@dockerforge/cli 0.1.0 → 0.1.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +33 -21
- package/package.json +29 -11
package/README.md
CHANGED
|
@@ -1,7 +1,15 @@
|
|
|
1
1
|
# @dockerforge/cli
|
|
2
2
|
|
|
3
|
-
Generate
|
|
4
|
-
|
|
3
|
+
Generate and lint production-grade Dockerfiles from the command line. Offline, no account.
|
|
4
|
+
|
|
5
|
+
[](https://www.npmjs.com/package/@dockerforge/cli)
|
|
6
|
+
[](https://github.com/Mo-ASayed/DockerForge/blob/main/LICENSE)
|
|
7
|
+
[](https://nodejs.org)
|
|
8
|
+
|
|
9
|
+
Point it at a project directory and it detects the stack, then writes a Dockerfile, a
|
|
10
|
+
`.dockerignore`, and a Compose file, with a confidence score and warnings. It also lints
|
|
11
|
+
existing Dockerfiles and reports findings as human text, JSON, or SARIF. Everything runs on your
|
|
12
|
+
machine and makes no network calls.
|
|
5
13
|
|
|
6
14
|
## Install
|
|
7
15
|
|
|
@@ -20,9 +28,6 @@ dockerforge generate ./my-app
|
|
|
20
28
|
|
|
21
29
|
## Generate
|
|
22
30
|
|
|
23
|
-
Point it at a project directory. It detects the stack, then writes a Dockerfile,
|
|
24
|
-
a `.dockerignore`, and a Compose file.
|
|
25
|
-
|
|
26
31
|
```bash
|
|
27
32
|
dockerforge generate . # write files into the current directory
|
|
28
33
|
dockerforge generate ./app -o ./out # write into a chosen directory
|
|
@@ -30,8 +35,6 @@ dockerforge generate . --print # print the Dockerfile, write nothing
|
|
|
30
35
|
dockerforge generate . --json # JSON output for scripts and CI
|
|
31
36
|
```
|
|
32
37
|
|
|
33
|
-
Options:
|
|
34
|
-
|
|
35
38
|
| Flag | Effect |
|
|
36
39
|
| --- | --- |
|
|
37
40
|
| `-o, --output <dir>` | Write output to this directory. Defaults to the target path. |
|
|
@@ -42,14 +45,12 @@ Options:
|
|
|
42
45
|
| `--no-optimise` | Skip the optimisation pass. |
|
|
43
46
|
| `--no-security` | Skip the security pass. |
|
|
44
47
|
|
|
45
|
-
The default output is a coloured summary with the detected services, a confidence score, and
|
|
46
|
-
|
|
47
|
-
|
|
48
|
+
The default output is a coloured summary with the detected services, a confidence score, and any
|
|
49
|
+
warnings. `--json` and `--print` produce plain output with no decoration. Colour turns off when
|
|
50
|
+
the output is not a terminal or when `NO_COLOR` is set.
|
|
48
51
|
|
|
49
52
|
## Lint
|
|
50
53
|
|
|
51
|
-
Check a Dockerfile against a fixed set of rules. Pass a file or a directory that contains one.
|
|
52
|
-
|
|
53
54
|
```bash
|
|
54
55
|
dockerforge lint ./Dockerfile
|
|
55
56
|
dockerforge lint . --format sarif > results.sarif
|
|
@@ -57,16 +58,12 @@ dockerforge lint . --fail-on medium
|
|
|
57
58
|
dockerforge lint . --rules DF001,DF002
|
|
58
59
|
```
|
|
59
60
|
|
|
60
|
-
Options:
|
|
61
|
-
|
|
62
61
|
| Flag | Effect |
|
|
63
62
|
| --- | --- |
|
|
64
63
|
| `--format <fmt>` | `human` (default), `json`, or `sarif`. |
|
|
65
64
|
| `--fail-on <severity>` | Lowest severity that fails the run: `info`, `low`, `medium`, `high`, `critical`. Default `high`. |
|
|
66
65
|
| `--rules <ids>` | Comma-separated rule ids to run. Default is all rules. |
|
|
67
66
|
|
|
68
|
-
Rules:
|
|
69
|
-
|
|
70
67
|
| Id | Check | Severity |
|
|
71
68
|
| --- | --- | --- |
|
|
72
69
|
| DF001 | Base image is not pinned (no tag, or `:latest`) | high |
|
|
@@ -76,16 +73,25 @@ Rules:
|
|
|
76
73
|
| DF005 | A secret-like value is hardcoded in `ENV` or `ARG` | critical |
|
|
77
74
|
| DF006 | No `WORKDIR` is set in the final stage | low |
|
|
78
75
|
|
|
79
|
-
The `sarif` format follows SARIF 2.1.0, so the output drops straight into GitHub code scanning
|
|
80
|
-
|
|
76
|
+
The `sarif` format follows SARIF 2.1.0, so the output drops straight into GitHub code scanning or
|
|
77
|
+
any SARIF viewer. Full detail for each rule is in the [rules reference](https://github.com/Mo-ASayed/DockerForge/blob/main/docs/rules.md).
|
|
81
78
|
|
|
82
79
|
## Exit codes
|
|
83
80
|
|
|
81
|
+
`lint`:
|
|
82
|
+
|
|
84
83
|
| Code | Meaning |
|
|
85
84
|
| --- | --- |
|
|
86
|
-
| `0` |
|
|
87
|
-
| `1` |
|
|
88
|
-
| `2` |
|
|
85
|
+
| `0` | No findings at or above `--fail-on`. |
|
|
86
|
+
| `1` | Lint found at least one issue at or above `--fail-on`. |
|
|
87
|
+
| `2` | A tool error (bad path, unreadable file, invalid `--fail-on`). |
|
|
88
|
+
|
|
89
|
+
`generate`:
|
|
90
|
+
|
|
91
|
+
| Code | Meaning |
|
|
92
|
+
| --- | --- |
|
|
93
|
+
| `0` | Success. |
|
|
94
|
+
| `1` | An error. The JSON error carries a typed `code`, for example `PATH_NOT_FOUND`. |
|
|
89
95
|
|
|
90
96
|
## Use in CI
|
|
91
97
|
|
|
@@ -104,6 +110,12 @@ Upload findings to GitHub code scanning:
|
|
|
104
110
|
sarif_file: dockerforge.sarif
|
|
105
111
|
```
|
|
106
112
|
|
|
113
|
+
## Documentation
|
|
114
|
+
|
|
115
|
+
- [CLI reference](https://github.com/Mo-ASayed/DockerForge/blob/main/docs/cli.md)
|
|
116
|
+
- [Lint rules](https://github.com/Mo-ASayed/DockerForge/blob/main/docs/rules.md)
|
|
117
|
+
- [Programmatic API](https://github.com/Mo-ASayed/DockerForge/blob/main/docs/programmatic.md)
|
|
118
|
+
|
|
107
119
|
## License
|
|
108
120
|
|
|
109
121
|
Apache-2.0. Built on [`@dockerforge/core`](https://www.npmjs.com/package/@dockerforge/core).
|
package/package.json
CHANGED
|
@@ -1,29 +1,47 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@dockerforge/cli",
|
|
3
|
-
"version": "0.1.
|
|
4
|
-
"description": "DockerForge CLI
|
|
3
|
+
"version": "0.1.1",
|
|
4
|
+
"description": "DockerForge CLI: generate production-grade Dockerfiles, .dockerignore, and Compose from a local project, and lint Dockerfiles (human/JSON/SARIF). Offline.",
|
|
5
5
|
"license": "Apache-2.0",
|
|
6
6
|
"author": "Docker Forge",
|
|
7
7
|
"homepage": "https://containerise.dev",
|
|
8
8
|
"repository": {
|
|
9
9
|
"type": "git",
|
|
10
|
-
"url": "git+https://github.com/Mo-ASayed/
|
|
11
|
-
"directory": "
|
|
10
|
+
"url": "git+https://github.com/Mo-ASayed/DockerForge.git",
|
|
11
|
+
"directory": "packages/cli"
|
|
12
|
+
},
|
|
13
|
+
"bugs": {
|
|
14
|
+
"url": "https://github.com/Mo-ASayed/DockerForge/issues"
|
|
12
15
|
},
|
|
13
|
-
"bugs": { "url": "https://github.com/Mo-ASayed/Apps/issues" },
|
|
14
16
|
"bin": {
|
|
15
17
|
"dockerforge": "src/index.js"
|
|
16
18
|
},
|
|
17
19
|
"main": "src/index.js",
|
|
18
|
-
"files": [
|
|
19
|
-
|
|
20
|
-
|
|
20
|
+
"files": [
|
|
21
|
+
"src",
|
|
22
|
+
"LICENSE",
|
|
23
|
+
"NOTICE"
|
|
24
|
+
],
|
|
25
|
+
"engines": {
|
|
26
|
+
"node": ">=18"
|
|
27
|
+
},
|
|
28
|
+
"publishConfig": {
|
|
29
|
+
"access": "public"
|
|
30
|
+
},
|
|
21
31
|
"scripts": {
|
|
22
32
|
"test": "node --test"
|
|
23
33
|
},
|
|
34
|
+
"keywords": [
|
|
35
|
+
"docker",
|
|
36
|
+
"dockerfile",
|
|
37
|
+
"containerize",
|
|
38
|
+
"cli",
|
|
39
|
+
"generator",
|
|
40
|
+
"lint",
|
|
41
|
+
"sarif"
|
|
42
|
+
],
|
|
24
43
|
"dependencies": {
|
|
25
|
-
"@dockerforge/core": "^0.1.
|
|
44
|
+
"@dockerforge/core": "^0.1.1",
|
|
26
45
|
"commander": "^12.1.0"
|
|
27
|
-
}
|
|
28
|
-
"keywords": ["docker", "dockerfile", "containerize", "cli", "generator", "lint", "sarif"]
|
|
46
|
+
}
|
|
29
47
|
}
|