@dockerforge/core 0.1.0 → 0.1.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +22 -24
- package/package.json +8 -8
- package/src/{_engine/backend/src/modules → engine}/analysis/analyser.js +2 -2
- package/src/{_engine/shared → engine}/constants.js +1 -1
- package/src/{_engine/backend/src/modules → engine}/explanation/explainer.js +2 -2
- package/src/{_engine/backend/src/modules → engine}/generation/composeGenerator.js +1 -1
- package/src/{_engine/backend/src/modules → engine}/generation/generator.js +2 -2
- package/src/{_engine/backend/src/modules → engine}/ingestion/ingestion.js +2 -2
- package/src/{_engine/backend/src/modules → engine}/optimisation/optimiser.js +1 -1
- package/src/{_engine/backend/src/modules → engine}/security/security.js +1 -1
- package/src/index.js +7 -14
- /package/src/{_engine/backend/src/modules/engine.js → engine/index.js} +0 -0
package/README.md
CHANGED
|
@@ -1,14 +1,18 @@
|
|
|
1
1
|
# @dockerforge/core
|
|
2
2
|
|
|
3
|
-
The engine behind DockerForge.
|
|
4
|
-
returns a Dockerfile, a `.dockerignore`, and a Compose file, along with a confidence score and a
|
|
5
|
-
list of suggested improvements. It also lints existing Dockerfiles.
|
|
3
|
+
The engine behind DockerForge. Generate and lint production-grade Dockerfiles from Node. Offline.
|
|
6
4
|
|
|
7
|
-
|
|
8
|
-
|
|
5
|
+
[](https://www.npmjs.com/package/@dockerforge/core)
|
|
6
|
+
[](https://github.com/Mo-ASayed/DockerForge/blob/main/LICENSE)
|
|
7
|
+
[](https://nodejs.org)
|
|
9
8
|
|
|
10
|
-
|
|
11
|
-
and
|
|
9
|
+
Give it a path to a local project and it analyses the stack and returns a Dockerfile, a
|
|
10
|
+
`.dockerignore`, and a Compose file, along with a confidence score and suggested improvements. It
|
|
11
|
+
also lints existing Dockerfiles. The package makes no network calls; it only reads the local
|
|
12
|
+
filesystem under the path you give it.
|
|
13
|
+
|
|
14
|
+
Most people should use the [`@dockerforge/cli`](https://www.npmjs.com/package/@dockerforge/cli)
|
|
15
|
+
command line tool. Use this package when you want to call the engine from your own Node code.
|
|
12
16
|
|
|
13
17
|
## Install
|
|
14
18
|
|
|
@@ -40,8 +44,8 @@ console.log(result.improvements); // suggested changes
|
|
|
40
44
|
| `optimise` | Set to `false` to skip the optimisation pass. |
|
|
41
45
|
| `security` | Set to `false` to skip the security pass. |
|
|
42
46
|
|
|
43
|
-
`projectPath` is required because this package is offline. Ingesting a remote git URL or a zip
|
|
44
|
-
|
|
47
|
+
`projectPath` is required because this package is offline. Ingesting a remote git URL or a zip is
|
|
48
|
+
part of the hosted product, not this package.
|
|
45
49
|
|
|
46
50
|
## Lint
|
|
47
51
|
|
|
@@ -55,34 +59,28 @@ console.log(summary.counts); // { critical, high, medium, low, info }
|
|
|
55
59
|
console.log(summary.worst); // the highest severity found, or null
|
|
56
60
|
```
|
|
57
61
|
|
|
58
|
-
|
|
62
|
+
Lint a string instead of a file:
|
|
59
63
|
|
|
60
64
|
```js
|
|
61
65
|
await core.lint({ dockerfile: 'FROM node\nUSER root\n' });
|
|
62
66
|
```
|
|
63
67
|
|
|
64
|
-
|
|
65
|
-
|
|
66
|
-
| Id | Check | Severity |
|
|
67
|
-
| --- | --- | --- |
|
|
68
|
-
| DF001 | Base image is not pinned (no tag, or `:latest`) | high |
|
|
69
|
-
| DF002 | Final stage runs as root | high |
|
|
70
|
-
| DF003 | `COPY . .` copies the whole build context | high |
|
|
71
|
-
| DF004 | `.dockerignore` is missing or does not exclude `.env` | medium |
|
|
72
|
-
| DF005 | A secret-like value is hardcoded in `ENV` or `ARG` | critical |
|
|
73
|
-
| DF006 | No `WORKDIR` is set in the final stage | low |
|
|
68
|
+
The six rules (`DF001`–`DF006`) are documented in the
|
|
69
|
+
[rules reference](https://github.com/Mo-ASayed/DockerForge/blob/main/docs/rules.md).
|
|
74
70
|
|
|
75
71
|
## Errors
|
|
76
72
|
|
|
77
|
-
The package throws typed errors, each carrying a `.code`:
|
|
78
|
-
|
|
79
|
-
|
|
80
|
-
`DockerForgeError`. They are exported from the package root:
|
|
73
|
+
The package throws typed errors, each carrying a `.code`: `PathNotFoundError`,
|
|
74
|
+
`NotADirectoryError`, `UnsupportedStackError`, `IngestError`, and the base `DockerForgeError`.
|
|
75
|
+
They are exported from the package root:
|
|
81
76
|
|
|
82
77
|
```js
|
|
83
78
|
const { PathNotFoundError } = require('@dockerforge/core');
|
|
84
79
|
```
|
|
85
80
|
|
|
81
|
+
See the [programmatic API guide](https://github.com/Mo-ASayed/DockerForge/blob/main/docs/programmatic.md)
|
|
82
|
+
for the full surface.
|
|
83
|
+
|
|
86
84
|
## License
|
|
87
85
|
|
|
88
86
|
Apache-2.0.
|
package/package.json
CHANGED
|
@@ -1,17 +1,17 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@dockerforge/core",
|
|
3
|
-
"version": "0.1.
|
|
4
|
-
"description": "DockerForge engine: analyse a local project and generate production-grade Dockerfiles, .dockerignore, and Compose. Offline, no network.",
|
|
3
|
+
"version": "0.1.1",
|
|
4
|
+
"description": "DockerForge engine: analyse a local project and generate production-grade Dockerfiles, .dockerignore, and Compose, and lint Dockerfiles. Offline, no network.",
|
|
5
5
|
"license": "Apache-2.0",
|
|
6
6
|
"author": "Docker Forge",
|
|
7
7
|
"homepage": "https://containerise.dev",
|
|
8
8
|
"repository": {
|
|
9
9
|
"type": "git",
|
|
10
|
-
"url": "git+https://github.com/Mo-ASayed/
|
|
11
|
-
"directory": "
|
|
10
|
+
"url": "git+https://github.com/Mo-ASayed/DockerForge.git",
|
|
11
|
+
"directory": "packages/core"
|
|
12
12
|
},
|
|
13
13
|
"bugs": {
|
|
14
|
-
"url": "https://github.com/Mo-ASayed/
|
|
14
|
+
"url": "https://github.com/Mo-ASayed/DockerForge/issues"
|
|
15
15
|
},
|
|
16
16
|
"main": "src/index.js",
|
|
17
17
|
"files": [
|
|
@@ -26,15 +26,15 @@
|
|
|
26
26
|
"access": "public"
|
|
27
27
|
},
|
|
28
28
|
"scripts": {
|
|
29
|
-
"test": "node --test"
|
|
30
|
-
"prepack": "node scripts/vendor-engine.js"
|
|
29
|
+
"test": "node --test"
|
|
31
30
|
},
|
|
32
31
|
"keywords": [
|
|
33
32
|
"docker",
|
|
34
33
|
"dockerfile",
|
|
35
34
|
"containerize",
|
|
36
35
|
"generator",
|
|
37
|
-
"lint"
|
|
36
|
+
"lint",
|
|
37
|
+
"sarif"
|
|
38
38
|
],
|
|
39
39
|
"dependencies": {
|
|
40
40
|
"adm-zip": "^0.5.10",
|
|
@@ -1,9 +1,9 @@
|
|
|
1
|
-
//
|
|
1
|
+
// Part of the @dockerforge/core engine.
|
|
2
2
|
// Walks the full project tree, finds every service root, analyses each one.
|
|
3
3
|
|
|
4
4
|
const path = require('path');
|
|
5
5
|
const fs = require('fs-extra');
|
|
6
|
-
const { STACKS, DEFAULT_VERSIONS, DEFAULT_PORTS, ROOT_CONFIG_FILES } = require('
|
|
6
|
+
const { STACKS, DEFAULT_VERSIONS, DEFAULT_PORTS, ROOT_CONFIG_FILES } = require('../constants');
|
|
7
7
|
|
|
8
8
|
// ── Constants ────────────────────────────────────────────────────────────────
|
|
9
9
|
|
|
@@ -1,7 +1,7 @@
|
|
|
1
|
-
//
|
|
1
|
+
// Part of the @dockerforge/core engine.
|
|
2
2
|
// Turns analysis + result into a human-readable explanation
|
|
3
3
|
|
|
4
|
-
const { STACKS } = require('
|
|
4
|
+
const { STACKS } = require('../constants');
|
|
5
5
|
|
|
6
6
|
function buildExplanation(analysis, result, securityNotes) {
|
|
7
7
|
const stackNames = {
|
|
@@ -1,9 +1,9 @@
|
|
|
1
|
-
//
|
|
1
|
+
// Part of the @dockerforge/core engine.
|
|
2
2
|
// Accepts { services, sharedDirs } from the analyser.
|
|
3
3
|
// Produces one Dockerfile (multi-stage if needed) + .dockerignore.
|
|
4
4
|
|
|
5
5
|
const path = require('path');
|
|
6
|
-
const { STACKS, BASE_IMAGES } = require('
|
|
6
|
+
const { STACKS, BASE_IMAGES } = require('../constants');
|
|
7
7
|
const { isSecretLikeEnvKey, isSecretLikeEnvValue } = require('../security/security');
|
|
8
8
|
|
|
9
9
|
const STATIC_RUNTIME_IMAGE = 'nginx:1.27-alpine';
|
|
@@ -1,10 +1,10 @@
|
|
|
1
|
-
//
|
|
1
|
+
// Part of the @dockerforge/core engine.
|
|
2
2
|
// Fetches repo file tree + key files via provider APIs — no git binary needed.
|
|
3
3
|
// Works on Vercel, Railway, Render, etc.
|
|
4
4
|
|
|
5
5
|
const path = require('path');
|
|
6
6
|
const fs = require('fs-extra');
|
|
7
|
-
const { IGNORED_DIRS, ROOT_CONFIG_FILES } = require('
|
|
7
|
+
const { IGNORED_DIRS, ROOT_CONFIG_FILES } = require('../constants');
|
|
8
8
|
|
|
9
9
|
const IGNORED_SET = new Set(IGNORED_DIRS);
|
|
10
10
|
|
package/src/index.js
CHANGED
|
@@ -1,27 +1,20 @@
|
|
|
1
1
|
'use strict';
|
|
2
2
|
|
|
3
|
-
// @dockerforge/core -
|
|
3
|
+
// @dockerforge/core - the offline DockerForge engine, public surface.
|
|
4
4
|
//
|
|
5
|
-
//
|
|
6
|
-
//
|
|
7
|
-
//
|
|
8
|
-
//
|
|
9
|
-
// backend/src/modules paths.
|
|
5
|
+
// Given a path to a local project, it analyses the stack and generates a Dockerfile,
|
|
6
|
+
// a .dockerignore, and a Compose file, and it lints existing Dockerfiles. This file is the
|
|
7
|
+
// stable public API (see docs/contracts/core-contract.md). The engine itself lives under
|
|
8
|
+
// ./engine.
|
|
10
9
|
//
|
|
11
10
|
// No-network guarantee: this module performs zero outbound network calls. It only reads the
|
|
12
11
|
// local filesystem under the resolved project path. Remote ingestion (git URL / zip URL) is
|
|
13
|
-
// intentionally NOT exposed here - that adapter lives
|
|
12
|
+
// intentionally NOT exposed here - that adapter lives in the proprietary cloud.
|
|
14
13
|
|
|
15
14
|
const path = require('path');
|
|
16
15
|
const fs = require('fs-extra');
|
|
17
16
|
|
|
18
|
-
|
|
19
|
-
// scripts/vendor-engine.js, run at prepack). In the monorepo (dev/test) that dir does not
|
|
20
|
-
// exist, so we fall back to the canonical backend/ source. Same code either way.
|
|
21
|
-
const _vendoredEngine = require('path').join(__dirname, '_engine', 'backend', 'src', 'modules', 'engine.js');
|
|
22
|
-
const engine = require('fs').existsSync(_vendoredEngine)
|
|
23
|
-
? require(_vendoredEngine)
|
|
24
|
-
: require('../../../backend/src/modules/engine');
|
|
17
|
+
const engine = require('./engine');
|
|
25
18
|
const errors = require('./errors');
|
|
26
19
|
const { lint } = require('./lint');
|
|
27
20
|
|
|
File without changes
|