►
A
A
Last
week
there
we
have
the
offsite,
which
took
quite
a
few
days,
and
this
week
we
have
pto
and
friends
family
day.
So
it's
a
combined
update
of
the
last
two
weeks
which
in
reality
is
like
five
days
of
work.
So
last
week
I
started
by
gathering
docker
files
from
public
images
and
start
analyzing
them.
So
I
can
verify
if
the
parse
is
correct,
so
I
wrote
a
bunch
more
tests
and
that
works.
A
There
were
a
few
interesting
things
that
I
didn't
include
at
first,
like
the
maintainer,
which
is
deprecated,
but
of
course,
it's
still
being
used,
and
the
other
thing
that
I
did
is
I've
extended
the
rule
set
for
the
for
the
analyzer,
including
verifying
name
convention.
A
I
see
this
happening
often
where
people
will
name
a
dockerfile
like
dockerfile.something
or
dockerfile
there,
something
which
is
in
theory,
fine,
but
ids
and
even
gitlab,
don't
recognize
it
as
a
dockerfile
anymore,
and
I
think
the
correct
naming
convention
is
subname,
dot
dockerfile,
which
preserves
the
file
type
and
it's
just
neither
in
general
other
than
that.
I've
added
quite
a
interesting
feature:
the
dynamic
parsing
of
files.
A
A
However,
I'm
just
going
to
show
an
example
with
src,
because
it
it's
the
same
for
dot
as
src.
In
this
case,
src
is
my
folder
here
with
a
few
files,
and
if
we
now
run
it
against
the
dockerfile
parser
and
we
get
the
parsed
source
files,
which
is
a
new
node,
we
will
see
that
actually
all
of
these
files
will
be
copied
into
the
docker
image
instead
of
saying
just
src,
and
probably,
if
I
change
it
now
to
dot,
it
will
be
a
bunch
more
files,
but
it
will
be
a
similar
result.
A
Yeah.
You
can
see
it
right
here,
and
this
is
what
is
also
included
here.
Is
the
docker
ignore
the
docker?
Ignore
is
a
file
which
is
similar
to
git,
ignore
it
will
just
make
sure
that
these
files
don't
get
copied
over
to
your
docker
image,
which
again
is
to
prevent
sensitive
information
from
leaking,
and
that
also
works,
as
you
can
see,
because
pi
test
cache
and
defense
and
pi
cache
are
not
included
in
these
types
of
files.
A
That
was
quite
a
bit
of
work,
and
next
up
is
I'm
going
to
test
it
against
way
more
files,
I'm
planning
to
gather
10,
000,
docker
files
and
start
running
it
against
this,
seeing
how
we
can
analyze
the
data
and
what
kind
of
insights
we
get
from
it.
I'm
also
going
to
add
two
or
three
more
rules,
and
I've
also
thought
about
what
is
it
exactly
doing
this
analyzing,
because
I'm
going
to
release
it,
so
people
can
already
start
using
it.
A
It's
faster
to
build
and
is
in
general,
safe
by
having
save
users,
save
base
images
not
leaking
any
credentials
that
kind
of
stuff
and
we'll
have
to
see
where
it
goes
from
there.
I'm
thinking
about
optimizing,
docker
files,
but
also
automatically
generating
docker
files.
So
that's
one
thing
that
I
want
to
try
experiment
with
see
if
I
can
build
create
an
entire
dockerfile
based
on
just
the
files
that
are
present
in
the
repository.
A
That's
it
for
now.
If
you
have
any
questions
or
remarks,
please
leave
a
comment
or
contact
me
on
slack
and
one
last
question
that
I
have
is.
I
planned
on
releasing
the
the
docker
assistant
just
from
my
sub
group,
so
incubation
engineering
slash
aic
list
ai
assist
slash,
docker
assistant.
Do
you
think
this
is
fine,
or
should
it
be
a
different
repo
or
a
different
docker
image?
Let
me
know
if
you
have
any
hints.