cache \ + npm +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START +WORKDIR /node-deps +RUN npm --no-cache install --ignore-scripts --omit=dev \ + prettier && \ + echo "Cleaning npm cache…" \ + && npm cache clean --force || true \ + && echo "Changing owner of node_modules files…" \ + && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ + && echo "Removing extra node_module files…" \ + && rm -rf /root/.npm/_cacache \ + && find . -name "*.d.ts" -delete \ + && find . -name "*.map" -delete \ + && find . -name "*.npmignore" -delete \ + && find . -name "*.travis.yml" -delete \ + && find . -name "CHANGELOG.md" -delete \ + && find . -name "README.md" -delete \ + && find . -name ".package-lock.json" -delete \ + && find . -name "package-lock.json" -delete \ + && find . -name "README.md" -delete +WORKDIR / + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START +COPY --link --from=node_modules /node-deps /node-deps +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -74,6 +195,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -81,40 +204,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START - -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START -WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ - prettier && \ - echo "Cleaning npm cache…" \ - && npm cache clean --force || true \ - && echo "Changing owner of node_modules files…" \ - && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ - && echo "Removing extra node_module files…" \ - && rm -rf /root/.npm/_cacache \ - && find . -name "*.d.ts" -delete \ - && find . -name "*.map" -delete \ - && find . -name "*.npmignore" -delete \ - && find . -name "*.travis.yml" -delete \ - && find . -name "CHANGELOG.md" -delete \ - && find . -name "README.md" -delete \ - && find . -name ".package-lock.json" -delete \ - && find . -name "package-lock.json" -delete \ - && find . -name "README.md" -delete -WORKDIR / +#PIPVENV_PATH__START -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -140,15 +232,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## @@ -157,24 +242,6 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/json_v8r/Dockerfile b/linters/json_v8r/Dockerfile index 880ae8648ca..769d0fe2ea4 100644 --- a/linters/json_v8r/Dockerfile +++ b/linters/json_v8r/Dockerfile @@ -14,18 +14,139 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START +RUN apk add --update --no-cache \ + npm +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START +WORKDIR /node-deps +RUN npm --no-cache install --ignore-scripts --omit=dev \ + v8r && \ + echo "Cleaning npm cache…" \ + && npm cache clean --force || true \ + && echo "Changing owner of node_modules files…" \ + && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ + && echo "Removing extra node_module files…" \ + && rm -rf /root/.npm/_cacache \ + && find . -name "*.d.ts" -delete \ + && find . -name "*.map" -delete \ + && find . -name "*.npmignore" -delete \ + && find . -name "*.travis.yml" -delete \ + && find . -name "CHANGELOG.md" -delete \ + && find . -name "README.md" -delete \ + && find . -name ".package-lock.json" -delete \ + && find . -name "package-lock.json" -delete \ + && find . -name "README.md" -delete +WORKDIR / + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START +COPY --link --from=node_modules /node-deps /node-deps +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -74,6 +195,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -81,40 +204,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START - -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START -WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ - v8r && \ - echo "Cleaning npm cache…" \ - && npm cache clean --force || true \ - && echo "Changing owner of node_modules files…" \ - && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ - && echo "Removing extra node_module files…" \ - && rm -rf /root/.npm/_cacache \ - && find . -name "*.d.ts" -delete \ - && find . -name "*.map" -delete \ - && find . -name "*.npmignore" -delete \ - && find . -name "*.travis.yml" -delete \ - && find . -name "CHANGELOG.md" -delete \ - && find . -name "README.md" -delete \ - && find . -name ".package-lock.json" -delete \ - && find . -name "package-lock.json" -delete \ - && find . -name "README.md" -delete -WORKDIR / +#PIPVENV_PATH__START -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -140,15 +232,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## @@ -157,24 +242,6 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/jsx_eslint/Dockerfile b/linters/jsx_eslint/Dockerfile index 8b79ebe2a4d..1dd5db24a11 100644 --- a/linters/jsx_eslint/Dockerfile +++ b/linters/jsx_eslint/Dockerfile @@ -14,18 +14,142 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START +RUN apk add --update --no-cache \ + npm +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START +WORKDIR /node-deps +RUN npm --no-cache install --ignore-scripts --omit=dev \ + eslint \ + eslint-plugin-react \ + eslint-plugin-jsx-a11y \ + @microsoft/eslint-formatter-sarif && \ + echo "Cleaning npm cache…" \ + && npm cache clean --force || true \ + && echo "Changing owner of node_modules files…" \ + && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ + && echo "Removing extra node_module files…" \ + && rm -rf /root/.npm/_cacache \ + && find . -name "*.d.ts" -delete \ + && find . -name "*.map" -delete \ + && find . -name "*.npmignore" -delete \ + && find . -name "*.travis.yml" -delete \ + && find . -name "CHANGELOG.md" -delete \ + && find . -name "README.md" -delete \ + && find . -name ".package-lock.json" -delete \ + && find . -name "package-lock.json" -delete \ + && find . -name "README.md" -delete +WORKDIR / + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START +COPY --link --from=node_modules /node-deps /node-deps +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -74,6 +198,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -81,43 +207,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START - -#PIPVENV__END +#PIPVENV_PATH__START -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START -WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ - eslint \ - eslint-plugin-react \ - eslint-plugin-jsx-a11y \ - @microsoft/eslint-formatter-sarif && \ - echo "Cleaning npm cache…" \ - && npm cache clean --force || true \ - && echo "Changing owner of node_modules files…" \ - && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ - && echo "Removing extra node_module files…" \ - && rm -rf /root/.npm/_cacache \ - && find . -name "*.d.ts" -delete \ - && find . -name "*.map" -delete \ - && find . -name "*.npmignore" -delete \ - && find . -name "*.travis.yml" -delete \ - && find . -name "CHANGELOG.md" -delete \ - && find . -name "README.md" -delete \ - && find . -name ".package-lock.json" -delete \ - && find . -name "package-lock.json" -delete \ - && find . -name "README.md" -delete -WORKDIR / - -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -143,15 +235,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## @@ -160,24 +245,6 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/kotlin_ktlint/Dockerfile b/linters/kotlin_ktlint/Dockerfile index 5982c969d22..7aa45c6ed1d 100644 --- a/linters/kotlin_ktlint/Dockerfile +++ b/linters/kotlin_ktlint/Dockerfile @@ -14,18 +14,124 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START +# ktlint installation +RUN curl --retry 5 --retry-delay 5 -sSLO https://github.com/pinterest/ktlint/releases/latest/download/ktlint && \ + chmod a+x ktlint && \ + mv "ktlint" /usr/bin/ + +# +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START + +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START +COPY --link --from=build-platform /usr/bin/ktlint /usr/bin/ktlint +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -72,6 +178,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -79,21 +187,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START - -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START +#PIPVENV_PATH__START -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -119,46 +215,16 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START -# ktlint installation -RUN curl --retry 5 --retry-delay 5 -sSLO https://github.com/pinterest/ktlint/releases/latest/download/ktlint && \ - chmod a+x ktlint && \ - mv "ktlint" /usr/bin/ - #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/kubernetes_helm/Dockerfile b/linters/kubernetes_helm/Dockerfile index 9ed6aaaa568..1b7eeb88113 100644 --- a/linters/kubernetes_helm/Dockerfile +++ b/linters/kubernetes_helm/Dockerfile @@ -14,18 +14,119 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START + +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START + +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -72,6 +173,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -79,21 +182,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START - -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START +#PIPVENV_PATH__START -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -119,15 +210,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## @@ -136,24 +220,6 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/kubernetes_kubeconform/Dockerfile b/linters/kubernetes_kubeconform/Dockerfile index dfa90f76ce3..f38b82e0012 100644 --- a/linters/kubernetes_kubeconform/Dockerfile +++ b/linters/kubernetes_kubeconform/Dockerfile @@ -14,18 +14,119 @@ FROM ghcr.io/yannh/kubeconform:latest-alpine as kubeconform #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START + +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START +COPY --link --from=kubeconform /kubeconform /usr/bin/ +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -71,6 +172,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -78,21 +181,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START - -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START +#PIPVENV_PATH__START -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -118,43 +209,16 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START -COPY --link --from=kubeconform /kubeconform /usr/bin/ -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START -# kubeconform installation -# Managed with COPY --link --from=kubeconform /kubeconform /usr/bin/ #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/kubernetes_kubescape/Dockerfile b/linters/kubernetes_kubescape/Dockerfile index 6b86fa583a6..6e6c27ac864 100644 --- a/linters/kubernetes_kubescape/Dockerfile +++ b/linters/kubernetes_kubescape/Dockerfile @@ -14,18 +14,119 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START + +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START + +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -74,6 +175,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -81,21 +184,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START +#PIPVENV_PATH__START -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START - -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -121,15 +212,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## @@ -139,27 +223,9 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ RUN ln -s /lib/libc.so.6 /usr/lib/libresolv.so.2 && \ curl --retry 5 --retry-delay 5 -sLv https://raw.githubusercontent.com/kubescape/kubescape/master/install.sh | /bin/bash -s -- -v v2.3.6 - +# #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/latex_chktex/Dockerfile b/linters/latex_chktex/Dockerfile index 86093c27091..fe38ebd82d1 100644 --- a/linters/latex_chktex/Dockerfile +++ b/linters/latex_chktex/Dockerfile @@ -14,18 +14,119 @@ FROM ghcr.io/assignuser/chktex-alpine:latest as chktex #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START + +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START +COPY --link --from=chktex /usr/bin/chktex /usr/bin/ +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -71,6 +172,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -78,21 +181,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START +#PIPVENV_PATH__START -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START - -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -118,44 +209,18 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START -COPY --link --from=chktex /usr/bin/chktex /usr/bin/ -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START # chktex installation -# Managed with COPY --link --from=chktex /usr/bin/chktex /usr/bin/ RUN cd ~ && touch .chktexrc && cd / - +# #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/lua_luacheck/Dockerfile b/linters/lua_luacheck/Dockerfile index ff4df962a8a..0cd69b95d37 100644 --- a/linters/lua_luacheck/Dockerfile +++ b/linters/lua_luacheck/Dockerfile @@ -14,18 +14,119 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START + +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START + +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -60,6 +161,9 @@ RUN apk add --no-cache \ openssh \ openssl \ readline-dev \ + lua5.3 \ + lua5.3-dev \ + luarocks5.3 \ && git config --global core.autocrlf true #APK__END @@ -73,6 +177,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -80,21 +186,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START +#PIPVENV_PATH__START -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START - -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -120,56 +214,18 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START # luacheck installation -RUN wget --tries=5 https://www.lua.org/ftp/lua-5.3.5.tar.gz -O - -q | tar -xzf - \ - && cd lua-5.3.5 \ - && make linux \ - && make install \ - && cd .. && rm -r lua-5.3.5/ \ - && wget --tries=5 https://github.com/cvega/luarocks/archive/v3.3.1-super-linter.tar.gz -O - -q | tar -xzf - \ - && cd luarocks-3.3.1-super-linter \ - && ./configure --with-lua-include=/usr/local/include \ - && make \ - && make -b install \ - && cd .. && rm -r luarocks-3.3.1-super-linter/ \ - && luarocks install luacheck \ - && cd / - - +RUN luarocks-5.3 install luacheck +# #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/makefile_checkmake/Dockerfile b/linters/makefile_checkmake/Dockerfile index 2c041439841..fccc5c50109 100644 --- a/linters/makefile_checkmake/Dockerfile +++ b/linters/makefile_checkmake/Dockerfile @@ -14,18 +14,119 @@ FROM mrtazz/checkmake:latest as checkmake #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START + +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START +COPY --link --from=checkmake /checkmake /usr/bin/checkmake +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -71,6 +172,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -78,21 +181,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START - -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START +#PIPVENV_PATH__START -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -118,43 +209,16 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START -COPY --link --from=checkmake /checkmake /usr/bin/checkmake -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START -# checkmake installation -# Managed with COPY --link --from=checkmake /checkmake /usr/bin/checkmake #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/markdown_markdown_link_check/Dockerfile b/linters/markdown_markdown_link_check/Dockerfile index 9cd8e1bf6d7..4ee0750903d 100644 --- a/linters/markdown_markdown_link_check/Dockerfile +++ b/linters/markdown_markdown_link_check/Dockerfile @@ -14,18 +14,139 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START +RUN apk add --update --no-cache \ + npm +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START +WORKDIR /node-deps +RUN npm --no-cache install --ignore-scripts --omit=dev \ + markdown-link-check && \ + echo "Cleaning npm cache…" \ + && npm cache clean --force || true \ + && echo "Changing owner of node_modules files…" \ + && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ + && echo "Removing extra node_module files…" \ + && rm -rf /root/.npm/_cacache \ + && find . -name "*.d.ts" -delete \ + && find . -name "*.map" -delete \ + && find . -name "*.npmignore" -delete \ + && find . -name "*.travis.yml" -delete \ + && find . -name "CHANGELOG.md" -delete \ + && find . -name "README.md" -delete \ + && find . -name ".package-lock.json" -delete \ + && find . -name "package-lock.json" -delete \ + && find . -name "README.md" -delete +WORKDIR / + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START +COPY --link --from=node_modules /node-deps /node-deps +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -74,6 +195,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -81,40 +204,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START - -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START -WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ - markdown-link-check && \ - echo "Cleaning npm cache…" \ - && npm cache clean --force || true \ - && echo "Changing owner of node_modules files…" \ - && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ - && echo "Removing extra node_module files…" \ - && rm -rf /root/.npm/_cacache \ - && find . -name "*.d.ts" -delete \ - && find . -name "*.map" -delete \ - && find . -name "*.npmignore" -delete \ - && find . -name "*.travis.yml" -delete \ - && find . -name "CHANGELOG.md" -delete \ - && find . -name "README.md" -delete \ - && find . -name ".package-lock.json" -delete \ - && find . -name "package-lock.json" -delete \ - && find . -name "README.md" -delete -WORKDIR / +#PIPVENV_PATH__START -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -140,15 +232,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## @@ -157,24 +242,6 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/markdown_markdown_table_formatter/Dockerfile b/linters/markdown_markdown_table_formatter/Dockerfile index d9f3052797b..ce05b900559 100644 --- a/linters/markdown_markdown_table_formatter/Dockerfile +++ b/linters/markdown_markdown_table_formatter/Dockerfile @@ -14,18 +14,139 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START +RUN apk add --update --no-cache \ + npm +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START +WORKDIR /node-deps +RUN npm --no-cache install --ignore-scripts --omit=dev \ + markdown-table-formatter && \ + echo "Cleaning npm cache…" \ + && npm cache clean --force || true \ + && echo "Changing owner of node_modules files…" \ + && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ + && echo "Removing extra node_module files…" \ + && rm -rf /root/.npm/_cacache \ + && find . -name "*.d.ts" -delete \ + && find . -name "*.map" -delete \ + && find . -name "*.npmignore" -delete \ + && find . -name "*.travis.yml" -delete \ + && find . -name "CHANGELOG.md" -delete \ + && find . -name "README.md" -delete \ + && find . -name ".package-lock.json" -delete \ + && find . -name "package-lock.json" -delete \ + && find . -name "README.md" -delete +WORKDIR / + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START +COPY --link --from=node_modules /node-deps /node-deps +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -74,6 +195,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -81,40 +204,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START - -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START -WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ - markdown-table-formatter && \ - echo "Cleaning npm cache…" \ - && npm cache clean --force || true \ - && echo "Changing owner of node_modules files…" \ - && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ - && echo "Removing extra node_module files…" \ - && rm -rf /root/.npm/_cacache \ - && find . -name "*.d.ts" -delete \ - && find . -name "*.map" -delete \ - && find . -name "*.npmignore" -delete \ - && find . -name "*.travis.yml" -delete \ - && find . -name "CHANGELOG.md" -delete \ - && find . -name "README.md" -delete \ - && find . -name ".package-lock.json" -delete \ - && find . -name "package-lock.json" -delete \ - && find . -name "README.md" -delete -WORKDIR / +#PIPVENV_PATH__START -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -140,15 +232,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## @@ -157,24 +242,6 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/markdown_markdownlint/Dockerfile b/linters/markdown_markdownlint/Dockerfile index 3846194502a..0ee4433e23c 100644 --- a/linters/markdown_markdownlint/Dockerfile +++ b/linters/markdown_markdownlint/Dockerfile @@ -14,18 +14,139 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START +RUN apk add --update --no-cache \ + npm +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START +WORKDIR /node-deps +RUN npm --no-cache install --ignore-scripts --omit=dev \ + markdownlint-cli && \ + echo "Cleaning npm cache…" \ + && npm cache clean --force || true \ + && echo "Changing owner of node_modules files…" \ + && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ + && echo "Removing extra node_module files…" \ + && rm -rf /root/.npm/_cacache \ + && find . -name "*.d.ts" -delete \ + && find . -name "*.map" -delete \ + && find . -name "*.npmignore" -delete \ + && find . -name "*.travis.yml" -delete \ + && find . -name "CHANGELOG.md" -delete \ + && find . -name "README.md" -delete \ + && find . -name ".package-lock.json" -delete \ + && find . -name "package-lock.json" -delete \ + && find . -name "README.md" -delete +WORKDIR / + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START +COPY --link --from=node_modules /node-deps /node-deps +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -74,6 +195,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -81,40 +204,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START - -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START -WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ - markdownlint-cli && \ - echo "Cleaning npm cache…" \ - && npm cache clean --force || true \ - && echo "Changing owner of node_modules files…" \ - && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ - && echo "Removing extra node_module files…" \ - && rm -rf /root/.npm/_cacache \ - && find . -name "*.d.ts" -delete \ - && find . -name "*.map" -delete \ - && find . -name "*.npmignore" -delete \ - && find . -name "*.travis.yml" -delete \ - && find . -name "CHANGELOG.md" -delete \ - && find . -name "README.md" -delete \ - && find . -name ".package-lock.json" -delete \ - && find . -name "package-lock.json" -delete \ - && find . -name "README.md" -delete -WORKDIR / +#PIPVENV_PATH__START -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -140,15 +232,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## @@ -157,24 +242,6 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/markdown_remark_lint/Dockerfile b/linters/markdown_remark_lint/Dockerfile index eff653e2d4b..bade6799f25 100644 --- a/linters/markdown_remark_lint/Dockerfile +++ b/linters/markdown_remark_lint/Dockerfile @@ -14,18 +14,140 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START +RUN apk add --update --no-cache \ + npm +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START +WORKDIR /node-deps +RUN npm --no-cache install --ignore-scripts --omit=dev \ + remark-cli \ + remark-preset-lint-recommended && \ + echo "Cleaning npm cache…" \ + && npm cache clean --force || true \ + && echo "Changing owner of node_modules files…" \ + && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ + && echo "Removing extra node_module files…" \ + && rm -rf /root/.npm/_cacache \ + && find . -name "*.d.ts" -delete \ + && find . -name "*.map" -delete \ + && find . -name "*.npmignore" -delete \ + && find . -name "*.travis.yml" -delete \ + && find . -name "CHANGELOG.md" -delete \ + && find . -name "README.md" -delete \ + && find . -name ".package-lock.json" -delete \ + && find . -name "package-lock.json" -delete \ + && find . -name "README.md" -delete +WORKDIR / + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START +COPY --link --from=node_modules /node-deps /node-deps +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -74,6 +196,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -81,41 +205,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START +#PIPVENV_PATH__START -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START -WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ - remark-cli \ - remark-preset-lint-recommended && \ - echo "Cleaning npm cache…" \ - && npm cache clean --force || true \ - && echo "Changing owner of node_modules files…" \ - && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ - && echo "Removing extra node_module files…" \ - && rm -rf /root/.npm/_cacache \ - && find . -name "*.d.ts" -delete \ - && find . -name "*.map" -delete \ - && find . -name "*.npmignore" -delete \ - && find . -name "*.travis.yml" -delete \ - && find . -name "CHANGELOG.md" -delete \ - && find . -name "README.md" -delete \ - && find . -name ".package-lock.json" -delete \ - && find . -name "package-lock.json" -delete \ - && find . -name "README.md" -delete -WORKDIR / - -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -141,15 +233,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## @@ -158,24 +243,6 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/openapi_spectral/Dockerfile b/linters/openapi_spectral/Dockerfile index b13778fd5c2..29a264dccc1 100644 --- a/linters/openapi_spectral/Dockerfile +++ b/linters/openapi_spectral/Dockerfile @@ -14,18 +14,139 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START +RUN apk add --update --no-cache \ + npm +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START +WORKDIR /node-deps +RUN npm --no-cache install --ignore-scripts --omit=dev \ + @stoplight/spectral-cli && \ + echo "Cleaning npm cache…" \ + && npm cache clean --force || true \ + && echo "Changing owner of node_modules files…" \ + && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ + && echo "Removing extra node_module files…" \ + && rm -rf /root/.npm/_cacache \ + && find . -name "*.d.ts" -delete \ + && find . -name "*.map" -delete \ + && find . -name "*.npmignore" -delete \ + && find . -name "*.travis.yml" -delete \ + && find . -name "CHANGELOG.md" -delete \ + && find . -name "README.md" -delete \ + && find . -name ".package-lock.json" -delete \ + && find . -name "package-lock.json" -delete \ + && find . -name "README.md" -delete +WORKDIR / + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START +COPY --link --from=node_modules /node-deps /node-deps +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -74,6 +195,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -81,40 +204,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START - -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START -WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ - @stoplight/spectral-cli && \ - echo "Cleaning npm cache…" \ - && npm cache clean --force || true \ - && echo "Changing owner of node_modules files…" \ - && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ - && echo "Removing extra node_module files…" \ - && rm -rf /root/.npm/_cacache \ - && find . -name "*.d.ts" -delete \ - && find . -name "*.map" -delete \ - && find . -name "*.npmignore" -delete \ - && find . -name "*.travis.yml" -delete \ - && find . -name "CHANGELOG.md" -delete \ - && find . -name "README.md" -delete \ - && find . -name ".package-lock.json" -delete \ - && find . -name "package-lock.json" -delete \ - && find . -name "README.md" -delete -WORKDIR / +#PIPVENV_PATH__START -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -140,15 +232,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## @@ -157,24 +242,6 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/perl_perlcritic/Dockerfile b/linters/perl_perlcritic/Dockerfile index 0b1198cd51a..19ca523806d 100644 --- a/linters/perl_perlcritic/Dockerfile +++ b/linters/perl_perlcritic/Dockerfile @@ -14,18 +14,119 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START + +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START + +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -73,6 +174,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -80,21 +183,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START +#PIPVENV_PATH__START -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START - -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -120,15 +211,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## @@ -136,27 +220,9 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #OTHER__START # perlcritic installation RUN curl --retry 5 --retry-delay 5 -sL https://cpanmin.us/ | perl - -nq --no-wget Perl::Critic - +# #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/php_phpcs/Dockerfile b/linters/php_phpcs/Dockerfile index 58226fe8e87..0e7bdc48126 100644 --- a/linters/php_phpcs/Dockerfile +++ b/linters/php_phpcs/Dockerfile @@ -14,18 +14,135 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START +RUN apk add --update --no-cache \ + gnupg +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START +# PHP installation +RUN --mount=type=secret,id=GITHUB_TOKEN GITHUB_AUTH_TOKEN="$(cat /run/secrets/GITHUB_TOKEN)" \ + && export GITHUB_AUTH_TOKEN \ + && wget --tries=5 -q -O phive.phar https://phar.io/releases/phive.phar \ + && wget --tries=5 -q -O phive.phar.asc https://phar.io/releases/phive.phar.asc \ + && PHAR_KEY_ID="0x9D8A98B29B2D5D79" \ + && ( gpg --keyserver keyserver.pgp.com --recv-keys "$PHAR_KEY_ID" \ + || gpg --keyserver ha.pool.sks-keyservers.net --recv-keys "$PHAR_KEY_ID" \ + || gpg --keyserver pgp.mit.edu --recv-keys "$PHAR_KEY_ID" \ + || gpg --keyserver hkps://keyserver.ubuntu.com --recv-keys "$PHAR_KEY_ID" ) \ + && gpg --verify phive.phar.asc phive.phar \ + && chmod +x phive.phar \ + && mv phive.phar /usr/local/bin/phive \ + && rm phive.phar.asc + +# +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START + +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START +COPY --link --from=build-platform /usr/local/bin/phive /usr/local/bin/phive +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -82,6 +199,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -89,21 +208,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START - -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START +#PIPVENV_PATH__START -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -129,61 +236,22 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START # PHP installation -RUN --mount=type=secret,id=GITHUB_TOKEN GITHUB_AUTH_TOKEN="$(cat /run/secrets/GITHUB_TOKEN)" \ - && export GITHUB_AUTH_TOKEN \ - && wget --tries=5 -q -O phive.phar https://phar.io/releases/phive.phar \ - && wget --tries=5 -q -O phive.phar.asc https://phar.io/releases/phive.phar.asc \ - && PHAR_KEY_ID="0x9D8A98B29B2D5D79" \ - && ( gpg --keyserver keyserver.pgp.com --recv-keys "$PHAR_KEY_ID" \ - || gpg --keyserver ha.pool.sks-keyservers.net --recv-keys "$PHAR_KEY_ID" \ - || gpg --keyserver pgp.mit.edu --recv-keys "$PHAR_KEY_ID" \ - || gpg --keyserver hkps://keyserver.ubuntu.com --recv-keys "$PHAR_KEY_ID" ) \ - && gpg --verify phive.phar.asc phive.phar \ - && chmod +x phive.phar \ - && mv phive.phar /usr/local/bin/phive \ - && rm phive.phar.asc \ - && update-alternatives --install /usr/bin/php php /usr/bin/php81 110 - - +RUN update-alternatives --install /usr/bin/php php /usr/bin/php81 110 +# # phpcs installation RUN --mount=type=secret,id=GITHUB_TOKEN GITHUB_AUTH_TOKEN="$(cat /run/secrets/GITHUB_TOKEN)" && export GITHUB_AUTH_TOKEN && phive --no-progress install phpcs -g --trust-gpg-keys 31C7E470E2138192 - +# #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/php_phplint/Dockerfile b/linters/php_phplint/Dockerfile index 227bb21356e..d2ffed0ff2b 100644 --- a/linters/php_phplint/Dockerfile +++ b/linters/php_phplint/Dockerfile @@ -14,18 +14,135 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START +RUN apk add --update --no-cache \ + gnupg +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START +# PHP installation +RUN --mount=type=secret,id=GITHUB_TOKEN GITHUB_AUTH_TOKEN="$(cat /run/secrets/GITHUB_TOKEN)" \ + && export GITHUB_AUTH_TOKEN \ + && wget --tries=5 -q -O phive.phar https://phar.io/releases/phive.phar \ + && wget --tries=5 -q -O phive.phar.asc https://phar.io/releases/phive.phar.asc \ + && PHAR_KEY_ID="0x9D8A98B29B2D5D79" \ + && ( gpg --keyserver keyserver.pgp.com --recv-keys "$PHAR_KEY_ID" \ + || gpg --keyserver ha.pool.sks-keyservers.net --recv-keys "$PHAR_KEY_ID" \ + || gpg --keyserver pgp.mit.edu --recv-keys "$PHAR_KEY_ID" \ + || gpg --keyserver hkps://keyserver.ubuntu.com --recv-keys "$PHAR_KEY_ID" ) \ + && gpg --verify phive.phar.asc phive.phar \ + && chmod +x phive.phar \ + && mv phive.phar /usr/local/bin/phive \ + && rm phive.phar.asc + +# +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START + +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START +COPY --link --from=build-platform /usr/local/bin/phive /usr/local/bin/phive +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -82,6 +199,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -89,21 +208,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START - -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START +#PIPVENV_PATH__START -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -129,61 +236,22 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START # PHP installation -RUN --mount=type=secret,id=GITHUB_TOKEN GITHUB_AUTH_TOKEN="$(cat /run/secrets/GITHUB_TOKEN)" \ - && export GITHUB_AUTH_TOKEN \ - && wget --tries=5 -q -O phive.phar https://phar.io/releases/phive.phar \ - && wget --tries=5 -q -O phive.phar.asc https://phar.io/releases/phive.phar.asc \ - && PHAR_KEY_ID="0x9D8A98B29B2D5D79" \ - && ( gpg --keyserver keyserver.pgp.com --recv-keys "$PHAR_KEY_ID" \ - || gpg --keyserver ha.pool.sks-keyservers.net --recv-keys "$PHAR_KEY_ID" \ - || gpg --keyserver pgp.mit.edu --recv-keys "$PHAR_KEY_ID" \ - || gpg --keyserver hkps://keyserver.ubuntu.com --recv-keys "$PHAR_KEY_ID" ) \ - && gpg --verify phive.phar.asc phive.phar \ - && chmod +x phive.phar \ - && mv phive.phar /usr/local/bin/phive \ - && rm phive.phar.asc \ - && update-alternatives --install /usr/bin/php php /usr/bin/php81 110 - - +RUN update-alternatives --install /usr/bin/php php /usr/bin/php81 110 +# # phplint installation RUN --mount=type=secret,id=GITHUB_TOKEN GITHUB_AUTH_TOKEN="$(cat /run/secrets/GITHUB_TOKEN)" && export GITHUB_AUTH_TOKEN && phive --no-progress install overtrue/phplint --force-accept-unsigned -g - +# #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/php_phpstan/Dockerfile b/linters/php_phpstan/Dockerfile index 335fed779b9..94fbc7ec4f4 100644 --- a/linters/php_phpstan/Dockerfile +++ b/linters/php_phpstan/Dockerfile @@ -14,18 +14,136 @@ FROM ghcr.io/phpstan/phpstan:latest-php8.1 as phpstan #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START +RUN apk add --update --no-cache \ + gnupg +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START +# PHP installation +RUN --mount=type=secret,id=GITHUB_TOKEN GITHUB_AUTH_TOKEN="$(cat /run/secrets/GITHUB_TOKEN)" \ + && export GITHUB_AUTH_TOKEN \ + && wget --tries=5 -q -O phive.phar https://phar.io/releases/phive.phar \ + && wget --tries=5 -q -O phive.phar.asc https://phar.io/releases/phive.phar.asc \ + && PHAR_KEY_ID="0x9D8A98B29B2D5D79" \ + && ( gpg --keyserver keyserver.pgp.com --recv-keys "$PHAR_KEY_ID" \ + || gpg --keyserver ha.pool.sks-keyservers.net --recv-keys "$PHAR_KEY_ID" \ + || gpg --keyserver pgp.mit.edu --recv-keys "$PHAR_KEY_ID" \ + || gpg --keyserver hkps://keyserver.ubuntu.com --recv-keys "$PHAR_KEY_ID" ) \ + && gpg --verify phive.phar.asc phive.phar \ + && chmod +x phive.phar \ + && mv phive.phar /usr/local/bin/phive \ + && rm phive.phar.asc + +# +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START + +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START +COPY --link --from=build-platform /usr/local/bin/phive /usr/local/bin/phive +COPY --link --chmod=755 --from=phpstan /composer/vendor/phpstan/phpstan/phpstan.phar /usr/bin/phpstan +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -82,6 +200,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -89,21 +209,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START - -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START +#PIPVENV_PATH__START -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -129,61 +237,18 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START -COPY --link --from=phpstan /composer/vendor/phpstan/phpstan/phpstan.phar /usr/bin/phpstan -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START # PHP installation -RUN --mount=type=secret,id=GITHUB_TOKEN GITHUB_AUTH_TOKEN="$(cat /run/secrets/GITHUB_TOKEN)" \ - && export GITHUB_AUTH_TOKEN \ - && wget --tries=5 -q -O phive.phar https://phar.io/releases/phive.phar \ - && wget --tries=5 -q -O phive.phar.asc https://phar.io/releases/phive.phar.asc \ - && PHAR_KEY_ID="0x9D8A98B29B2D5D79" \ - && ( gpg --keyserver keyserver.pgp.com --recv-keys "$PHAR_KEY_ID" \ - || gpg --keyserver ha.pool.sks-keyservers.net --recv-keys "$PHAR_KEY_ID" \ - || gpg --keyserver pgp.mit.edu --recv-keys "$PHAR_KEY_ID" \ - || gpg --keyserver hkps://keyserver.ubuntu.com --recv-keys "$PHAR_KEY_ID" ) \ - && gpg --verify phive.phar.asc phive.phar \ - && chmod +x phive.phar \ - && mv phive.phar /usr/local/bin/phive \ - && rm phive.phar.asc \ - && update-alternatives --install /usr/bin/php php /usr/bin/php81 110 - - -# phpstan installation -# Managed with COPY --link --from=phpstan /composer/vendor/phpstan/phpstan/phpstan.phar /usr/bin/phpstan -RUN chmod +x /usr/bin/phpstan - +RUN update-alternatives --install /usr/bin/php php /usr/bin/php81 110 +# #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/php_psalm/Dockerfile b/linters/php_psalm/Dockerfile index 1b301614680..d02b5754e3a 100644 --- a/linters/php_psalm/Dockerfile +++ b/linters/php_psalm/Dockerfile @@ -14,18 +14,135 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START +RUN apk add --update --no-cache \ + gnupg +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START +# PHP installation +RUN --mount=type=secret,id=GITHUB_TOKEN GITHUB_AUTH_TOKEN="$(cat /run/secrets/GITHUB_TOKEN)" \ + && export GITHUB_AUTH_TOKEN \ + && wget --tries=5 -q -O phive.phar https://phar.io/releases/phive.phar \ + && wget --tries=5 -q -O phive.phar.asc https://phar.io/releases/phive.phar.asc \ + && PHAR_KEY_ID="0x9D8A98B29B2D5D79" \ + && ( gpg --keyserver keyserver.pgp.com --recv-keys "$PHAR_KEY_ID" \ + || gpg --keyserver ha.pool.sks-keyservers.net --recv-keys "$PHAR_KEY_ID" \ + || gpg --keyserver pgp.mit.edu --recv-keys "$PHAR_KEY_ID" \ + || gpg --keyserver hkps://keyserver.ubuntu.com --recv-keys "$PHAR_KEY_ID" ) \ + && gpg --verify phive.phar.asc phive.phar \ + && chmod +x phive.phar \ + && mv phive.phar /usr/local/bin/phive \ + && rm phive.phar.asc + +# +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START + +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START +COPY --link --from=build-platform /usr/local/bin/phive /usr/local/bin/phive +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -82,6 +199,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -89,21 +208,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START - -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START +#PIPVENV_PATH__START -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -129,61 +236,22 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START # PHP installation -RUN --mount=type=secret,id=GITHUB_TOKEN GITHUB_AUTH_TOKEN="$(cat /run/secrets/GITHUB_TOKEN)" \ - && export GITHUB_AUTH_TOKEN \ - && wget --tries=5 -q -O phive.phar https://phar.io/releases/phive.phar \ - && wget --tries=5 -q -O phive.phar.asc https://phar.io/releases/phive.phar.asc \ - && PHAR_KEY_ID="0x9D8A98B29B2D5D79" \ - && ( gpg --keyserver keyserver.pgp.com --recv-keys "$PHAR_KEY_ID" \ - || gpg --keyserver ha.pool.sks-keyservers.net --recv-keys "$PHAR_KEY_ID" \ - || gpg --keyserver pgp.mit.edu --recv-keys "$PHAR_KEY_ID" \ - || gpg --keyserver hkps://keyserver.ubuntu.com --recv-keys "$PHAR_KEY_ID" ) \ - && gpg --verify phive.phar.asc phive.phar \ - && chmod +x phive.phar \ - && mv phive.phar /usr/local/bin/phive \ - && rm phive.phar.asc \ - && update-alternatives --install /usr/bin/php php /usr/bin/php81 110 - - +RUN update-alternatives --install /usr/bin/php php /usr/bin/php81 110 +# # psalm installation RUN --mount=type=secret,id=GITHUB_TOKEN GITHUB_AUTH_TOKEN="$(cat /run/secrets/GITHUB_TOKEN)" && export GITHUB_AUTH_TOKEN && phive --no-progress install psalm -g --trust-gpg-keys 8A03EA3B385DBAA1,12CE0F1D262429A5 - +# #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/powershell_powershell/Dockerfile b/linters/powershell_powershell/Dockerfile index bb4bdf5599c..a5138bcd251 100644 --- a/linters/powershell_powershell/Dockerfile +++ b/linters/powershell_powershell/Dockerfile @@ -14,18 +14,119 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START + +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START + +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -75,6 +176,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -82,21 +185,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START - -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START +#PIPVENV_PATH__START -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -122,24 +213,18 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START # POWERSHELL installation -RUN --mount=type=secret,id=GITHUB_TOKEN case ${TARGETPLATFORM} in \ +RUN --mount=type=secret,id=GITHUB_TOKEN ([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && exit 0) || \ + case ${TARGETPLATFORM} in \ "linux/amd64") POWERSHELL_ARCH=alpine-x64 ;; \ - "linux/arm64") POWERSHELL_ARCH=arm64 ;; \ + "linux/arm64") POWERSHELL_ARCH=alpine-arm64 ;; \ esac \ && mkdir -p ${PWSH_DIRECTORY} \ && curl --retry 5 --retry-delay 5 -s \ @@ -154,30 +239,12 @@ RUN --mount=type=secret,id=GITHUB_TOKEN case ${TARGETPLATFORM} in \ && ln -sf ${PWSH_DIRECTORY}/pwsh /usr/bin/pwsh \ && chmod +x /usr/bin/pwsh - +# # powershell installation -RUN pwsh -c 'Install-Module -Name PSScriptAnalyzer -RequiredVersion ${PSSA_VERSION} -Scope AllUsers -Force' - +RUN ([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && exit 0) || pwsh -c 'Install-Module -Name PSScriptAnalyzer -RequiredVersion ${PSSA_VERSION} -Scope AllUsers -Force' +# #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/powershell_powershell_formatter/Dockerfile b/linters/powershell_powershell_formatter/Dockerfile index db2e004edce..74dbad07286 100644 --- a/linters/powershell_powershell_formatter/Dockerfile +++ b/linters/powershell_powershell_formatter/Dockerfile @@ -14,18 +14,119 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START + +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START + +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -75,6 +176,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -82,21 +185,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START - -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START +#PIPVENV_PATH__START -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -122,24 +213,18 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START # POWERSHELL installation -RUN --mount=type=secret,id=GITHUB_TOKEN case ${TARGETPLATFORM} in \ +RUN --mount=type=secret,id=GITHUB_TOKEN ([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && exit 0) || \ + case ${TARGETPLATFORM} in \ "linux/amd64") POWERSHELL_ARCH=alpine-x64 ;; \ - "linux/arm64") POWERSHELL_ARCH=arm64 ;; \ + "linux/arm64") POWERSHELL_ARCH=alpine-arm64 ;; \ esac \ && mkdir -p ${PWSH_DIRECTORY} \ && curl --retry 5 --retry-delay 5 -s \ @@ -154,30 +239,12 @@ RUN --mount=type=secret,id=GITHUB_TOKEN case ${TARGETPLATFORM} in \ && ln -sf ${PWSH_DIRECTORY}/pwsh /usr/bin/pwsh \ && chmod +x /usr/bin/pwsh - +# # powershell_formatter installation -RUN pwsh -c 'Install-Module -Name PSScriptAnalyzer -RequiredVersion ${PSSA_VERSION} -Scope AllUsers -Force' - +RUN ([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && exit 0) || pwsh -c 'Install-Module -Name PSScriptAnalyzer -RequiredVersion ${PSSA_VERSION} -Scope AllUsers -Force' +# #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/protobuf_protolint/Dockerfile b/linters/protobuf_protolint/Dockerfile index 39f5c1c88b9..9f2ff8115bd 100644 --- a/linters/protobuf_protolint/Dockerfile +++ b/linters/protobuf_protolint/Dockerfile @@ -14,18 +14,119 @@ FROM yoheimuta/protolint:latest as protolint #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START + +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START +COPY --link --from=protolint /usr/local/bin/protolint /usr/bin/ +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -71,6 +172,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -78,21 +181,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START - -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START +#PIPVENV_PATH__START -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -118,43 +209,16 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START -COPY --link --from=protolint /usr/local/bin/protolint /usr/bin/ -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START -# protolint installation -# Managed with COPY --link --from=protolint /usr/local/bin/protolint /usr/bin/ #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/puppet_puppet_lint/Dockerfile b/linters/puppet_puppet_lint/Dockerfile index e80660b0ae8..fdaa5736521 100644 --- a/linters/puppet_puppet_lint/Dockerfile +++ b/linters/puppet_puppet_lint/Dockerfile @@ -14,18 +14,119 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START + +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START + +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -75,6 +176,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -82,21 +185,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START - -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START +#PIPVENV_PATH__START -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -124,15 +215,8 @@ RUN echo 'gem: --no-document' >> ~/.gemrc && \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## @@ -141,24 +225,6 @@ RUN echo 'gem: --no-document' >> ~/.gemrc && \ #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/python_bandit/Dockerfile b/linters/python_bandit/Dockerfile index 394e6be9b37..2ed00f5e3f6 100644 --- a/linters/python_bandit/Dockerfile +++ b/linters/python_bandit/Dockerfile @@ -14,18 +14,133 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START + +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START + +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START +RUN --mount=type=cache,id=pip,sharing=locked,target=/var/cache/pip,uid=0 \ + mkdir /download \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --cache-dir=/var/cache/pip --upgrade pip crossenv wheel \ +&& pip download --cache-dir=/var/cache/pip --dest "/download" \ + bandit \ + bandit_sarif_formatter \ + bandit[toml] + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/bandit" \ + && cd "/venvs/bandit" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip bandit bandit_sarif_formatter bandit[toml] + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -71,6 +186,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -78,24 +195,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START -RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir --upgrade pip virtualenv \ - && mkdir -p "/venvs/bandit" && cd "/venvs/bandit" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir bandit bandit_sarif_formatter bandit[toml] && deactivate && cd ./../.. \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf && rm -rf /root/.cache -ENV PATH="${PATH}":/venvs/bandit/bin -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START - -#NPM__END +#PIPVENV_PATH__START +ENV PATH="${PATH}":/venvs/bandit/cross/bin +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -121,15 +223,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## @@ -138,24 +233,6 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/python_black/Dockerfile b/linters/python_black/Dockerfile index aeb01f614cc..c2ac3d52bf4 100644 --- a/linters/python_black/Dockerfile +++ b/linters/python_black/Dockerfile @@ -14,18 +14,131 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START + +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START + +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START +RUN --mount=type=cache,id=pip,sharing=locked,target=/var/cache/pip,uid=0 \ + mkdir /download \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --cache-dir=/var/cache/pip --upgrade pip crossenv wheel \ +&& pip download --cache-dir=/var/cache/pip --dest "/download" \ + black + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/black" \ + && cd "/venvs/black" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip black + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -71,6 +184,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -78,24 +193,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START -RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir --upgrade pip virtualenv \ - && mkdir -p "/venvs/black" && cd "/venvs/black" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir black && deactivate && cd ./../.. \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf && rm -rf /root/.cache -ENV PATH="${PATH}":/venvs/black/bin -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START - -#NPM__END +#PIPVENV_PATH__START +ENV PATH="${PATH}":/venvs/black/cross/bin +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -121,15 +221,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## @@ -138,24 +231,6 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/python_flake8/Dockerfile b/linters/python_flake8/Dockerfile index 8e38b3c95ea..67a2c21a584 100644 --- a/linters/python_flake8/Dockerfile +++ b/linters/python_flake8/Dockerfile @@ -14,18 +14,131 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START + +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START + +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START +RUN --mount=type=cache,id=pip,sharing=locked,target=/var/cache/pip,uid=0 \ + mkdir /download \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --cache-dir=/var/cache/pip --upgrade pip crossenv wheel \ +&& pip download --cache-dir=/var/cache/pip --dest "/download" \ + flake8 + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/flake8" \ + && cd "/venvs/flake8" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip flake8 + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -71,6 +184,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -78,24 +193,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START -RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir --upgrade pip virtualenv \ - && mkdir -p "/venvs/flake8" && cd "/venvs/flake8" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir flake8 && deactivate && cd ./../.. \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf && rm -rf /root/.cache -ENV PATH="${PATH}":/venvs/flake8/bin -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START - -#NPM__END +#PIPVENV_PATH__START +ENV PATH="${PATH}":/venvs/flake8/cross/bin +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -121,15 +221,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## @@ -138,24 +231,6 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/python_isort/Dockerfile b/linters/python_isort/Dockerfile index 0df4fe99efe..4de3152120c 100644 --- a/linters/python_isort/Dockerfile +++ b/linters/python_isort/Dockerfile @@ -14,18 +14,132 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START + +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START + +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START +RUN --mount=type=cache,id=pip,sharing=locked,target=/var/cache/pip,uid=0 \ + mkdir /download \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --cache-dir=/var/cache/pip --upgrade pip crossenv wheel \ +&& pip download --cache-dir=/var/cache/pip --dest "/download" \ + isort \ + black + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/isort" \ + && cd "/venvs/isort" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip isort black + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -71,6 +185,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -78,24 +194,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START -RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir --upgrade pip virtualenv \ - && mkdir -p "/venvs/isort" && cd "/venvs/isort" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir isort black && deactivate && cd ./../.. \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf && rm -rf /root/.cache -ENV PATH="${PATH}":/venvs/isort/bin -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START - -#NPM__END +#PIPVENV_PATH__START +ENV PATH="${PATH}":/venvs/isort/cross/bin +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -121,15 +222,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## @@ -138,24 +232,6 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/python_mypy/Dockerfile b/linters/python_mypy/Dockerfile index e42aecfadbf..f715d33c9a4 100644 --- a/linters/python_mypy/Dockerfile +++ b/linters/python_mypy/Dockerfile @@ -14,18 +14,131 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START + +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START + +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START +RUN --mount=type=cache,id=pip,sharing=locked,target=/var/cache/pip,uid=0 \ + mkdir /download \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --cache-dir=/var/cache/pip --upgrade pip crossenv wheel \ +&& pip download --cache-dir=/var/cache/pip --dest "/download" \ + mypy + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/mypy" \ + && cd "/venvs/mypy" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip mypy + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -71,6 +184,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -78,24 +193,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START -RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir --upgrade pip virtualenv \ - && mkdir -p "/venvs/mypy" && cd "/venvs/mypy" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir mypy && deactivate && cd ./../.. \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf && rm -rf /root/.cache -ENV PATH="${PATH}":/venvs/mypy/bin -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START - -#NPM__END +#PIPVENV_PATH__START +ENV PATH="${PATH}":/venvs/mypy/cross/bin +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -121,15 +221,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## @@ -137,27 +230,9 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #OTHER__START # mypy installation ENV MYPY_CACHE_DIR=/tmp - +# #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/python_pylint/Dockerfile b/linters/python_pylint/Dockerfile index 8c11410e5af..421edc418c0 100644 --- a/linters/python_pylint/Dockerfile +++ b/linters/python_pylint/Dockerfile @@ -14,18 +14,132 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START + +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START + +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START +RUN --mount=type=cache,id=pip,sharing=locked,target=/var/cache/pip,uid=0 \ + mkdir /download \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --cache-dir=/var/cache/pip --upgrade pip crossenv wheel \ +&& pip download --cache-dir=/var/cache/pip --dest "/download" \ + pylint \ + typing-extensions + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/pylint" \ + && cd "/venvs/pylint" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip pylint typing-extensions + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -71,6 +185,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -78,24 +194,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START -RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir --upgrade pip virtualenv \ - && mkdir -p "/venvs/pylint" && cd "/venvs/pylint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir pylint typing-extensions && deactivate && cd ./../.. \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf && rm -rf /root/.cache -ENV PATH="${PATH}":/venvs/pylint/bin -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START - -#NPM__END +#PIPVENV_PATH__START +ENV PATH="${PATH}":/venvs/pylint/cross/bin +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -121,15 +222,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## @@ -138,24 +232,6 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/python_pyright/Dockerfile b/linters/python_pyright/Dockerfile index 7c29c82252f..07487bafd7f 100644 --- a/linters/python_pyright/Dockerfile +++ b/linters/python_pyright/Dockerfile @@ -14,18 +14,131 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START + +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START + +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START +RUN --mount=type=cache,id=pip,sharing=locked,target=/var/cache/pip,uid=0 \ + mkdir /download \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --cache-dir=/var/cache/pip --upgrade pip crossenv wheel \ +&& pip download --cache-dir=/var/cache/pip --dest "/download" \ + pyright + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/pyright" \ + && cd "/venvs/pyright" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip pyright + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -72,6 +185,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -79,24 +194,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START -RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir --upgrade pip virtualenv \ - && mkdir -p "/venvs/pyright" && cd "/venvs/pyright" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir pyright && deactivate && cd ./../.. \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf && rm -rf /root/.cache -ENV PATH="${PATH}":/venvs/pyright/bin -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START - -#NPM__END +#PIPVENV_PATH__START +ENV PATH="${PATH}":/venvs/pyright/cross/bin +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -122,15 +222,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## @@ -139,24 +232,6 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/python_ruff/Dockerfile b/linters/python_ruff/Dockerfile index f75516cc1b6..5e20d03e9a8 100644 --- a/linters/python_ruff/Dockerfile +++ b/linters/python_ruff/Dockerfile @@ -11,21 +11,130 @@ ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #FROM__START - +FROM --platform=$BUILDPLATFORM alpine:3 AS fetch-ruff +ARG BUILDARCH +RUN --mount=type=cache,target=/var/cache/apk,id=apk-${BUILDARCH},sharing=locked \ + apk add --update curl +WORKDIR / +ARG TARGETARCH +RUN export DL_LOCATION="https://github.com/charliermarsh/ruff/releases/latest/download/ruff-$([[ "${TARGETARCH}" == "amd64" ]] && echo "x86_64" || echo "aarch64")-unknown-linux-musl.tar.gz" \ + && echo "Downloading from ${DL_LOCATION}" \ + && curl --location "${DL_LOCATION}" | tar -xzv #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START + +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START +COPY --link --from=fetch-ruff /ruff /usr/bin/ruff +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -71,6 +180,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -78,24 +189,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START -RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir --upgrade pip virtualenv \ - && mkdir -p "/venvs/ruff" && cd "/venvs/ruff" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir ruff && deactivate && cd ./../.. \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf && rm -rf /root/.cache -ENV PATH="${PATH}":/venvs/ruff/bin -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START +#PIPVENV_PATH__START -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -121,15 +217,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## @@ -138,24 +227,6 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/r_lintr/Dockerfile b/linters/r_lintr/Dockerfile index 10a8c023b4a..8fbaa55d125 100644 --- a/linters/r_lintr/Dockerfile +++ b/linters/r_lintr/Dockerfile @@ -14,18 +14,119 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START + +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START + +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -81,6 +182,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -88,21 +191,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START +#PIPVENV_PATH__START -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START - -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -128,15 +219,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## @@ -148,27 +232,9 @@ RUN mkdir -p /home/r-library \ && Rscript -e "install.packages(c('lintr','purrr'), repos = 'https://cloud.r-project.org/')" \ && R -e "install.packages(list.dirs('/home/r-library',recursive = FALSE), repos = NULL, type = 'source')" - +# #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/raku_raku/Dockerfile b/linters/raku_raku/Dockerfile index 1ad96b12b8d..fa5dd193db9 100644 --- a/linters/raku_raku/Dockerfile +++ b/linters/raku_raku/Dockerfile @@ -14,18 +14,119 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START + +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START + +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -71,6 +172,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -78,21 +181,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START +#PIPVENV_PATH__START -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START - -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -118,15 +209,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## @@ -141,27 +225,9 @@ RUN curl -L https://github.com/nxadm/rakudo-pkg/releases/download/v2020.10-02/ra && /opt/rakudo-pkg/bin/install-zef-as-user ENV PATH="~/.raku/bin:/opt/rakudo-pkg/bin:/opt/rakudo-pkg/share/perl6/site/bin:$PATH" - +# #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/repository_checkov/Dockerfile b/linters/repository_checkov/Dockerfile index c16e077b912..0e9cf40e4fd 100644 --- a/linters/repository_checkov/Dockerfile +++ b/linters/repository_checkov/Dockerfile @@ -14,18 +14,134 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START + +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START + +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev \ + g++ \ + cmake +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START +RUN --mount=type=cache,id=pip,sharing=locked,target=/var/cache/pip,uid=0 \ + mkdir /download \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --cache-dir=/var/cache/pip --upgrade pip crossenv wheel \ +&& pip download --cache-dir=/var/cache/pip --dest "/download" \ + packaging \ + checkov + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/checkov" \ + && cd "/venvs/checkov" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip packaging checkov + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -71,6 +187,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -78,24 +196,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START -RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir --upgrade pip virtualenv \ - && mkdir -p "/venvs/checkov" && cd "/venvs/checkov" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir packaging checkov && deactivate && cd ./../.. \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf && rm -rf /root/.cache -ENV PATH="${PATH}":/venvs/checkov/bin -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START - -#NPM__END +#PIPVENV_PATH__START +ENV PATH="${PATH}":/venvs/checkov/cross/bin +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -121,15 +224,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## @@ -138,24 +234,6 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/repository_devskim/Dockerfile b/linters/repository_devskim/Dockerfile index 2997090257d..93c703bbdff 100644 --- a/linters/repository_devskim/Dockerfile +++ b/linters/repository_devskim/Dockerfile @@ -14,18 +14,119 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START + +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START + +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -79,6 +180,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -86,21 +189,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START +#PIPVENV_PATH__START -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START - -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -126,15 +217,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## @@ -147,27 +231,9 @@ RUN wget --tries=5 -q -O dotnet-install.sh https://dot.net/v1/dotnet-install.sh ENV PATH="${PATH}:/root/.dotnet/tools:/usr/share/dotnet" RUN dotnet tool install --global Microsoft.CST.DevSkim.CLI - +# #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/repository_dustilock/Dockerfile b/linters/repository_dustilock/Dockerfile index b688c90e69a..bef2ce59dc7 100644 --- a/linters/repository_dustilock/Dockerfile +++ b/linters/repository_dustilock/Dockerfile @@ -11,23 +11,132 @@ ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #FROM__START +FROM --platform=$BUILDPLATFORM golang:alpine as dustilock-build +RUN mkdir temp && cd temp && go mod init temp && go get -d github.com/checkmarx/dustilock@v1.2.0 +ARG BUILDARCH +ARG TARGETARCH +RUN GOOS=linux GOARCH=${TARGETARCH} go install github.com/checkmarx/dustilock@v1.2.0 \ +&& ([[ "${BUILDARCH}" == "${TARGETARCH}" ]] && mv bin/dustilock /usr/bin) || mv bin/linux_${TARGETARCH}/dustilock /usr/bin FROM golang:alpine as dustilock -RUN GOBIN=/usr/bin go install github.com/checkmarx/dustilock@v1.2.0 +COPY --from=dustilock-build /usr/bin/dustilock /usr/bin/dustilock +# Verify Binary +RUN /usr/bin/dustilock --version #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START + +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START +COPY --link --from=dustilock /usr/bin/dustilock /usr/bin/dustilock +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -73,6 +182,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -80,21 +191,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START - -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START +#PIPVENV_PATH__START -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -120,43 +219,16 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START -COPY --link --from=dustilock /usr/bin/dustilock /usr/bin/dustilock -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START -# dustilock installation -# Managed with COPY --link --from=dustilock /usr/bin/dustilock /usr/bin/dustilock #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/repository_git_diff/Dockerfile b/linters/repository_git_diff/Dockerfile index 305463ada65..dea63f3967c 100644 --- a/linters/repository_git_diff/Dockerfile +++ b/linters/repository_git_diff/Dockerfile @@ -14,18 +14,119 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START + +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START + +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -71,6 +172,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -78,21 +181,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START - -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START +#PIPVENV_PATH__START -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -118,15 +209,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## @@ -135,24 +219,6 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/repository_gitleaks/Dockerfile b/linters/repository_gitleaks/Dockerfile index 90953ca49f7..e79b564cd94 100644 --- a/linters/repository_gitleaks/Dockerfile +++ b/linters/repository_gitleaks/Dockerfile @@ -14,18 +14,119 @@ FROM zricethezav/gitleaks:v8.17.0 as gitleaks #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START + +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START +COPY --link --from=gitleaks /usr/bin/gitleaks /usr/bin/ +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -71,6 +172,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -78,21 +181,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START - -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START +#PIPVENV_PATH__START -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -118,43 +209,16 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START -COPY --link --from=gitleaks /usr/bin/gitleaks /usr/bin/ -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START -# gitleaks installation -# Managed with COPY --link --from=gitleaks /usr/bin/gitleaks /usr/bin/ #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/repository_grype/Dockerfile b/linters/repository_grype/Dockerfile index 26ec163249d..864ecf6df56 100644 --- a/linters/repository_grype/Dockerfile +++ b/linters/repository_grype/Dockerfile @@ -14,18 +14,119 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START + +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START + +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -71,6 +172,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -78,21 +181,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START +#PIPVENV_PATH__START -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START - -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -118,15 +209,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## @@ -134,27 +218,9 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #OTHER__START # grype installation RUN curl -sSfL https://raw.githubusercontent.com/anchore/grype/main/install.sh | sh -s -- -b /usr/local/bin v0.63.1 - +# #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/repository_kics/Dockerfile b/linters/repository_kics/Dockerfile index 13b1c8037ea..d50aa8c347f 100644 --- a/linters/repository_kics/Dockerfile +++ b/linters/repository_kics/Dockerfile @@ -14,18 +14,120 @@ FROM checkmarx/kics:alpine as kics #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START + +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START +COPY --link --from=kics /app/bin/kics /usr/bin/ +COPY --from=kics /app/bin/assets /opt/kics/assets/ +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -71,6 +173,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -78,21 +182,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START - -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START +#PIPVENV_PATH__START -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -118,47 +210,19 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START -COPY --link --from=kics /app/bin/kics /usr/bin/ -COPY --from=kics /app/bin/assets /opt/kics/assets/ -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START # kics installation -# Managed with COPY --link --from=kics /app/bin/kics /usr/bin/ RUN mkdir -p /opt/kics/assets ENV KICS_QUERIES_PATH=/opt/kics/assets/queries KICS_LIBRARIES_PATH=/opt/kics/assets/libraries -# Managed with COPY --from=kics /app/bin/assets /opt/kics/assets/ - +# #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/repository_secretlint/Dockerfile b/linters/repository_secretlint/Dockerfile index 066fd6ce341..72f4cdb1166 100644 --- a/linters/repository_secretlint/Dockerfile +++ b/linters/repository_secretlint/Dockerfile @@ -14,18 +14,141 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START +RUN apk add --update --no-cache \ + npm +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START +WORKDIR /node-deps +RUN npm --no-cache install --ignore-scripts --omit=dev \ + secretlint \ + @secretlint/secretlint-rule-preset-recommend \ + @secretlint/secretlint-formatter-sarif && \ + echo "Cleaning npm cache…" \ + && npm cache clean --force || true \ + && echo "Changing owner of node_modules files…" \ + && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ + && echo "Removing extra node_module files…" \ + && rm -rf /root/.npm/_cacache \ + && find . -name "*.d.ts" -delete \ + && find . -name "*.map" -delete \ + && find . -name "*.npmignore" -delete \ + && find . -name "*.travis.yml" -delete \ + && find . -name "CHANGELOG.md" -delete \ + && find . -name "README.md" -delete \ + && find . -name ".package-lock.json" -delete \ + && find . -name "package-lock.json" -delete \ + && find . -name "README.md" -delete +WORKDIR / + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START +COPY --link --from=node_modules /node-deps /node-deps +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -74,6 +197,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -81,42 +206,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START - -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START -WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ - secretlint \ - @secretlint/secretlint-rule-preset-recommend \ - @secretlint/secretlint-formatter-sarif && \ - echo "Cleaning npm cache…" \ - && npm cache clean --force || true \ - && echo "Changing owner of node_modules files…" \ - && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ - && echo "Removing extra node_module files…" \ - && rm -rf /root/.npm/_cacache \ - && find . -name "*.d.ts" -delete \ - && find . -name "*.map" -delete \ - && find . -name "*.npmignore" -delete \ - && find . -name "*.travis.yml" -delete \ - && find . -name "CHANGELOG.md" -delete \ - && find . -name "README.md" -delete \ - && find . -name ".package-lock.json" -delete \ - && find . -name "package-lock.json" -delete \ - && find . -name "README.md" -delete -WORKDIR / +#PIPVENV_PATH__START -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -142,15 +234,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## @@ -159,24 +244,6 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/repository_semgrep/Dockerfile b/linters/repository_semgrep/Dockerfile index 4ca1dfaf9b3..1db248bdd87 100644 --- a/linters/repository_semgrep/Dockerfile +++ b/linters/repository_semgrep/Dockerfile @@ -14,18 +14,133 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START + +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START + +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev \ + g++ \ + cmake +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START +RUN --mount=type=cache,id=pip,sharing=locked,target=/var/cache/pip,uid=0 \ + mkdir /download \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --cache-dir=/var/cache/pip --upgrade pip crossenv wheel \ +&& pip download --cache-dir=/var/cache/pip --dest "/download" \ + semgrep + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/semgrep" \ + && cd "/venvs/semgrep" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip semgrep + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -71,6 +186,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -78,24 +195,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START -RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir --upgrade pip virtualenv \ - && mkdir -p "/venvs/semgrep" && cd "/venvs/semgrep" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir semgrep && deactivate && cd ./../.. \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf && rm -rf /root/.cache -ENV PATH="${PATH}":/venvs/semgrep/bin -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START - -#NPM__END +#PIPVENV_PATH__START +ENV PATH="${PATH}":/venvs/semgrep/cross/bin +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -121,15 +223,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## @@ -138,24 +233,6 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/repository_syft/Dockerfile b/linters/repository_syft/Dockerfile index 0dfbfb5e32f..3f5c8fa7c3a 100644 --- a/linters/repository_syft/Dockerfile +++ b/linters/repository_syft/Dockerfile @@ -14,18 +14,119 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START + +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START + +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -71,6 +172,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -78,21 +181,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START +#PIPVENV_PATH__START -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START - -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -118,15 +209,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## @@ -134,27 +218,9 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #OTHER__START # syft installation RUN curl -sSfL https://raw.githubusercontent.com/anchore/syft/main/install.sh | sh -s -- -b /usr/local/bin - +# #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/repository_trivy/Dockerfile b/linters/repository_trivy/Dockerfile index bb28e568a3d..b14130e58f8 100644 --- a/linters/repository_trivy/Dockerfile +++ b/linters/repository_trivy/Dockerfile @@ -14,18 +14,119 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START + +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START + +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -71,6 +172,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -78,21 +181,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START +#PIPVENV_PATH__START -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START - -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -118,15 +209,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## @@ -135,27 +219,9 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ # trivy installation RUN wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin - +# #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/repository_trivy_sbom/Dockerfile b/linters/repository_trivy_sbom/Dockerfile index 7b0a1fabab1..d9fbb4390a1 100644 --- a/linters/repository_trivy_sbom/Dockerfile +++ b/linters/repository_trivy_sbom/Dockerfile @@ -14,18 +14,119 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START + +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START + +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -71,6 +172,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -78,21 +181,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START +#PIPVENV_PATH__START -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START - -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -118,15 +209,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## @@ -135,27 +219,9 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ # trivy-sbom installation RUN wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin - +# #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/repository_trufflehog/Dockerfile b/linters/repository_trufflehog/Dockerfile index 628ac9522ab..e41bb8bb00b 100644 --- a/linters/repository_trufflehog/Dockerfile +++ b/linters/repository_trufflehog/Dockerfile @@ -14,18 +14,119 @@ FROM trufflesecurity/trufflehog:latest as trufflehog #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START + +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START +COPY --link --from=trufflehog /usr/bin/trufflehog /usr/bin/ +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -71,6 +172,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -78,21 +181,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START - -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START +#PIPVENV_PATH__START -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -118,43 +209,16 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START -COPY --link --from=trufflehog /usr/bin/trufflehog /usr/bin/ -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START -# trufflehog installation -# Managed with COPY --link --from=trufflehog /usr/bin/trufflehog /usr/bin/ #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/rst_rst_lint/Dockerfile b/linters/rst_rst_lint/Dockerfile index d68ef83b5e6..bfc5ad89430 100644 --- a/linters/rst_rst_lint/Dockerfile +++ b/linters/rst_rst_lint/Dockerfile @@ -14,18 +14,131 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START + +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START + +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START +RUN --mount=type=cache,id=pip,sharing=locked,target=/var/cache/pip,uid=0 \ + mkdir /download \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --cache-dir=/var/cache/pip --upgrade pip crossenv wheel \ +&& pip download --cache-dir=/var/cache/pip --dest "/download" \ + restructuredtext_lint + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/rst-lint" \ + && cd "/venvs/rst-lint" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip restructuredtext_lint + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -71,6 +184,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -78,24 +193,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START -RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir --upgrade pip virtualenv \ - && mkdir -p "/venvs/rst-lint" && cd "/venvs/rst-lint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir restructuredtext_lint && deactivate && cd ./../.. \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf && rm -rf /root/.cache -ENV PATH="${PATH}":/venvs/rst-lint/bin -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START - -#NPM__END +#PIPVENV_PATH__START +ENV PATH="${PATH}":/venvs/rst-lint/cross/bin +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -121,15 +221,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## @@ -138,24 +231,6 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/rst_rstcheck/Dockerfile b/linters/rst_rstcheck/Dockerfile index 31eda4153dc..6920a9ed41b 100644 --- a/linters/rst_rstcheck/Dockerfile +++ b/linters/rst_rstcheck/Dockerfile @@ -14,18 +14,131 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START + +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START + +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START +RUN --mount=type=cache,id=pip,sharing=locked,target=/var/cache/pip,uid=0 \ + mkdir /download \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --cache-dir=/var/cache/pip --upgrade pip crossenv wheel \ +&& pip download --cache-dir=/var/cache/pip --dest "/download" \ + rstcheck + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/rstcheck" \ + && cd "/venvs/rstcheck" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip rstcheck + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -71,6 +184,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -78,24 +193,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START -RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir --upgrade pip virtualenv \ - && mkdir -p "/venvs/rstcheck" && cd "/venvs/rstcheck" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir rstcheck && deactivate && cd ./../.. \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf && rm -rf /root/.cache -ENV PATH="${PATH}":/venvs/rstcheck/bin -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START - -#NPM__END +#PIPVENV_PATH__START +ENV PATH="${PATH}":/venvs/rstcheck/cross/bin +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -121,15 +221,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## @@ -138,24 +231,6 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/rst_rstfmt/Dockerfile b/linters/rst_rstfmt/Dockerfile index b9426ed193d..cb396572128 100644 --- a/linters/rst_rstfmt/Dockerfile +++ b/linters/rst_rstfmt/Dockerfile @@ -14,18 +14,131 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START + +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START + +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START +RUN --mount=type=cache,id=pip,sharing=locked,target=/var/cache/pip,uid=0 \ + mkdir /download \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --cache-dir=/var/cache/pip --upgrade pip crossenv wheel \ +&& pip download --cache-dir=/var/cache/pip --dest "/download" \ + rstfmt + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/rstfmt" \ + && cd "/venvs/rstfmt" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip rstfmt + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -71,6 +184,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -78,24 +193,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START -RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir --upgrade pip virtualenv \ - && mkdir -p "/venvs/rstfmt" && cd "/venvs/rstfmt" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir rstfmt && deactivate && cd ./../.. \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf && rm -rf /root/.cache -ENV PATH="${PATH}":/venvs/rstfmt/bin -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START - -#NPM__END +#PIPVENV_PATH__START +ENV PATH="${PATH}":/venvs/rstfmt/cross/bin +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -121,15 +221,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## @@ -138,24 +231,6 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/ruby_rubocop/Dockerfile b/linters/ruby_rubocop/Dockerfile index 3e475661ef8..d1aa671f91d 100644 --- a/linters/ruby_rubocop/Dockerfile +++ b/linters/ruby_rubocop/Dockerfile @@ -14,18 +14,119 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START + +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START + +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -75,6 +176,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -82,21 +185,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START - -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START +#PIPVENV_PATH__START -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -129,15 +220,8 @@ RUN echo 'gem: --no-document' >> ~/.gemrc && \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## @@ -146,24 +230,6 @@ RUN echo 'gem: --no-document' >> ~/.gemrc && \ #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/rust_clippy/Dockerfile b/linters/rust_clippy/Dockerfile index 61ca586dac4..6818fcc4272 100644 --- a/linters/rust_clippy/Dockerfile +++ b/linters/rust_clippy/Dockerfile @@ -11,21 +11,157 @@ ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #FROM__START +FROM --platform=$BUILDPLATFORM alpine:3 AS cargo-build +WORKDIR /cargo +ENV HOME=/cargo +USER 0 +RUN --mount=type=cache,target=/var/cache/apk,id=apk-${BUILDARCH},sharing=locked \ + apk add --update \ + gcc \ + rustup \ + bash \ + git \ + musl-dev \ + llvm \ + clang \ + curl +RUN curl --location "https://github.com/cargo-bins/cargo-binstall/releases/latest/download/cargo-binstall-$([[ "${TARGETARCH}" == "amd64" ]] && echo "x86_64" || echo "aarch64")-unknown-linux-musl.tgz" | tar -xzv \ + && mkdir -p /cargo/.cargo/bin \ + && mv cargo-binstall /cargo/.cargo/bin \ + && chown -R 63425:63425 /cargo +USER 63425 +ENV CC_aarch64_unknown_linux_musl=clang \ + AR_aarch64_unknown_linux_musl=llvm-ar \ + CARGO_TARGET_AARCH64_UNKNOWN_LINUX_MUSL_RUSTFLAGS="-Clink-self-contained=yes -Clinker=rust-lld" \ + CC_x86_64_unknown_linux_musl=clang \ + AR_x86_64_unknown_linux_musl=llvm-ar \ + CARGO_TARGET_X86_64_UNKNOWN_LINUX_MUSL_RUSTFLAGS="-Clink-self-contained=yes -Clinker=rust-lld" +ARG TARGETARCH +RUN rustup-init -y --target $([[ "${TARGETARCH}" == "amd64" ]] && echo "x86_64-unknown-linux-musl" || echo "aarch64-unknown-linux-musl") + +RUN --mount=type=cache,id=cargo-${TARGETARCH},sharing=locked,target=/cargo/.cargo/registry/,uid=63425 \ + . /cargo/.cargo/env \ + && cargo binstall --no-confirm --no-symlinks --root /tmp --target $([[ "${TARGETARCH}" == "amd64" ]] && echo "x86_64-unknown-linux-musl" || echo "aarch64-unknown-linux-musl") + +FROM scratch AS cargo +COPY --link --from=cargo-build /tmp/bin/* /bin/ +RUN ["/bin/", "--help"] #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START + +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START +COPY --link --from=cargo /bin/* /usr/bin/ +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -71,6 +207,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -78,21 +216,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START - -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START +#PIPVENV_PATH__START -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -122,15 +248,8 @@ RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-too ENV PATH="/root/.cargo/bin:${PATH}" #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## @@ -139,24 +258,6 @@ ENV PATH="/root/.cargo/bin:${PATH}" #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/salesforce_sfdx_scanner_apex/Dockerfile b/linters/salesforce_sfdx_scanner_apex/Dockerfile index b84d3d075ad..9d2d1af35be 100644 --- a/linters/salesforce_sfdx_scanner_apex/Dockerfile +++ b/linters/salesforce_sfdx_scanner_apex/Dockerfile @@ -14,18 +14,139 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START +RUN apk add --update --no-cache \ + npm +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START +WORKDIR /node-deps +RUN npm --no-cache install --ignore-scripts --omit=dev \ + @salesforce/cli && \ + echo "Cleaning npm cache…" \ + && npm cache clean --force || true \ + && echo "Changing owner of node_modules files…" \ + && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ + && echo "Removing extra node_module files…" \ + && rm -rf /root/.npm/_cacache \ + && find . -name "*.d.ts" -delete \ + && find . -name "*.map" -delete \ + && find . -name "*.npmignore" -delete \ + && find . -name "*.travis.yml" -delete \ + && find . -name "CHANGELOG.md" -delete \ + && find . -name "README.md" -delete \ + && find . -name ".package-lock.json" -delete \ + && find . -name "package-lock.json" -delete \ + && find . -name "README.md" -delete +WORKDIR / + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START +COPY --link --from=node_modules /node-deps /node-deps +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -75,6 +196,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -82,40 +205,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START +#PIPVENV_PATH__START -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START -WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ - sfdx-cli && \ - echo "Cleaning npm cache…" \ - && npm cache clean --force || true \ - && echo "Changing owner of node_modules files…" \ - && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ - && echo "Removing extra node_module files…" \ - && rm -rf /root/.npm/_cacache \ - && find . -name "*.d.ts" -delete \ - && find . -name "*.map" -delete \ - && find . -name "*.npmignore" -delete \ - && find . -name "*.travis.yml" -delete \ - && find . -name "CHANGELOG.md" -delete \ - && find . -name "README.md" -delete \ - && find . -name ".package-lock.json" -delete \ - && find . -name "package-lock.json" -delete \ - && find . -name "README.md" -delete -WORKDIR / - -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -141,15 +233,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## @@ -158,36 +243,15 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ # SALESFORCE installation ENV JAVA_HOME=/usr/lib/jvm/java-11-openjdk ENV PATH="$JAVA_HOME/bin:${PATH}" -RUN echo y|sfdx plugins:install sfdx-hardis \ - && npm cache clean --force || true \ - && rm -rf /root/.npm/_cacache \ - +# # sfdx-scanner-apex installation - && sfdx plugins:install @salesforce/sfdx-scanner \ +RUN sfdx plugins:install @salesforce/sfdx-scanner \ && npm cache clean --force || true \ && rm -rf /root/.npm/_cacache - +# #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/salesforce_sfdx_scanner_aura/Dockerfile b/linters/salesforce_sfdx_scanner_aura/Dockerfile index a5fc5e4da93..79318da43ff 100644 --- a/linters/salesforce_sfdx_scanner_aura/Dockerfile +++ b/linters/salesforce_sfdx_scanner_aura/Dockerfile @@ -14,18 +14,139 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START +RUN apk add --update --no-cache \ + npm +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START +WORKDIR /node-deps +RUN npm --no-cache install --ignore-scripts --omit=dev \ + @salesforce/cli && \ + echo "Cleaning npm cache…" \ + && npm cache clean --force || true \ + && echo "Changing owner of node_modules files…" \ + && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ + && echo "Removing extra node_module files…" \ + && rm -rf /root/.npm/_cacache \ + && find . -name "*.d.ts" -delete \ + && find . -name "*.map" -delete \ + && find . -name "*.npmignore" -delete \ + && find . -name "*.travis.yml" -delete \ + && find . -name "CHANGELOG.md" -delete \ + && find . -name "README.md" -delete \ + && find . -name ".package-lock.json" -delete \ + && find . -name "package-lock.json" -delete \ + && find . -name "README.md" -delete +WORKDIR / + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START +COPY --link --from=node_modules /node-deps /node-deps +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -75,6 +196,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -82,40 +205,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START +#PIPVENV_PATH__START -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START -WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ - sfdx-cli && \ - echo "Cleaning npm cache…" \ - && npm cache clean --force || true \ - && echo "Changing owner of node_modules files…" \ - && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ - && echo "Removing extra node_module files…" \ - && rm -rf /root/.npm/_cacache \ - && find . -name "*.d.ts" -delete \ - && find . -name "*.map" -delete \ - && find . -name "*.npmignore" -delete \ - && find . -name "*.travis.yml" -delete \ - && find . -name "CHANGELOG.md" -delete \ - && find . -name "README.md" -delete \ - && find . -name ".package-lock.json" -delete \ - && find . -name "package-lock.json" -delete \ - && find . -name "README.md" -delete -WORKDIR / - -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -141,15 +233,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## @@ -158,36 +243,15 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ # SALESFORCE installation ENV JAVA_HOME=/usr/lib/jvm/java-11-openjdk ENV PATH="$JAVA_HOME/bin:${PATH}" -RUN echo y|sfdx plugins:install sfdx-hardis \ - && npm cache clean --force || true \ - && rm -rf /root/.npm/_cacache \ - +# # sfdx-scanner-aura installation - && sfdx plugins:install @salesforce/sfdx-scanner \ +RUN sfdx plugins:install @salesforce/sfdx-scanner \ && npm cache clean --force || true \ && rm -rf /root/.npm/_cacache - +# #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/salesforce_sfdx_scanner_lwc/Dockerfile b/linters/salesforce_sfdx_scanner_lwc/Dockerfile index 686b729d30f..82624825e97 100644 --- a/linters/salesforce_sfdx_scanner_lwc/Dockerfile +++ b/linters/salesforce_sfdx_scanner_lwc/Dockerfile @@ -14,18 +14,139 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START +RUN apk add --update --no-cache \ + npm +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START +WORKDIR /node-deps +RUN npm --no-cache install --ignore-scripts --omit=dev \ + @salesforce/cli && \ + echo "Cleaning npm cache…" \ + && npm cache clean --force || true \ + && echo "Changing owner of node_modules files…" \ + && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ + && echo "Removing extra node_module files…" \ + && rm -rf /root/.npm/_cacache \ + && find . -name "*.d.ts" -delete \ + && find . -name "*.map" -delete \ + && find . -name "*.npmignore" -delete \ + && find . -name "*.travis.yml" -delete \ + && find . -name "CHANGELOG.md" -delete \ + && find . -name "README.md" -delete \ + && find . -name ".package-lock.json" -delete \ + && find . -name "package-lock.json" -delete \ + && find . -name "README.md" -delete +WORKDIR / + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START +COPY --link --from=node_modules /node-deps /node-deps +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -75,6 +196,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -82,40 +205,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START +#PIPVENV_PATH__START -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START -WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ - sfdx-cli && \ - echo "Cleaning npm cache…" \ - && npm cache clean --force || true \ - && echo "Changing owner of node_modules files…" \ - && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ - && echo "Removing extra node_module files…" \ - && rm -rf /root/.npm/_cacache \ - && find . -name "*.d.ts" -delete \ - && find . -name "*.map" -delete \ - && find . -name "*.npmignore" -delete \ - && find . -name "*.travis.yml" -delete \ - && find . -name "CHANGELOG.md" -delete \ - && find . -name "README.md" -delete \ - && find . -name ".package-lock.json" -delete \ - && find . -name "package-lock.json" -delete \ - && find . -name "README.md" -delete -WORKDIR / - -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -141,15 +233,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## @@ -158,36 +243,15 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ # SALESFORCE installation ENV JAVA_HOME=/usr/lib/jvm/java-11-openjdk ENV PATH="$JAVA_HOME/bin:${PATH}" -RUN echo y|sfdx plugins:install sfdx-hardis \ - && npm cache clean --force || true \ - && rm -rf /root/.npm/_cacache \ - +# # sfdx-scanner-lwc installation - && sfdx plugins:install @salesforce/sfdx-scanner \ +RUN sfdx plugins:install @salesforce/sfdx-scanner \ && npm cache clean --force || true \ && rm -rf /root/.npm/_cacache - +# #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/scala_scalafix/Dockerfile b/linters/scala_scalafix/Dockerfile index fef913b0cf6..35b95d3d2b3 100644 --- a/linters/scala_scalafix/Dockerfile +++ b/linters/scala_scalafix/Dockerfile @@ -14,18 +14,127 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START +RUN apk add --update --no-cache \ + curl \ + openjdk11 +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START +# SCALA installation +RUN curl --retry-all-errors --retry 10 -fLo coursier https://git.io/coursier-cli && \ + chmod +x coursier \ +# +# scalafix installation + && ./coursier install scalafix --quiet --install-dir /usr/bin && rm -rf /root/.cache +# +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START + +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START +COPY --link --from=build-platform /usr/bin/scalafix /usr/bin/ +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -72,6 +181,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -79,21 +190,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START +#PIPVENV_PATH__START -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START - -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -119,47 +218,16 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START -# SCALA installation -RUN curl --retry-all-errors --retry 10 -fLo coursier https://git.io/coursier-cli && \ - chmod +x coursier \ - -# scalafix installation - && ./coursier install scalafix --quiet --install-dir /usr/bin && rm -rf /root/.cache #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/snakemake_lint/Dockerfile b/linters/snakemake_lint/Dockerfile index 980d9fc2c30..4dd49ab117b 100644 --- a/linters/snakemake_lint/Dockerfile +++ b/linters/snakemake_lint/Dockerfile @@ -14,18 +14,131 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START + +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START + +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START +RUN --mount=type=cache,id=pip,sharing=locked,target=/var/cache/pip,uid=0 \ + mkdir /download \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --cache-dir=/var/cache/pip --upgrade pip crossenv wheel \ +&& pip download --cache-dir=/var/cache/pip --dest "/download" \ + snakemake + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/snakemake" \ + && cd "/venvs/snakemake" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip snakemake + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -71,6 +184,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -78,24 +193,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START -RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir --upgrade pip virtualenv \ - && mkdir -p "/venvs/snakemake" && cd "/venvs/snakemake" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir snakemake && deactivate && cd ./../.. \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf && rm -rf /root/.cache -ENV PATH="${PATH}":/venvs/snakemake/bin -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START - -#NPM__END +#PIPVENV_PATH__START +ENV PATH="${PATH}":/venvs/snakemake/cross/bin +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -121,15 +221,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## @@ -138,24 +231,6 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/snakemake_snakefmt/Dockerfile b/linters/snakemake_snakefmt/Dockerfile index 87d4191b499..9ff5e6d3987 100644 --- a/linters/snakemake_snakefmt/Dockerfile +++ b/linters/snakemake_snakefmt/Dockerfile @@ -14,18 +14,131 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START + +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START + +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START +RUN --mount=type=cache,id=pip,sharing=locked,target=/var/cache/pip,uid=0 \ + mkdir /download \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --cache-dir=/var/cache/pip --upgrade pip crossenv wheel \ +&& pip download --cache-dir=/var/cache/pip --dest "/download" \ + snakefmt + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/snakefmt" \ + && cd "/venvs/snakefmt" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip snakefmt + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -71,6 +184,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -78,24 +193,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START -RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir --upgrade pip virtualenv \ - && mkdir -p "/venvs/snakefmt" && cd "/venvs/snakefmt" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir snakefmt && deactivate && cd ./../.. \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf && rm -rf /root/.cache -ENV PATH="${PATH}":/venvs/snakefmt/bin -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START - -#NPM__END +#PIPVENV_PATH__START +ENV PATH="${PATH}":/venvs/snakefmt/cross/bin +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -121,15 +221,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## @@ -138,24 +231,6 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/spell_cspell/Dockerfile b/linters/spell_cspell/Dockerfile index c57ce66be68..045d74ec36d 100644 --- a/linters/spell_cspell/Dockerfile +++ b/linters/spell_cspell/Dockerfile @@ -14,18 +14,139 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START +RUN apk add --update --no-cache \ + npm +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START +WORKDIR /node-deps +RUN npm --no-cache install --ignore-scripts --omit=dev \ + cspell && \ + echo "Cleaning npm cache…" \ + && npm cache clean --force || true \ + && echo "Changing owner of node_modules files…" \ + && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ + && echo "Removing extra node_module files…" \ + && rm -rf /root/.npm/_cacache \ + && find . -name "*.d.ts" -delete \ + && find . -name "*.map" -delete \ + && find . -name "*.npmignore" -delete \ + && find . -name "*.travis.yml" -delete \ + && find . -name "CHANGELOG.md" -delete \ + && find . -name "README.md" -delete \ + && find . -name ".package-lock.json" -delete \ + && find . -name "package-lock.json" -delete \ + && find . -name "README.md" -delete +WORKDIR / + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START +COPY --link --from=node_modules /node-deps /node-deps +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -74,6 +195,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -81,40 +204,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START - -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START -WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ - cspell && \ - echo "Cleaning npm cache…" \ - && npm cache clean --force || true \ - && echo "Changing owner of node_modules files…" \ - && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ - && echo "Removing extra node_module files…" \ - && rm -rf /root/.npm/_cacache \ - && find . -name "*.d.ts" -delete \ - && find . -name "*.map" -delete \ - && find . -name "*.npmignore" -delete \ - && find . -name "*.travis.yml" -delete \ - && find . -name "CHANGELOG.md" -delete \ - && find . -name "README.md" -delete \ - && find . -name ".package-lock.json" -delete \ - && find . -name "package-lock.json" -delete \ - && find . -name "README.md" -delete -WORKDIR / +#PIPVENV_PATH__START -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -140,15 +232,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## @@ -157,24 +242,6 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/spell_lychee/Dockerfile b/linters/spell_lychee/Dockerfile index 62c0f8a5c1f..4d28838dc49 100644 --- a/linters/spell_lychee/Dockerfile +++ b/linters/spell_lychee/Dockerfile @@ -14,18 +14,119 @@ FROM lycheeverse/lychee:latest-alpine as lychee #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START + +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START +COPY --link --from=lychee /usr/local/bin/lychee /usr/bin/ +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -71,6 +172,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -78,21 +181,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START - -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START +#PIPVENV_PATH__START -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -118,43 +209,16 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START -COPY --link --from=lychee /usr/local/bin/lychee /usr/bin/ -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START -# lychee installation -# Managed with COPY --link --from=lychee /usr/local/bin/lychee /usr/bin/ #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/spell_proselint/Dockerfile b/linters/spell_proselint/Dockerfile index d48a1335f06..a3ceaf7b784 100644 --- a/linters/spell_proselint/Dockerfile +++ b/linters/spell_proselint/Dockerfile @@ -14,18 +14,131 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START + +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START + +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START +RUN --mount=type=cache,id=pip,sharing=locked,target=/var/cache/pip,uid=0 \ + mkdir /download \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --cache-dir=/var/cache/pip --upgrade pip crossenv wheel \ +&& pip download --cache-dir=/var/cache/pip --dest "/download" \ + proselint + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/proselint" \ + && cd "/venvs/proselint" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip proselint + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -71,6 +184,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -78,24 +193,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START -RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir --upgrade pip virtualenv \ - && mkdir -p "/venvs/proselint" && cd "/venvs/proselint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir proselint && deactivate && cd ./../.. \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf && rm -rf /root/.cache -ENV PATH="${PATH}":/venvs/proselint/bin -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START - -#NPM__END +#PIPVENV_PATH__START +ENV PATH="${PATH}":/venvs/proselint/cross/bin +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -121,15 +221,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## @@ -138,24 +231,6 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/spell_vale/Dockerfile b/linters/spell_vale/Dockerfile index faef38fa7b6..d916444a284 100644 --- a/linters/spell_vale/Dockerfile +++ b/linters/spell_vale/Dockerfile @@ -14,18 +14,119 @@ FROM jdkato/vale:latest as vale #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START + +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START +COPY --link --from=vale /bin/vale /bin/vale +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -71,6 +172,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -78,21 +181,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START - -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START +#PIPVENV_PATH__START -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -118,43 +209,16 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START -COPY --link --from=vale /bin/vale /bin/vale -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START -# vale installation -# Managed with COPY --link --from=vale /bin/vale /bin/vale #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/sql_sql_lint/Dockerfile b/linters/sql_sql_lint/Dockerfile index 1bf55ac443a..69686288519 100644 --- a/linters/sql_sql_lint/Dockerfile +++ b/linters/sql_sql_lint/Dockerfile @@ -14,18 +14,139 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START +RUN apk add --update --no-cache \ + npm +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START +WORKDIR /node-deps +RUN npm --no-cache install --ignore-scripts --omit=dev \ + sql-lint && \ + echo "Cleaning npm cache…" \ + && npm cache clean --force || true \ + && echo "Changing owner of node_modules files…" \ + && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ + && echo "Removing extra node_module files…" \ + && rm -rf /root/.npm/_cacache \ + && find . -name "*.d.ts" -delete \ + && find . -name "*.map" -delete \ + && find . -name "*.npmignore" -delete \ + && find . -name "*.travis.yml" -delete \ + && find . -name "CHANGELOG.md" -delete \ + && find . -name "README.md" -delete \ + && find . -name ".package-lock.json" -delete \ + && find . -name "package-lock.json" -delete \ + && find . -name "README.md" -delete +WORKDIR / + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START +COPY --link --from=node_modules /node-deps /node-deps +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -74,6 +195,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -81,40 +204,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START - -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START -WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ - sql-lint && \ - echo "Cleaning npm cache…" \ - && npm cache clean --force || true \ - && echo "Changing owner of node_modules files…" \ - && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ - && echo "Removing extra node_module files…" \ - && rm -rf /root/.npm/_cacache \ - && find . -name "*.d.ts" -delete \ - && find . -name "*.map" -delete \ - && find . -name "*.npmignore" -delete \ - && find . -name "*.travis.yml" -delete \ - && find . -name "CHANGELOG.md" -delete \ - && find . -name "README.md" -delete \ - && find . -name ".package-lock.json" -delete \ - && find . -name "package-lock.json" -delete \ - && find . -name "README.md" -delete -WORKDIR / +#PIPVENV_PATH__START -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -140,15 +232,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## @@ -157,24 +242,6 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/sql_sqlfluff/Dockerfile b/linters/sql_sqlfluff/Dockerfile index 1b7c9324899..7aa0bfddf12 100644 --- a/linters/sql_sqlfluff/Dockerfile +++ b/linters/sql_sqlfluff/Dockerfile @@ -14,18 +14,131 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START + +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START + +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START +RUN --mount=type=cache,id=pip,sharing=locked,target=/var/cache/pip,uid=0 \ + mkdir /download \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --cache-dir=/var/cache/pip --upgrade pip crossenv wheel \ +&& pip download --cache-dir=/var/cache/pip --dest "/download" \ + sqlfluff + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/sqlfluff" \ + && cd "/venvs/sqlfluff" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip sqlfluff + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -71,6 +184,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -78,24 +193,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START -RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir --upgrade pip virtualenv \ - && mkdir -p "/venvs/sqlfluff" && cd "/venvs/sqlfluff" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir sqlfluff && deactivate && cd ./../.. \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf && rm -rf /root/.cache -ENV PATH="${PATH}":/venvs/sqlfluff/bin -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START - -#NPM__END +#PIPVENV_PATH__START +ENV PATH="${PATH}":/venvs/sqlfluff/cross/bin +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -121,15 +221,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## @@ -138,24 +231,6 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/sql_tsqllint/Dockerfile b/linters/sql_tsqllint/Dockerfile index 0cebda59390..36c76c783fb 100644 --- a/linters/sql_tsqllint/Dockerfile +++ b/linters/sql_tsqllint/Dockerfile @@ -14,18 +14,119 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START + +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START + +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -79,6 +180,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -86,21 +189,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START +#PIPVENV_PATH__START -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START - -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -126,15 +217,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## @@ -147,27 +231,9 @@ RUN wget --tries=5 -q -O dotnet-install.sh https://dot.net/v1/dotnet-install.sh ENV PATH="${PATH}:/root/.dotnet/tools:/usr/share/dotnet" RUN dotnet tool install --global TSQLLint - +# #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/swift_swiftlint/Dockerfile b/linters/swift_swiftlint/Dockerfile index 85d3e9e5f48..6292da31f1c 100644 --- a/linters/swift_swiftlint/Dockerfile +++ b/linters/swift_swiftlint/Dockerfile @@ -14,18 +14,119 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START + +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START + +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -73,6 +174,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -80,21 +183,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START - -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START +#PIPVENV_PATH__START -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -120,15 +211,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## @@ -137,24 +221,6 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ RUN rc-update add docker boot && rc-service docker start || true #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/tekton_tekton_lint/Dockerfile b/linters/tekton_tekton_lint/Dockerfile index 484ad27c8cb..6b825818b72 100644 --- a/linters/tekton_tekton_lint/Dockerfile +++ b/linters/tekton_tekton_lint/Dockerfile @@ -14,18 +14,139 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START +RUN apk add --update --no-cache \ + npm +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START +WORKDIR /node-deps +RUN npm --no-cache install --ignore-scripts --omit=dev \ + tekton-lint && \ + echo "Cleaning npm cache…" \ + && npm cache clean --force || true \ + && echo "Changing owner of node_modules files…" \ + && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ + && echo "Removing extra node_module files…" \ + && rm -rf /root/.npm/_cacache \ + && find . -name "*.d.ts" -delete \ + && find . -name "*.map" -delete \ + && find . -name "*.npmignore" -delete \ + && find . -name "*.travis.yml" -delete \ + && find . -name "CHANGELOG.md" -delete \ + && find . -name "README.md" -delete \ + && find . -name ".package-lock.json" -delete \ + && find . -name "package-lock.json" -delete \ + && find . -name "README.md" -delete +WORKDIR / + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START +COPY --link --from=node_modules /node-deps /node-deps +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -74,6 +195,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -81,40 +204,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START - -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START -WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ - tekton-lint && \ - echo "Cleaning npm cache…" \ - && npm cache clean --force || true \ - && echo "Changing owner of node_modules files…" \ - && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ - && echo "Removing extra node_module files…" \ - && rm -rf /root/.npm/_cacache \ - && find . -name "*.d.ts" -delete \ - && find . -name "*.map" -delete \ - && find . -name "*.npmignore" -delete \ - && find . -name "*.travis.yml" -delete \ - && find . -name "CHANGELOG.md" -delete \ - && find . -name "README.md" -delete \ - && find . -name ".package-lock.json" -delete \ - && find . -name "package-lock.json" -delete \ - && find . -name "README.md" -delete -WORKDIR / +#PIPVENV_PATH__START -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -140,15 +232,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## @@ -157,24 +242,6 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/terraform_terraform_fmt/Dockerfile b/linters/terraform_terraform_fmt/Dockerfile index f8febcad668..b36fa8393fe 100644 --- a/linters/terraform_terraform_fmt/Dockerfile +++ b/linters/terraform_terraform_fmt/Dockerfile @@ -14,18 +14,119 @@ FROM alpine/terragrunt:latest as terragrunt #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START + +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START +COPY --link --from=terragrunt /bin/terraform /usr/bin/ +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -71,6 +172,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -78,21 +181,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START - -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START +#PIPVENV_PATH__START -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -118,43 +209,16 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START -COPY --link --from=terragrunt /bin/terraform /usr/bin/ -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START -# terraform-fmt installation -# Managed with COPY --link --from=terragrunt /bin/terraform /usr/bin/ #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/terraform_terragrunt/Dockerfile b/linters/terraform_terragrunt/Dockerfile index 261d0a74e0d..768dac51ba9 100644 --- a/linters/terraform_terragrunt/Dockerfile +++ b/linters/terraform_terragrunt/Dockerfile @@ -14,18 +14,119 @@ FROM alpine/terragrunt:latest as terragrunt #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START + +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START +COPY --link --from=terragrunt /usr/local/bin/terragrunt /usr/bin/ +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -71,6 +172,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -78,21 +181,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START - -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START +#PIPVENV_PATH__START -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -118,43 +209,16 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START -COPY --link --from=terragrunt /usr/local/bin/terragrunt /usr/bin/ -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START -# terragrunt installation -# Managed with COPY --link --from=terragrunt /usr/local/bin/terragrunt /usr/bin/ #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/terraform_terrascan/Dockerfile b/linters/terraform_terrascan/Dockerfile index 4cd0b8f69a9..047bb7f5868 100644 --- a/linters/terraform_terrascan/Dockerfile +++ b/linters/terraform_terrascan/Dockerfile @@ -14,18 +14,119 @@ FROM tenable/terrascan:1.18.1 as terrascan #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START + +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START +COPY --link --from=terrascan /go/bin/terrascan /usr/bin/ +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -71,6 +172,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -78,21 +181,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START - -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START +#PIPVENV_PATH__START -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -118,43 +209,16 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START -COPY --link --from=terrascan /go/bin/terrascan /usr/bin/ -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START -# terrascan installation -# Managed with COPY --link --from=terrascan /go/bin/terrascan /usr/bin/ #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/terraform_tflint/Dockerfile b/linters/terraform_tflint/Dockerfile index 1cb8bd221fc..ac472aad4e1 100644 --- a/linters/terraform_tflint/Dockerfile +++ b/linters/terraform_tflint/Dockerfile @@ -14,18 +14,119 @@ FROM ghcr.io/terraform-linters/tflint:v0.47.0 as tflint #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START + +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START +COPY --link --from=tflint /usr/local/bin/tflint /usr/bin/ +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -71,6 +172,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -78,21 +181,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START - -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START +#PIPVENV_PATH__START -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -118,43 +209,16 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START -COPY --link --from=tflint /usr/local/bin/tflint /usr/bin/ -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START -# tflint installation -# Managed with COPY --link --from=tflint /usr/local/bin/tflint /usr/bin/ #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/tsx_eslint/Dockerfile b/linters/tsx_eslint/Dockerfile index c69c8d70f10..695e7636c5f 100644 --- a/linters/tsx_eslint/Dockerfile +++ b/linters/tsx_eslint/Dockerfile @@ -14,18 +14,151 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START +RUN apk add --update --no-cache \ + npm +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START +WORKDIR /node-deps +RUN npm --no-cache install --ignore-scripts --omit=dev \ + typescript \ + eslint \ + eslint-config-airbnb \ + eslint-config-prettier \ + eslint-plugin-jest \ + eslint-plugin-prettier \ + eslint-plugin-react \ + @babel/eslint-parser \ + prettier \ + prettyjson \ + @typescript-eslint/eslint-plugin \ + @typescript-eslint/parser \ + @microsoft/eslint-formatter-sarif && \ + echo "Cleaning npm cache…" \ + && npm cache clean --force || true \ + && echo "Changing owner of node_modules files…" \ + && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ + && echo "Removing extra node_module files…" \ + && rm -rf /root/.npm/_cacache \ + && find . -name "*.d.ts" -delete \ + && find . -name "*.map" -delete \ + && find . -name "*.npmignore" -delete \ + && find . -name "*.travis.yml" -delete \ + && find . -name "CHANGELOG.md" -delete \ + && find . -name "README.md" -delete \ + && find . -name ".package-lock.json" -delete \ + && find . -name "package-lock.json" -delete \ + && find . -name "README.md" -delete +WORKDIR / + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START +COPY --link --from=node_modules /node-deps /node-deps +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -74,6 +207,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -81,52 +216,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START - -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START -WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ - typescript \ - eslint \ - eslint-config-airbnb \ - eslint-config-prettier \ - eslint-plugin-jest \ - eslint-plugin-prettier \ - eslint-plugin-react \ - @babel/eslint-parser \ - prettier \ - prettyjson \ - @typescript-eslint/eslint-plugin \ - @typescript-eslint/parser \ - @microsoft/eslint-formatter-sarif && \ - echo "Cleaning npm cache…" \ - && npm cache clean --force || true \ - && echo "Changing owner of node_modules files…" \ - && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ - && echo "Removing extra node_module files…" \ - && rm -rf /root/.npm/_cacache \ - && find . -name "*.d.ts" -delete \ - && find . -name "*.map" -delete \ - && find . -name "*.npmignore" -delete \ - && find . -name "*.travis.yml" -delete \ - && find . -name "CHANGELOG.md" -delete \ - && find . -name "README.md" -delete \ - && find . -name ".package-lock.json" -delete \ - && find . -name "package-lock.json" -delete \ - && find . -name "README.md" -delete -WORKDIR / +#PIPVENV_PATH__START -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -152,15 +244,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## @@ -169,24 +254,6 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/typescript_es/Dockerfile b/linters/typescript_es/Dockerfile index 7e353d1c420..7d632f792e8 100644 --- a/linters/typescript_es/Dockerfile +++ b/linters/typescript_es/Dockerfile @@ -14,18 +14,154 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START +RUN apk add --update --no-cache \ + npm +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START +WORKDIR /node-deps +RUN npm --no-cache install --ignore-scripts --omit=dev \ + typescript \ + eslint \ + eslint-config-airbnb \ + eslint-config-prettier \ + eslint-config-standard \ + eslint-plugin-import \ + eslint-plugin-jest \ + eslint-plugin-node \ + eslint-plugin-prettier \ + eslint-plugin-promise \ + @babel/eslint-parser \ + prettier \ + prettyjson \ + @typescript-eslint/eslint-plugin \ + @typescript-eslint/parser \ + @microsoft/eslint-formatter-sarif && \ + echo "Cleaning npm cache…" \ + && npm cache clean --force || true \ + && echo "Changing owner of node_modules files…" \ + && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ + && echo "Removing extra node_module files…" \ + && rm -rf /root/.npm/_cacache \ + && find . -name "*.d.ts" -delete \ + && find . -name "*.map" -delete \ + && find . -name "*.npmignore" -delete \ + && find . -name "*.travis.yml" -delete \ + && find . -name "CHANGELOG.md" -delete \ + && find . -name "README.md" -delete \ + && find . -name ".package-lock.json" -delete \ + && find . -name "package-lock.json" -delete \ + && find . -name "README.md" -delete +WORKDIR / + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START +COPY --link --from=node_modules /node-deps /node-deps +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -74,6 +210,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -81,55 +219,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START +#PIPVENV_PATH__START -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START -WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ - typescript \ - eslint \ - eslint-config-airbnb \ - eslint-config-prettier \ - eslint-config-standard \ - eslint-plugin-import \ - eslint-plugin-jest \ - eslint-plugin-node \ - eslint-plugin-prettier \ - eslint-plugin-promise \ - @babel/eslint-parser \ - prettier \ - prettyjson \ - @typescript-eslint/eslint-plugin \ - @typescript-eslint/parser \ - @microsoft/eslint-formatter-sarif && \ - echo "Cleaning npm cache…" \ - && npm cache clean --force || true \ - && echo "Changing owner of node_modules files…" \ - && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ - && echo "Removing extra node_module files…" \ - && rm -rf /root/.npm/_cacache \ - && find . -name "*.d.ts" -delete \ - && find . -name "*.map" -delete \ - && find . -name "*.npmignore" -delete \ - && find . -name "*.travis.yml" -delete \ - && find . -name "CHANGELOG.md" -delete \ - && find . -name "README.md" -delete \ - && find . -name ".package-lock.json" -delete \ - && find . -name "package-lock.json" -delete \ - && find . -name "README.md" -delete -WORKDIR / - -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -155,15 +247,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## @@ -172,24 +257,6 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/typescript_prettier/Dockerfile b/linters/typescript_prettier/Dockerfile index 8b3e5649980..cdc3c617815 100644 --- a/linters/typescript_prettier/Dockerfile +++ b/linters/typescript_prettier/Dockerfile @@ -14,18 +14,140 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START +RUN apk add --update --no-cache \ + npm +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START +WORKDIR /node-deps +RUN npm --no-cache install --ignore-scripts --omit=dev \ + typescript \ + prettier && \ + echo "Cleaning npm cache…" \ + && npm cache clean --force || true \ + && echo "Changing owner of node_modules files…" \ + && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ + && echo "Removing extra node_module files…" \ + && rm -rf /root/.npm/_cacache \ + && find . -name "*.d.ts" -delete \ + && find . -name "*.map" -delete \ + && find . -name "*.npmignore" -delete \ + && find . -name "*.travis.yml" -delete \ + && find . -name "CHANGELOG.md" -delete \ + && find . -name "README.md" -delete \ + && find . -name ".package-lock.json" -delete \ + && find . -name "package-lock.json" -delete \ + && find . -name "README.md" -delete +WORKDIR / + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START +COPY --link --from=node_modules /node-deps /node-deps +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -74,6 +196,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -81,41 +205,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START +#PIPVENV_PATH__START -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START -WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ - typescript \ - prettier && \ - echo "Cleaning npm cache…" \ - && npm cache clean --force || true \ - && echo "Changing owner of node_modules files…" \ - && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ - && echo "Removing extra node_module files…" \ - && rm -rf /root/.npm/_cacache \ - && find . -name "*.d.ts" -delete \ - && find . -name "*.map" -delete \ - && find . -name "*.npmignore" -delete \ - && find . -name "*.travis.yml" -delete \ - && find . -name "CHANGELOG.md" -delete \ - && find . -name "README.md" -delete \ - && find . -name ".package-lock.json" -delete \ - && find . -name "package-lock.json" -delete \ - && find . -name "README.md" -delete -WORKDIR / - -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -141,15 +233,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## @@ -158,24 +243,6 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/typescript_standard/Dockerfile b/linters/typescript_standard/Dockerfile index 5c3e9b47c95..e9404329ad1 100644 --- a/linters/typescript_standard/Dockerfile +++ b/linters/typescript_standard/Dockerfile @@ -14,18 +14,140 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START +RUN apk add --update --no-cache \ + npm +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START +WORKDIR /node-deps +RUN npm --no-cache install --ignore-scripts --omit=dev \ + typescript \ + ts-standard && \ + echo "Cleaning npm cache…" \ + && npm cache clean --force || true \ + && echo "Changing owner of node_modules files…" \ + && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ + && echo "Removing extra node_module files…" \ + && rm -rf /root/.npm/_cacache \ + && find . -name "*.d.ts" -delete \ + && find . -name "*.map" -delete \ + && find . -name "*.npmignore" -delete \ + && find . -name "*.travis.yml" -delete \ + && find . -name "CHANGELOG.md" -delete \ + && find . -name "README.md" -delete \ + && find . -name ".package-lock.json" -delete \ + && find . -name "package-lock.json" -delete \ + && find . -name "README.md" -delete +WORKDIR / + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START +COPY --link --from=node_modules /node-deps /node-deps +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -74,6 +196,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -81,41 +205,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START +#PIPVENV_PATH__START -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START -WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ - typescript \ - ts-standard && \ - echo "Cleaning npm cache…" \ - && npm cache clean --force || true \ - && echo "Changing owner of node_modules files…" \ - && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ - && echo "Removing extra node_module files…" \ - && rm -rf /root/.npm/_cacache \ - && find . -name "*.d.ts" -delete \ - && find . -name "*.map" -delete \ - && find . -name "*.npmignore" -delete \ - && find . -name "*.travis.yml" -delete \ - && find . -name "CHANGELOG.md" -delete \ - && find . -name "README.md" -delete \ - && find . -name ".package-lock.json" -delete \ - && find . -name "package-lock.json" -delete \ - && find . -name "README.md" -delete -WORKDIR / - -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -141,15 +233,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## @@ -158,24 +243,6 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/vbdotnet_dotnet_format/Dockerfile b/linters/vbdotnet_dotnet_format/Dockerfile index c43c7ff5811..021af1f10d8 100644 --- a/linters/vbdotnet_dotnet_format/Dockerfile +++ b/linters/vbdotnet_dotnet_format/Dockerfile @@ -14,18 +14,119 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START + +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START + +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -79,6 +180,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -86,21 +189,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START +#PIPVENV_PATH__START -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START - -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -126,15 +217,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## @@ -146,27 +230,9 @@ RUN wget --tries=5 -q -O dotnet-install.sh https://dot.net/v1/dotnet-install.sh && ./dotnet-install.sh --install-dir /usr/share/dotnet -channel 6.0 -version latest ENV PATH="${PATH}:/root/.dotnet/tools:/usr/share/dotnet" - +# #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/xml_xmllint/Dockerfile b/linters/xml_xmllint/Dockerfile index d0a188ca704..075441c6f21 100644 --- a/linters/xml_xmllint/Dockerfile +++ b/linters/xml_xmllint/Dockerfile @@ -14,18 +14,119 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START + +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START + +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -75,6 +176,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -82,21 +185,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START - -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START +#PIPVENV_PATH__START -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -122,15 +213,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## @@ -139,24 +223,6 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/yaml_prettier/Dockerfile b/linters/yaml_prettier/Dockerfile index 78448c9048d..3bda50221a7 100644 --- a/linters/yaml_prettier/Dockerfile +++ b/linters/yaml_prettier/Dockerfile @@ -14,18 +14,139 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START +RUN apk add --update --no-cache \ + npm +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START +WORKDIR /node-deps +RUN npm --no-cache install --ignore-scripts --omit=dev \ + prettier && \ + echo "Cleaning npm cache…" \ + && npm cache clean --force || true \ + && echo "Changing owner of node_modules files…" \ + && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ + && echo "Removing extra node_module files…" \ + && rm -rf /root/.npm/_cacache \ + && find . -name "*.d.ts" -delete \ + && find . -name "*.map" -delete \ + && find . -name "*.npmignore" -delete \ + && find . -name "*.travis.yml" -delete \ + && find . -name "CHANGELOG.md" -delete \ + && find . -name "README.md" -delete \ + && find . -name ".package-lock.json" -delete \ + && find . -name "package-lock.json" -delete \ + && find . -name "README.md" -delete +WORKDIR / + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START +COPY --link --from=node_modules /node-deps /node-deps +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -74,6 +195,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -81,40 +204,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START - -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START -WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ - prettier && \ - echo "Cleaning npm cache…" \ - && npm cache clean --force || true \ - && echo "Changing owner of node_modules files…" \ - && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ - && echo "Removing extra node_module files…" \ - && rm -rf /root/.npm/_cacache \ - && find . -name "*.d.ts" -delete \ - && find . -name "*.map" -delete \ - && find . -name "*.npmignore" -delete \ - && find . -name "*.travis.yml" -delete \ - && find . -name "CHANGELOG.md" -delete \ - && find . -name "README.md" -delete \ - && find . -name ".package-lock.json" -delete \ - && find . -name "package-lock.json" -delete \ - && find . -name "README.md" -delete -WORKDIR / +#PIPVENV_PATH__START -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -140,15 +232,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## @@ -157,24 +242,6 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/yaml_v8r/Dockerfile b/linters/yaml_v8r/Dockerfile index 72e9b78d9ec..bbd652e0139 100644 --- a/linters/yaml_v8r/Dockerfile +++ b/linters/yaml_v8r/Dockerfile @@ -14,18 +14,139 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START +RUN apk add --update --no-cache \ + npm +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START +WORKDIR /node-deps +RUN npm --no-cache install --ignore-scripts --omit=dev \ + v8r && \ + echo "Cleaning npm cache…" \ + && npm cache clean --force || true \ + && echo "Changing owner of node_modules files…" \ + && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ + && echo "Removing extra node_module files…" \ + && rm -rf /root/.npm/_cacache \ + && find . -name "*.d.ts" -delete \ + && find . -name "*.map" -delete \ + && find . -name "*.npmignore" -delete \ + && find . -name "*.travis.yml" -delete \ + && find . -name "CHANGELOG.md" -delete \ + && find . -name "README.md" -delete \ + && find . -name ".package-lock.json" -delete \ + && find . -name "package-lock.json" -delete \ + && find . -name "README.md" -delete +WORKDIR / + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START +COPY --link --from=node_modules /node-deps /node-deps +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -74,6 +195,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -81,40 +204,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START - -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START -WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ - v8r && \ - echo "Cleaning npm cache…" \ - && npm cache clean --force || true \ - && echo "Changing owner of node_modules files…" \ - && chown -R "$(id -u)":"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \ - && echo "Removing extra node_module files…" \ - && rm -rf /root/.npm/_cacache \ - && find . -name "*.d.ts" -delete \ - && find . -name "*.map" -delete \ - && find . -name "*.npmignore" -delete \ - && find . -name "*.travis.yml" -delete \ - && find . -name "CHANGELOG.md" -delete \ - && find . -name "README.md" -delete \ - && find . -name ".package-lock.json" -delete \ - && find . -name "package-lock.json" -delete \ - && find . -name "README.md" -delete -WORKDIR / +#PIPVENV_PATH__START -#NPM__END +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -140,15 +232,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## @@ -157,24 +242,6 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/linters/yaml_yamllint/Dockerfile b/linters/yaml_yamllint/Dockerfile index 6445adb9da5..7e228275b9e 100644 --- a/linters/yaml_yamllint/Dockerfile +++ b/linters/yaml_yamllint/Dockerfile @@ -14,18 +14,131 @@ #FROM__END +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS build-platform + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# +#BUILD_PLATFORM_APK__START + +#BUILD_PLATFORM_APK__END + +#BUILD_PLATFORM_OTHER__START + +#BUILD_PLATFORM_OTHER__END + +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS node_modules + +#NPM_APK__START + +#NPM_APK__END + +############################ +# Install NPM dependencies # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +ENV NODE_OPTIONS="--max-old-space-size=8192" \ + NODE_ENV=production +#NPM__START + +#NPM__END + +FROM scratch AS copy-collector + +############################## +# COPY instructions # +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#COPY__START + +#COPY__END + +####################################### +# Copy scripts and rules to container # +####################################### +COPY --link megalinter/descriptors /megalinter-descriptors +COPY --link TEMPLATES /action/lib/.automation + +FROM --platform=$TARGETPLATFORM python:3.11.3-alpine3.17 AS target-python +FROM --platform=$BUILDPLATFORM python:3.11.3-alpine3.17 AS python-venv + + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV_BUILDDEPS__START +RUN apk add --update --no-cache \ + gcc \ + libffi-dev \ + musl-dev \ + make \ + curl \ + openssl-dev +#PIPVENV_BUILDDEPS__END + +#PIPVENV_DOWNLOAD__START +RUN --mount=type=cache,id=pip,sharing=locked,target=/var/cache/pip,uid=0 \ + mkdir /download \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --cache-dir=/var/cache/pip --upgrade pip crossenv wheel \ +&& pip download --cache-dir=/var/cache/pip --dest "/download" \ + yamllint + +#PIPVENV_DOWNLOAD__END + +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable +ENV PATH=${PATH}:/root/.cargo/bin + +RUN mkdir /venvs + +# Enforce seperation +ARG TARGETPLATFORM +COPY --link --from=target-python /usr/local/bin/python3 /usr/local/bin/target-python3 + +################################ +# Installs python dependencies # +################################ +COPY --link megalinter /megalinter +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/megalinter" \ + && cd "/venvs/megalinter" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && PYTHONDONTWRITEBYTECODE=1 pip3 install --cache-dir=/var/cache/pip /megalinter + +############################################################################################# +## @generated by .automation/build.py using descriptor files, please do not update manually ## +############################################################################################# + +#PIPVENV__START +RUN --mount=type=cache,id=pip,sharing=shared,target=/var/cache/pip,uid=0 \ + mkdir -p "/venvs/yamllint" \ + && cd "/venvs/yamllint" \ + && python3 -m crossenv /usr/local/bin/target-python3 --machine $([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && echo "aarch64" || echo "x86_64") . \ + && find . -type f -name _musllinux.py -exec sed -i 's|def _get_musl_version.*:|\0\n return _MuslVersion(major=1, minor=2)|g' \{\} \; \ + && source bin/activate \ + && PYTHONDONTWRITEBYTECODE=1 pip3 --disable-pip-version-check install --find-links=/download --cache-dir=/var/cache/pip yamllint + +#PIPVENV__END + ################## # Get base image # ################## -# https://stackoverflow.com/a/73711302/699056 + # https://stackoverflow.com/a/73711302/699056 FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu -FROM python:3.11.4-alpine3.17 +FROM python:3.11.3-alpine3.17 AS final ARG GITHUB_TOKEN # https://stackoverflow.com/a/73711302/699056 COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin/ # https://stackoverflow.com/a/73711302/699056 +# https://stackoverflow.com/a/73359981/699056 +# https://stackoverflow.com/a/71209637/699056 RUN apk add --update --no-cache libc6-compat \ gcompat \ qemu-x86_64 @@ -71,6 +184,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ # Ignore npm package issues yarn config set ignore-engines true || true +COPY --link --from=python-venv /venvs /venvs + ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# @@ -78,24 +193,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ #PIP__END -#PIPVENV__START -RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir --upgrade pip virtualenv \ - && mkdir -p "/venvs/yamllint" && cd "/venvs/yamllint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir yamllint && deactivate && cd ./../.. \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf && rm -rf /root/.cache -ENV PATH="${PATH}":/venvs/yamllint/bin -#PIPVENV__END - -############################ -# Install NPM dependencies # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -ENV NODE_OPTIONS="--max-old-space-size=8192" \ - NODE_ENV=production -#NPM__START - -#NPM__END +#PIPVENV_PATH__START +ENV PATH="${PATH}":/venvs/yamllint/cross/bin +#PIPVENV_PATH__END # Add node packages to path # ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ @@ -121,15 +221,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #CARGO__END -############################## -# COPY instructions # -############################################################################################# -## @generated by .automation/build.py using descriptor files, please do not update manually ## -############################################################################################# - -#COPY__START - -#COPY__END +# Don't add link to this one otherwise it doesn't merge correctly +COPY --from=copy-collector / / ############################################################################################# ## @generated by .automation/build.py using descriptor files, please do not update manually ## @@ -138,24 +231,6 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #OTHER__END -################################ -# Installs python dependencies # -################################ -COPY megalinter /megalinter -RUN PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py install \ - && PYTHONDONTWRITEBYTECODE=1 python /megalinter/setup.py clean --all \ - && rm -rf /var/cache/apk/* \ - && find . | grep -E "(/__pycache__$|\.pyc$|\.pyo$)" | xargs rm -rf - -####################################### -# Copy scripts and rules to container # -####################################### -COPY megalinter/descriptors /megalinter-descriptors -COPY TEMPLATES /action/lib/.automation - -# Copy server scripts -COPY server /server - ########################### # Get the build arguments # ########################### diff --git a/megalinter/descriptors/arm.megalinter-descriptor.yml b/megalinter/descriptors/arm.megalinter-descriptor.yml index 52e8ccc4b9e..a1f7bd8c761 100644 --- a/megalinter/descriptors/arm.megalinter-descriptor.yml +++ b/megalinter/descriptors/arm.megalinter-descriptor.yml @@ -14,10 +14,12 @@ install: - ARG TARGETPLATFORM - ARG PWSH_VERSION='latest' - ARG PWSH_DIRECTORY='/opt/microsoft/powershell' + # Currently there is no support for alpine / arm in powershell. Leaving the case statement here since it should work once it's supported - | - RUN case ${TARGETPLATFORM} in \ + RUN ([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && exit 0) || \ + case ${TARGETPLATFORM} in \ "linux/amd64") POWERSHELL_ARCH=alpine-x64 ;; \ - "linux/arm64") POWERSHELL_ARCH=arm64 ;; \ + "linux/arm64") POWERSHELL_ARCH=alpine-arm64 ;; \ esac \ && mkdir -p ${PWSH_DIRECTORY} \ && curl --retry 5 --retry-delay 5 -s \ @@ -29,7 +31,8 @@ install: | cut -d '"' -f 4 \ | xargs -n 1 wget -O - \ | tar -xzC ${PWSH_DIRECTORY} \ - && ln -sf ${PWSH_DIRECTORY}/pwsh /usr/bin/pwsh + && ln -sf ${PWSH_DIRECTORY}/pwsh /usr/bin/pwsh \ + && chmod +x /usr/bin/pwsh linters: # ARM TTK - class: ArmLinter @@ -54,7 +57,7 @@ linters: if (${Error}.Count) {exit 1} " install: - dockerfile: + build_platform_dockerfile: - ARG ARM_TTK_NAME='master.zip' - ARG ARM_TTK_URI='https://github.com/Azure/arm-ttk/archive/master.zip' - ARG ARM_TTK_DIRECTORY='/opt/microsoft' @@ -65,10 +68,11 @@ linters: && rm "${ARM_TTK_NAME}" \ && ln -sTf "${ARM_TTK_PSD1}" /usr/bin/arm-ttk \ && chmod a+x /usr/bin/arm-ttk + dockerfile: + - COPY --link --from=build-platform /usr/bin/arm-ttk /usr/bin/arm-ttk supported_platforms: platform: - linux/amd64 - - linux/arm64 ide: vscode: - name: ARMTTKExtension diff --git a/megalinter/descriptors/bash.megalinter-descriptor.yml b/megalinter/descriptors/bash.megalinter-descriptor.yml index bf698091bec..f575fe3951d 100644 --- a/megalinter/descriptors/bash.megalinter-descriptor.yml +++ b/megalinter/descriptors/bash.megalinter-descriptor.yml @@ -34,10 +34,12 @@ linters: examples: - "bash-exec myfile.sh" install: - dockerfile: + build_platform_dockerfile: - | RUN printf '#!/bin/bash \\n\\nif [[ -x "$1" ]]; then exit 0; else echo "Error: File:[$1] is not executable"; exit 1; fi' > /usr/bin/bash-exec \ && chmod +x /usr/bin/bash-exec + dockerfile: + - COPY --link --from=build-platform /usr/bin/bash-exec /usr/bin/bash-exec supported_platforms: platform: - linux/amd64 diff --git a/megalinter/descriptors/env.megalinter-descriptor.yml b/megalinter/descriptors/env.megalinter-descriptor.yml index 07a10a85f91..f61018396b7 100644 --- a/megalinter/descriptors/env.megalinter-descriptor.yml +++ b/megalinter/descriptors/env.megalinter-descriptor.yml @@ -20,7 +20,8 @@ linters: - "dotenv-linter fix myfile.env" install: dockerfile: - - RUN wget -q -O - https://raw.githubusercontent.com/dotenv-linter/dotenv-linter/master/install.sh | sh -s + - FROM dotenvlinter/dotenv-linter:latest as dotenvlinter + - COPY --link --from=dotenvlinter /dotenv-linter /usr/bin/dotenv-linter supported_platforms: platform: - linux/amd64 diff --git a/megalinter/descriptors/go.megalinter-descriptor.yml b/megalinter/descriptors/go.megalinter-descriptor.yml index 7246a5a6d8a..e547b4a4a15 100644 --- a/megalinter/descriptors/go.megalinter-descriptor.yml +++ b/megalinter/descriptors/go.megalinter-descriptor.yml @@ -81,15 +81,21 @@ linters: - "revive -config myfile.go" install: dockerfile: - ## Until "FROM ghcr.io/mgechev/revive:1.2.5 as revive" is available, use - # - FROM ghcr.io/mgechev/revive:1.2.5 as revive - # - COPY --link --from=revive /usr/bin/revive /usr/bin/revive - | - FROM golang:1-alpine as revive + FROM --platform=$BUILDPLATFORM golang:1-alpine as revive-build ## The golang image used as a builder is a temporary workaround ## for the released revive binaries not returning version numbers (devel). ## The install command should then be what is commented in the go.megalinter-descriptor.yml - RUN GOBIN=/usr/bin go install github.com/mgechev/revive@latest + ## See https://github.com/mgechev/revive/issues/787 + RUN mkdir temp && cd temp && go mod init temp && go get -d github.com/mgechev/revive@latest + ARG BUILDARCH + ARG TARGETARCH + RUN GOOS=linux GOARCH=${TARGETARCH} go install github.com/mgechev/revive@latest \ + && ([[ "${BUILDARCH}" == "${TARGETARCH}" ]] && mv bin/revive /usr/bin) || mv bin/linux_${TARGETARCH}/revive /usr/bin + FROM golang:1-alpine as revive + COPY --from=revive-build /usr/bin/revive /usr/bin/revive + # Verify Binary + RUN /usr/bin/revive --version - COPY --link --from=revive /usr/bin/revive /usr/bin/revive supported_platforms: platform: diff --git a/megalinter/descriptors/java.megalinter-descriptor.yml b/megalinter/descriptors/java.megalinter-descriptor.yml index c3ba5a3eb59..26de25365e3 100644 --- a/megalinter/descriptors/java.megalinter-descriptor.yml +++ b/megalinter/descriptors/java.megalinter-descriptor.yml @@ -99,7 +99,7 @@ linters: - "pmd --rulesets java-pmd-ruleset.xml --file-list /tmp/list-off-files-generated-by-megalinter.txt" - "pmd --rulesets java-pmd-ruleset.xml --dir /path/to/sources" install: - dockerfile: + build_platform_dockerfile: - ARG PMD_VERSION=6.55.0 - | RUN wget --quiet https://github.com/pmd/pmd/releases/download/pmd_releases%2F${PMD_VERSION}/pmd-bin-${PMD_VERSION}.zip && \ @@ -107,6 +107,8 @@ linters: rm pmd-bin-${PMD_VERSION}.zip && \ mv pmd-bin-${PMD_VERSION} /usr/bin/pmd && \ chmod +x /usr/bin/pmd/bin/run.sh + dockerfile: + - COPY --link --from=build-platform /usr/bin/pmd /usr/bin/pmd supported_platforms: platform: - linux/amd64 diff --git a/megalinter/descriptors/kotlin.megalinter-descriptor.yml b/megalinter/descriptors/kotlin.megalinter-descriptor.yml index 8791b017056..fc21f07eee6 100644 --- a/megalinter/descriptors/kotlin.megalinter-descriptor.yml +++ b/megalinter/descriptors/kotlin.megalinter-descriptor.yml @@ -25,11 +25,13 @@ linters: - "ktlint myfile.kt" - "ktlint --format myfile.kt" install: - dockerfile: + build_platform_dockerfile: - | RUN curl --retry 5 --retry-delay 5 -sSLO https://github.com/pinterest/ktlint/releases/latest/download/ktlint && \ chmod a+x ktlint && \ mv "ktlint" /usr/bin/ + dockerfile: + - COPY --link --from=build-platform /usr/bin/ktlint /usr/bin/ktlint supported_platforms: platform: - linux/amd64 diff --git a/megalinter/descriptors/lua.megalinter-descriptor.yml b/megalinter/descriptors/lua.megalinter-descriptor.yml index a7fdd91c6da..aefe1cacdcc 100644 --- a/megalinter/descriptors/lua.megalinter-descriptor.yml +++ b/megalinter/descriptors/lua.megalinter-descriptor.yml @@ -20,21 +20,13 @@ linters: apk: - openssl - readline-dev + - lua5.3 + - lua5.3-dev + - luarocks5.3 + - gcc + - musl-dev dockerfile: - - | - RUN wget --tries=5 https://www.lua.org/ftp/lua-5.3.5.tar.gz -O - -q | tar -xzf - \ - && cd lua-5.3.5 \ - && make linux \ - && make install \ - && cd .. && rm -r lua-5.3.5/ \ - && wget --tries=5 https://github.com/cvega/luarocks/archive/v3.3.1-super-linter.tar.gz -O - -q | tar -xzf - \ - && cd luarocks-3.3.1-super-linter \ - && ./configure --with-lua-include=/usr/local/include \ - && make \ - && make -b install \ - && cd .. && rm -r luarocks-3.3.1-super-linter/ \ - && luarocks install luacheck \ - && cd / + - RUN luarocks-5.3 install luacheck supported_platforms: platform: - linux/amd64 diff --git a/megalinter/descriptors/php.megalinter-descriptor.yml b/megalinter/descriptors/php.megalinter-descriptor.yml index e4a28d933c9..db77587f12d 100644 --- a/megalinter/descriptors/php.megalinter-descriptor.yml +++ b/megalinter/descriptors/php.megalinter-descriptor.yml @@ -6,6 +6,8 @@ descriptor_flavors: file_extensions: - ".php" install: + build_platform_apk: + - gnupg apk: - gnupg - php81 @@ -18,7 +20,7 @@ install: - php81-dom - php81-simplexml - dpkg - dockerfile: + build_platform_dockerfile: - | RUN GITHUB_AUTH_TOKEN="$(cat /run/secrets/GITHUB_TOKEN)" \ && export GITHUB_AUTH_TOKEN \ @@ -32,8 +34,10 @@ install: && gpg --verify phive.phar.asc phive.phar \ && chmod +x phive.phar \ && mv phive.phar /usr/local/bin/phive \ - && rm phive.phar.asc \ - && update-alternatives --install /usr/bin/php php /usr/bin/php81 110 + && rm phive.phar.asc + dockerfile: + - COPY --link --from=build-platform /usr/local/bin/phive /usr/local/bin/phive + - RUN update-alternatives --install /usr/bin/php php /usr/bin/php81 110 supported_platforms: platform: - linux/amd64 @@ -106,8 +110,7 @@ linters: install: dockerfile: - FROM ghcr.io/phpstan/phpstan:latest-php8.1 as phpstan - - COPY --link --from=phpstan /composer/vendor/phpstan/phpstan/phpstan.phar /usr/bin/phpstan - - RUN chmod +x /usr/bin/phpstan + - COPY --link --chmod=755 --from=phpstan /composer/vendor/phpstan/phpstan/phpstan.phar /usr/bin/phpstan idea: - name: PHPStan / Psalm / Generics url: https://plugins.jetbrains.com/plugin/12754-phpstan--psalm--generics diff --git a/megalinter/descriptors/powershell.megalinter-descriptor.yml b/megalinter/descriptors/powershell.megalinter-descriptor.yml index 5d68f11d257..4c681b77927 100644 --- a/megalinter/descriptors/powershell.megalinter-descriptor.yml +++ b/megalinter/descriptors/powershell.megalinter-descriptor.yml @@ -21,10 +21,12 @@ install: - ARG TARGETPLATFORM - ARG PWSH_VERSION='latest' - ARG PWSH_DIRECTORY='/opt/microsoft/powershell' + # Currently there is no support for alpine / arm in powershell. Leaving the case statement here since it should work once it's supported - | - RUN case ${TARGETPLATFORM} in \ + RUN ([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && exit 0) || \ + case ${TARGETPLATFORM} in \ "linux/amd64") POWERSHELL_ARCH=alpine-x64 ;; \ - "linux/arm64") POWERSHELL_ARCH=arm64 ;; \ + "linux/arm64") POWERSHELL_ARCH=alpine-arm64 ;; \ esac \ && mkdir -p ${PWSH_DIRECTORY} \ && curl --retry 5 --retry-delay 5 -s \ @@ -58,11 +60,10 @@ linters: install: dockerfile: - ARG PSSA_VERSION='latest' - - RUN pwsh -c 'Install-Module -Name PSScriptAnalyzer -RequiredVersion ${PSSA_VERSION} -Scope AllUsers -Force' + - RUN ([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && exit 0) || pwsh -c 'Install-Module -Name PSScriptAnalyzer -RequiredVersion ${PSSA_VERSION} -Scope AllUsers -Force' supported_platforms: platform: - linux/amd64 - - linux/arm64 ide: vscode: - name: VSCode PowerShell extension @@ -92,11 +93,10 @@ linters: install: dockerfile: - ARG PSSA_VERSION='latest' - - RUN pwsh -c 'Install-Module -Name PSScriptAnalyzer -RequiredVersion ${PSSA_VERSION} -Scope AllUsers -Force' + - RUN ([[ "${TARGETPLATFORM}" == "linux/arm64" ]] && exit 0) || pwsh -c 'Install-Module -Name PSScriptAnalyzer -RequiredVersion ${PSSA_VERSION} -Scope AllUsers -Force' supported_platforms: platform: - linux/amd64 - - linux/arm64 ide: vscode: - name: VSCode PowerShell extension diff --git a/megalinter/descriptors/python.megalinter-descriptor.yml b/megalinter/descriptors/python.megalinter-descriptor.yml index 6f9ec7b1e63..b047466c358 100644 --- a/megalinter/descriptors/python.megalinter-descriptor.yml +++ b/megalinter/descriptors/python.megalinter-descriptor.yml @@ -397,8 +397,18 @@ linters: - "ruff check myfile.py" - "ruff check --config .ruff.toml myfile.py" install: - pip: - - ruff + dockerfile: + - |- + FROM --platform=$BUILDPLATFORM alpine:3 AS fetch-ruff + ARG BUILDARCH + RUN --mount=type=cache,target=/var/cache/apk,id=apk-${BUILDARCH},sharing=locked \ + apk add --update curl + WORKDIR / + ARG TARGETARCH + RUN export DL_LOCATION="https://github.com/charliermarsh/ruff/releases/latest/download/ruff-$([[ "${TARGETARCH}" == "amd64" ]] && echo "x86_64" || echo "aarch64")-unknown-linux-musl.tar.gz" \ + && echo "Downloading from ${DL_LOCATION}" \ + && curl --location "${DL_LOCATION}" | tar -xzv + - COPY --link --from=fetch-ruff /ruff /usr/bin/ruff ide: idea: - name: Ruff diff --git a/megalinter/descriptors/repository.megalinter-descriptor.yml b/megalinter/descriptors/repository.megalinter-descriptor.yml index 91d05585902..21fa56f8faf 100644 --- a/megalinter/descriptors/repository.megalinter-descriptor.yml +++ b/megalinter/descriptors/repository.megalinter-descriptor.yml @@ -37,6 +37,9 @@ linters: - "checkov --directory ." - "checkov --directory . --output --sarif" install: + pip_apk: + - g++ + - cmake pip: - packaging - checkov @@ -134,10 +137,18 @@ linters: dockerfile: # The golang image used as a builder is a temporary workaround # Dustilock is not released as a binary or container - - | - FROM golang:alpine as dustilock - RUN GOBIN=/usr/bin go install github.com/checkmarx/dustilock@v1.2.0 - - COPY --link --from=dustilock /usr/bin/dustilock /usr/bin/dustilock + - | + FROM --platform=$BUILDPLATFORM golang:alpine as dustilock-build + RUN mkdir temp && cd temp && go mod init temp && go get -d github.com/checkmarx/dustilock@v1.2.0 + ARG BUILDARCH + ARG TARGETARCH + RUN GOOS=linux GOARCH=${TARGETARCH} go install github.com/checkmarx/dustilock@v1.2.0 \ + && ([[ "${BUILDARCH}" == "${TARGETARCH}" ]] && mv bin/dustilock /usr/bin) || mv bin/linux_${TARGETARCH}/dustilock /usr/bin + FROM golang:alpine as dustilock + COPY --from=dustilock-build /usr/bin/dustilock /usr/bin/dustilock + # Verify Binary + RUN /usr/bin/dustilock --version + - COPY --link --from=dustilock /usr/bin/dustilock /usr/bin/dustilock supported_platforms: platform: - linux/amd64 @@ -428,6 +439,9 @@ linters: - "semgrep /tmp/lint" - "semgrep " install: + pip_apk: + - g++ + - cmake pip: - semgrep variables: diff --git a/megalinter/descriptors/salesforce.megalinter-descriptor.yml b/megalinter/descriptors/salesforce.megalinter-descriptor.yml index 6d5838524f2..d85f34e6784 100644 --- a/megalinter/descriptors/salesforce.megalinter-descriptor.yml +++ b/megalinter/descriptors/salesforce.megalinter-descriptor.yml @@ -10,25 +10,9 @@ install: dockerfile: - ENV JAVA_HOME=/usr/lib/jvm/java-11-openjdk - ENV PATH="$JAVA_HOME/bin:${PATH}" - - | - RUN echo y|sfdx plugins:install sfdx-hardis \ - && npm cache clean --force || true \ - && rm -rf /root/.npm/_cacache # Salesforce DX npm: - - sfdx-cli -supported_platforms: - platform: - - linux/amd64 - - linux/arm64 - install_override: - - platform: linux/arm64 - install: - dockerfile: - - ENV JAVA_HOME=/usr/lib/jvm/java-11-openjdk - - ENV PATH="$JAVA_HOME/bin:${PATH}" - - ENV PUPPETEER_SKIP_CHROMIUM_DOWNLOAD true - - RUN echo y|sfdx plugins:install sfdx-hardis + - "@salesforce/cli" linters: # SFDX Scanner - linter_name: sfdx-scanner-apex diff --git a/megalinter/descriptors/scala.megalinter-descriptor.yml b/megalinter/descriptors/scala.megalinter-descriptor.yml index e9ad48b797c..b4f07c6bfca 100644 --- a/megalinter/descriptors/scala.megalinter-descriptor.yml +++ b/megalinter/descriptors/scala.megalinter-descriptor.yml @@ -5,7 +5,10 @@ file_extensions: install: apk: - openjdk11 - dockerfile: + build_platform_apk: + - curl + - openjdk11 + build_platform_dockerfile: - | RUN curl --retry-all-errors --retry 10 -fLo coursier https://git.io/coursier-cli && \ chmod +x coursier @@ -40,8 +43,10 @@ linters: - "scalafix --check --config .scalafix.conf myfile.scala" - "scalafix --config .scalafix.conf myfile.scala" # Fix install: - dockerfile: + build_platform_dockerfile: - RUN ./coursier install scalafix --quiet --install-dir /usr/bin && rm -rf /root/.cache + dockerfile: + - COPY --link --from=build-platform /usr/bin/scalafix /usr/bin/ supported_platforms: platform: - linux/amd64 diff --git a/megalinter/descriptors/yaml.megalinter-descriptor.yml b/megalinter/descriptors/yaml.megalinter-descriptor.yml index 279b4ccc395..ee88cb22f59 100644 --- a/megalinter/descriptors/yaml.megalinter-descriptor.yml +++ b/megalinter/descriptors/yaml.megalinter-descriptor.yml @@ -82,7 +82,7 @@ linters: - "yamllint -c .yamllint.yml myfile.yaml" install: pip: - - yamllint + - yamllint supported_platforms: platform: - linux/amd64 diff --git a/megalinter/reporters/ConfigReporter.py b/megalinter/reporters/ConfigReporter.py index 93f0eb407cb..04eae760269 100644 --- a/megalinter/reporters/ConfigReporter.py +++ b/megalinter/reporters/ConfigReporter.py @@ -63,11 +63,9 @@ def produce_report(self): # Get applicable IDEA extensions idea_extensions = ide.get("idea", []) for idea_extension in idea_extensions: - if "https://plugins.jetbrains.com/plugin/" in idea_extension["url"]: + if "id" in idea_extension: idea_recommended_extensions += [ - idea_extension["url"].split( - "https://plugins.jetbrains.com/plugin/", 1 - )[1] + idea_extension["id"] ] # Copy config file if default (and not already at the root of the folder) if linter.final_config_file is not None: diff --git a/megalinter/setup.py b/megalinter/setup.py index 6a28376efec..f38ad12dc9a 100644 --- a/megalinter/setup.py +++ b/megalinter/setup.py @@ -8,6 +8,7 @@ author="Nicolas Vuillamy", author_email="nicolas.vuillamy@gmail.com", license="MIT", + package_dir={"megalinter": ""}, packages=[ "megalinter", "megalinter.linters", diff --git a/parseLog b/parseLog new file mode 100755 index 00000000000..b6ec8cd3444 --- /dev/null +++ b/parseLog @@ -0,0 +1,25 @@ +#!/usr/bin/env bash +# This script will parse the github actions log to tell you where time is being spent +# To use it: +# 1. Go to a job +# 2. Click the gear +# 3. Then click "Download log archive" +# 4. Extract the archive +# 5. Run ./parseLog path/to/buildkitOutput.log +# You will then have a csv file containing some basic information about each stage, when it ran, and how long it ran +file=$(cat "$1") +timeStamps="$(echo "$file" | grep -o '[^ ]*Z #[0-9]*')" +jobIds=$(echo "$timeStamps" | grep -o '#[0-9]*' | sort | uniq) +data="Job Id,Label,Start,End,Length" + +for f in $jobIds; do + jobTimestamps=$(echo "$timeStamps" | grep "$f$" | grep -o "^[^ ]*") + start=$(echo "$jobTimestamps" | head -n 1) + end=$(echo "$jobTimestamps" | tail -n 1) + length=$(echo "$file" | grep "$f DONE" | grep -o "[0-9.]*s$" | grep -o "[0-9.]*" | tail -n 1) + label=$(echo "$file" | grep -o -e "Z $f \[[^]]*\]" | grep -o -e "\[[^]]*\]" | grep -o -e "[^][]*" | tail -n 1 | sed 's_1/1__g') + data="${data} +${f},${label},${start},${end},${length}" +done + +echo "${data}"