tyler.durden
/
compose
mirror of https://github.com/docker/compose.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

scan message in compose build and compose up 

Signed-off-by: Guillaume Tardif <guillaume.tardif@gmail.com>
This commit is contained in:
Guillaume Tardif 2021-02-24 17:21:10 +01:00
parent 156efb8463
commit 30631eea03
2 changed files with 33 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
local/compose/build.go
View File

@ -34,18 +34,37 @@ import (
func (s *composeService) Build(ctx context.Context, project *types.Project) error { func (s *composeService) Build(ctx context.Context, project *types.Project) error {
opts := map[string]build.Options{} opts := map[string]build.Options{}
imagesToBuild := []string{}
for _, service := range project.Services { for _, service := range project.Services {
if service.Build != nil { if service.Build != nil {
imageName := getImageName(service, project.Name) imageName := getImageName(service, project.Name)
imagesToBuild = append(imagesToBuild, imageName)
opts[imageName] = s.toBuildOptions(service, project.WorkingDir, imageName) opts[imageName] = s.toBuildOptions(service, project.WorkingDir, imageName)
} }
} }
return s.build(ctx, project, opts) err := s.build(ctx, project, opts)
if err == nil {
displayScanMessage(imagesToBuild)
}
return err
}
func displayScanMessage(builtImages []string) {
if len(builtImages) > 0 {
commands := []string{}
for _, image := range builtImages {
commands = append(commands, fmt.Sprintf("docker scan %s", image))
}
allCommands := strings.Join(commands, ", ")
fmt.Printf("Try scanning the image you have just built to identify vulnerabilities with Dockers new security tool: %s\n", allCommands)
}
} }
func (s *composeService) ensureImagesExists(ctx context.Context, project *types.Project) error { func (s *composeService) ensureImagesExists(ctx context.Context, project *types.Project) error {
opts := map[string]build.Options{} opts := map[string]build.Options{}
imagesToBuild := []string{}
for _, service := range project.Services { for _, service := range project.Services {
if service.Image == "" && service.Build == nil { if service.Image == "" && service.Build == nil {
return fmt.Errorf("invalid service %q. Must specify either image or build", service.Name) return fmt.Errorf("invalid service %q. Must specify either image or build", service.Name)
@ -66,6 +85,7 @@ func (s *composeService) ensureImagesExists(ctx context.Context, project *types.
if localImagePresent && service.PullPolicy != types.PullPolicyBuild { if localImagePresent && service.PullPolicy != types.PullPolicyBuild {
continue continue
} }
imagesToBuild = append(imagesToBuild, imageName)
opts[imageName] = s.toBuildOptions(service, project.WorkingDir, imageName) opts[imageName] = s.toBuildOptions(service, project.WorkingDir, imageName)
continue continue
} }
@ -84,7 +104,11 @@ func (s *composeService) ensureImagesExists(ctx context.Context, project *types.
} }
return s.build(ctx, project, opts) err := s.build(ctx, project, opts)
if err == nil {
displayScanMessage(imagesToBuild)
}
return err
} }
func (s *composeService) localImagePresent(ctx context.Context, imageName string) (bool, error) { func (s *composeService) localImagePresent(ctx context.Context, imageName string) (bool, error) {
@ -127,14 +151,6 @@ func (s *composeService) build(ctx context.Context, project *types.Project, opts
if err == nil { if err == nil {
err = errW err = errW
} }
if err == nil {
commands := make([]string, 0, len(opts))
for image, _ := range opts {
commands = append(commands, fmt.Sprintf("docker scan %s", image))
}
allCommands := strings.Join(commands, ", ")
fmt.Printf("Try scanning the image you have just built to identify vulnerabilities with Dockers new security tool: %s\n", allCommands)
}
return err return err
} }

8
local/e2e/compose/fixtures/build-test/compose.yml
View File

@ -6,4 +6,10 @@ services:
nginx2: nginx2:
build: nginx-build build: nginx-build
image: gtardif/custom-nginx image: gtardif/custom-nginx:1.0
mongo:
image: mongo
sentences:
image: gtardif/sentences-web