diff --git a/.markdownlint.json b/.markdownlint.json index 89cc9d97fc8..810281e8eb1 100644 --- a/.markdownlint.json +++ b/.markdownlint.json @@ -13,7 +13,7 @@ "no-space-in-code": true, "no-space-in-links": true, "no-empty-links": true, - "ol-prefix": false, + "ol-prefix": { "style": "one_or_ordered" }, "no-reversed-links": true, "reference-links-images": { "shortcut_syntax": false diff --git a/content/guides/github-sonarqube-sandbox/troubleshoot.md b/content/guides/github-sonarqube-sandbox/troubleshoot.md index 4e07789c211..3e4e58494c5 100644 --- a/content/guides/github-sonarqube-sandbox/troubleshoot.md +++ b/content/guides/github-sonarqube-sandbox/troubleshoot.md @@ -18,83 +18,69 @@ Issue: Claude reports `I don't have any MCP tools available`. Solution: -1. Verify you're using the authorization header: - -```plaintext ---header "Authorization: Bearer ${mcpToken}" -``` - -2. Check you're waiting for MCP initialization: - -{{< tabs group="language" >}} -{{< tab name="TypeScript" >}} - -```typescript -await new Promise((resolve) => setTimeout(resolve, 1000)); -``` - -{{< /tab >}} -{{< tab name="Python" >}} - -```python -await asyncio.sleep(1) -``` - -{{< /tab >}} -{{< /tabs >}} - -3. Ensure credentials are in both `envs` and `mcp` configuration: - -{{< tabs group="language" >}} -{{< tab name="TypeScript" >}} - -```typescript -const sbx = await Sandbox.betaCreate({ - envs: { - ANTHROPIC_API_KEY: process.env.ANTHROPIC_API_KEY!, - GITHUB_TOKEN: process.env.GITHUB_TOKEN!, - SONARQUBE_TOKEN: process.env.SONARQUBE_TOKEN!, - }, - mcp: { - githubOfficial: { - githubPersonalAccessToken: process.env.GITHUB_TOKEN!, - }, - sonarqube: { - org: process.env.SONARQUBE_ORG!, - token: process.env.SONARQUBE_TOKEN!, - url: "https://sonarcloud.io", - }, - }, -}); -``` - -{{< /tab >}} -{{< tab name="Python" >}} - -```python -sbx = await AsyncSandbox.beta_create( - envs={ - "ANTHROPIC_API_KEY": os.getenv("ANTHROPIC_API_KEY"), - "GITHUB_TOKEN": os.getenv("GITHUB_TOKEN"), - "SONARQUBE_TOKEN": os.getenv("SONARQUBE_TOKEN"), - }, - mcp={ - "githubOfficial": { - "githubPersonalAccessToken": os.getenv("GITHUB_TOKEN"), +1. Verify you're using the authorization header: + + ```plaintext + --header "Authorization: Bearer ${mcpToken}" + ``` + +2. Check you're waiting for MCP initialization. + + ```typescript + // typescript + await new Promise((resolve) => setTimeout(resolve, 1000)); + ``` + + ```python + # python + await asyncio.sleep(1) + ``` + +3. Ensure credentials are in both `envs` and `mcp` configuration: + + ```typescript + // typescript + const sbx = await Sandbox.betaCreate({ + envs: { + ANTHROPIC_API_KEY: process.env.ANTHROPIC_API_KEY!, + GITHUB_TOKEN: process.env.GITHUB_TOKEN!, + SONARQUBE_TOKEN: process.env.SONARQUBE_TOKEN!, + }, + mcp: { + githubOfficial: { + githubPersonalAccessToken: process.env.GITHUB_TOKEN!, }, - "sonarqube": { - "org": os.getenv("SONARQUBE_ORG"), - "token": os.getenv("SONARQUBE_TOKEN"), - "url": "https://sonarcloud.io", + sonarqube: { + org: process.env.SONARQUBE_ORG!, + token: process.env.SONARQUBE_TOKEN!, + url: "https://sonarcloud.io", }, - }, -) -``` - -{{< /tab >}} -{{< /tabs >}} + }, + }); + ``` + + ```python + # python + sbx = await AsyncSandbox.beta_create( + envs={ + "ANTHROPIC_API_KEY": os.getenv("ANTHROPIC_API_KEY"), + "GITHUB_TOKEN": os.getenv("GITHUB_TOKEN"), + "SONARQUBE_TOKEN": os.getenv("SONARQUBE_TOKEN"), + }, + mcp={ + "githubOfficial": { + "githubPersonalAccessToken": os.getenv("GITHUB_TOKEN"), + }, + "sonarqube": { + "org": os.getenv("SONARQUBE_ORG"), + "token": os.getenv("SONARQUBE_TOKEN"), + "url": "https://sonarcloud.io", + }, + }, + ) + ``` -4. Verify your API tokens are valid and have proper scopes. +4. Verify your API tokens are valid and have proper scopes. ## GitHub tools work but SonarQube doesn't @@ -165,24 +151,24 @@ Solution: 2. Test with a public repository first. 3. Ensure the repository owner and name are correct in your `.env`: -{{< tabs group="language" >}} -{{< tab name="TypeScript" >}} + {{< tabs group="language" >}} + {{< tab name="TypeScript" >}} -```plaintext -GITHUB_OWNER=your_github_username -GITHUB_REPO=your_repository_name -``` + ```plaintext + GITHUB_OWNER=your_github_username + GITHUB_REPO=your_repository_name + ``` -{{< /tab >}} -{{< tab name="Python" >}} + {{< /tab >}} + {{< tab name="Python" >}} -```plaintext -GITHUB_OWNER=your_github_username -GITHUB_REPO=your_repository_name -``` + ```plaintext + GITHUB_OWNER=your_github_username + GITHUB_REPO=your_repository_name + ``` -{{< /tab >}} -{{< /tabs >}} + {{< /tab >}} + {{< /tabs >}} ## Workflow times out or runs too long @@ -192,34 +178,34 @@ Solutions: 1. Use `timeoutMs: 0` (TypeScript) or `timeout_ms=0` (Python) for complex workflows to allow unlimited time: -{{< tabs group="language" >}} -{{< tab name="TypeScript" >}} - -```typescript -await sbx.commands.run( - `echo '${prompt}' | claude -p --dangerously-skip-permissions`, - { - timeoutMs: 0, // No timeout - onStdout: console.log, - onStderr: console.log, - }, -); -``` - -{{< /tab >}} -{{< tab name="Python" >}} - -```python -await sbx.commands.run( - f"echo '{prompt}' | claude -p --dangerously-skip-permissions", - timeout_ms=0, # No timeout - on_stdout=print, - on_stderr=print, -) -``` - -{{< /tab >}} -{{< /tabs >}} + {{< tabs group="language" >}} + {{< tab name="TypeScript" >}} + + ```typescript + await sbx.commands.run( + `echo '${prompt}' | claude -p --dangerously-skip-permissions`, + { + timeoutMs: 0, // No timeout + onStdout: console.log, + onStderr: console.log, + }, + ); + ``` + + {{< /tab >}} + {{< tab name="Python" >}} + + ```python + await sbx.commands.run( + f"echo '{prompt}' | claude -p --dangerously-skip-permissions", + timeout_ms=0, # No timeout + on_stdout=print, + on_stderr=print, + ) + ``` + + {{< /tab >}} + {{< /tabs >}} 2. Break complex workflows into smaller, focused tasks. 3. Monitor your Anthropic API credit usage. @@ -293,48 +279,48 @@ Solution: 1. Ensure `dotenv` is loaded at the top of your file: -```typescript -import "dotenv/config"; -``` + ```typescript + import "dotenv/config"; + ``` 2. Verify the `.env` file is in the same directory as your script. 3. Check variable names match exactly (case-sensitive): -```typescript -// .env file -GITHUB_TOKEN = ghp_xxxxx; + ```typescript + // .env file + GITHUB_TOKEN = ghp_xxxxx; -// In code -process.env.GITHUB_TOKEN; // Correct -process.env.github_token; // Wrong - case doesn't match -``` + // In code + process.env.GITHUB_TOKEN; // Correct + process.env.github_token; // Wrong - case doesn't match + ``` -{{< /tab >}} -{{< tab name="Python" >}} + {{< /tab >}} + {{< tab name="Python" >}} -1. Ensure `dotenv` is loaded at the top of your file: + 1. Ensure `dotenv` is loaded at the top of your file: -```python -from dotenv import load_dotenv -load_dotenv() -``` + ```python + from dotenv import load_dotenv + load_dotenv() + ``` -2. Verify the `.env` file is in the same directory as your script. + 2. Verify the `.env` file is in the same directory as your script. -3. Check variable names match exactly (case-sensitive): + 3. Check variable names match exactly (case-sensitive): -```python -# .env file -GITHUB_TOKEN=ghp_xxxxx + ```python + # .env file + GITHUB_TOKEN=ghp_xxxxx -# In code -os.getenv("GITHUB_TOKEN") # ✓ Correct -os.getenv("github_token") # ✗ Wrong - case doesn't match -``` + # In code + os.getenv("GITHUB_TOKEN") # Correct + os.getenv("github_token") # Wrong - case doesn't match + ``` -{{< /tab >}} -{{< /tabs >}} + {{< /tab >}} + {{< /tabs >}} ## SonarQube returns empty results diff --git a/content/guides/github-sonarqube-sandbox/workflow.md b/content/guides/github-sonarqube-sandbox/workflow.md index ccb12dbbd44..1e390e52e22 100644 --- a/content/guides/github-sonarqube-sandbox/workflow.md +++ b/content/guides/github-sonarqube-sandbox/workflow.md @@ -56,111 +56,112 @@ Before you begin, make sure you have: 1. Create a new directory for your workflow and initialize Node.js: -```bash -mkdir github-sonarqube-workflow -cd github-sonarqube-workflow -npm init -y -``` + ```bash + mkdir github-sonarqube-workflow + cd github-sonarqube-workflow + npm init -y + ``` 2. Open `package.json` and configure it for ES modules: -```json -{ - "name": "github-sonarqube-workflow", - "version": "1.0.0", - "description": "Automated code quality workflow using E2B, GitHub, and SonarQube", - "type": "module", - "main": "quality-workflow.ts", - "scripts": { - "start": "tsx quality-workflow.ts" - }, - "keywords": ["e2b", "github", "sonarqube", "mcp", "code-quality"], - "author": "", - "license": "MIT" -} -``` + ```json + { + "name": "github-sonarqube-workflow", + "version": "1.0.0", + "description": "Automated code quality workflow using E2B, GitHub, and SonarQube", + "type": "module", + "main": "quality-workflow.ts", + "scripts": { + "start": "tsx quality-workflow.ts" + }, + "keywords": ["e2b", "github", "sonarqube", "mcp", "code-quality"], + "author": "", + "license": "MIT" + } + ``` 3. Install required dependencies: -```bash -npm install e2b dotenv -npm install -D typescript tsx @types/node -``` + ```bash + npm install e2b dotenv + npm install -D typescript tsx @types/node + ``` 4. Create a `.env` file in your project root: -```bash -touch .env -``` + ```bash + touch .env + ``` 5. Add your API keys and configuration, replacing the placeholders with your actual credentials: -```plaintext -E2B_API_KEY=your_e2b_api_key_here -ANTHROPIC_API_KEY=your_anthropic_api_key_here -GITHUB_TOKEN=ghp_your_personal_access_token_here -GITHUB_OWNER=your_github_username -GITHUB_REPO=your_repository_name -SONARQUBE_ORG=your_sonarcloud_org_key -SONARQUBE_TOKEN=your_sonarqube_user_token -SONARQUBE_URL=https://sonarcloud.io -``` + ```plaintext + E2B_API_KEY=your_e2b_api_key_here + ANTHROPIC_API_KEY=your_anthropic_api_key_here + GITHUB_TOKEN=ghp_your_personal_access_token_here + GITHUB_OWNER=your_github_username + GITHUB_REPO=your_repository_name + SONARQUBE_ORG=your_sonarcloud_org_key + SONARQUBE_TOKEN=your_sonarqube_user_token + SONARQUBE_URL=https://sonarcloud.io + ``` 6. Protect your credentials by adding `.env` to `.gitignore`: -```bash -echo ".env" >> .gitignore -echo "node_modules/" >> .gitignore -``` + ```bash + echo ".env" >> .gitignore + echo "node_modules/" >> .gitignore + ``` {{< /tab >}} {{< tab name="Python" >}} 1. Create a new directory for your workflow: -```bash -mkdir github-sonarqube-workflow -cd github-sonarqube-workflow -``` + ```bash + mkdir github-sonarqube-workflow + cd github-sonarqube-workflow + ``` 2. Create a virtual environment and activate it: -```bash -python3 -m venv venv -source venv/bin/activate # On Windows: venv\Scripts\activate -``` + ```bash + python3 -m venv venv + source venv/bin/activate # On Windows: venv\Scripts\activate + ``` 3. Install required dependencies: -```bash -pip install e2b python-dotenv -``` + + ```bash + pip install e2b python-dotenv + ``` 4. Create a `.env` file in your project root: -```bash -touch .env -``` + ```bash + touch .env + ``` 5. Add your API keys and configuration, replacing the placeholders with your actual credentials: -```plaintext -E2B_API_KEY=your_e2b_api_key_here -ANTHROPIC_API_KEY=your_anthropic_api_key_here -GITHUB_TOKEN=ghp_your_personal_access_token_here -GITHUB_OWNER=your_github_username -GITHUB_REPO=your_repository_name -SONARQUBE_ORG=your_sonarcloud_org_key -SONARQUBE_TOKEN=your_sonarqube_user_token -SONARQUBE_URL=https://sonarcloud.io -``` + ```plaintext + E2B_API_KEY=your_e2b_api_key_here + ANTHROPIC_API_KEY=your_anthropic_api_key_here + GITHUB_TOKEN=ghp_your_personal_access_token_here + GITHUB_OWNER=your_github_username + GITHUB_REPO=your_repository_name + SONARQUBE_ORG=your_sonarcloud_org_key + SONARQUBE_TOKEN=your_sonarqube_user_token + SONARQUBE_URL=https://sonarcloud.io + ``` 6. Protect your credentials by adding `.env` to `.gitignore`: -```bash -echo ".env" >> .gitignore -echo "venv/" >> .gitignore -echo "__pycache__/" >> .gitignore -``` + ```bash + echo ".env" >> .gitignore + echo "venv/" >> .gitignore + echo "__pycache__/" >> .gitignore + ``` {{< /tab >}} {{< /tabs >}} diff --git a/content/manuals/dhi/how-to/customize.md b/content/manuals/dhi/how-to/customize.md index 2f326c0b526..300df873431 100644 --- a/content/manuals/dhi/how-to/customize.md +++ b/content/manuals/dhi/how-to/customize.md @@ -21,19 +21,19 @@ repository can create a customized image. To customize a Docker Hardened Image, follow these steps: 1. Sign in to [Docker Hub](https://hub.docker.com). -2. Select **My Hub**. -3. In the namespace drop-down, select your organization that has a mirrored DHI +1. Select **My Hub**. +1. In the namespace drop-down, select your organization that has a mirrored DHI repository. -4. Select **Hardened Images** > **Management**. -5. For the mirrored DHI repository you want to customize, select the menu icon in the far right column. -6. Select **Customize**. +1. Select **Hardened Images** > **Management**. +1. For the mirrored DHI repository you want to customize, select the menu icon in the far right column. +1. Select **Customize**. At this point, the on-screen instructions will guide you through the customization process. You can continue with the following steps for more details. -7. Select the image version you want to customize. -8. Optional. Add packages. +1. Select the image version you want to customize. +1. Optional. Add packages. 1. In the **Packages** drop-down, select the packages you want to add to the image. @@ -43,7 +43,7 @@ To customize a Docker Hardened Image, follow these steps: variant of the Python DHI, the list will include all Alpine system packages. - 2. In the **OCI artifacts** drop-down, first, select the repository that + 1. In the **OCI artifacts** drop-down, first, select the repository that contains the OCI artifact image. Then, select the tag you want to use from that repository. Finally, specify the specific paths you want to include from the OCI artifact image. @@ -71,39 +71,39 @@ To customize a Docker Hardened Image, follow these steps: > image build still succeeds, but you may have issues when running the > image. - 3. In the **Scripts** section, you can add, edit, or remove scripts. + 1. In the **Scripts** section, you can add, edit, or remove scripts. - Scripts let you add files to the container image that you can access at runtime. They are not executed during - the build process. This is useful for services that require pre-start initialization, such as setup scripts or + Scripts let you add files to the container image that you can access at runtime. They are not executed during + the build process. This is useful for services that require pre-start initialization, such as setup scripts or file writes to directories like `/var/lock` or `/out`. You must specify the following: - - The path where the script will be placed - - The script content - - The UID and GID ownership of the script - - The octal file permissions of the script - -10. Select **Next: Configure** and then configure the following options. - - 1. Specify a suffix that is appended to the customized image's tag. For - example, if you specify `custom` when customizing the `dhi-python:3.13` - image, the customized image will be tagged as `dhi-python:3.13_custom`. - 2. Select the platforms you want to build the image for. - 3. Add [`ENTRYPOINT`](/reference/dockerfile/#entrypoint) and - [`CMD`](/reference/dockerfile/#cmd) arguments to the image. These - arguments are appended to the base image's entrypoint and command. - 4. Specify the users to add to the image. - 5. Specify the user groups to add to the image. - 6. Select which [user](/reference/dockerfile/#user) to run the images as. - 7. Specify the [environment variables](/reference/dockerfile/#env) and their - values that the image will contain. - 8. Add [annotations](/build/metadata/annotations/) to the image. - 9. Add [labels](/reference/dockerfile/#label) to the image. -11. Select **Create Customization**. - - A summary of the customization appears. It may take some time for the image - to build. Once built, it will appear in the **Tags** tab of the repository, - and your team members can pull it like any other image. + + - The path where the script will be placed + - The script content + - The UID and GID ownership of the script + - The octal file permissions of the script + +1. Select **Next: Configure** and then configure the following options. +1. Specify a suffix that is appended to the customized image's tag. For + example, if you specify `custom` when customizing the `dhi-python:3.13` + image, the customized image will be tagged as `dhi-python:3.13_custom`. +1. Select the platforms you want to build the image for. +1. Add [`ENTRYPOINT`](/reference/dockerfile/#entrypoint) and + [`CMD`](/reference/dockerfile/#cmd) arguments to the image. These + arguments are appended to the base image's entrypoint and command. +1. Specify the users to add to the image. +1. Specify the user groups to add to the image. +1. Select which [user](/reference/dockerfile/#user) to run the images as. +1. Specify the [environment variables](/reference/dockerfile/#env) and their + values that the image will contain. +1. Add [annotations](/build/metadata/annotations/) to the image. +1. Add [labels](/reference/dockerfile/#label) to the image. +1. Select **Create Customization**. + + A summary of the customization appears. It may take some time for the image + to build. Once built, it will appear in the **Tags** tab of the repository, + and your team members can pull it like any other image. ## Edit or delete a Docker Hardened Image customization