11# syntax=docker/dockerfile:1
2- # MEGALINTER FLAVOR [ci_light]: Optimized for CI items (Dockerfile, Jenkinsfile, JSON/YAML schemas,XML
32# ##########################################
43# ##########################################
54# # Dockerfile to run MegaLinter ##
1211# # @generated by .automation/build.py using descriptor files, please do not update manually ##
1312# ############################################################################################
1413# ARGTOP__START
15- # renovate: datasource=docker depName=koalaman/shellcheck
16- ARG BASH_SHELLCHECK_VERSION=v0.10.0
17- # renovate: datasource=docker depName=mvdan/shfmt
18- ARG BASH_SHFMT_VERSION=v3.12.0-alpine
19- # renovate: datasource=docker depName=hadolint/hadolint
20- ARG DOCKERFILE_HADOLINT_VERSION=v2.12.0-alpine
21- # renovate: datasource=docker depName=zricethezav/gitleaks
22- ARG REPOSITORY_GITLEAKS_VERSION=v8.28.0
23- # renovate: datasource=docker depName=trufflesecurity/trufflehog
24- ARG REPOSITORY_TRUFFLEHOG_VERSION=3.90.2
14+
2515# ARGTOP__END
2616
2717# ############################################################################################
2818# # @generated by .automation/build.py using descriptor files, please do not update manually ##
2919# ############################################################################################
3020# FROM__START
31- FROM koalaman/shellcheck:${BASH_SHELLCHECK_VERSION} AS shellcheck
32- FROM mvdan/shfmt:${BASH_SHFMT_VERSION} AS shfmt
33- FROM hadolint/hadolint:${DOCKERFILE_HADOLINT_VERSION} AS hadolint
34- FROM zricethezav/gitleaks:${REPOSITORY_GITLEAKS_VERSION} AS gitleaks
35- FROM trufflesecurity/trufflehog:${REPOSITORY_TRUFFLEHOG_VERSION} AS trufflehog
21+
3622# FROM__END
3723
3824# #################
@@ -62,50 +48,12 @@ FROM python:3.13-alpine3.21
6248# # @generated by .automation/build.py using descriptor files, please do not update manually ##
6349# ############################################################################################
6450# ARG__START
65- # renovate: datasource=crate depName=sarif-fmt
66- ARG CARGO_SARIF_FMT_VERSION=0.8.0
67- # renovate: datasource=crate depName=shellcheck-sarif
68- ARG CARGO_SHELLCHECK_SARIF_VERSION=0.8.0
69- # renovate: datasource=npm depName=jscpd
70- ARG NPM_JSCPD_VERSION=4.0.5
71- # renovate: datasource=npm depName=npm-groovy-lint
72- ARG NPM_GROOVY_LINT_VERSION=15.2.1
73- # renovate: datasource=npm depName=@prantlf/jsonlint
74- ARG NPM_PRANTLF_JSONLINT_VERSION=16.0.0
75- # renovate: datasource=npm depName=v8r
76- ARG NPM_V8R_VERSION=5.1.0
77- # renovate: datasource=npm depName=prettier
78- ARG NPM_PRETTIER_VERSION=3.6.2
79- # renovate: datasource=github-tags depName=anchore/grype
80- ARG REPOSITORY_GRYPE_VERSION=0.96.1
81- # renovate: datasource=npm depName=@ls-lint/ls-lint
82- ARG NPM_LS_LINT_LS_LINT_VERSION=2.3.1
83- # renovate: datasource=npm depName=secretlint
84- ARG NPM_SECRETLINT_VERSION=10.2.1
85- # renovate: datasource=npm depName=@secretlint/secretlint-rule-preset-recommend
86- ARG NPM_SECRETLINT_SECRETLINT_RULE_PRESET_RECOMMEND_VERSION=10.2.1
87- # renovate: datasource=npm depName=@secretlint/secretlint-formatter-sarif
88- ARG NPM_SECRETLINT_SECRETLINT_FORMATTER_SARIF_VERSION=10.2.1
89- # renovate: datasource=github-tags depName=anchore/syft
90- ARG REPOSITORY_SYFT_VERSION=1.29.0
91- # renovate: datasource=github-tags depName=aquasecurity/trivy
92- ARG REPOSITORY_TRIVY_VERSION=0.64.1
93- # renovate: datasource=github-tags depName=aquasecurity/trivy
94- ARG REPOSITORY_TRIVY_SBOM_VERSION=0.64.1
95- # renovate: datasource=pypi depName=yamllint
96- ARG PIP_YAMLLINT_VERSION=1.37.1
51+ # renovate: datasource=pypi depName=black
52+ ARG PIP_BLACK_VERSION=25.1.0
9753# renovate: datasource=pypi depName=pip
9854ARG PIP_PIP_VERSION=25.1.1
9955# renovate: datasource=pypi depName=virtualenv
10056ARG PIP_VIRTUALENV_VERSION=20.32.0
101- # renovate: datasource=github-tags depName=rust-lang/rust
102- ARG RUST_RUST_VERSION=1.88.0
103-
104- ARG BASH_SHELLCHECK_VERSION
105- ARG BASH_SHFMT_VERSION
106- ARG DOCKERFILE_HADOLINT_VERSION
107- ARG REPOSITORY_GITLEAKS_VERSION
108- ARG REPOSITORY_TRUFFLEHOG_VERSION
10957# ARG__END
11058
11159# ###################
@@ -131,13 +79,6 @@ RUN apk -U --no-cache upgrade \
13179 make \
13280 musl-dev \
13381 openssh \
134- openjdk17 \
135- libxml2-dev \
136- libxml2-utils \
137- libgcc \
138- npm \
139- nodejs-current \
140- yarn \
14182 && git config --global core.autocrlf true
14283# APK__END
14384
@@ -158,12 +99,7 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \
15899# ############################################################################################
159100
160101# CARGO__START
161- RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain ${RUST_RUST_VERSION} \
162- && export PATH="/root/.cargo/bin:/root/.cargo/env:${PATH}" \
163- && rustup default stable \
164- && cargo install --force --locked sarif-fmt@${CARGO_SARIF_FMT_VERSION} shellcheck-sarif@${CARGO_SHELLCHECK_SARIF_VERSION} \
165- && rm -rf /root/.cargo/registry /root/.cargo/git /root/.cache/sccache /root/.rustup
166- ENV PATH="/root/.cargo/bin:/root/.cargo/env:${PATH}"
102+
167103# CARGO__END
168104
169105# ###############################
@@ -174,10 +110,10 @@ ENV PATH="/root/.cargo/bin:/root/.cargo/env:${PATH}"
174110
175111# PIPVENV__START
176112RUN uv pip install --system --no-cache pip==${PIP_PIP_VERSION} virtualenv==${PIP_VIRTUALENV_VERSION} \
177- && uv venv --seed --no-project --no-managed-python --no-cache "/venvs/yamllint " && VIRTUAL_ENV="/venvs/yamllint " uv pip install --no-cache yamllint ==${PIP_YAMLLINT_VERSION } \
113+ && uv venv --seed --no-project --no-managed-python --no-cache "/venvs/black " && VIRTUAL_ENV="/venvs/black " uv pip install --no-cache black ==${PIP_BLACK_VERSION } \
178114 && find /venvs \( -type f \( -iname \* .pyc -o -iname \* .pyo \) -o -type d -iname __pycache__ \) -delete \
179115 && rm -rf /root/.cache
180- ENV PATH="${PATH}" :/venvs/yamllint /bin
116+ ENV PATH="${PATH}" :/venvs/black /bin
181117# PIPVENV__END
182118
183119# ###########################
@@ -189,24 +125,6 @@ ENV PATH="${PATH}":/venvs/yamllint/bin
189125ENV NODE_OPTIONS="--max-old-space-size=8192" \
190126 NODE_ENV=production
191127# NPM__START
192- WORKDIR /node-deps
193- RUN npm --no-cache install --ignore-scripts --omit=dev \
194- jscpd@${NPM_JSCPD_VERSION} \
195- npm-groovy-lint@${NPM_GROOVY_LINT_VERSION} \
196- @prantlf/jsonlint@${NPM_PRANTLF_JSONLINT_VERSION} \
197- v8r@${NPM_V8R_VERSION} \
198- prettier@${NPM_PRETTIER_VERSION} \
199- @ls-lint/ls-lint@${NPM_LS_LINT_LS_LINT_VERSION} \
200- secretlint@${NPM_SECRETLINT_VERSION} \
201- @secretlint/secretlint-rule-preset-recommend@${NPM_SECRETLINT_SECRETLINT_RULE_PRESET_RECOMMEND_VERSION} \
202- @secretlint/secretlint-formatter-sarif@${NPM_SECRETLINT_SECRETLINT_FORMATTER_SARIF_VERSION} && \
203- echo "Cleaning npm cache…" \
204- && (npm cache clean --force || true) \
205- && echo "Changing owner of node_modules files…" \
206- && chown -R "$(id -u)" :"$(id -g)" node_modules # fix for https://github.com/npm/cli/issues/5900 \
207- && echo "Removing extra node_module files…" \
208- && find . \( -not -path "/proc" \) -and \( -type f \( -iname "*.d.ts" -o -iname "*.map" -o -iname "*.npmignore" -o -iname "*.travis.yml" -o -iname "CHANGELOG.md" -o -iname "README.md" -o -iname ".package-lock.json" -o -iname "package-lock.json" \) -o -type d -name /root/.npm/_cacache \) -delete
209- WORKDIR /
210128
211129# NPM__END
212130
@@ -231,70 +149,14 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \
231149# ############################################################################################
232150
233151# COPY__START
234- COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck
235- COPY --link --from=shfmt /bin/shfmt /usr/bin/
236- COPY --link --from=hadolint /bin/hadolint /usr/bin/hadolint
237- COPY --link --from=gitleaks /usr/bin/gitleaks /usr/bin/
238- COPY --link --from=trufflehog /usr/bin/trufflehog /usr/bin/
152+
239153# COPY__END
240154
241155# ############################################################################################
242156# # @generated by .automation/build.py using descriptor files, please do not update manually ##
243157# ############################################################################################
244158# OTHER__START
245- # shellcheck installation
246- # Managed with COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck
247- #
248- # shfmt installation
249- # Managed with COPY --link --from=shfmt /bin/shfmt /usr/bin/
250- #
251- # jscpd installation
252- #
253- # hadolint installation
254- # Managed with COPY --link --from=hadolint /bin/hadolint /usr/bin/hadolint
255- #
256- # dotenv-linter installation
257- RUN wget -q -O - https://raw.githubusercontent.com/dotenv-linter/dotenv-linter/master/install.sh | sh -s
258- #
259- # npm-groovy-lint installation
260- ENV JAVA_HOME_17=/usr/lib/jvm/java-17-openjdk
261- #
262- # jsonlint installation
263- #
264- # v8r installation
265- #
266- # prettier installation
267- #
268- # gitleaks installation
269- # Managed with COPY --link --from=gitleaks /usr/bin/gitleaks /usr/bin/
270- #
271- # grype installation
272- RUN curl -sSfL https://raw.githubusercontent.com/anchore/grype/refs/tags/v${REPOSITORY_GRYPE_VERSION}/install.sh | sh -s -- -b /usr/local/bin \
273- #
274- # ls-lint installation
275- #
276- # secretlint installation
277- #
278- # syft installation
279- && curl -sSfL https://raw.githubusercontent.com/anchore/syft/refs/tags/v${REPOSITORY_SYFT_VERSION}/install.sh | sh -s -- -b /usr/local/bin \
280- #
281- # trivy installation
282- && wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin "v${REPOSITORY_TRIVY_VERSION}" \
283- && (trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress) \
284- #
285- # trivy-sbom installation
286- && wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin "v${REPOSITORY_TRIVY_SBOM_VERSION}" \
287- && (trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress)
288-
289- #
290- # trufflehog installation
291- # Managed with COPY --link --from=trufflehog /usr/bin/trufflehog /usr/bin/
292- #
293- # prettier installation
294- #
295- # yamllint installation
296- #
297- # v8r installation
159+ # black installation
298160#
299161# OTHER__END
300162
@@ -331,7 +193,7 @@ ENV BUILD_DATE=$BUILD_DATE \
331193 BUILD_VERSION=$BUILD_VERSION
332194
333195# FLAVOR__START
334- ENV MEGALINTER_FLAVOR=ci_light
196+ ENV MEGALINTER_FLAVOR=none
335197# FLAVOR__END
336198
337199# ########################################
@@ -353,7 +215,33 @@ LABEL com.github.actions.name="MegaLinter" \
353215 org.opencontainers.image.description="Lint your code base with GitHub Actions"
354216
355217# EXTRA_DOCKERFILE_LINES__START
218+ ENV ENABLE_LINTERS=PYTHON_BLACK \
219+ FLAVOR_SUGGESTIONS=false \
220+ SINGLE_LINTER=PYTHON_BLACK \
221+ PRINT_ALPACA=false \
222+ LOG_FILE=none \
223+ SARIF_REPORTER=true \
224+ TEXT_REPORTER=false \
225+ UPDATED_SOURCES_REPORTER=false \
226+ GITHUB_STATUS_REPORTER=false \
227+ GITHUB_COMMENT_REPORTER=false \
228+ EMAIL_REPORTER=false \
229+ API_REPORTER=false \
230+ FILEIO_REPORTER=false \
231+ CONFIG_REPORTER=false \
232+ SARIF_TO_HUMAN=false
233+ RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh
234+ EXPOSE 22
356235COPY entrypoint.sh /entrypoint.sh
357- RUN chmod +x entrypoint.sh
236+ COPY sh /usr/bin/megalinter-sh
237+ COPY sh/megalinter_exec /usr/bin/megalinter_exec
238+ COPY sh/motd /etc/motd
239+ RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \
240+ chmod +x entrypoint.sh && \
241+ chmod +x /usr/bin/megalinter_exec && \
242+ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \
243+ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc
244+ RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \
245+ echo $STANDALONE_LINTER_VERSION
358246ENTRYPOINT ["/bin/bash" , "/entrypoint.sh" ]
359247# EXTRA_DOCKERFILE_LINES__END
0 commit comments