forked from snyk/snyk-images
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathdocker-entrypoint.sh
executable file
·71 lines (62 loc) · 2.54 KB
/
docker-entrypoint.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
#!/bin/sh
set -e
# Note that this script is implemented in sh, *not* bash. This is to aid portability
# for environments which may have the minimal shell
# Command
# In order to deal with edge cases like requiring specific flags or filenames
# Look for an ENV and if present run the specified commands
if ! [ -z "${COMMAND}" ]; then
eval ${COMMAND}
else
# Python
# Snyk requires Python to have downloaded the dependencies before running
# If pip is present on the path, and we find a requirements.txt file, run pip install -r requirements.txt
# If pipenv is present on the path, and we find a Pipfile without a Pipfile.lock, run pipenv update
if [ -x "$(command -v pip)" ]; then
if [ -f "requirements.txt" ]; then
out=$(cat requirements.txt | sed -e '/^\s*#.*$/d' -e '/^\s*$/d' | xargs -n 1 pip install 2>&1 || true) # Skipping the dependencies which aren't Installable
fi
if [ -f "Pipfile" ]; then
if ! [ -x "$(command -v pipenv)" ]; then
pip install pipenv > /dev/null 2>&1
fi
if [ -f "Pipfile.lock" ]; then
out=$(pipenv sync)
else
out=$(pipenv update)
fi
fi
fi
# Maven
# Snyk requires Maven to have downloaded the dependencies before running
# If mvn is present on the path, and we find a pom.xml, run mvn install
if [ -x "$(command -v mvn)" ]; then
if [ -f "pom.xml" ]; then
out=$(mvn install --no-transfer-progress -DskipTests)
fi
fi
# Go dep
# Snyk requires dep to be installed
# If Go is installed and if we find a Gopkg.toml file, ensure dep is installed and then install dependencies
if [ -x "$(command -v go)" ]; then
if [ -f "Gopkg.toml" ]; then
if ! [ -x "$(command -v dep)" ]; then
curl -s https://raw.githubusercontent.com/golang/dep/master/install.sh | sh > /dev/null 2>&1
fi
out=$(dep ensure)
fi
fi
fi
# By default we don't output any of the commands needed to run before Snyk
# but when debugging it can be useful to trigger that output to be shown.
# To do so simply set the DEBUG environment variable.
if ! [ -z "${DEBUG}" ]; then
printf '%s\n' "$out"
fi
# This is in place for GitHub Actions, in order to build a nice
# interface using args (which are converted to ENV) for whether or not
# to output a JSON file
if [ "$INPUT_COMMAND" = "test" -a "$INPUT_JSON" = "true" ]; then
JSON_OUTPUT="--json-file-output=snyk.json"
fi
exec $@ $JSON_OUTPUT