Class: Dependabot::Docker::FileParser

Inherits:
FileParsers::Base
  • Object
show all
Defined in:
lib/dependabot/docker/file_parser.rb

Constant Summary collapse

DOMAIN_COMPONENT =

Details of Docker regular expressions is at github.com/docker/distribution/blob/master/reference/regexp.go

/(?:[[:alnum:]]|[[:alnum:]][[[:alnum:]]-]*[[:alnum:]])/.freeze
DOMAIN = 
/(?:#{DOMAIN_COMPONENT}(?:\.#{DOMAIN_COMPONENT})+)/.freeze
REGISTRY = 
/(?<registry>#{DOMAIN}(?::\d+)?)/.freeze
NAME_COMPONENT = 
/(?:[a-z\d]+(?:(?:[._]|__|[-]*)[a-z\d]+)*)/.freeze
IMAGE = 
%r{(?<image>#{NAME_COMPONENT}(?:/#{NAME_COMPONENT})*)}.freeze
FROM = 
/FROM/i.freeze
PLATFORM = 
/--platform\=(?<platform>\S+)/.freeze
TAG = 
/:(?<tag>[\w][\w.-]{0,127})/.freeze
DIGEST = 
/@(?<digest>[^\s]+)/.freeze
NAME = 
/\s+AS\s+(?<name>[\w-]+)/.freeze
FROM_LINE = 
%r{^#{FROM}\s+(#{PLATFORM}\s+)?(#{REGISTRY}/)?
#{IMAGE}#{TAG}?#{DIGEST}?#{NAME}?}x.freeze
AWS_ECR_URL = 
/dkr\.ecr\.(?<region>[^.]+).amazonaws\.com/.freeze

Instance Method Summary collapse

Instance Method Details

#parseObject 



37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
 
# File 'lib/dependabot/docker/file_parser.rb', line 37

def parse
  dependency_set = DependencySet.new

  dockerfiles.each do |dockerfile|
    dockerfile.content.each_line do |line|
      next unless FROM_LINE.match?(line)

      parsed_from_line = FROM_LINE.match(line).named_captures
      parsed_from_line["registry"] = nil if parsed_from_line["registry"] == "docker.io"

      version = version_from(parsed_from_line)
      next unless version

      dependency_set << Dependency.new(
        name: parsed_from_line.fetch("image"),
        version: version,
        package_manager: "docker",
        requirements: [
          requirement: nil,
          groups: [],
          file: dockerfile.name,
          source: source_from(parsed_from_line)
        ]
      )
    end
  end

  dependency_set.dependencies
end