Update Dockerfile and scan_runner component

3bcb1c02 · Anze Luzar · 42353ac5 · 3bcb1c02 · 3bcb1c02
Unverified Commit 3bcb1c02 authored 3 years ago by Anze Luzar
--- a/Dockerfile
+++ b/Dockerfile
@@ -2,31 +2,21 @@ FROM debian:bullseye-20220228-slim

 # add python virtualenv and tools dir to path to be able to invoke commands
 ENV PATH="/iac-scan-runner/.venv/bin:/iac-scan-runner/tools:$PATH"
+
+# add CMD instruction TO run the API
 CMD ["uvicorn", "iac_scan_runner.api:app", "--host", "0.0.0.0", "--port", "80"]

 # set working directory
 WORKDIR /iac-scan-runner/src

+# copy all the files
 COPY . /iac-scan-runner

+# install system and API requirements
 RUN cd /iac-scan-runner \
    && apt-get update \
-    && apt-get -y install --no-install-recommends \
-        build-essential \
-	bash \
-	gcc \
-	git \
-	openssh-client \
-	curl \
-	wget \
-	openjdk-17-jre \
-	ruby2.7 \
-	nodejs \
-	npm \
-	unzip \
-	python3 \
-	python3-pip \
-	python3-venv \
+    && apt-get -y install --no-install-recommends build-essential bash gcc git curl wget openjdk-17-jre \
+                                                  ruby2.7 nodejs npm unzip python3 python3-pip python3-venv \
    && apt-get update \
    && mkdir -p /usr/share/man/man1 \
    && npm i npm@latest -g \
@@ -36,16 +26,10 @@ RUN cd /iac-scan-runner \
    && pip install -r requirements.txt \
    && ./install-checks.sh \
    && npm uninstall npm \
-    && apt-get -y remove \
-        build-essential \
-	gcc \
-	npm \
-	curl \
-	wget \
+    && apt-get -y remove build-essential gcc npm curl wget \
    && apt-get autoremove -y \
    && apt-get autoclean -y \
    && apt-get clean -y \
    && rm -rf /var/lib/apt/lists/* \
    && rm -rf /var/cache/* \
    && rm -rf /root/.cache/
-
--- a/src/iac_scan_runner/scan_runner.py
+++ b/src/iac_scan_runner/scan_runner.py
@@ -7,6 +7,7 @@ from fastapi import UploadFile
 from iac_scan_runner.checks.ansible_lint import AnsibleLintCheck
 from iac_scan_runner.checks.bandit import BanditCheck
 from iac_scan_runner.checks.checkstyle import CheckStyle
+from iac_scan_runner.checks.cloc import ClocCheck
 from iac_scan_runner.checks.es_lint import ESLintCheck
 from iac_scan_runner.checks.git_leaks import GitLeaksCheck
 from iac_scan_runner.checks.git_secrets import GitSecretsCheck
@@ -58,6 +59,7 @@ class ScanRunner:
        ts_lint = TSLintCheck()
        htmlhint = HtmlHintCheck()
        stylelint = StyleLintCheck()
+        cloc = ClocCheck()
        checkstyle = CheckStyle()
        snyk = SnykCheck()
        sonar_scanner = SonarScannerCheck()
@@ -82,6 +84,7 @@ class ScanRunner:
            ts_lint.name: ts_lint,
            htmlhint.name: htmlhint,
            stylelint.name: stylelint,
+            cloc.name: cloc,
            checkstyle.name: checkstyle,
            snyk.name: snyk,
            sonar_scanner.name: sonar_scanner