Skip to content

feat: add Docker image, tests, docs and CLI snapshot#1

Merged
amartingarcia merged 5 commits intomainfrom
feat/build-image
Apr 12, 2026
Merged

feat: add Docker image, tests, docs and CLI snapshot#1
amartingarcia merged 5 commits intomainfrom
feat/build-image

Conversation

@amartingarcia
Copy link
Copy Markdown
Member

@amartingarcia amartingarcia commented Apr 12, 2026

No description provided.

@github-actions
Copy link
Copy Markdown

github-actions bot commented Apr 12, 2026
edited
Loading

🔍 CLI Behavioral Changes: 1.5.1 → 1.5.1

Help text changes

Help text changed for: benchmark list help, benchmark run help, benchmark show help, control list help, control run help, control show help, dashboard list help, dashboard show help, detection list help, detection run help, detection show help, mod install help, mod list help, mod update help, query list help, query run help, query show help, variable show help. Review --help output for wording/description updates.

amartingarcia and others added 2 commits April 12, 2026 23:21
@amartingarcia
feat: add Docker image, tests, docs and CLI snapshot for v1.5.1
b0e748f 
- Dockerfile: debian bookworm-slim, UID 9193, apt hardening (SHELL pipefail, upgrade, jq)
- structure-tests.yaml: 13 tests covering binary, env vars, filesystem layout
- cli-snapshot.json: full v1.5.1 snapshot (9 subcommands + env vars)
- trivy.yaml: skip pre-compiled binary from CVE scanning
- docs/: getting-started, configuration, kubernetes, examples, troubleshooting
- tests/: 32 unit tests for compare_snapshots.py (99% coverage)
- README.md: accurate flag tables, env vars, image details

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
@amartingarcia
fix: put hadolint ignore directive immediately before RUN
c0ca743 
hadolint inline ignores only apply to the next Dockerfile instruction.
Having another comment between the directive and RUN caused it to be
skipped, triggering DL3008/DL3005 in CI despite the inline annotation.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
@github-advanced-security
Copy link
Copy Markdown

github-advanced-security bot commented Apr 12, 2026

You are seeing this message because GitHub Code Scanning has recently been set up for this repository, or this pull request contains the workflow file for the Code Scanning tool.

What Enabling Code Scanning Means:

  • The 'Security' tab will display more code scanning analysis results (e.g., for the default branch).
  • Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results.
  • You will be able to see the analysis results for the pull request's branch on this overview once the scans have completed and the checks have passed.

For more information about GitHub Code Scanning, check out the documentation.

amartingarcia and others added 2 commits April 12, 2026 23:31
@amartingarcia
chore: version-based release tagging and Dependabot
48a0425 
- Replace semantic-release with Dockerfile-version-based tagging (mirrors steampipe)
- Fix updatecli: add scms block and actions.pr so it can open PRs automatically
- Add Dependabot for GitHub Actions (weekly) and pip tests/ (weekly)
- Remove package.json: no longer needed without semantic-release

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
@amartingarcia
chore: remove package.json (semantic-release no longer used)
b6955a5 
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
@amartingarcia amartingarcia merged commit 558d917 into main Apr 12, 2026
6 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@amartingarcia @github-advanced-security