|
|
|
|
|
|
|
|
|
|
|
import json |
|
|
from pathlib import Path |
|
|
|
|
|
|
|
|
fixes = { |
|
|
"DL3008": "Use 'apt-get update' before 'apt-get install' to ensure package lists are current.", |
|
|
"DL4006": "Combine RUN instructions using '&&' to reduce image layers and improve caching.", |
|
|
"DL3003": "Use 'apt-get clean' and remove package lists after installing to reduce image size.", |
|
|
"DL4000": "Use COPY instead of ADD unless you need archive unpacking or remote URL support.", |
|
|
"DL3015": "Remove unnecessary packages and clean up temporary files after installation.", |
|
|
"DL3047": "Use 'HEALTHCHECK' instead of a custom script or process polling.", |
|
|
"DL3059": "Avoid installing packages with --no-install-recommends if not needed.", |
|
|
"DL3009": "Delete the apt cache after installing packages using 'rm -rf /var/lib/apt/lists/*'.", |
|
|
"DL3018": "Pin versions in apt-get install to ensure reproducibility.", |
|
|
"SC2086": "Use quotes to prevent word splitting and globbing in shell commands.", |
|
|
"DL3006": "Always tag the version of the base image (avoid using 'latest').", |
|
|
"DL3020": "Avoid using URLs in COPY instructions; download files inside the container instead.", |
|
|
"DL3025": "Use 'SHELL [\"/bin/bash\", \"-c\"]' for multi-line RUN with bash-specific syntax.", |
|
|
"DL3042": "Avoid installing unnecessary packages; install only what is required.", |
|
|
"DL3004": "Do not use sudo in Dockerfiles. Run as root or configure user permissions properly.", |
|
|
"DL3013": "Specify version numbers in pip install commands to ensure reproducibility.", |
|
|
"DL3027": "Avoid pip installing outside of a virtual environment when using Python.", |
|
|
"DL3007": "Use absolute paths in COPY commands to avoid ambiguity.", |
|
|
"SC2046": "Quote arguments to prevent word splitting when using command substitution.", |
|
|
"DL3033": "Use meaningful and concise image labels using the LABEL instruction.", |
|
|
"SC2028": "Echo with escaped characters may not behave as expected; quote the arguments.", |
|
|
"DL3019": "Do not use apk upgrade as it may lead to unpredictable behavior.", |
|
|
"DL4001": "Use WORKDIR to define working directory instead of cd.", |
|
|
"DL3002": "Avoid using ADD to fetch archives; prefer COPY or RUN curl + tar.", |
|
|
"SC2016": "Use backticks or $() in expressions to avoid confusion in shell scripts.", |
|
|
"DL3048": "Use COPY instead of ADD unless unpacking or remote fetching is required.", |
|
|
"DL3005": "Avoid using apt-key; use signed repositories and secure APT.", |
|
|
"DL3045": "Use 'ARG' instead of hardcoded values to allow flexible builds.", |
|
|
"DL3032": "Consolidate ENV declarations to reduce the number of image layers.", |
|
|
"DL3016": "Pin versions when using curl to download remote content.", |
|
|
"SC2035": "Use quotes to avoid globbing and unexpected matches in shell commands.", |
|
|
"DL3041": "Use official or trusted base images whenever possible.", |
|
|
"SC2043": "Quote expressions to avoid unintended behavior in conditions.", |
|
|
"SC2155": "Declare and assign variables in separate steps to avoid masking return codes.", |
|
|
"DL3028": "Use ADD only when its specific features are needed (e.g., auto-extract).", |
|
|
"DL1000": "Use a valid Dockerfile syntax; check for missing instructions or arguments.", |
|
|
"SC2164": "Use 'cd ... || exit' or check directory change status to avoid silent errors.", |
|
|
"SC2006": "Use modern command substitution: $(...) instead of backticks.", |
|
|
"DL3040": "Avoid hardcoding credentials or tokens in Dockerfiles.", |
|
|
"DL3014": "Use virtual environments when installing Python packages.", |
|
|
"DL3022": "Use apt-get with -y or --assume-yes to avoid interactive prompts.", |
|
|
"SC3037": "Quote paths and variables to avoid issues with whitespace or globbing.", |
|
|
"DL3000": "Use FROM as the first instruction in Dockerfile.", |
|
|
"DL3029": "Use ADD or curl instead of COPY for downloading files.", |
|
|
"SC1088": "Quote strings properly to avoid syntax errors in scripts.", |
|
|
"SC3009": "Avoid using variables in redirections or pipelines unless necessary.", |
|
|
"SC2251": "Use proper syntax when comparing strings in shell conditions.", |
|
|
"SC1001": "Use POSIX-compliant syntax unless bash features are required.", |
|
|
"SC3003": "Quote paths and variables consistently to avoid unexpected behavior.", |
|
|
"SC1091": "Ensure files sourced with . or source exist and are accessible." |
|
|
} |
|
|
|
|
|
|
|
|
fixes_path = Path("data/fixes/fixes.json") |
|
|
fixes_path.parent.mkdir(parents=True, exist_ok=True) |
|
|
fixes_path.write_text(json.dumps(fixes, indent=2, ensure_ascii=False)) |
|
|
|
|
|
print(f"✅ Zapisano {len(fixes)} reguł do {fixes_path}") |
|
|
|
