@dockerforge/cli 0.2.0 → 0.2.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/README.md CHANGED
@@ -28,11 +28,21 @@ dockerforge generate ./my-app
28
28
 
29
29
  ## Generate
30
30
 
31
+ Run DockerForge from the root of the app you want to containerize:
32
+
33
+ ```bash
34
+ cd ./my-app
35
+ npx @dockerforge/cli generate .
36
+ ```
37
+
38
+ It writes a `Dockerfile`, `.dockerignore`, and `docker-compose.yml` by default.
39
+
31
40
  ```bash
32
41
  dockerforge generate . # write files into the current directory
33
42
  dockerforge generate ./app -o ./out # write into a chosen directory
34
43
  dockerforge generate . --print # print the Dockerfile, write nothing
35
44
  dockerforge generate . --json # JSON output for scripts and CI
45
+ dockerforge generate . --pin-digests # resolve Docker Hub base images to sha256 digests
36
46
  ```
37
47
 
38
48
  | Flag | Effect |
@@ -40,6 +50,7 @@ dockerforge generate . --json # JSON output for scripts and CI
40
50
  | `-o, --output <dir>` | Write output to this directory. Defaults to the target path. |
41
51
  | `--print` | Print the Dockerfile to stdout instead of writing files. |
42
52
  | `--json` | Print `{ dockerfile, dockerignore, compose, confidence, improvements }`. |
53
+ | `--pin-digests` | Resolve Docker Hub base-image tags to immutable SHA-256 digests. Makes live registry requests. |
43
54
  | `--stack <name>` | Override stack detection (`node`, `python`, `dotnet`, ...). |
44
55
  | `--port <n>` | Set the exposed port. |
45
56
  | `--no-optimise` | Skip the optimisation pass. |
@@ -49,6 +60,24 @@ The default output is a coloured summary with the detected services, a confidenc
49
60
  warnings. `--json` and `--print` produce plain output with no decoration. Colour turns off when
50
61
  the output is not a terminal or when `NO_COLOR` is set.
51
62
 
63
+ Default generation is offline. `--pin-digests` is opt-in because it contacts Docker Hub to turn
64
+ base-image tags such as `node:20-alpine3.21` into `node:20-alpine3.21@sha256:...`. Digest-pinned
65
+ images stay fixed until you update them, so pair this with Docker Scout, Renovate, Dependabot, or
66
+ another digest refresh process.
67
+
68
+ After reviewing the generated files, build and run with Docker:
69
+
70
+ ```bash
71
+ docker build -t my-app .
72
+ docker run --rm -p 3000:3000 my-app
73
+ ```
74
+
75
+ Or use the generated Compose file:
76
+
77
+ ```bash
78
+ docker compose up --build
79
+ ```
80
+
52
81
  ## Lint
53
82
 
54
83
  ```bash
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@dockerforge/cli",
3
- "version": "0.2.0",
3
+ "version": "0.2.2",
4
4
  "description": "DockerForge CLI: generate production-grade Dockerfiles, .dockerignore, and Compose from a local project, and lint Dockerfiles (human/JSON/SARIF). Offline.",
5
5
  "license": "Apache-2.0",
6
6
  "author": "Docker Forge",
@@ -44,7 +44,7 @@
44
44
  "sarif"
45
45
  ],
46
46
  "dependencies": {
47
- "@dockerforge/core": "0.2.0",
47
+ "@dockerforge/core": "0.2.2",
48
48
  "commander": "^13.1.0"
49
49
  }
50
50
  }
package/src/index.js CHANGED
@@ -46,6 +46,7 @@ program
46
46
  .option('--no-security', 'Skip security pass')
47
47
  .option('--stack <stack>', 'Hint the stack (node, python, dotnet, ...)')
48
48
  .option('--port <port>', 'Hint the exposed port', (v) => parseInt(v, 10))
49
+ .option('--pin-digests', 'Resolve Docker Hub base-image tags to immutable sha256 digests (network)')
49
50
  .option('--json', 'Output JSON {dockerfile, dockerignore, compose, confidence, improvements}')
50
51
  .action(async (targetPath, opts) => {
51
52
  try {
@@ -61,6 +62,14 @@ program
61
62
  hints,
62
63
  optimise: opts.optimise,
63
64
  security: opts.security,
65
+ pinDigests: opts.pinDigests,
66
+ digestResolver: process.env.DOCKERFORGE_TEST_DIGEST
67
+ ? async (imageRef) => ({
68
+ original: imageRef,
69
+ pinned: `${imageRef}@${process.env.DOCKERFORGE_TEST_DIGEST}`,
70
+ digest: process.env.DOCKERFORGE_TEST_DIGEST,
71
+ })
72
+ : undefined,
64
73
  });
65
74
 
66
75
  // --- machine output: keep byte-identical shape to the old CLI for CI use ---