Skip to content

feat: add docker build detection #409

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 5 commits into from
Sep 8, 2023
Merged

Conversation

timyarkov
Copy link
Contributor

@timyarkov timyarkov commented Aug 13, 2023

This PR adds support for the detection of Dockerfiles, so as to cover scenarios where Docker gets used as a build tool, e.g. when Macaron gets built using its Dockerfile.

  • Docker presence is detected by finding files either named Dockerfile or in the formats *.Dockerfile or Dockerfile.* to cover different naming conventions of dockerfiles, e.g. dev.Dockerfile or like Macaron's own Dockerfile.base and Dockerfile.final. This is defined in defaults.ini under [builder.docker]
  • The supported build command keyword is build, and supported deploy command keyword is push, defined in defaults.ini under [builder.docker]
  • For CI deploy commands the Github action docker/build-push-action@v4 is supported, defined in defaults.ini under [builder.docker.ci.deploy]

To do from here:

  • Implement dependency resolution for dockerfiles, as of now this is purely detection and does not include anything regarding SBOMs
  • Further testing; as of now it has a single test for detection of docker using https://github.com/timyarkov/docker_test, however it would be good to expand tests to cover scenarios like multiple build tools alongside docker, more naming variations, etc.

@oracle-contributor-agreement oracle-contributor-agreement bot added the OCA Verified All contributors have signed the Oracle Contributor Agreement. label Aug 13, 2023
@timyarkov timyarkov marked this pull request as draft August 13, 2023 07:55
@tromai
Copy link
Member

tromai commented Aug 14, 2023

It looks like the error your are encountering is related to this issue. Please rebase on staging as we have decided to ignore the error raised by pip_audit in this PR for now.

@timyarkov timyarkov changed the title feat: docker support feat: add docker build detection Aug 14, 2023
@timyarkov timyarkov marked this pull request as ready for review August 14, 2023 02:23
@tromai
Copy link
Member

tromai commented Aug 17, 2023

@timyarkov It would be good if we have a description of the feature's behaviors in the PR's description whenever a new feature is developed. It could really help us with reviewing the code changes.
For example: #67, #316 and #254 (minus the implementation section).
Note that it doesn't need a full detail explanation of the implementation but a short description of how the features work as the user's perspective:

  • any configuration needed
  • what sort of inputs does it accept
  • what is the problem the feature is going to solve

@timyarkov
Copy link
Contributor Author

@timyarkov It would be good if we have a description of the feature's behaviors in the PR's description whenever a new feature is developed. It could really help us with reviewing the code changes. For example: #67, #316 and #254 (minus the implementation section). Note that it doesn't need a full detail explanation of the implementation but a short description of how the features work as the user's perspective:

  • any configuration needed
  • what sort of inputs does it accept
  • what is the problem the feature is going to solve

My bad, have updated it with more details, hopefully that is enough?

@tromai
Copy link
Member

tromai commented Aug 17, 2023

@timyarkov It would be good if we have a description of the feature's behaviors in the PR's description whenever a new feature is developed. It could really help us with reviewing the code changes. For example: #67, #316 and #254 (minus the implementation section). Note that it doesn't need a full detail explanation of the implementation but a short description of how the features work as the user's perspective:

  • any configuration needed
  • what sort of inputs does it accept
  • what is the problem the feature is going to solve

My bad, have updated it with more details, hopefully that is enough?

No worries. That's great. Thanks for that.

@tromai
Copy link
Member

tromai commented Aug 18, 2023

Please rebase on staging. Hopefully this PR would prevent this issue from happening again.
Also, it would be great if you push fixed commit (happens after you mark a PR as ready for review) separately without squashing it into previous commits. This would also help me keeping track of the changes too. Thanks!

Copy link
Member

@behnazh-w behnazh-w left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please add unit tests following the examples for build tools here.

@timyarkov
Copy link
Contributor Author

Please add unit tests following the examples for build tools here.

Added in latest commit 33d4595

@timyarkov timyarkov force-pushed the docker-support branch 2 times, most recently from c5ab096 to 7664721 Compare August 28, 2023 03:30
@behnazh-w behnazh-w merged commit d15fffb into oracle:staging Sep 8, 2023
art1f1c3R pushed a commit that referenced this pull request Nov 29, 2024
This PR adds support for the detection of Dockerfiles, so as to cover scenarios where Docker gets used as a build tool.

* Docker presence is detected by finding files either named Dockerfile or in the formats *.Dockerfile or Dockerfile.* to cover different naming conventions of dockerfiles, e.g. dev.Dockerfile or like Macaron's own Dockerfile.base and Dockerfile.final. This is defined in defaults.ini under [builder.docker]

* The supported build command keyword is build, and supported deploy command keyword is push, defined in defaults.ini under [builder.docker]

*For CI deploy commands the GitHub action docker/build-push-action is supported, defined in defaults.ini under [builder.docker.ci.deploy]

Signed-off-by: Tim Yarkov <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
OCA Verified All contributors have signed the Oracle Contributor Agreement.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants