@dockerforge/cli 0.1.0 → 0.1.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/README.md +33 -21
  2. package/package.json +29 -11
package/README.md CHANGED
@@ -1,7 +1,15 @@
1
1
  # @dockerforge/cli
2
2
 
3
- Generate a Dockerfile, `.dockerignore`, and Compose file from a local project, and lint
4
- existing Dockerfiles. Runs offline. No account, no network calls.
3
+ Generate and lint production-grade Dockerfiles from the command line. Offline, no account.
4
+
5
+ [![npm](https://img.shields.io/npm/v/@dockerforge/cli)](https://www.npmjs.com/package/@dockerforge/cli)
6
+ [![license](https://img.shields.io/npm/l/@dockerforge/cli)](https://github.com/Mo-ASayed/DockerForge/blob/main/LICENSE)
7
+ [![node](https://img.shields.io/node/v/@dockerforge/cli)](https://nodejs.org)
8
+
9
+ Point it at a project directory and it detects the stack, then writes a Dockerfile, a
10
+ `.dockerignore`, and a Compose file, with a confidence score and warnings. It also lints
11
+ existing Dockerfiles and reports findings as human text, JSON, or SARIF. Everything runs on your
12
+ machine and makes no network calls.
5
13
 
6
14
  ## Install
7
15
 
@@ -20,9 +28,6 @@ dockerforge generate ./my-app
20
28
 
21
29
  ## Generate
22
30
 
23
- Point it at a project directory. It detects the stack, then writes a Dockerfile,
24
- a `.dockerignore`, and a Compose file.
25
-
26
31
  ```bash
27
32
  dockerforge generate . # write files into the current directory
28
33
  dockerforge generate ./app -o ./out # write into a chosen directory
@@ -30,8 +35,6 @@ dockerforge generate . --print # print the Dockerfile, write nothing
30
35
  dockerforge generate . --json # JSON output for scripts and CI
31
36
  ```
32
37
 
33
- Options:
34
-
35
38
  | Flag | Effect |
36
39
  | --- | --- |
37
40
  | `-o, --output <dir>` | Write output to this directory. Defaults to the target path. |
@@ -42,14 +45,12 @@ Options:
42
45
  | `--no-optimise` | Skip the optimisation pass. |
43
46
  | `--no-security` | Skip the security pass. |
44
47
 
45
- The default output is a coloured summary with the detected services, a confidence score, and
46
- any warnings. `--json` and `--print` produce plain output with no decoration. Colour turns off
47
- when the output is not a terminal or when `NO_COLOR` is set.
48
+ The default output is a coloured summary with the detected services, a confidence score, and any
49
+ warnings. `--json` and `--print` produce plain output with no decoration. Colour turns off when
50
+ the output is not a terminal or when `NO_COLOR` is set.
48
51
 
49
52
  ## Lint
50
53
 
51
- Check a Dockerfile against a fixed set of rules. Pass a file or a directory that contains one.
52
-
53
54
  ```bash
54
55
  dockerforge lint ./Dockerfile
55
56
  dockerforge lint . --format sarif > results.sarif
@@ -57,16 +58,12 @@ dockerforge lint . --fail-on medium
57
58
  dockerforge lint . --rules DF001,DF002
58
59
  ```
59
60
 
60
- Options:
61
-
62
61
  | Flag | Effect |
63
62
  | --- | --- |
64
63
  | `--format <fmt>` | `human` (default), `json`, or `sarif`. |
65
64
  | `--fail-on <severity>` | Lowest severity that fails the run: `info`, `low`, `medium`, `high`, `critical`. Default `high`. |
66
65
  | `--rules <ids>` | Comma-separated rule ids to run. Default is all rules. |
67
66
 
68
- Rules:
69
-
70
67
  | Id | Check | Severity |
71
68
  | --- | --- | --- |
72
69
  | DF001 | Base image is not pinned (no tag, or `:latest`) | high |
@@ -76,16 +73,25 @@ Rules:
76
73
  | DF005 | A secret-like value is hardcoded in `ENV` or `ARG` | critical |
77
74
  | DF006 | No `WORKDIR` is set in the final stage | low |
78
75
 
79
- The `sarif` format follows SARIF 2.1.0, so the output drops straight into GitHub code scanning
80
- or any SARIF viewer.
76
+ The `sarif` format follows SARIF 2.1.0, so the output drops straight into GitHub code scanning or
77
+ any SARIF viewer. Full detail for each rule is in the [rules reference](https://github.com/Mo-ASayed/DockerForge/blob/main/docs/rules.md).
81
78
 
82
79
  ## Exit codes
83
80
 
81
+ `lint`:
82
+
84
83
  | Code | Meaning |
85
84
  | --- | --- |
86
- | `0` | Success, or no findings at or above the `--fail-on` level. |
87
- | `1` | A command error. The JSON error carries a typed `code`, for example `PATH_NOT_FOUND`. |
88
- | `2` | Lint found at least one issue at or above the `--fail-on` level. |
85
+ | `0` | No findings at or above `--fail-on`. |
86
+ | `1` | Lint found at least one issue at or above `--fail-on`. |
87
+ | `2` | A tool error (bad path, unreadable file, invalid `--fail-on`). |
88
+
89
+ `generate`:
90
+
91
+ | Code | Meaning |
92
+ | --- | --- |
93
+ | `0` | Success. |
94
+ | `1` | An error. The JSON error carries a typed `code`, for example `PATH_NOT_FOUND`. |
89
95
 
90
96
  ## Use in CI
91
97
 
@@ -104,6 +110,12 @@ Upload findings to GitHub code scanning:
104
110
  sarif_file: dockerforge.sarif
105
111
  ```
106
112
 
113
+ ## Documentation
114
+
115
+ - [CLI reference](https://github.com/Mo-ASayed/DockerForge/blob/main/docs/cli.md)
116
+ - [Lint rules](https://github.com/Mo-ASayed/DockerForge/blob/main/docs/rules.md)
117
+ - [Programmatic API](https://github.com/Mo-ASayed/DockerForge/blob/main/docs/programmatic.md)
118
+
107
119
  ## License
108
120
 
109
121
  Apache-2.0. Built on [`@dockerforge/core`](https://www.npmjs.com/package/@dockerforge/core).
package/package.json CHANGED
@@ -1,29 +1,47 @@
1
1
  {
2
2
  "name": "@dockerforge/cli",
3
- "version": "0.1.0",
4
- "description": "DockerForge CLI - generate production-grade Dockerfiles, .dockerignore, and Compose from a local project, and lint Dockerfiles (SARIF). Offline; cloud features are additive.",
3
+ "version": "0.1.2",
4
+ "description": "DockerForge CLI: generate production-grade Dockerfiles, .dockerignore, and Compose from a local project, and lint Dockerfiles (human/JSON/SARIF). Offline.",
5
5
  "license": "Apache-2.0",
6
6
  "author": "Docker Forge",
7
7
  "homepage": "https://containerise.dev",
8
8
  "repository": {
9
9
  "type": "git",
10
- "url": "git+https://github.com/Mo-ASayed/Apps.git",
11
- "directory": "dockerfile-builder/packages/cli"
10
+ "url": "git+https://github.com/Mo-ASayed/DockerForge.git",
11
+ "directory": "packages/cli"
12
+ },
13
+ "bugs": {
14
+ "url": "https://github.com/Mo-ASayed/DockerForge/issues"
12
15
  },
13
- "bugs": { "url": "https://github.com/Mo-ASayed/Apps/issues" },
14
16
  "bin": {
15
17
  "dockerforge": "src/index.js"
16
18
  },
17
19
  "main": "src/index.js",
18
- "files": ["src", "LICENSE", "NOTICE"],
19
- "engines": { "node": ">=18" },
20
- "publishConfig": { "access": "public" },
20
+ "files": [
21
+ "src",
22
+ "LICENSE",
23
+ "NOTICE"
24
+ ],
25
+ "engines": {
26
+ "node": ">=18"
27
+ },
28
+ "publishConfig": {
29
+ "access": "public"
30
+ },
21
31
  "scripts": {
22
32
  "test": "node --test"
23
33
  },
34
+ "keywords": [
35
+ "docker",
36
+ "dockerfile",
37
+ "containerize",
38
+ "cli",
39
+ "generator",
40
+ "lint",
41
+ "sarif"
42
+ ],
24
43
  "dependencies": {
25
- "@dockerforge/core": "^0.1.0",
44
+ "@dockerforge/core": "^0.1.2",
26
45
  "commander": "^12.1.0"
27
- },
28
- "keywords": ["docker", "dockerfile", "containerize", "cli", "generator", "lint", "sarif"]
46
+ }
29
47
  }