diff --git a/.github/workflows/deploy-DEV-slim.yml b/.github/workflows/deploy-DEV-slim.yml index 92eda342..108657bd 100644 --- a/.github/workflows/deploy-DEV-slim.yml +++ b/.github/workflows/deploy-DEV-slim.yml @@ -51,7 +51,9 @@ jobs: # Get the current date # ######################## - name: Get current date - run: echo "BUILD_DATE=\"$(date -u +'%Y-%m-%dT%H:%M:%SZ')\" >> ${GITHUB_ENV}" + run: | + echo "Appending the build date contents to GITHUB_ENV..." + echo "BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ')" >> "${GITHUB_ENV}" ######################## # Setup Docker build X # @@ -77,7 +79,7 @@ jobs: uses: docker/build-push-action@v2.7.0 with: context: . - file: ./Dockerfile-slim + file: ./Dockerfile build-args: | BUILD_DATE=${{ env.BUILD_DATE }} BUILD_REVISION=${{ github.sha }} @@ -87,6 +89,7 @@ jobs: tags: | ghcr.io/github/super-linter:slim-${{ github.sha }} ghcr.io/github/super-linter:slim-test + target: final_slim cache-from: type=local,src=/tmp/.buildx-cache cache-to: type=local,dest=/tmp/.buildx-cache-new diff --git a/.github/workflows/deploy-DEV-standard.yml b/.github/workflows/deploy-DEV-standard.yml index 95d11962..989a3490 100644 --- a/.github/workflows/deploy-DEV-standard.yml +++ b/.github/workflows/deploy-DEV-standard.yml @@ -51,7 +51,9 @@ jobs: # Get the current date # ######################## - name: Get current date - run: echo "BUILD_DATE=\"$(date -u +'%Y-%m-%dT%H:%M:%SZ')\" >> ${GITHUB_ENV}" + run: | + echo "Appending the build date contents to GITHUB_ENV..." + echo "BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ')" >> "${GITHUB_ENV}" ######################## # Setup Docker build X # diff --git a/.github/workflows/deploy-PROD-slim.yml b/.github/workflows/deploy-PROD-slim.yml index 023b9c6e..361d966f 100644 --- a/.github/workflows/deploy-PROD-slim.yml +++ b/.github/workflows/deploy-PROD-slim.yml @@ -44,7 +44,9 @@ jobs: # Get the current date # ######################## - name: Get current date - run: echo "BUILD_DATE=\"$(date -u +'%Y-%m-%dT%H:%M:%SZ')\" >> ${GITHUB_ENV}" + run: | + echo "Appending the build date contents to GITHUB_ENV..." + echo "BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ')" >> "${GITHUB_ENV}" ######################## # Setup Docker build X # @@ -100,7 +102,7 @@ jobs: uses: docker/build-push-action@v2.7.0 with: context: . - file: ./Dockerfile-slim + file: ./Dockerfile build-args: | BUILD_DATE=${{ env.BUILD_DATE }} BUILD_REVISION=${{ github.sha }} @@ -109,6 +111,7 @@ jobs: tags: | github/super-linter:slim-latest ghcr.io/github/super-linter:slim-latest + target: final_slim cache-from: type=local,src=/tmp/.buildx-cache cache-to: type=local,dest=/tmp/.buildx-cache-new diff --git a/.github/workflows/deploy-PROD-standard.yml b/.github/workflows/deploy-PROD-standard.yml index 3df75447..9457c908 100644 --- a/.github/workflows/deploy-PROD-standard.yml +++ b/.github/workflows/deploy-PROD-standard.yml @@ -44,7 +44,9 @@ jobs: # Get the current date # ######################## - name: Get current date - run: echo "BUILD_DATE=\"$(date -u +'%Y-%m-%dT%H:%M:%SZ')\" >> ${GITHUB_ENV}" + run: | + echo "Appending the build date contents to GITHUB_ENV..." + echo "BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ')" >> "${GITHUB_ENV}" ######################## # Setup Docker build X # diff --git a/.github/workflows/deploy-RELEASE-slim.yml b/.github/workflows/deploy-RELEASE-slim.yml index 2758bfae..96b8a351 100644 --- a/.github/workflows/deploy-RELEASE-slim.yml +++ b/.github/workflows/deploy-RELEASE-slim.yml @@ -63,7 +63,9 @@ jobs: # Get the current date # ######################## - name: Get current date - run: echo "BUILD_DATE=\"$(date -u +'%Y-%m-%dT%H:%M:%SZ')\" >> ${GITHUB_ENV}" + run: | + echo "Appending the build date contents to GITHUB_ENV..." + echo "BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ')" >> "${GITHUB_ENV}" ######################## # Setup Docker build X # @@ -118,7 +120,7 @@ jobs: uses: docker/build-push-action@v2.7.0 with: context: . - file: ./Dockerfile-slim + file: ./Dockerfile build-args: | BUILD_DATE=${{ env.BUILD_DATE }} BUILD_REVISION=${{ github.sha }} @@ -131,6 +133,7 @@ jobs: ghcr.io/github/super-linter:slim-latest ghcr.io/github/super-linter:slim-v4 "ghcr.io/github/super-linter:slim-${{ env.RELEASE_VERSION }}" + target: final_slim cache-from: type=local,src=/tmp/.buildx-cache cache-to: type=local,dest=/tmp/.buildx-cache-new diff --git a/.github/workflows/deploy-RELEASE-standard.yml b/.github/workflows/deploy-RELEASE-standard.yml index 2673ae1f..00d650ea 100644 --- a/.github/workflows/deploy-RELEASE-standard.yml +++ b/.github/workflows/deploy-RELEASE-standard.yml @@ -63,7 +63,9 @@ jobs: # Get the current date # ######################## - name: Get current date - run: echo "BUILD_DATE=\"$(date -u +'%Y-%m-%dT%H:%M:%SZ')\" >> ${GITHUB_ENV}" + run: | + echo "Appending the build date contents to GITHUB_ENV..." + echo "BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ')" >> "${GITHUB_ENV}" ######################## # Setup Docker build X # diff --git a/Dockerfile b/Dockerfile index 0f2676a0..73f745fa 100644 --- a/Dockerfile +++ b/Dockerfile @@ -33,14 +33,6 @@ FROM python:3.10.1-alpine as base_image ################################ # Set ARG values used in Build # ################################ -# PowerShell & PSScriptAnalyzer -ARG PWSH_VERSION='latest' -ARG PWSH_DIRECTORY='/usr/lib/microsoft/powershell' -ARG PSSA_VERSION='latest' -# arm-ttk -ARG ARM_TTK_NAME='master.zip' -ARG ARM_TTK_URI='https://github.com/Azure/arm-ttk/archive/master.zip' -ARG ARM_TTK_DIRECTORY='/usr/lib/microsoft' # Dart Linter ## stable dart sdk: https://dart.dev/get-dart#release-channels ARG DART_VERSION='2.8.4' @@ -53,6 +45,7 @@ ARG GLIBC_VERSION='2.31-r0' RUN apk add --no-cache \ bash \ ca-certificates \ + cargo \ coreutils \ curl \ file \ @@ -84,27 +77,6 @@ RUN apk add --no-cache \ rustup \ zlib zlib-dev -############################## -# Install rustfmt & clippy # -############################## -ENV CRYPTOGRAPHY_DONT_BUILD_RUST=1 -RUN ln -s /usr/bin/rustup-init /usr/bin/rustup \ - && rustup toolchain install stable-x86_64-unknown-linux-musl \ - && rustup component add rustfmt --toolchain=stable-x86_64-unknown-linux-musl \ - && rustup component add clippy --toolchain=stable-x86_64-unknown-linux-musl \ - && mv /root/.rustup /usr/lib/.rustup \ - && ln -s /usr/lib/.rustup/toolchains/stable-x86_64-unknown-linux-musl/bin/rustfmt /usr/bin/rustfmt \ - && ln -s /usr/lib/.rustup/toolchains/stable-x86_64-unknown-linux-musl/bin/rustc /usr/bin/rustc \ - && ln -s /usr/lib/.rustup/toolchains/stable-x86_64-unknown-linux-musl/bin/cargo /usr/bin/cargo \ - && ln -s /usr/lib/.rustup/toolchains/stable-x86_64-unknown-linux-musl/bin/cargo-clippy /usr/bin/cargo-clippy \ - && echo '#!/usr/bin/env bash' > /usr/bin/clippy \ - && echo 'pushd $(dirname $1)' >> /usr/bin/clippy \ - && echo 'cargo-clippy' >> /usr/bin/clippy \ - && echo 'rc=$?' >> /usr/bin/clippy \ - && echo 'popd' >> /usr/bin/clippy \ - && echo 'exit $rc' >> /usr/bin/clippy \ - && chmod +x /usr/bin/clippy - ######################################## # Copy dependencies files to container # ######################################## @@ -127,50 +99,25 @@ RUN pip3 install --no-cache-dir pipenv \ ############################## # Installs ruby dependencies # ############################## - && bundle install \ - ################################### - # Install DotNet and Dependencies # - ################################### - && wget --tries=5 -q -O dotnet-install.sh https://dot.net/v1/dotnet-install.sh \ - && chmod +x dotnet-install.sh \ - && ./dotnet-install.sh --install-dir /usr/share/dotnet -channel Current -version latest \ - && /usr/share/dotnet/dotnet tool install --tool-path /usr/bin dotnet-format --version 5.0.211103 \ - ######################## - # Install Python Black # - ######################## - && wget --tries=5 -q -O /usr/local/bin/black https://github.com/psf/black/releases/download/21.11b1/black_linux \ - && chmod +x /usr/local/bin/black + && bundle install + ############################## # Installs Perl dependencies # ############################## RUN curl --retry 5 --retry-delay 5 -sL https://cpanmin.us/ | perl - -nq --no-wget Perl::Critic \ - ######################################### - # Install Powershell + PSScriptAnalyzer # - ######################################### - # Reference: https://docs.microsoft.com/en-us/powershell/scripting/install/installing-powershell-core-on-linux?view=powershell-7 - # Slightly modified to always retrieve latest stable Powershell version - # If changing PWSH_VERSION='latest' to a specific version, use format PWSH_VERSION='tags/v7.0.2' - && mkdir -p ${PWSH_DIRECTORY} \ - && curl --retry 5 --retry-delay 5 -s https://api.github.com/repos/powershell/powershell/releases/${PWSH_VERSION} \ - | grep browser_download_url \ - | grep linux-alpine-x64 \ - | cut -d '"' -f 4 \ - | xargs -n 1 wget -q -O - \ - | tar -xzC ${PWSH_DIRECTORY} \ - && ln -sf ${PWSH_DIRECTORY}/pwsh /usr/bin/pwsh \ - && pwsh -c 'Install-Module -Name PSScriptAnalyzer -RequiredVersion ${PSSA_VERSION} -Scope AllUsers -Force' - -############################################################# -# Install Azure Resource Manager Template Toolkit (arm-ttk) # -############################################################# -# Depends on PowerShell -# Reference https://github.com/Azure/arm-ttk -# Reference https://docs.microsoft.com/en-us/azure/azure-resource-manager/templates/test-toolkit -ENV ARM_TTK_PSD1="${ARM_TTK_DIRECTORY}/arm-ttk-master/arm-ttk/arm-ttk.psd1" -RUN curl --retry 5 --retry-delay 5 -sLO "${ARM_TTK_URI}" \ - && unzip "${ARM_TTK_NAME}" -d "${ARM_TTK_DIRECTORY}" \ - && rm "${ARM_TTK_NAME}" \ - && ln -sTf "${ARM_TTK_PSD1}" /usr/bin/arm-ttk + ######################## + # Install Python Black # + ######################## + && wget --tries=5 -q -O /usr/local/bin/black https://github.com/psf/black/releases/download/21.11b1/black_linux \ + && chmod +x /usr/local/bin/black \ + ####################### + # Installs ActionLint # + ####################### + && curl --retry 5 --retry-delay 5 -sLO https://raw.githubusercontent.com/rhysd/actionlint/main/scripts/download-actionlint.bash \ + && chmod +x download-actionlint.bash \ + && ./download-actionlint.bash \ + && rm download-actionlint.bash \ + && mv actionlint /usr/bin/actionlint ###################### # Install shellcheck # @@ -203,11 +150,6 @@ COPY --from=terragrunt /usr/local/bin/terragrunt /usr/bin/ ###################### COPY --from=protolint /usr/local/bin/protolint /usr/bin/ -######################### -# Install dotenv-linter # -######################### -COPY --from=dotenv-linter /dotenv-linter /usr/bin/ - ##################### # Install clj-kondo # ##################### @@ -340,7 +282,7 @@ RUN apk add --no-cache rakudo zef \ ################################################################################ # Grab small clean image ####################################################### ################################################################################ -FROM alpine:3.15.0 as final +FROM alpine:3.15.0 as final_slim ############################ # Get the build arguements # @@ -350,7 +292,6 @@ ARG BUILD_REVISION ARG BUILD_VERSION ## install alpine-pkg-glibc (glibc compatibility layer package for Alpine Linux) ARG GLIBC_VERSION='2.31-r0' -ARG ARM_TTK_DIRECTORY='/usr/lib/microsoft' ######################################### # Label the instance and set maintainer # @@ -376,7 +317,7 @@ LABEL com.github.actions.name="GitHub Super-Linter" \ ENV BUILD_DATE=$BUILD_DATE ENV BUILD_REVISION=$BUILD_REVISION ENV BUILD_VERSION=$BUILD_VERSION -ENV ARM_TTK_PSD1="${ARM_TTK_DIRECTORY}/arm-ttk-master/arm-ttk/arm-ttk.psd1" +ENV IMAGE="slim" ###################################### # Install Phive dependencies and git # @@ -417,7 +358,6 @@ COPY --from=base_image /usr/local/bin/ /usr/local/bin/ COPY --from=base_image /usr/local/lib/ /usr/local/lib/ COPY --from=base_image /usr/local/share/ /usr/local/share/ COPY --from=base_image /usr/lib/ /usr/lib/ -COPY --from=base_image /usr/libexec/ /usr/libexec/ COPY --from=base_image /usr/share/ /usr/share/ COPY --from=base_image /usr/include/ /usr/include/ COPY --from=base_image /lib/ /lib/ @@ -434,8 +374,7 @@ RUN sh -c 'curl -sS https://getcomposer.org/installer | php -- --install-dir=/us ######################################## # Add node packages to path and dotnet # ######################################## -ENV PATH="${PATH}:/var/cache/dotnet/tools:/usr/share/dotnet:/node_modules/.bin" -ENV ARM_TTK_PSD1="${ARM_TTK_DIRECTORY}/arm-ttk-master/arm-ttk/arm-ttk.psd1" +ENV PATH="${PATH}:/node_modules/.bin" ############################# # Copy scripts to container # @@ -450,9 +389,97 @@ COPY TEMPLATES /action/lib/.automation ################################################ # Run to build version file and validate image # ################################################ -RUN ACTIONS_RUNNER_DEBUG=true WRITE_LINTER_VERSIONS_FILE=true /action/lib/linter.sh +RUN ACTIONS_RUNNER_DEBUG=true WRITE_LINTER_VERSIONS_FILE=true IMAGE="${IMAGE}" /action/lib/linter.sh ###################### # Set the entrypoint # ###################### ENTRYPOINT ["/action/lib/linter.sh"] + +FROM final_slim as final_standard + +ARG ARM_TTK_DIRECTORY='/usr/lib/microsoft' + +# PowerShell & PSScriptAnalyzer +ARG PWSH_VERSION='latest' +ARG PWSH_DIRECTORY='/usr/lib/microsoft/powershell' +ARG PSSA_VERSION='latest' +# arm-ttk +ARG ARM_TTK_NAME='master.zip' +ARG ARM_TTK_URI='https://github.com/Azure/arm-ttk/archive/master.zip' +ARG ARM_TTK_DIRECTORY='/usr/lib/microsoft' + +ENV IMAGE="standard" + +ENV ARM_TTK_PSD1="${ARM_TTK_DIRECTORY}/arm-ttk-master/arm-ttk/arm-ttk.psd1" + +ENV PATH="${PATH}:/var/cache/dotnet/tools:/usr/share/dotnet" + +COPY --from=base_image /usr/libexec/ /usr/libexec/ + +######################### +# Install dotenv-linter # +######################### +COPY --from=dotenv-linter /dotenv-linter /usr/bin/ + +################################### +# Install DotNet and Dependencies # +################################### +RUN wget --tries=5 -q -O dotnet-install.sh https://dot.net/v1/dotnet-install.sh \ + && chmod +x dotnet-install.sh \ + && ./dotnet-install.sh --install-dir /usr/share/dotnet -channel Current -version latest \ + && /usr/share/dotnet/dotnet tool install --tool-path /usr/bin dotnet-format --version 5.0.211103 + +############################## +# Install rustfmt & clippy # +############################## +ENV CRYPTOGRAPHY_DONT_BUILD_RUST=1 +RUN ln -s /usr/bin/rustup-init /usr/bin/rustup \ + && rustup toolchain install stable-x86_64-unknown-linux-musl \ + && rustup component add rustfmt --toolchain=stable-x86_64-unknown-linux-musl \ + && rustup component add clippy --toolchain=stable-x86_64-unknown-linux-musl \ + && mv /root/.rustup /usr/lib/.rustup \ + && ln -fsv /usr/lib/.rustup/toolchains/stable-x86_64-unknown-linux-musl/bin/rustfmt /usr/bin/rustfmt \ + && ln -fsv /usr/lib/.rustup/toolchains/stable-x86_64-unknown-linux-musl/bin/rustc /usr/bin/rustc \ + && ln -fsv /usr/lib/.rustup/toolchains/stable-x86_64-unknown-linux-musl/bin/cargo /usr/bin/cargo \ + && ln -fsv /usr/lib/.rustup/toolchains/stable-x86_64-unknown-linux-musl/bin/cargo-clippy /usr/bin/cargo-clippy \ + && echo '#!/usr/bin/env bash' > /usr/bin/clippy \ + && echo 'pushd $(dirname $1)' >> /usr/bin/clippy \ + && echo 'cargo-clippy' >> /usr/bin/clippy \ + && echo 'rc=$?' >> /usr/bin/clippy \ + && echo 'popd' >> /usr/bin/clippy \ + && echo 'exit $rc' >> /usr/bin/clippy \ + && chmod +x /usr/bin/clippy + +######################################### +# Install Powershell + PSScriptAnalyzer # +######################################### +# Reference: https://docs.microsoft.com/en-us/powershell/scripting/install/installing-powershell-core-on-linux?view=powershell-7 +# Slightly modified to always retrieve latest stable Powershell version +# If changing PWSH_VERSION='latest' to a specific version, use format PWSH_VERSION='tags/v7.0.2' +RUN mkdir -p ${PWSH_DIRECTORY} \ + && curl --retry 5 --retry-delay 5 -s https://api.github.com/repos/powershell/powershell/releases/${PWSH_VERSION} \ + | grep browser_download_url \ + | grep linux-alpine-x64 \ + | cut -d '"' -f 4 \ + | xargs -n 1 wget -q -O - \ + | tar -xzC ${PWSH_DIRECTORY} \ + && ln -sf ${PWSH_DIRECTORY}/pwsh /usr/bin/pwsh \ + && pwsh -c 'Install-Module -Name PSScriptAnalyzer -RequiredVersion ${PSSA_VERSION} -Scope AllUsers -Force' + +############################################################# +# Install Azure Resource Manager Template Toolkit (arm-ttk) # +############################################################# +# Depends on PowerShell +# Reference https://github.com/Azure/arm-ttk +# Reference https://docs.microsoft.com/en-us/azure/azure-resource-manager/templates/test-toolkit +ENV ARM_TTK_PSD1="${ARM_TTK_DIRECTORY}/arm-ttk-master/arm-ttk/arm-ttk.psd1" +RUN curl --retry 5 --retry-delay 5 -sLO "${ARM_TTK_URI}" \ + && unzip "${ARM_TTK_NAME}" -d "${ARM_TTK_DIRECTORY}" \ + && rm "${ARM_TTK_NAME}" \ + && ln -sTf "${ARM_TTK_PSD1}" /usr/bin/arm-ttk + +######################################################################################## +# Run to build version file and validate image again because we installed more linters # +######################################################################################## +RUN ACTIONS_RUNNER_DEBUG=true WRITE_LINTER_VERSIONS_FILE=true IMAGE="${IMAGE}" /action/lib/linter.sh diff --git a/Dockerfile-slim b/Dockerfile-slim deleted file mode 100644 index 5d76262e..00000000 --- a/Dockerfile-slim +++ /dev/null @@ -1,395 +0,0 @@ -########################################### -########################################### -## Dockerfile to run GitHub Super-Linter ## -## SLIM IMAGE ## -########################################### -########################################### - -# Removed Linters: -# - rust -# - dotenv -# - armttk -# - pwsh - -######################################### -# Get dependency images as build stages # -######################################### -FROM cljkondo/clj-kondo:2021.12.01-alpine as clj-kondo -FROM mstruebing/editorconfig-checker:2.3.5 as editorconfig-checker -FROM yoheimuta/protolint:v0.35.2 as protolint -FROM golangci/golangci-lint:v1.43.0 as golangci-lint -FROM koalaman/shellcheck:v0.8.0 as shellcheck -FROM ghcr.io/terraform-linters/tflint-bundle:v0.33.2.0 as tflint -FROM alpine/terragrunt:1.0.11 as terragrunt -FROM mvdan/shfmt:v3.4.1 as shfmt -FROM accurics/terrascan:1.12.0 as terrascan -FROM hadolint/hadolint:latest-alpine as dockerfile-lint -FROM assignuser/chktex-alpine:v0.1.1 as chktex -FROM zricethezav/gitleaks:v8.0.4 as gitleaks -FROM garethr/kubeval:0.15.0 as kubeval -FROM ghcr.io/assignuser/lintr-lib:0.3.0 as lintr-lib -FROM ghcr.io/awkbar-devops/clang-format:v1.0.2 as clang-format -FROM scalameta/scalafmt:v3.2.1 as scalafmt -FROM rhysd/actionlint:1.6.8 as actionlint - -################## -# Get base image # -################## -FROM python:3.10.1-alpine as base_image - -################################ -# Set ARG values used in Build # -################################ -# Dart Linter -## stable dart sdk: https://dart.dev/get-dart#release-channels -ARG DART_VERSION='2.8.4' -## install alpine-pkg-glibc (glibc compatibility layer package for Alpine Linux) -ARG GLIBC_VERSION='2.31-r0' - -#################### -# Run APK installs # -#################### -RUN apk add --no-cache \ - bash \ - ca-certificates \ - cargo \ - coreutils \ - curl \ - file \ - gcc \ - g++ \ - git git-lfs\ - gnupg \ - go \ - icu-libs \ - jpeg-dev \ - jq \ - krb5-libs \ - libc-dev libcurl libffi-dev libgcc \ - libintl libssl1.1 libstdc++ \ - libxml2-dev libxml2-utils \ - linux-headers \ - lttng-ust-dev \ - make \ - musl-dev \ - net-snmp-dev \ - npm nodejs-current \ - openjdk11-jre \ - openssl-dev \ - perl perl-dev \ - py3-setuptools python3-dev \ - R R-dev R-doc \ - readline-dev \ - ruby ruby-dev ruby-bundler ruby-rdoc \ - zlib zlib-dev - -######################################## -# Copy dependencies files to container # -######################################## -COPY dependencies/* / - -################################ -# Installs python dependencies # -################################ -RUN pip3 install --no-cache-dir pipenv \ - # Bug in hadolint thinks pipenv is pip - # hadolint ignore=DL3042 - && pipenv install --clear --system \ - #################### - # Run NPM Installs # - #################### - && npm config set package-lock false \ - && npm config set loglevel error \ - && npm --no-cache install \ - && npm audit fix --audit-level=critical \ - ############################## - # Installs ruby dependencies # - ############################## - && bundle install - -############################## -# Installs Perl dependencies # -############################## -RUN curl --retry 5 --retry-delay 5 -sL https://cpanmin.us/ | perl - -nq --no-wget Perl::Critic \ - ######################## - # Install Python Black # - ######################## - && wget --tries=5 -q -O /usr/local/bin/black https://github.com/psf/black/releases/download/21.11b1/black_linux \ - && chmod +x /usr/local/bin/black - -###################### -# Install shellcheck # -###################### -COPY --from=shellcheck /bin/shellcheck /usr/bin/ - -##################### -# Install Go Linter # -##################### -COPY --from=golangci-lint /usr/bin/golangci-lint /usr/bin/ - -################## -# Install TFLint # -################## -COPY --from=tflint /usr/local/bin/tflint /usr/bin/ -COPY --from=tflint /root/.tflint.d /root/.tflint.d - -##################### -# Install Terrascan # -##################### -COPY --from=terrascan /go/bin/terrascan /usr/bin/ - -###################### -# Install Terragrunt # -###################### -COPY --from=terragrunt /usr/local/bin/terragrunt /usr/bin/ - -###################### -# Install protolint # -###################### -COPY --from=protolint /usr/local/bin/protolint /usr/bin/ - -##################### -# Install clj-kondo # -##################### -COPY --from=clj-kondo /bin/clj-kondo /usr/bin/ - -################################ -# Install editorconfig-checker # -################################ -COPY --from=editorconfig-checker /usr/bin/ec /usr/bin/editorconfig-checker - -############################### -# Install hadolint dockerfile # -############################### -COPY --from=dockerfile-lint /bin/hadolint /usr/bin/hadolint - -################## -# Install chktex # -################## -COPY --from=chktex /usr/bin/chktex /usr/bin/ - -################### -# Install kubeval # -################### -COPY --from=kubeval /kubeval /usr/bin/ - -################# -# Install shfmt # -################# -COPY --from=shfmt /bin/shfmt /usr/bin/ - -######################## -# Install clang-format # -######################## -COPY --from=clang-format /usr/bin/clang-format /usr/bin/ - -#################### -# Install GitLeaks # -#################### -COPY --from=gitleaks /usr/bin/gitleaks /usr/bin/ - -#################### -# Install scalafmt # -#################### -COPY --from=scalafmt /bin/scalafmt /usr/bin/ - -###################### -# Install actionlint # -###################### -COPY --from=actionlint /usr/local/bin/actionlint /usr/bin/ - -################# -# Install Lintr # -################# -RUN mkdir -p /home/r-library \ - && cp -r /usr/lib/R/library/ /home/r-library/ \ - && Rscript -e "install.packages(c('lintr','purrr'), repos = 'https://cloud.r-project.org/')" \ - && R -e "install.packages(list.dirs('/home/r-library',recursive = FALSE), repos = NULL, type = 'source')" - -################## -# Install ktlint # -################## -RUN curl --retry 5 --retry-delay 5 -sSLO https://github.com/pinterest/ktlint/releases/latest/download/ktlint \ - && chmod a+x ktlint \ - && mv "ktlint" /usr/bin/ \ - && terrascan init \ - && cd ~ && touch .chktexrc \ - #################### - # Install dart-sdk # - #################### - && wget --tries=5 -q -O /etc/apk/keys/sgerrand.rsa.pub https://alpine-pkgs.sgerrand.com/sgerrand.rsa.pub \ - && wget --tries=5 -q https://github.com/sgerrand/alpine-pkg-glibc/releases/download/${GLIBC_VERSION}/glibc-${GLIBC_VERSION}.apk \ - && apk add --no-cache glibc-${GLIBC_VERSION}.apk \ - && rm glibc-${GLIBC_VERSION}.apk \ - && wget --tries=5 -q https://storage.googleapis.com/dart-archive/channels/stable/release/${DART_VERSION}/sdk/dartsdk-linux-x64-release.zip -O - -q | unzip -q - \ - && chmod +x dart-sdk/bin/dart* \ - && mv dart-sdk/bin/* /usr/bin/ && mv dart-sdk/lib/* /usr/lib/ && mv dart-sdk/include/* /usr/include/ \ - && rm -r dart-sdk/ \ - ################################ - # Create and install Bash-Exec # - ################################ - && printf '#!/bin/bash \n\nif [[ -x "$1" ]]; then exit 0; else echo "Error: File:[$1] is not executable"; exit 1; fi' > /usr/bin/bash-exec \ - && chmod +x /usr/bin/bash-exec - -################################################# -# Install Raku and additional Edge dependencies # -################################################# -# Basic setup, programs and init -RUN apk add --no-cache rakudo zef \ - ###################### - # Install CheckStyle # - ###################### - && CHECKSTYLE_LATEST=$(curl -s https://api.github.com/repos/checkstyle/checkstyle/releases/latest \ - | grep browser_download_url \ - | grep ".jar" \ - | cut -d '"' -f 4) \ - && curl --retry 5 --retry-delay 5 -sSL "$CHECKSTYLE_LATEST" \ - --output /usr/bin/checkstyle \ - ############################## - # Install google-java-format # - ############################## - && GOOGLE_JAVA_FORMAT_VERSION=$(curl -s https://github.com/google/google-java-format/releases/latest \ - | cut -d '"' -f 2 | cut -d '/' -f 8 | sed -e 's/v//g') \ - && curl --retry 5 --retry-delay 5 -sSL \ - "https://github.com/google/google-java-format/releases/download/v$GOOGLE_JAVA_FORMAT_VERSION/google-java-format-$GOOGLE_JAVA_FORMAT_VERSION-all-deps.jar" \ - --output /usr/bin/google-java-format \ - ################################# - # Install luacheck and luarocks # - ################################# - && wget --tries=5 -q https://www.lua.org/ftp/lua-5.3.5.tar.gz -O - -q | tar -xzf - \ - && cd lua-5.3.5 \ - && make linux \ - && make install \ - && cd .. && rm -r lua-5.3.5/ \ - && wget --tries=5 -q https://github.com/cvega/luarocks/archive/v3.3.1-super-linter.tar.gz -O - -q | tar -xzf - \ - && cd luarocks-3.3.1-super-linter \ - && ./configure --with-lua-include=/usr/local/include \ - && make \ - && make -b install \ - && cd .. \ - && rm -r luarocks-3.3.1-super-linter/ \ - && luarocks install luacheck \ - && luarocks install argparse \ - && luarocks install luafilesystem \ - && mv /etc/R/* /usr/lib/R/etc/ \ - && find /node_modules/ -type f -name 'LICENSE' -exec rm {} + \ - && find /node_modules/ -type f -name '*.md' -exec rm {} + \ - && find /node_modules/ -type f -name '*.txt' -exec rm {} + \ - && find /usr/ -type f -name '*.md' -exec rm {} + - -################################################################################ -# Grab small clean image ####################################################### -################################################################################ -FROM alpine:3.15.0 as final - -############################ -# Get the build arguements # -############################ -ARG BUILD_DATE -ARG BUILD_REVISION -ARG BUILD_VERSION -## install alpine-pkg-glibc (glibc compatibility layer package for Alpine Linux) -ARG GLIBC_VERSION='2.31-r0' - -######################################### -# Label the instance and set maintainer # -######################################### -LABEL com.github.actions.name="GitHub Super-Linter" \ - com.github.actions.description="Lint your code base with GitHub Actions" \ - com.github.actions.icon="code" \ - com.github.actions.color="red" \ - maintainer="GitHub DevOps " \ - org.opencontainers.image.created=$BUILD_DATE \ - org.opencontainers.image.revision=$BUILD_REVISION \ - org.opencontainers.image.version=$BUILD_VERSION \ - org.opencontainers.image.authors="GitHub DevOps " \ - org.opencontainers.image.url="https://github.com/github/super-linter" \ - org.opencontainers.image.source="https://github.com/github/super-linter" \ - org.opencontainers.image.documentation="https://github.com/github/super-linter" \ - org.opencontainers.image.vendor="GitHub" \ - org.opencontainers.image.description="Lint your code base with GitHub Actions" - -################################################# -# Set ENV values used for debugging the version # -################################################# -ENV BUILD_DATE=$BUILD_DATE -ENV BUILD_REVISION=$BUILD_REVISION -ENV BUILD_VERSION=$BUILD_VERSION -ENV IMAGE="slim" - -###################################### -# Install Phive dependencies and git # -###################################### -RUN wget --tries=5 -q -O /etc/apk/keys/sgerrand.rsa.pub https://alpine-pkgs.sgerrand.com/sgerrand.rsa.pub \ - && wget --tries=5 -q https://github.com/sgerrand/alpine-pkg-glibc/releases/download/${GLIBC_VERSION}/glibc-${GLIBC_VERSION}.apk \ - && apk add --no-cache \ - bash \ - ca-certificates \ - git git-lfs \ - glibc-${GLIBC_VERSION}.apk \ - gnupg \ - php7 php7-curl php7-ctype php7-dom php7-iconv php7-json php7-mbstring \ - php7-openssl php7-phar php7-simplexml php7-tokenizer php-xmlwriter \ - && rm glibc-${GLIBC_VERSION}.apk \ - && wget -q --tries=5 -O /tmp/libz.tar.xz https://www.archlinux.org/packages/core/x86_64/zlib/download \ - && mkdir /tmp/libz \ - && tar -xf /tmp/libz.tar.xz -C /tmp/libz \ - && mv /tmp/libz/usr/lib/libz.so* /usr/glibc-compat/lib \ - && rm -rf /tmp/libz /tmp/libz.tar.xz \ - && wget -q --tries=5 -O phive.phar https://phar.io/releases/phive.phar \ - && wget -q --tries=5 -O phive.phar.asc https://phar.io/releases/phive.phar.asc \ - && PHAR_KEY_ID="0x9D8A98B29B2D5D79" \ - && gpg --keyserver hkps://keyserver.ubuntu.com --recv-keys "$PHAR_KEY_ID" \ - && gpg --verify phive.phar.asc phive.phar \ - && chmod +x phive.phar \ - && mv phive.phar /usr/local/bin/phive \ - && rm phive.phar.asc \ - && phive --no-progress install --trust-gpg-keys \ - 31C7E470E2138192,CF1A108D0E7AE720,8A03EA3B385DBAA1,12CE0F1D262429A5 \ - --target /usr/bin phpstan@^1.1.1 psalm@^4.12.0 phpcs@^3.6.1 - -################################# -# Copy the libraries into image # -################################# -COPY --from=base_image /usr/bin/ /usr/bin/ -COPY --from=base_image /usr/local/bin/ /usr/local/bin/ -COPY --from=base_image /usr/local/lib/ /usr/local/lib/ -COPY --from=base_image /usr/local/share/ /usr/local/share/ -COPY --from=base_image /usr/lib/ /usr/lib/ -COPY --from=base_image /usr/share/ /usr/share/ -COPY --from=base_image /usr/include/ /usr/include/ -COPY --from=base_image /lib/ /lib/ -COPY --from=base_image /bin/ /bin/ -COPY --from=base_image /node_modules/ /node_modules/ -COPY --from=base_image /home/r-library /home/r-library -COPY --from=base_image /root/.tflint.d/ /root/.tflint.d/ - -#################################################### -# Install Composer after all Libs have been copied # -#################################################### -RUN sh -c 'curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/bin --filename=composer' - -######################################## -# Add node packages to path and dotnet # -######################################## -ENV PATH="${PATH}:/node_modules/.bin" - -############################# -# Copy scripts to container # -############################# -COPY lib /action/lib - -################################## -# Copy linter rules to container # -################################## -COPY TEMPLATES /action/lib/.automation - -################################################ -# Run to build version file and validate image # -################################################ -RUN ACTIONS_RUNNER_DEBUG=true WRITE_LINTER_VERSIONS_FILE=true IMAGE=slim /action/lib/linter.sh - -###################### -# Set the entrypoint # -###################### -ENTRYPOINT ["/action/lib/linter.sh"] diff --git a/lib/functions/linterVersions.sh b/lib/functions/linterVersions.sh index d7a50725..acdfb458 100755 --- a/lib/functions/linterVersions.sh +++ b/lib/functions/linterVersions.sh @@ -11,9 +11,11 @@ GetLinterVersions() { # Print version headers # ######################### debug "---------------------------------------------" + debug "WRITE_LINTER_VERSIONS_FILE: ${WRITE_LINTER_VERSIONS_FILE}" + debug "VERSION_FILE: ${VERSION_FILE}" debug "Linter Version Info:" - if ! [ -e "${VERSION_FILE}" ] && [ "${WRITE_LINTER_VERSIONS_FILE}" = "true" ]; then + if [ "${WRITE_LINTER_VERSIONS_FILE}" = "true" ]; then debug "Building linter version file..." if BuildLinterVersions "${VERSION_FILE}" "${LINTER_NAMES_ARRAY[@]}"; then info "Linter version file built correctly." @@ -21,6 +23,8 @@ GetLinterVersions() { else fatal "Error while building the versions file." fi + else + debug "Skipping versions file build..." fi ################################