►
Description
Ticket: https://gitlab.com/gitlab-org/incubation-engineering/ai-assist/meta/-/issues/10
Update:
- Back from PTO and sick leave
- Bunch of testing and bugfixes
- Finished the analyzer for its first release and renamed to Dockter: the doctor for your Dockerfiles
- Set up CI/CD
Next:
- Add output format for Code Quality reports
- Start scraping Dockerfiles for analysis
A
Welcome
back
to
another
update
of
ar
insist.
First,
I
was
on
pto
for
two
and
a
half
weeks,
and
then
I
got
sick,
unfortunately,
with
covet,
which
took
a
while
to
recover.
A
Basically,
what
I'm
trying
to
achieve
here
is
build
secure
images,
smaller,
build
them
faster,
follow
best
practices
and
have
the
docker
files
pretty
formatted,
and
where
does
this
fit
in?
Well,
usually,
you
would
lend
the
code
and
build
docker
image
run
this,
and
basically
I
want
to
prevent
building
a
docker
image
if
we
already
know
or
should
know
that
the
docker
file
is
going
to
lead
to
a
vulnerable
docker
image,
so
it
fits
right
into
the
states
of
limiting
the
code.
I
need
to
get
a
better
visual,
but
I
didn't
have
time
for
it.
A
Well,
there's
a
bunch
more
information.
Currently
you
can
use
it
two
ways
locally
via
pip
or
docker
itself,
and
you
can
use
it
in
ci,
so
I'm
also
using
it
in
my
ci
pipeline
as
well
as
you
can
see
here
so
the
lint
of
doctor
and
flake
8
and
yeah.
I'm
just
getting
a
warning.
Warnings
are
fine,
so
we
can
pause
that
locally.
It
works
as
well
as
I've
shown
before.
I
guess
so.
We
get
the
same
warning.
If
I
take
a
docker
file
that
is
way
worse,
then
we
get
a
bunch
more.
A
I
think
in
total
there
are
like
10
rules
right
now
and
they
are
all
aimed
for
preventing
leaking
credentials
or
creating
a
vulnerable
image,
and
it's
going
to
be
probably
way
more.
But
these
were
just
the
ones
that
I
figured
were
a
good
starting
point
for
a
first
release.
So
I'm
really
happy
with
that
yeah.
Next
up,
I'm
going
to
add
output
formatting,
because
this
is
now
just
single
line
printed.
But
what
I
want
to
have
is
that
it
ties
in
with
code
quality
that
we
already
have.
We
didn't
get
a
gitlab.
A
So
if
I
go
to
security,
there's
a
step
and
basically
I
would
also
want
to
have
information
about
the
results
from
doctor
here
as
well
as
well
as
in
the
in
the
div
itself,
and
I've
shown
that
before
so.
I
want
to
add
that
and
then
I
want
to
start
working
on
making
sure
that
that
is
available
in
in
gitlab
itself,
because
there
are
a
few
improvements
that
I
would
like
to
make,
but
I'll
get
to
that
in
the
next
video
and
then
it
starts
scraping
docker
files.
So
I
get
a
nice
data
set.