Skip to content
Snippets Groups Projects
Unverified Commit 3bcb1c02 authored by Anze Luzar's avatar Anze Luzar
Browse files

Update Dockerfile and scan_runner component

parent 42353ac5
No related branches found
No related tags found
No related merge requests found
...@@ -2,31 +2,21 @@ FROM debian:bullseye-20220228-slim ...@@ -2,31 +2,21 @@ FROM debian:bullseye-20220228-slim
# add python virtualenv and tools dir to path to be able to invoke commands # add python virtualenv and tools dir to path to be able to invoke commands
ENV PATH="/iac-scan-runner/.venv/bin:/iac-scan-runner/tools:$PATH" ENV PATH="/iac-scan-runner/.venv/bin:/iac-scan-runner/tools:$PATH"
# add CMD instruction TO run the API
CMD ["uvicorn", "iac_scan_runner.api:app", "--host", "0.0.0.0", "--port", "80"] CMD ["uvicorn", "iac_scan_runner.api:app", "--host", "0.0.0.0", "--port", "80"]
# set working directory # set working directory
WORKDIR /iac-scan-runner/src WORKDIR /iac-scan-runner/src
# copy all the files
COPY . /iac-scan-runner COPY . /iac-scan-runner
# install system and API requirements
RUN cd /iac-scan-runner \ RUN cd /iac-scan-runner \
&& apt-get update \ && apt-get update \
&& apt-get -y install --no-install-recommends \ && apt-get -y install --no-install-recommends build-essential bash gcc git curl wget openjdk-17-jre \
build-essential \ ruby2.7 nodejs npm unzip python3 python3-pip python3-venv \
bash \
gcc \
git \
openssh-client \
curl \
wget \
openjdk-17-jre \
ruby2.7 \
nodejs \
npm \
unzip \
python3 \
python3-pip \
python3-venv \
&& apt-get update \ && apt-get update \
&& mkdir -p /usr/share/man/man1 \ && mkdir -p /usr/share/man/man1 \
&& npm i npm@latest -g \ && npm i npm@latest -g \
...@@ -36,16 +26,10 @@ RUN cd /iac-scan-runner \ ...@@ -36,16 +26,10 @@ RUN cd /iac-scan-runner \
&& pip install -r requirements.txt \ && pip install -r requirements.txt \
&& ./install-checks.sh \ && ./install-checks.sh \
&& npm uninstall npm \ && npm uninstall npm \
&& apt-get -y remove \ && apt-get -y remove build-essential gcc npm curl wget \
build-essential \
gcc \
npm \
curl \
wget \
&& apt-get autoremove -y \ && apt-get autoremove -y \
&& apt-get autoclean -y \ && apt-get autoclean -y \
&& apt-get clean -y \ && apt-get clean -y \
&& rm -rf /var/lib/apt/lists/* \ && rm -rf /var/lib/apt/lists/* \
&& rm -rf /var/cache/* \ && rm -rf /var/cache/* \
&& rm -rf /root/.cache/ && rm -rf /root/.cache/
...@@ -7,6 +7,7 @@ from fastapi import UploadFile ...@@ -7,6 +7,7 @@ from fastapi import UploadFile
from iac_scan_runner.checks.ansible_lint import AnsibleLintCheck from iac_scan_runner.checks.ansible_lint import AnsibleLintCheck
from iac_scan_runner.checks.bandit import BanditCheck from iac_scan_runner.checks.bandit import BanditCheck
from iac_scan_runner.checks.checkstyle import CheckStyle from iac_scan_runner.checks.checkstyle import CheckStyle
from iac_scan_runner.checks.cloc import ClocCheck
from iac_scan_runner.checks.es_lint import ESLintCheck from iac_scan_runner.checks.es_lint import ESLintCheck
from iac_scan_runner.checks.git_leaks import GitLeaksCheck from iac_scan_runner.checks.git_leaks import GitLeaksCheck
from iac_scan_runner.checks.git_secrets import GitSecretsCheck from iac_scan_runner.checks.git_secrets import GitSecretsCheck
...@@ -58,6 +59,7 @@ class ScanRunner: ...@@ -58,6 +59,7 @@ class ScanRunner:
ts_lint = TSLintCheck() ts_lint = TSLintCheck()
htmlhint = HtmlHintCheck() htmlhint = HtmlHintCheck()
stylelint = StyleLintCheck() stylelint = StyleLintCheck()
cloc = ClocCheck()
checkstyle = CheckStyle() checkstyle = CheckStyle()
snyk = SnykCheck() snyk = SnykCheck()
sonar_scanner = SonarScannerCheck() sonar_scanner = SonarScannerCheck()
...@@ -82,6 +84,7 @@ class ScanRunner: ...@@ -82,6 +84,7 @@ class ScanRunner:
ts_lint.name: ts_lint, ts_lint.name: ts_lint,
htmlhint.name: htmlhint, htmlhint.name: htmlhint,
stylelint.name: stylelint, stylelint.name: stylelint,
cloc.name: cloc,
checkstyle.name: checkstyle, checkstyle.name: checkstyle,
snyk.name: snyk, snyk.name: snyk,
sonar_scanner.name: sonar_scanner sonar_scanner.name: sonar_scanner
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment