Run Code Static Check Via A Temporary Container

Posted by DennyZhang

How Would You Enforce Code Static Check? Learn and understand the check tools. Then install and configure them in your servers.

With docker, it could be much easier than ever! Let me show you how. The solution has built-in supports for: Python, Ruby, Shell. (You definitely can add more).
And What Does It Take? 5 minutes. Yes, you hear me. Only 5 minutes!

Run Static Check Against Your Scripts Via A Temporary Container

Check More Discussion In LinkedIn Discussion.

Get Notifcation: Monitor Your Docker Image Sizing

What are the problems with the old way?

  • It takes time. We need time to learn and understand the tools. Install them, configure them, or even migrate them across servers. These are all costs.
  • It might be tricky and troublesome. Installing extra packages might mean headaches. Upgrading the tools might mean nightmares.

Let’s say you want to install rubocop v0.49.1. And it requires ruby2.4. But your server has already installed ruby2.5 or ruby3. What would you do? Downgrade to 2.4? Are you sure this is a good idea, and it won’t break anything?

Okay, you have downgraded your ruby to 2.4 or even make multiple ruby versions installed(which is tricky). Anyway it’s working. Congratulations!

But two months later, rubocop v1.0.3 has been released. And you want to try it. But you just find out rubocop v1.0.3 requires ruby3.5!
How do you feel now, my friend? (Note you are living a pretty busy life. )

Yes, We Need The Code Check Tools. But Do We Really Have To Install Them In Our Servers?

Here is the new idea:

  1. Create a temporary docker container. And it has tools installed and configured inside.
  2. When the container starts, it get source code as docker volumes.
  3. Inside the container, the test runs.

1.1 Example: Pylint For Python Scripts

cd /tmp
# Get the code of sample project. It could be any repos.
# https://github.com/dennyzhang/devops_public
git clone git@github.com:DennyZhang/devops_public.git
code_dir="/tmp/devops_public"

# Dockerfile: https://github.com/dennyzhang/devops_docker_image/tree/tag_v6/codecheck
image_name="denny/pylintcheck:1.0"
container_name="pylintcheck"

ignore_file="/tmp/pylint_ignore"
cat > "$ignore_file" <<EOF
python/cleanup_old_files/cleanup_old_files.py
check_elasticsearch_shard.py
EOF

# Start container
docker run -t -d -v ${code_dir}:/code \
    -v "$ignore_file":"$ignore_file" \
    --name "$container_name" "$image_name"

# Install pip packages
docker exec -it "$container_name" \
  /usr/bin/pip install elasticsearch flask selenium

# Run the test
docker exec -it "$container_name" \
  python /enforce_pylint.py --code_dir /code --check_ignore_file "$ignore_file"

# Destroy container
docker stop "$container_name"; docker rm "$container_name"

1.2 Example: Shellcheck For Bash Scripts

cd /tmp
# Get the code of sample project
# https://github.com/dennyzhang/devops_public
git clone git@github.com:DennyZhang/devops_public.git
code_dir="/tmp/devops_public"

# Dockerfile: https://github.com/dennyzhang/devops_docker_image/tree/tag_v6/codecheck
image_name="denny/shellcheck:1.0"
container_name="shellcheck"

# whitelist: skip checks for certain files
ignore_file="/tmp/shellcheck_ignore"
cat > "$ignore_file" <<EOF
common_library/refresh_common_library.sh
common_library/general_helper.sh
list_os_packages.sh
EOF

# whitelist: skip some shellcheck rules
exclude_code_list="SC1090,SC1091,SC2154,SC2001,SC2002,SC2181,SC2188"

# Start container
# User docker volume: get the source code and check whitelist
docker run -t -d -v ${code_dir}:/code \
    -v "$ignore_file":"$ignore_file" \
    --name "$container_name" "$image_name"

# Run the test
docker exec -it "$container_name" \
      python /enforce_shellcheck.py \
      --code_dir /code \
      --check_ignore_file "$ignore_file" \
      --exclude_code_list "$exclude_code_list"

# Destroy container
docker stop "$container_name"; docker rm "$container_name"

(Related Reading: ShellCheck: Code Check For Shell Scripts)

1.3 Example: Rubocop For Ruby Scripts

cd /tmp
# Get the code of sample project
# https://github.com/dennyzhang/chef_community_cookbooks
git clone git@github.com:DennyZhang/chef_community_cookbooks.git

code_dir="/tmp/chef_community_cookbooks/cookbooks"

# Dockerfile: https://github.com/dennyzhang/devops_docker_image/tree/tag_v6/codecheck
image_name="denny/rubocopcheck:1.0"
container_name="rubocopcheck"

# Start the container
docker run -t -d --privileged -v ${code_dir}:/code \
      --name "$container_name" "$image_name"

# Run the test
docker exec -it "$container_name" \
      python /enforce_rubocopcheck.py \
      --code_dir /code

# Destroy container
docker stop "$container_name"; docker rm "$container_name"

(Related Reading: Common Rubocop Errors)

1.4 Example: More Languages

You can support more languages like this. I’m sure you’re capable for it!

So publish your solution to GitHub, once it’s ready. And share it with me, my friend.

1.5 Use Jenkins To Simplify The Solution

Now we have a generic and clean solution of code static check. And it works for almost all repos. Do you agree?

To make the solution even better, I find Jenkins jobs is easier than issuing multiple docker commands.

Here is an example. (You should create your own jobs easily)

github_jenkins_shellcheckrepo.png

(Related Reading: 5 Reasons Why Jenkins Is So Useful And Popular)

1.6 Recap: No Need To Install Code Check Tools To Your Servers.

Please leave me comments with your thoughts.

And more importantly, give it a try. And improve your projects now.

It’s just 5 minutes away!

Dockerfile for above docker images can be found in GitHub.
GitHub

More Reading:

linkedin
github
slack

PRs Welcome

Blog URL: https://www.dennyzhang.com/docker_code_check

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.