oxsecurity · nvuillam · Jul 11, 2023 · Jun 10, 2023 · Jun 10, 2023 · Jun 10, 2023
@@ -0,0 +1,100 @@
+###################
+#     builder     #
+###################
+# First stage: Install build-time dependencies
+FROM ubuntu:jammy as builder
+
+# hadolint ignore=DL3002
+USER root
+
+SHELL ["/bin/bash", "-o", "pipefail", "-c"]
+
+# Copy Python version config file
+COPY .python-version /tmp/
+
+# Update system and install packages
+# hadolint ignore=DL3008,DL3009,DL3013
+RUN PYTHON_VERSION=$(cut -d '.' -f 1,2 /tmp/.python-version) \
+    && apt-get update \
+    && apt-get upgrade -y \
+    && apt-get install -y --no-install-recommends \
+    bash-completion \
+    ca-certificates \
+    curl \
+    git \
+    git-lfs \
+    gnupg \
+    htop \
+    iproute2 \
+    lsb-release \
+    make \
+    nano \
+    python3-pip \
+    "python${PYTHON_VERSION}" \
+    "python${PYTHON_VERSION}-venv" \
+    sudo \
+    tree \
+    vim \
+    wget \
+    && python3 -m pip install --no-cache-dir --upgrade pip \
+    && python3 -m pip install --no-cache-dir virtualenv
+
+############################
+#     docker-installer     #
+############################
+FROM builder as docker-installer
+
+SHELL ["/bin/bash", "-o", "pipefail", "-c"]
+
+# hadolint ignore=DL3008,DL3009
+RUN curl -fsSL https://download.docker.com/linux/ubuntu/gpg | gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg \
+    && echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu \
+    $(lsb_release -cs) stable" | tee /etc/apt/sources.list.d/docker.list > /dev/null \
+    && apt-get update \
+    && apt-get install -y --no-install-recommends docker-ce docker-ce-cli containerd.io
+
+###########################
+#      npm-installer      #
+###########################
+FROM docker-installer as npm-installer
+
+SHELL ["/bin/bash", "-o", "pipefail", "-c"]
+
+# Set a variable for packages version
+ARG NPM_VERSION=9.7.1
+ARG UNGIT_VERSION=1.5.23
+ARG MEGA_LINTER_RUNNER_VERSION=7.0.0
+ARG MARKDOWN_TABLE_FORMATTER_VERSION=1.4.0
+
+# hadolint ignore=DL3008
+RUN curl -fsSL https://deb.nodesource.com/setup_20.x | bash - \
+    && apt-get install  -y --no-install-recommends nodejs \
+    && npm install -g "npm@${NPM_VERSION}" \
+    && npm install -g \
+    "ungit@${UNGIT_VERSION}" \
+    "mega-linter-runner@${MEGA_LINTER_RUNNER_VERSION}" \
+    "markdown-table-formatter@${MARKDOWN_TABLE_FORMATTER_VERSION}"
+
+###########################
+#         cleanup         #
+###########################
+FROM npm-installer as cleanup
+
+RUN apt-get clean && rm -rf /var/lib/apt/lists/* tmp/* 
+
+###########################
+#       gitpod-user       #
+###########################
+FROM cleanup as gitpod-user
+
+# UID must be 33333.
+RUN useradd -l -u 33333 -G sudo -md /home/gitpod -s /bin/bash -p gitpod gitpod
+
+#########################
+#         final         #
+#########################
+FROM ubuntu:jammy
+
+COPY --from=gitpod-user / /
+
+USER gitpod
@@ -0,0 +1,34 @@
+# Makefile global config
+.DEFAULT_GOAL:=help
+.EXPORT_ALL_VARIABLES:
+.ONESHELL:
+.SILENT:
+MAKEFLAGS += "-j$(NUM_CORES) -l$(NUM_CORES)"
+MAKEFLAGS += --silent
+SHELL:=/bin/bash
+.SHELLFLAGS = -eu -o pipefail -c
+
+# Makefile colors config
+bold=$(shell tput bold)
+normal=$(shell tput sgr0)
+errorTitle=$(shell tput setab 1 && tput bold && echo '\n')
+recommendation=$(shell tput setab 4)
+underline=$(shell tput smul)
+reset=$(shell tput -Txterm sgr0)
+black=$(shell tput setaf 0)
+red=$(shell tput setaf 1)
+green=$(shell tput setaf 2)
+yellow=$(shell tput setaf 3)
+blue=$(shell tput setaf 4)
+magenta=$(shell tput setaf 5)
+cyan=$(shell tput setaf 6)
+white=$(shell tput setaf 7)
+
+define HEADER
+How to use me:
+ make help
+ make bootstrap-dev
+ make ${cyan}<target>${reset}
+
+endef
+export HEADER
@@ -0,0 +1,13 @@
+## —— Gitpod —————————————————————————————————————————————————————————————————————————————————————
+.PHONY: gitpod-build
+gitpod-build: ## Run docker build image in local
+	docker build --tag megalinter_gitpod:local --file .config/gitpod/Dockerfile .
+
+.PHONY: gitpod-lint
+gitpod-lint: ## Run hadolint command to lint Dokerfile
+	docker run --rm -i hadolint/hadolint < .config/gitpod/Dockerfile
+
+.PHONY: gitpod-tests
+gitpod-tests: ## Run tests for gitpod
+	$(MAKE) gitpod-lint
+	$(MAKE) gitpod-build
@@ -0,0 +1,5 @@
+## —— Help ———————————————————————————————————————————————————————————————————————————————————————
+.PHONY: help
+help: ## Help command
+	echo -e "$$HEADER"
+	grep -E '(^[a-zA-Z0-9_-]+:.*?## .*$$)|(^## )' $(MAKEFILE_LIST) | sed 's/^[^:]*://g' | awk 'BEGIN {FS = ":.*?## | #"} ; {printf "${cyan}%-30s${reset} ${white}%s${reset} ${green}%s${reset}\n", $$1, $$2, $$3}' | sed -e 's/\[36m##/\n[32m##/'
@@ -0,0 +1,20 @@
+## —— Megalinter —————————————————————————————————————————————————————————————————————————————————————
+.PHONY: megalinter-build
+megalinter-build: ## Run script build.sh
+	source .venv/bin/activate
+	bash build.sh
+
+.PHONY: megalinter-run
+megalinter-run: ## Run megalinter locally
+	npx mega-linter-runner --flavor python --release beta
+
+.PHONY: megalinter-tests
+megalinter-tests: ## Run all megalinter tests
+	$(MAKE) megalinter-run
+	$(MAKE) megalinter-build
+
+.PHONY: megalinter-clean
+megalinter-clean: ## Clean megalinter locally
+	sudo rm -rf megalinter-reports
+	sudo rm -rf site
+	sudo rm -f *megalinter_file_names_cspell.txt
@@ -0,0 +1,8 @@
+## —— Node.js —————————————————————————————————————————————————————————————————————————————————————
+.PHONY: nodejs-clean
+nodejs-clean: ## Clean nodejs files
+	sudo rm -rf node_modules
+
+.PHONY: nodejs-bootstrap
+nodejs-bootstrap: ## Bootstrap nodejs
+	npm install
@@ -0,0 +1,75 @@
+# Python default launcher
+python_launcher ?= python3.11
+python_requirements_file ?= .config/python/dev/requirements.txt
+python_requirements_dev_file ?= .config/python/dev/requirements.txt
+
+## —— Python —————————————————————————————————————————————————————————————————————————————————————
+.PHONY: python-bootstrap
+python-bootstrap: ## Bootstrap python
+	$(MAKE) python-venv-init
+	$(MAKE) python-venv-upgrade
+	$(MAKE) python-venv-requirements
+
+.PHONY: python-bootstrap-dev
+python-bootstrap-dev: ## Bootstrap python for dev env
+	$(MAKE) python-venv-requirements-dev
+	$(MAKE) python-venv-linters-install
+
+# ===============================================================================================
+# .venv
+# ===============================================================================================
+.PHONY: python-venv-init
+python-venv-init: ## Create venv ".venv/" if not exist
+	if [ ! -d .venv ] ; then
+		$(python_launcher) -m venv .venv
+	fi
+
+.PHONY: python-venv-upgrade
+python-venv-upgrade: ## Upgrade venv with pip, setuptools and wheel
+	source .venv/bin/activate
+	pip install --upgrade pip setuptools wheel
+
+.PHONY: python-venv-requirements
+python-venv-requirements: ## Install or upgrade from $(python_requirements_file)
+	source .venv/bin/activate
+	pip install --upgrade --requirement $(python_requirements_file)
+
+.PHONY: python-venv-requirements-dev
+python-venv-requirements-dev: ## Install or upgrade from $(python_requirements_dev_file)
+	source .venv/bin/activate
+	pip install --upgrade --requirement $(python_requirements_dev_file)
+
+.PHONY: python-venv-linters-install
+python-venv-linters-install: ## Install or upgrade linters
+	source .venv/bin/activate
+	pip install --upgrade flake8
+
+.PHONY: python-venv-purge
+python-venv-purge: ## Remove venv ".venv/" folder
+	rm -rf .venv
+
+# ===============================================================================================
+# Utils
+# ===============================================================================================
+.PHONY: python-purge-cache
+python-purge-cache: ## Purge cache to avoid used cached files
+	if [ -d .venv ] ; then
+		source .venv/bin/activate
+		pip cache purge
+	fi
+
+.PHONY: python-version
+python-version: ## Displays the python version used for the .venv
+	source .venv/bin/activate
+	$(python_launcher) --version
+
+.PHONY: python-flake8
+python-flake8: ## Run flake8 linter for python
+	source .venv/bin/activate
+	flake8 --config .config/.flake8
+
+.PHONY: python-pytest
+python-pytest: ## Run pytest to test python scripts
+	source .venv/bin/activate
+	cd scripts/
+	$(python_launcher) -m pytest
@@ -21,7 +21,7 @@ webpreview
 yq
 importlib-metadata>=3.10
 mkdocs-material
-pymdown-extensions==9.11
+pymdown-extensions==10.0
 mkdocs-glightbox==0.3.2
 mdx_truly_sane_lists
 beautifulsoup4

@@ -445,6 +445,8 @@
         "Trivy",
         "Twilio",
         "Uncomparables",
+        "ungit",
+        "UNGIT",
         "VARNAME",
         "VBDOTNET",
         "Vuillamy",
@@ -463,6 +465,7 @@
         "addgroup",
         "additional",
         "addlinespace",
+        "addsuffix",
         "adrienverge",
         "agentkeepalive",
         "agentlib",
@@ -621,6 +624,7 @@
         "dartanalyzer",
         "dateformat",
         "davidjeddy",
+        "dearmor",
         "debugent",
         "debuglog",
         "decamelize",

@@ -9,7 +9,7 @@ ARG NODE_VERSION="16"
 RUN if [ "${NODE_VERSION}" != "none" ]; then su vscode -c "umask 0002 && . /usr/local/share/nvm/nvm.sh && nvm install ${NODE_VERSION} 2>&1"; fi
 
 # [Optional] If your pip requirements rarely change, uncomment this section to add them to the image.
-COPY requirements.dev.txt /tmp/pip-tmp/
+COPY .config/python/dev/requirements.txt /tmp/pip-tmp/
 RUN pip3 --disable-pip-version-check --no-cache-dir install -r /tmp/pip-tmp/requirements.dev.txt \
    && rm -rf /tmp/pip-tmp && pip3 install --no-cache-dir mkdocs-material pymdown-extensions==9.11 mkdocs-glightbox==0.3.2 pymdown-extensions==9.11
 

@@ -13,4 +13,5 @@ pids
 *.pid
 *.seed
 *.pid.lock
-*.log
+*.log
+.venv