Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: add Dockerfile support #691

Closed
wants to merge 11 commits into from
Closed

feat: add Dockerfile support #691

wants to merge 11 commits into from

Conversation

setchy
Copy link
Member

@setchy setchy commented Nov 3, 2023

@setchy
feat: add support for Dockerfile
43e8e27 
Signed-off-by: Adam Setch <adam.setch@outlook.com>
@setchy
Copy link
Member Author

setchy commented Nov 3, 2023
edited
Loading

Opening a DRAFT PR early for feedback.

It's pretty rough, but appears to be functional locally when using a sample Dockerfile, eg:

FROM eclipse-temurin:latest AS JAVA

FROM node:20 AS build

FROM node:18.0.0@sha256:7b58c794e37aa3e6f6df5f9616eaa0bea27dedb12510e962ba6f505d17d8ffd3 AS SOURCE

@setchy
feat: add support for Dockerfile
c6f63ef 
Signed-off-by: Adam Setch <adam.setch@outlook.com>
@setchy setchy added the enhancement New feature or request label Nov 3, 2023
@setchy setchy requested a review from prabhu November 3, 2023 02:28
@setchy setchy changed the title feat: add support for Dockerfile feat: add Dockerfile support Nov 3, 2023
prabhu
prabhu reviewed Nov 6, 2023
View reviewed changes
index.js Outdated Show resolved Hide resolved
prabhu
prabhu reviewed Nov 6, 2023
View reviewed changes
index.js Outdated Show resolved Hide resolved
@setchy
feat: add support for Containerfile. Update Dockerfile expression
0208b74 
Signed-off-by: Adam Setch <adam.setch@outlook.com>
@setchy
Copy link
Member Author

setchy commented Nov 6, 2023
edited
Loading

Testing locally, it seems like only one SrcFile is added to an image when the image may exist across multiple Dockerfiles/Containerfiles.

Need to do some further debugging as to why this is happening...

setchy added 6 commits November 6, 2023 06:16
@setchy
docs: update supported languages and package managers
1b16974 
Signed-off-by: Adam Setch <adam.setch@outlook.com>
@setchy
feat: add support for Containerfile. Update Dockerfile expression
234e2c7 
Signed-off-by: Adam Setch <adam.setch@outlook.com>
@setchy
Merge branch 'master' into feature/dockerfile
feae2a9
@setchy
feat: add projectType containerfile
f2757cf 
Signed-off-by: Adam Setch <adam.setch@outlook.com>
@setchy
Merge branch 'feature/dockerfile' of https://github.com/setchy/cdxgen
7ab9cd9 
…into feature/dockerfile
@setchy
feat: add logic to skip processing images which are previous build st…
c4f8ab1 
…age names

Signed-off-by: Adam Setch <adam.setch@outlook.com>
@setchy
Copy link
Member Author

setchy commented Nov 7, 2023

A few updates

While debugging, i noticed that dependencies were being found and logged, however they are not surviving through to the final output bom, which as I understand affects things like Dependency Graph within Dependency Track. This needs some further investigation...

setchy added 2 commits November 7, 2023 08:48
@setchy
feat: add logic to skip processing images which are previous build st…
d0486e2 
…age names

Signed-off-by: Adam Setch <adam.setch@outlook.com>
@setchy
feat: do not process any commented out lines
589bb45 
Signed-off-by: Adam Setch <adam.setch@outlook.com>
@setchy
Copy link
Member Author

setchy commented Nov 7, 2023
edited
Loading

I've split the dependencies enhancement into #697 to help streamline this PR

@setchy setchy marked this pull request as ready for review November 7, 2023 21:50
@setchy
Copy link
Member Author

setchy commented Nov 9, 2023

re-raised as #704

@setchy setchy closed this Nov 9, 2023
@setchy setchy deleted the feature/dockerfile branch November 9, 2023 16:38
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@prabhu prabhu prabhu left review comments

Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@setchy @prabhu