Home
Contribute Contact Us Browse all meetings
Home Contribute Contact Us Browse all meetings
GitLab / Incubation Engineering / 14 Jul 2022
GitLab / Incubation Engineering / 14 Jul 2022
Previous Meeting Next Meeting
Add meeting Rate page Subscribe
youtube image
From YouTube: Incubation Engineering AI Assist - Weekly Demo 2022-07-14

Description

Ticket: https://gitlab.com/gitlab-org/incubation-engineering/ai-assist/meta/-/issues/10

Update:
- Back from PTO and sick leave
- Bunch of testing and bugfixes
- Finished the analyzer for its first release and renamed to Dockter: the doctor for your Dockerfiles
- Set up CI/CD

Next:
- Add output format for Code Quality reports
- Start scraping Dockerfiles for analysis

A

Welcome back to another update of ar insist. First, I was on pto for two and a half weeks, and then I got sick, unfortunately, with uh covet, which took a while to recover.

A

Well since last week, I'm finally back to work and I've made quite a bit of progress, even though I had to fight a lot of gremlins to get there so we're currently looking at the pipeline for tag 1.0.0, which is the first release of doctor, which is the name that I've chosen for now doctor the doctor for your doctor files and it fully worked and it released a package to the packet registry of gitlab.

A

Here it is doctor, which was the first time that I've done that, and it's working quite well also released a container that can be used and there is information in the region on how to use it.

A

Basically, what um I'm trying to achieve here is build secure images, smaller, build them faster, follow best practices and have the docker files pretty formatted, and where does this fit in? Well, usually, you would lend the code and build docker image run this, and basically I want to prevent building a docker image if we already know or should know that the docker file is going to lead to a vulnerable docker image, so it fits right into the states of limiting the code. I need to get a better visual, but I didn't have time for it.

A

Well, there's a bunch more information. Currently you can use it two ways locally via pip or docker itself, and you can use it in ci, so I'm also using it in my ci pipeline as well as you can see here so the lint of doctor and flake 8 and yeah. I'm just getting a warning. Warnings are fine, so we can pause that locally. It works as well as I've shown before. I guess so. We get the same warning. If I take a docker file that is way worse, then we get a bunch more.

A

I think in total there are like 10 rules right now and they are all aimed for preventing leaking credentials or creating a vulnerable image, and it's going to be probably way more. But these were just the ones that I figured were a good starting point for a first release. So I'm really happy with that um yeah. Next up, I'm going to add output formatting, because this is now just single line printed. But what I want to have is that it ties in with code quality that we already have. We didn't get a gitlab.

A

So if I go to security, there's a step and basically I would also want to have information about the results from doctor here as well as well as in the um in the div itself, and I've shown that before so. I want to add that and then I want to start working on making sure that that is available in in gitlab itself, because there are a few improvements that I would like to make, but I'll get to that in the next video and then it starts scraping docker files. So I get a nice data set.

A

I can use to analyze what makes a docker file vulnerable or would make the docker file good.

A

If you have any questions, leave a comment down below or send me a message on slack and look forward to a to another update next week. Thank you for watching bye.