puppet_docker_tools 0.1.1 → 0.1.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 0cced50b6cd276b28389615a751ad0946a6e3196
-  data.tar.gz: 30084e7aebeee1dd037537bdb6ad521ff33376b3
+  metadata.gz: 2af7f0af2ac0fb8371c5358179ff8b3d26f10157
+  data.tar.gz: 5c82a30a82d4dbaafbf3e8217a9c8f4b96cb4d5d
 SHA512:
-  metadata.gz: 2612cf5a9ce5c38bd1518c503f72c0943e4517ad6ba789e5573c562123604f9bd0978b4e4c5ceefeaff286ccef2da78868a93e7d3588263495da970d4551eca7
-  data.tar.gz: fe1ae2b95ab05230b2aeb780a111c286fde043ebe068af55dd9f4560a59412f44d8d1275fc78f7f72960035e37f6443d5cdb0a91e062586b027c031b1d49427e
+  metadata.gz: e3f350e40c4f26824845e9e06d820b3fb47d69e165602feb6a9049a3cf7a18f78514670a0f9a53dcae5d07bafc22e644173b93f2d5ec3e815c04ba7daff79c76
+  data.tar.gz: f8092567055f4a50bcecd27682209ff6f3374d46a39806bc6a5a86143d3c3155b9ab5c06b9db87269a109f7e7ab25a1988f7e7e5019fa56f6e0c4c269afec1bd

data/README.md

@@ -15,6 +15,7 @@ $ puppet-docker help
 Usage:
   puppet-docker build [DIRECTORY] [--dockerfile=<dockerfile>] [--repository=<repo>] [--namespace=<namespace>] [--no-cache]
   puppet-docker lint [DIRECTORY] [--dockerfile=<dockerfile>]
+  puppet-docker local-lint [DIRECTORY] [--dockerfile=<dockerfile>]
   puppet-docker pull [IMAGE] [--repository=<repo>]
   puppet-docker push [DIRECTORY] [--dockerfile=<dockerfile>] [--repository=<repo>] [--namespace=<namespace>]
   puppet-docker rev-labels [DIRECTORY] [--dockerfile=<dockerfile>] [--namespace=<namespace>]
@@ -48,6 +49,10 @@ Run [hadolint](https://github.com/hadolint/hadolint) on the dockerfile in DIRECT
 * [DL4000](https://github.com/hadolint/hadolint/wiki/DL4000) - MAINTAINER is deprecated
 * [DL4001](https://github.com/hadolint/hadolint/wiki/DL4001) - Don't use both wget and curl
 
+### `puppet-docker local-lint`
+
+Run [hadolint](https://github.com/hadolint/hadolint) on the dockerfile in DIRECTORY. The lint task runs using a locally installed `hadolint` executable with the same rule exclusions as `puppet-docker lint`.
+
 ### `puppet-docker pull`
 
 Pull the specified image, i.e. 'puppet/puppetserver'. *NOTE*: If you don't include the tag you want to pull, `puppet-docker pull` will pull all tags for that image.
@@ -76,6 +81,15 @@ Output the `version` label for the dockerfile contained in DIRECTORY.
 
 Update the base images. Any number of tags to update can be passed, or by default it will pull the latest version of: ['ubuntu:16.04', 'centos:7', 'alpine:3.4', 'debian:9', 'postgres:9.6.8']
 
+## Items available to Dockerfiles
+
+There are some common variables passed to builds that you can take advantage of in your Dockerfiles.
+
+### `ARG`s
+
+* `vcs_ref`: set to `git rev-parse HEAD`
+* `build_date`: set to ruby's `Time.now.utc.iso8601`
+
 ## Issues
 
 File issues in the [Community Package Repository (CPR) project](https://tickets.puppet.com/browse/CPR) with the 'Container' component.

data/bin/puppet-docker

@@ -9,6 +9,7 @@ Utilities for building and releasing Puppet docker images.
 Usage:
   puppet-docker build [DIRECTORY] [--dockerfile=<dockerfile>] [--repository=<repo>] [--namespace=<namespace>] [--no-cache]
   puppet-docker lint [DIRECTORY] [--dockerfile=<dockerfile>]
+  puppet-docker local-lint [DIRECTORY] [--dockerfile=<dockerfile>]
   puppet-docker pull [IMAGE] [--repository=<repo>]
   puppet-docker push [DIRECTORY] [--dockerfile=<dockerfile>] [--repository=<repo>] [--namespace=<namespace>]
   puppet-docker rev-labels [DIRECTORY] [--dockerfile=<dockerfile>] [--namespace=<namespace>]
@@ -71,6 +72,8 @@ begin
       command_runner.build(no_cache: options['--no-cache'])
     elsif options['lint']
       command_runner.lint
+    elsif options['local-lint']
+      command_runner.local_lint
     elsif options['push']
       command_runner.push
     elsif options['rev-labels']

data/lib/puppet_docker_tools/runner.rb

@@ -1,5 +1,6 @@
 require 'date'
 require 'docker'
+require 'json'
 require 'rspec/core'
 require 'time'
 require 'puppet_docker_tools/utilities'
@@ -29,8 +30,14 @@ class PuppetDockerTools
       path = "#{repository}/#{image_name}"
       puts "Building #{path}:latest"
 
+      build_args = {
+        'vcs_ref' => PuppetDockerTools::Utilities.current_git_sha(directory),
+        'build_date' => Time.now.utc.iso8601
+      }
+
       # 't' in the build_options sets the tag for the image we're building
-      build_options = { 't' => "#{path}:latest", 'dockerfile' => dockerfile }
+      build_options = { 't' => "#{path}:latest", 'dockerfile' => dockerfile, 'buildargs' => "#{build_args.to_json}"}
+
       if no_cache
         puts "Ignoring cache for #{path}"
         build_options['nocache'] = true
@@ -40,29 +47,21 @@ class PuppetDockerTools
       if version
         puts "Building #{path}:#{version}"
 
-        # 't' in the build_options sets the tag for the image we're building
-        build_options = { 't' => "#{path}:#{version}", 'dockerfile' => dockerfile }
+        build_options['t'] = "#{path}:#{version}"
         Docker::Image.build_from_dir(directory, build_options)
       end
     end
 
-    # Run hadolint on the Dockerfile in the specified directory. Hadolint is a
-    # linter for dockerfiles that also validates inline bash with shellcheck.
-    # For more info, see the github repo (https://github.com/hadolint/hadolint)
+    # Run hadolint on the Dockerfile in the specified directory. This will run
+    # hadolint inside of a container. To run a locally-installed hadolint binary
+    # see local_lint.
     #
     def lint
       hadolint_container = 'hadolint/hadolint'
-      ignore_rules = [
-        'DL3008',
-        'DL3018',
-        'DL4000',
-        'DL4001',
-      ]
-      ignore_string = ignore_rules.map { |x| "--ignore #{x}" }.join(' ')
 
       # make sure we have the container locally
       PuppetDockerTools::Utilities.pull("#{hadolint_container}:latest")
-      container = Docker::Container.create('Cmd' => ['/bin/sh', '-c', "hadolint #{ignore_string} - "], 'Image' => hadolint_container, 'OpenStdin' => true, 'StdinOnce' => true)
+      container = Docker::Container.create('Cmd' => ['/bin/sh', '-c', "#{PuppetDockerTools::Utilities.get_hadolint_command}"], 'Image' => hadolint_container, 'OpenStdin' => true, 'StdinOnce' => true)
       # This container.tap startes the container created above, and passes directory/Dockerfile to the container
       container.tap(&:start).attach(stdin: "#{directory}/#{dockerfile}")
       # Wait for the run to finish
@@ -73,6 +72,13 @@ class PuppetDockerTools
       end
     end
 
+    # Run hadolint Dockerfile linting using a local hadolint executable. Executable
+    # found based on your path.
+    def local_lint
+      output, status = Open3.capture2e(PuppetDockerTools::Utilities.get_hadolint_command("#{directory}/#{dockerfile}"))
+      fail output unless status == 0
+    end
+
     # Push an image to hub.docker.com
     #
     def push

data/lib/puppet_docker_tools/utilities.rb

@@ -126,6 +126,23 @@ class PuppetDockerTools
       end
     end
 
+    # Generate the hadolint command that should be run. Hadolint is a
+    # linter for dockerfiles that also validates inline bash with shellcheck.
+    # For more info, see the github repo (https://github.com/hadolint/hadolint)
+    #
+    # @param file Dockerfile to lint, defaults to stdin
+    def get_hadolint_command(file = '-')
+      ignore_rules = [
+        'DL3008',
+        'DL3018',
+        'DL4000',
+        'DL4001',
+      ]
+      ignore_string = ignore_rules.map { |x| "--ignore #{x}" }.join(' ')
+
+      "hadolint #{ignore_string} #{file}"
+    end
+
     # Get a value from a Dockerfile
     #
     # @param key The key to read from the Dockerfile, e.g. 'from'

data/spec/lib/puppet_docker_tools/runner_spec.rb

@@ -5,10 +5,13 @@ require 'docker'
 describe PuppetDockerTools::Runner do
   def create_runner(directory:, repository:, namespace:, dockerfile:)
     allow(File).to receive(:exist?).with("#{directory}/#{dockerfile}").and_return(true)
+    allow(Dir).to receive(:chdir).with(directory).and_return('b0c5ead01b6cabdb3f01871bce699be165c3288f')
+    allow(Time).to receive(:now).and_return(Time.at(1528478293))
     PuppetDockerTools::Runner.new(directory: directory, repository: repository, namespace: namespace, dockerfile: dockerfile)
   end
 
   let(:runner) { create_runner(directory: '/tmp/test-image', repository: 'test', namespace: 'org.label-schema', dockerfile: 'Dockerfile') }
+  let(:buildargs) {{ 'vcs_ref' => 'b0c5ead01b6cabdb3f01871bce699be165c3288f', 'build_date' => '2018-06-08T17:18:13Z' }.to_json}
 
   describe '#initialize' do
     it "should fail if the dockerfile doesn't exist" do
@@ -22,27 +25,27 @@ describe PuppetDockerTools::Runner do
 
     it 'builds a latest and version tag if version is found' do
       expect(PuppetDockerTools::Utilities).to receive(:get_value_from_env).with('version', namespace: runner.namespace, directory: runner.directory, dockerfile: runner.dockerfile).and_return('1.2.3')
-      expect(Docker::Image).to receive(:build_from_dir).with(runner.directory, { 't' => 'test/test-image:1.2.3', 'dockerfile' => runner.dockerfile }).and_return(image)
-      expect(Docker::Image).to receive(:build_from_dir).with(runner.directory, { 't' => 'test/test-image:latest', 'dockerfile' => runner.dockerfile }).and_return(image)
+      expect(Docker::Image).to receive(:build_from_dir).with(runner.directory, { 't' => 'test/test-image:1.2.3', 'dockerfile' => runner.dockerfile, 'buildargs' => buildargs }).and_return(image)
+      expect(Docker::Image).to receive(:build_from_dir).with(runner.directory, { 't' => 'test/test-image:latest', 'dockerfile' => runner.dockerfile, 'buildargs' => buildargs }).and_return(image)
       runner.build
     end
 
     it 'builds just a latest tag if no version is found' do
       expect(PuppetDockerTools::Utilities).to receive(:get_value_from_env).with('version', namespace: runner.namespace, directory: runner.directory, dockerfile: runner.dockerfile).and_return(nil)
-      expect(Docker::Image).to receive(:build_from_dir).with(runner.directory, { 't' => 'test/test-image:latest', 'dockerfile' => runner.dockerfile }).and_return(image)
+      expect(Docker::Image).to receive(:build_from_dir).with(runner.directory, { 't' => 'test/test-image:latest', 'dockerfile' => runner.dockerfile, 'buildargs' => buildargs }).and_return(image)
       runner.build
     end
 
     it 'ignores the cache when that parameter is set' do
       expect(PuppetDockerTools::Utilities).to receive(:get_value_from_env).with('version', namespace: runner.namespace, directory: runner.directory, dockerfile: runner.dockerfile).and_return(nil)
-      expect(Docker::Image).to receive(:build_from_dir).with(runner.directory, { 't' => 'test/test-image:latest', 'nocache' => true, 'dockerfile' => runner.dockerfile }).and_return(image)
+      expect(Docker::Image).to receive(:build_from_dir).with(runner.directory, { 't' => 'test/test-image:latest', 'nocache' => true, 'dockerfile' => runner.dockerfile, 'buildargs' => buildargs }).and_return(image)
       runner.build(no_cache: true)
     end
 
     it 'uses a custom dockerfile if passed' do
       allow(File).to receive(:exist?).with('/tmp/test-image/Dockerfile.test').and_return(true)
       expect(PuppetDockerTools::Utilities).to receive(:get_value_from_env).with('version', namespace: 'org.label-schema', directory: '/tmp/test-image', dockerfile: 'Dockerfile.test').and_return(nil)
-      expect(Docker::Image).to receive(:build_from_dir).with('/tmp/test-image', { 't' => 'test/test-image:latest', 'dockerfile' => 'Dockerfile.test' }).and_return(image)
+      expect(Docker::Image).to receive(:build_from_dir).with('/tmp/test-image', { 't' => 'test/test-image:latest', 'dockerfile' => 'Dockerfile.test', 'buildargs' => buildargs }).and_return(image)
       local_runner = create_runner(directory: '/tmp/test-image', repository: 'test', namespace: 'org.label-schema', dockerfile: 'Dockerfile.test')
       local_runner.build
     end
@@ -86,6 +89,13 @@ describe PuppetDockerTools::Runner do
     end
   end
 
+  describe '#local_lint' do
+    it "should fail with logs if linting fails" do
+      allow(Open3).to receive(:capture2e).with(PuppetDockerTools::Utilities.get_hadolint_command('/tmp/test-image/Dockerfile')).and_return('container logs', 1)
+      expect { runner.local_lint }.to raise_error(RuntimeError, /container logs/)
+    end
+  end
+
   describe '#push' do
     it 'should fail if no version is set' do
       expect(PuppetDockerTools::Utilities).to receive(:get_value_from_label).and_return(nil)

data/spec/lib/puppet_docker_tools/utilities_spec.rb

@@ -195,4 +195,13 @@ HERE
     end
   end
 
+  describe '#get_hadolint_command' do
+    it 'generates a commmand with a dockerfile' do
+      expect(PuppetDockerTools::Utilities.get_hadolint_command('test/Dockerfile')).to eq('hadolint --ignore DL3008 --ignore DL3018 --ignore DL4000 --ignore DL4001 test/Dockerfile')
+    end
+
+    it 'defaults to generating a command that reads from stdin' do
+      expect(PuppetDockerTools::Utilities.get_hadolint_command).to eq('hadolint --ignore DL3008 --ignore DL3018 --ignore DL4000 --ignore DL4001 -')
+    end
+  end
 end

data/spec/support/examples/running_container.rb

@@ -0,0 +1,11 @@
+shared_examples "a running container" do |command, exit_status|
+  it "should run #{command} with exit status #{exit_status}" do
+    container = Docker::Container.create('Image' => @image.id, 'Cmd' => command)
+    container.start
+    container.wait
+    exit_status = container.json['State']['ExitCode']
+    expect(exit_status).to eq(exit_status)
+    container.kill
+    container.delete(force: true)
+  end
+end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: puppet_docker_tools
 version: !ruby/object:Gem::Version
-  version: 0.1.1
+  version: 0.1.2
 platform: ruby
 authors:
 - Puppet, Inc.
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2018-05-24 00:00:00.000000000 Z
+date: 2018-06-12 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: docker-api
@@ -87,6 +87,7 @@ files:
 - spec/support/context/with_docker_container.rb
 - spec/support/context/with_docker_container_dummy_cmd.rb
 - spec/support/context/with_docker_image.rb
+- spec/support/examples/running_container.rb
 homepage: https://github.com/puppetlabs/puppet_docker_tools
 licenses:
 - Apache-2.0