@dockerforge/cli 0.2.0 → 0.2.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +29 -0
- package/package.json +2 -2
- package/src/index.js +9 -0
package/README.md
CHANGED
|
@@ -28,11 +28,21 @@ dockerforge generate ./my-app
|
|
|
28
28
|
|
|
29
29
|
## Generate
|
|
30
30
|
|
|
31
|
+
Run DockerForge from the root of the app you want to containerize:
|
|
32
|
+
|
|
33
|
+
```bash
|
|
34
|
+
cd ./my-app
|
|
35
|
+
npx @dockerforge/cli generate .
|
|
36
|
+
```
|
|
37
|
+
|
|
38
|
+
It writes a `Dockerfile`, `.dockerignore`, and `docker-compose.yml` by default.
|
|
39
|
+
|
|
31
40
|
```bash
|
|
32
41
|
dockerforge generate . # write files into the current directory
|
|
33
42
|
dockerforge generate ./app -o ./out # write into a chosen directory
|
|
34
43
|
dockerforge generate . --print # print the Dockerfile, write nothing
|
|
35
44
|
dockerforge generate . --json # JSON output for scripts and CI
|
|
45
|
+
dockerforge generate . --pin-digests # resolve Docker Hub base images to sha256 digests
|
|
36
46
|
```
|
|
37
47
|
|
|
38
48
|
| Flag | Effect |
|
|
@@ -40,6 +50,7 @@ dockerforge generate . --json # JSON output for scripts and CI
|
|
|
40
50
|
| `-o, --output <dir>` | Write output to this directory. Defaults to the target path. |
|
|
41
51
|
| `--print` | Print the Dockerfile to stdout instead of writing files. |
|
|
42
52
|
| `--json` | Print `{ dockerfile, dockerignore, compose, confidence, improvements }`. |
|
|
53
|
+
| `--pin-digests` | Resolve Docker Hub base-image tags to immutable SHA-256 digests. Makes live registry requests. |
|
|
43
54
|
| `--stack <name>` | Override stack detection (`node`, `python`, `dotnet`, ...). |
|
|
44
55
|
| `--port <n>` | Set the exposed port. |
|
|
45
56
|
| `--no-optimise` | Skip the optimisation pass. |
|
|
@@ -49,6 +60,24 @@ The default output is a coloured summary with the detected services, a confidenc
|
|
|
49
60
|
warnings. `--json` and `--print` produce plain output with no decoration. Colour turns off when
|
|
50
61
|
the output is not a terminal or when `NO_COLOR` is set.
|
|
51
62
|
|
|
63
|
+
Default generation is offline. `--pin-digests` is opt-in because it contacts Docker Hub to turn
|
|
64
|
+
base-image tags such as `node:20-alpine3.21` into `node:20-alpine3.21@sha256:...`. Digest-pinned
|
|
65
|
+
images stay fixed until you update them, so pair this with Docker Scout, Renovate, Dependabot, or
|
|
66
|
+
another digest refresh process.
|
|
67
|
+
|
|
68
|
+
After reviewing the generated files, build and run with Docker:
|
|
69
|
+
|
|
70
|
+
```bash
|
|
71
|
+
docker build -t my-app .
|
|
72
|
+
docker run --rm -p 3000:3000 my-app
|
|
73
|
+
```
|
|
74
|
+
|
|
75
|
+
Or use the generated Compose file:
|
|
76
|
+
|
|
77
|
+
```bash
|
|
78
|
+
docker compose up --build
|
|
79
|
+
```
|
|
80
|
+
|
|
52
81
|
## Lint
|
|
53
82
|
|
|
54
83
|
```bash
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@dockerforge/cli",
|
|
3
|
-
"version": "0.2.
|
|
3
|
+
"version": "0.2.2",
|
|
4
4
|
"description": "DockerForge CLI: generate production-grade Dockerfiles, .dockerignore, and Compose from a local project, and lint Dockerfiles (human/JSON/SARIF). Offline.",
|
|
5
5
|
"license": "Apache-2.0",
|
|
6
6
|
"author": "Docker Forge",
|
|
@@ -44,7 +44,7 @@
|
|
|
44
44
|
"sarif"
|
|
45
45
|
],
|
|
46
46
|
"dependencies": {
|
|
47
|
-
"@dockerforge/core": "0.2.
|
|
47
|
+
"@dockerforge/core": "0.2.2",
|
|
48
48
|
"commander": "^13.1.0"
|
|
49
49
|
}
|
|
50
50
|
}
|
package/src/index.js
CHANGED
|
@@ -46,6 +46,7 @@ program
|
|
|
46
46
|
.option('--no-security', 'Skip security pass')
|
|
47
47
|
.option('--stack <stack>', 'Hint the stack (node, python, dotnet, ...)')
|
|
48
48
|
.option('--port <port>', 'Hint the exposed port', (v) => parseInt(v, 10))
|
|
49
|
+
.option('--pin-digests', 'Resolve Docker Hub base-image tags to immutable sha256 digests (network)')
|
|
49
50
|
.option('--json', 'Output JSON {dockerfile, dockerignore, compose, confidence, improvements}')
|
|
50
51
|
.action(async (targetPath, opts) => {
|
|
51
52
|
try {
|
|
@@ -61,6 +62,14 @@ program
|
|
|
61
62
|
hints,
|
|
62
63
|
optimise: opts.optimise,
|
|
63
64
|
security: opts.security,
|
|
65
|
+
pinDigests: opts.pinDigests,
|
|
66
|
+
digestResolver: process.env.DOCKERFORGE_TEST_DIGEST
|
|
67
|
+
? async (imageRef) => ({
|
|
68
|
+
original: imageRef,
|
|
69
|
+
pinned: `${imageRef}@${process.env.DOCKERFORGE_TEST_DIGEST}`,
|
|
70
|
+
digest: process.env.DOCKERFORGE_TEST_DIGEST,
|
|
71
|
+
})
|
|
72
|
+
: undefined,
|
|
64
73
|
});
|
|
65
74
|
|
|
66
75
|
// --- machine output: keep byte-identical shape to the old CLI for CI use ---
|