ReachableCEO
124d51ebff
- Create specialized toolbox container for auditing Docker images and related files - Include essential QA tools: Hadolint, Dive, ShellCheck, Trivy, Dockle, Docker client, Node.js - Implement comprehensive build, run, release, and test scripts - Add detailed documentation with usage examples - Ensure all tools work correctly within the container - Rename directory from toolbox-QADocker to toolbox-qadocker for consistency - Update QWEN.md with comprehensive QA workflow using toolbox-qadocker - Add mandatory pre-build audit process using QA tools - Add validation process for testing from inside container environment - Add comprehensive testing to verify all tools are working - Optimize Dockerfile for best practices and security - Ensure container runs as non-root user for security - Add release script for versioned releases to registry - Add test script to verify all tools are working correctly
118 lines
2.9 KiB
Bash
Executable File
118 lines
2.9 KiB
Bash
Executable File
#!/usr/bin/env bash
|
|
|
|
# Run script for toolbox-qadocker
|
|
set -e
|
|
|
|
# Colors for output
|
|
RED='\033[0;31m'
|
|
GREEN='\033[0;32m'
|
|
YELLOW='\033[1;33m'
|
|
NC='\033[0m' # No Color
|
|
|
|
# Print colored output
|
|
print_status() {
|
|
echo -e "${GREEN}[INFO]${NC} $1"
|
|
}
|
|
|
|
print_warning() {
|
|
echo -e "${YELLOW}[WARNING]${NC} $1"
|
|
}
|
|
|
|
print_error() {
|
|
echo -e "${RED}[ERROR]${NC} $1"
|
|
}
|
|
|
|
# Default values
|
|
IMAGE_NAME="tsysdevstack-toolboxstack-toolbox-qadocker"
|
|
TAG="dev"
|
|
CONTAINER_NAME="tsysdevstack-toolboxstack-toolbox-qadocker-run"
|
|
INTERACTIVE=true
|
|
TTY=true
|
|
MOUNT_CURRENT_DIR=true
|
|
DOCKER_SOCKET=false
|
|
|
|
# Parse command line arguments
|
|
while [[ $# -gt 0 ]]; do
|
|
case $1 in
|
|
--tag)
|
|
TAG="$2"
|
|
shift 2
|
|
;;
|
|
--name)
|
|
CONTAINER_NAME="$2"
|
|
shift 2
|
|
;;
|
|
--no-tty)
|
|
TTY=false
|
|
shift
|
|
;;
|
|
--no-interactive)
|
|
INTERACTIVE=false
|
|
shift
|
|
;;
|
|
--no-mount)
|
|
MOUNT_CURRENT_DIR=false
|
|
shift
|
|
;;
|
|
--with-docker)
|
|
DOCKER_SOCKET=true
|
|
shift
|
|
;;
|
|
--help)
|
|
echo "Usage: $0 [--tag TAG] [--name NAME] [--no-tty] [--no-interactive] [--no-mount] [--with-docker]"
|
|
echo ""
|
|
echo "Options:"
|
|
echo " --tag TAG Specify the tag for the image to run (default: dev)"
|
|
echo " --name NAME Specify the container name (default: tsysdevstack-toolboxstack-toolbox-qadocker-run)"
|
|
echo " --no-tty Disable TTY allocation"
|
|
echo " --no-interactive Disable interactive mode"
|
|
echo " --no-mount Don't mount current directory to /workspace"
|
|
echo " --with-docker Mount Docker socket to use Docker from inside container"
|
|
echo " --help Show this help message"
|
|
exit 0
|
|
;;
|
|
*)
|
|
print_error "Unknown option: $1"
|
|
exit 1
|
|
;;
|
|
esac
|
|
done
|
|
|
|
IMAGE_TAGGED_NAME="${IMAGE_NAME}:${TAG}"
|
|
|
|
# Check if the image exists
|
|
if ! docker images --format "{{.Repository}}:{{.Tag}}" | grep -q "^${IMAGE_NAME}:${TAG}$"; then
|
|
print_error "Image ${IMAGE_TAGGED_NAME} does not exist. Please build it first."
|
|
exit 1
|
|
fi
|
|
|
|
# Build docker run command
|
|
RUN_CMD="docker run"
|
|
|
|
if [[ "$INTERACTIVE" == true ]]; then
|
|
RUN_CMD="${RUN_CMD} -i"
|
|
fi
|
|
|
|
if [[ "$TTY" == true ]]; then
|
|
RUN_CMD="${RUN_CMD} -t"
|
|
fi
|
|
|
|
# Mount current directory to /workspace
|
|
if [[ "$MOUNT_CURRENT_DIR" == true ]]; then
|
|
RUN_CMD="${RUN_CMD} -v $(pwd):/workspace -w /workspace"
|
|
fi
|
|
|
|
# Mount Docker socket if requested
|
|
if [[ "$DOCKER_SOCKET" == true ]]; then
|
|
RUN_CMD="${RUN_CMD} -v /var/run/docker.sock:/var/run/docker.sock"
|
|
fi
|
|
|
|
RUN_CMD="${RUN_CMD} --name ${CONTAINER_NAME}"
|
|
|
|
# Add the image name
|
|
RUN_CMD="${RUN_CMD} ${IMAGE_TAGGED_NAME}"
|
|
|
|
print_status "Running: ${RUN_CMD}"
|
|
|
|
# Execute the command
|
|
eval $RUN_CMD |