Skip to content

Commit

Permalink
add hadolint scan in CI (#104)
Browse files Browse the repository at this point in the history
Signed-off-by: chensuyue <suyue.chen@intel.com>
  • Loading branch information
chensuyue authored Apr 29, 2024
1 parent 6bfee2d commit 04c5e64
Show file tree
Hide file tree
Showing 9 changed files with 76 additions and 7 deletions.
14 changes: 14 additions & 0 deletions .github/workflows/AudioQnA.yml
Original file line number Diff line number Diff line change
@@ -1,3 +1,17 @@
# Copyright (c) 2024 Intel Corporation
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

name: AudioQnA-test

on:
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/code-scan.yml
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,7 @@ jobs:
runs-on: ubuntu-latest
strategy:
matrix:
job_name: ["bandit"]
job_name: ["bandit", "hadolint"]
fail-fast: false
steps:
- name: Checkout out Repo
Expand Down
5 changes: 3 additions & 2 deletions .github/workflows/docker/code-scan.dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,8 @@ RUN apt-get update && apt-get install -y --no-install-recommends --fix-missing \

RUN ln -sf $(which python3) /usr/bin/python

RUN python -m pip install --no-cache-dir pylint==2.12.1\
bandit
RUN python -m pip install --no-cache-dir bandit==1.7.8
RUN wget -O /bin/hadolint https://github.com/hadolint/hadolint/releases/download/v2.12.0/hadolint-Linux-x86_64
RUN chmod +x /bin/hadolint

WORKDIR /
3 changes: 1 addition & 2 deletions .github/workflows/scripts/codeScan/bandit.sh
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,6 @@
# limitations under the License.

source /GenAIExamples/.github/workflows/scripts/change_color
pip install bandit==1.7.8
log_dir=/GenAIExamples/.github/workflows/scripts/codeScan
python -m bandit -r -lll -iii /GenAIExamples >${log_dir}/bandit.log
exit_code=$?
Expand All @@ -24,7 +23,7 @@ cat ${log_dir}/bandit.log
$BOLD_YELLOW && echo " ----------------- Current log file output end --------------------------" && $RESET

if [ ${exit_code} -ne 0 ]; then
$BOLD_RED && echo "Error!! Please Click on the artifact button to download and view Bandit error details." && $RESET
$BOLD_RED && echo "Error!! Please Click on the artifact button to download and check error details." && $RESET
exit 1
fi

Expand Down
27 changes: 27 additions & 0 deletions .github/workflows/scripts/codeScan/hadolint.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,27 @@
#!/bin/bash
# Copyright (c) 2024 Intel Corporation
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

source /GenAIExamples/.github/workflows/scripts/change_color
log_dir=/GenAIExamples/.github/workflows/scripts/codeScan

find . -type f \( -name "Dockerfile*" \) -print -exec hadolint --ignore DL3006 --ignore DL3007 --ignore DL3008 {} \; 2>&1 | tee ${log_dir}/hadolint.log

if [[ $(grep -c "error" ${log_dir}/hadolint.log) != 0 ]]; then
$BOLD_RED && echo "Error!! Please Click on the artifact button to download and check error details." && $RESET
exit 1
fi

$BOLD_PURPLE && echo "Congratulations, Hadolint check passed!" && $LIGHT_PURPLE && echo " You can click on the artifact button to see the log details." && $RESET
exit 0
2 changes: 1 addition & 1 deletion ChatQnA/langchain/docker/qna-app/Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@

FROM python:3.11-slim

RUN pip install poetry==1.6.1
RUN pip install --no-cache-dir poetry==1.6.1

RUN poetry config virtualenvs.create false

Expand Down
2 changes: 1 addition & 1 deletion DocSum/langchain/docker/summarize-app/Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@

FROM python:3.11-slim

RUN pip install poetry==1.6.1
RUN pip install --no-cache-dir poetry==1.6.1

RUN poetry config virtualenvs.create false

Expand Down
14 changes: 14 additions & 0 deletions LanguageTrans/ui/svelte/src/lib/shared/constant.ts
Original file line number Diff line number Diff line change
@@ -1,3 +1,17 @@
// Copyright (c) 2024 Intel Corporation
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.

import type { Language } from "../../routes/types.js";

export const languagesList: Language[] = [
Expand Down
14 changes: 14 additions & 0 deletions LanguageTrans/ui/svelte/src/routes/types.d.ts
Original file line number Diff line number Diff line change
@@ -1,3 +1,17 @@
// Copyright (c) 2024 Intel Corporation
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.

export interface Language {
shortcode: string;
name: string;
Expand Down

0 comments on commit 04c5e64

Please sign in to comment.