diff --git a/.automation/build.py b/.automation/build.py index 1968a835239..88fd0599381 100644 --- a/.automation/build.py +++ b/.automation/build.py @@ -330,7 +330,9 @@ def generate_flavor(flavor, flavor_info): ] extra_lines += [ "COPY entrypoint.sh /entrypoint.sh", - "RUN chmod +x entrypoint.sh", + "COPY sh/setup-runtime-user /usr/bin/setup-runtime-user", + "RUN chmod +x entrypoint.sh && \\", + " chmod u+x /usr/bin/setup-runtime-user", 'ENTRYPOINT ["/bin/bash", "/entrypoint.sh"]', ] build_dockerfile( @@ -543,14 +545,19 @@ def build_dockerfile( if keep_rustup is True: rustup_cargo_cmd = " && ".join(rust_commands) cargo_install_command = ( - "RUN curl https://sh.rustup.rs -sSf |" - + " sh -s -- -y --profile minimal --default-toolchain ${RUST_RUST_VERSION} \\\n" - + ' && export PATH="/root/.cargo/bin:/root/.cargo/env:${PATH}" \\\n' + "RUN export RUSTUP_HOME=/usr/local/rustup CARGO_HOME=/usr/local/cargo \\\n" + + " && curl https://sh.rustup.rs -sSf |" + + " sh -s -- -y --profile minimal --default-toolchain ${RUST_RUST_VERSION} --no-modify-path \\\n" + + ' && export PATH="${CARGO_HOME}/bin:${PATH}" \\\n' + " && rustup default stable \\\n" + f" && {rustup_cargo_cmd} \\\n" - + " && rm -rf /root/.cargo/registry /root/.cargo/git " - + "/root/.cache/sccache\n" - + 'ENV PATH="/root/.cargo/bin:/root/.cargo/env:${PATH}"' + + ' && for bin in "${CARGO_HOME}"/bin/*; do \\\n' + + ' ln -sf "$bin" /usr/local/bin/"$(basename "$bin")"; \\\n' + + " done \\\n" + + ' && rm -rf "${CARGO_HOME}/registry" "${CARGO_HOME}/git" /root/.cache/sccache\n' + + "ENV RUSTUP_HOME=/usr/local/rustup\n" + + "ENV CARGO_HOME=/usr/local/cargo\n" + + 'ENV PATH="/usr/local/cargo/bin:${PATH}"' ) # Pin every standalone `FROM alpine:X.Y` build stage to the runtime image's # Alpine version (parsed from the python base image) so helper stages can never @@ -636,7 +643,8 @@ def build_dockerfile( if len(npm_packages) > 0: npm_install_command = ( "WORKDIR /node-deps\n" - + "RUN npm --no-cache install --ignore-scripts --omit=dev \\\n " + + "RUN npm config set prefix /usr/local \\\n" + + " && npm --no-cache install --ignore-scripts --omit=dev \\\n " + " \\\n ".join(list(dict.fromkeys(npm_packages))) + " && \\\n" # + ' echo "Fixing audit issues with npm…" \\\n' @@ -834,15 +842,17 @@ def generate_linter_dockerfiles(): " CONFIG_REPORTER=false \\", " SARIF_TO_HUMAN=false" "", # "EXPOSE 80", - "RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh", + "RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh", "EXPOSE 22", "COPY entrypoint.sh /entrypoint.sh", "COPY sh /usr/bin/megalinter-sh", "COPY sh/megalinter_exec /usr/bin/megalinter_exec", + "COPY sh/setup-runtime-user /usr/bin/setup-runtime-user", "COPY sh/motd /etc/motd", 'RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \\; && \\', " chmod +x entrypoint.sh && \\", " chmod +x /usr/bin/megalinter_exec && \\", + " chmod u+x /usr/bin/setup-runtime-user && \\", " echo \"alias megalinter='python -m megalinter.run'\" >> ~/.bashrc && source ~/.bashrc && \\", " echo \"alias megalinter_exec='/usr/bin/megalinter_exec'\" >> ~/.bashrc && source ~/.bashrc", 'RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \\', diff --git a/.cspell.json b/.cspell.json index 1d938990d71..b68469d26e6 100644 --- a/.cspell.json +++ b/.cspell.json @@ -122,6 +122,8 @@ "dargs", "datrie", "depd", + "delgroup", + "deluser", "dezalgo", "dont", "drmaa", @@ -1664,6 +1666,7 @@ "upshape", "urllib3", "usergroup", + "adduser", "utilstest", "utogenconf", "uvicorn", diff --git a/CHANGELOG.md b/CHANGELOG.md index bbd08115947..04f6db3b032 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -36,6 +36,7 @@ Note: Can be used with `oxsecurity/megalinter@beta` in your GitHub Action mega-l - Exclude `REPORT_OUTPUT_FOLDER` from linting when configured as an absolute path inside the workspace (e.g. `/tmp/lint/megalinter-reports`), fixing #7845. - Fix command injection in Roslynator linter (`DOTNET_ROSLYNATOR`) where a crafted `.csproj` filename could break out of `dotnet restore` arguments and execute arbitrary shell commands. The command is now invoked via argv list instead of a shell string. Reported by Francesco Sabiu. - Fix `IndexError` when building the single-linter Docker image for a linter whose activation depends on a file (e.g. `SPELL_VALE` requires `.vale.ini`): `python -m megalinter.run --linterversion` now bypasses activation filtering since the per-linter image is built for that linter unconditionally. + - Allow MegaLinter containers to run in an opt-in non-root mode matching the host UID:GID on POSIX systems, avoiding root-owned generated files on the host (#1975). - Reporters @@ -45,6 +46,7 @@ Note: Can be used with `oxsecurity/megalinter@beta` in your GitHub Action mega-l - Update Docker pull counters in README badges and `flavors-stats.json` with latest ghcr.io stats - mega-linter-runner + - Add `--user-map` / `--no-user-map` to control whether the MegaLinter container runs in non-root mode. On POSIX systems `--user-map` uses the current host UID:GID; on other hosts it falls back to `1000:1000`. - Dev - Stop generating per-linter Dockerfiles for linters marked `disabled: true` in their descriptor. The matching images were already excluded from the build matrix (`linters_matrix.json`) and never published, so the on-disk `linters//Dockerfile` was dead code. Deleted the 8 corresponding stale Dockerfile directories. diff --git a/Dockerfile b/Dockerfile index eee75e5790a..cc1a7161eaf 100644 --- a/Dockerfile +++ b/Dockerfile @@ -539,12 +539,18 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ ############################################################################################# #CARGO__START -RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain ${RUST_RUST_VERSION} \ - && export PATH="/root/.cargo/bin:/root/.cargo/env:${PATH}" \ +RUN export RUSTUP_HOME=/usr/local/rustup CARGO_HOME=/usr/local/cargo \ + && curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain ${RUST_RUST_VERSION} --no-modify-path \ + && export PATH="${CARGO_HOME}/bin:${PATH}" \ && rustup default stable \ && rustup component add clippy \ - && rm -rf /root/.cargo/registry /root/.cargo/git /root/.cache/sccache -ENV PATH="/root/.cargo/bin:/root/.cargo/env:${PATH}" + && for bin in "${CARGO_HOME}"/bin/*; do \ + ln -sf "$bin" /usr/local/bin/"$(basename "$bin")"; \ + done \ + && rm -rf "${CARGO_HOME}/registry" "${CARGO_HOME}/git" /root/.cache/sccache +ENV RUSTUP_HOME=/usr/local/rustup +ENV CARGO_HOME=/usr/local/cargo +ENV PATH="/usr/local/cargo/bin:${PATH}" #CARGO__END ############################## @@ -730,7 +736,8 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ NODE_ENV=production #NPM__START WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ +RUN npm config set prefix /usr/local \ + && npm --no-cache install --ignore-scripts --omit=dev \ @salesforce/cli@${NPM_SALESFORCE_CLI_VERSION} \ typescript@${NPM_TYPESCRIPT_VERSION} \ @coffeelint/cli@${NPM_COFFEELINT_CLI_VERSION} \ @@ -803,8 +810,8 @@ esac \ && chmod +x /opt/microsoft/powershell/7/pwsh \ && ln -s /opt/microsoft/powershell/7/pwsh /usr/bin/pwsh \ # CSHARP installation - && apk add --no-cache dotnet10-sdk -ENV PATH="${PATH}:/root/.dotnet/tools" + && apk add --no-cache dotnet10-sdk && install -d /usr/local/dotnet-tools +ENV PATH="${PATH}:/usr/local/dotnet-tools" # DART installation ENV LANG=C.UTF-8 RUN ALPINE_GLIBC_BASE_URL="https://github.com/sgerrand/alpine-pkg-glibc/releases/download" && \ @@ -859,7 +866,8 @@ ENV PATH="$JAVA_HOME/bin:${PATH}" # PHP installation RUN update-alternatives --install /usr/bin/php php /usr/bin/php84 110 # Managed with COPY --link --from=composer/composer:2-bin /composer /usr/bin/composer -ENV PATH="/root/.composer/vendor/bin:${PATH}" +ENV COMPOSER_HOME=/usr/local/composer +ENV PATH="/usr/local/composer/vendor/bin:${PATH}" # POWERSHELL installation # Next line commented because already managed by another linter # RUN case ${TARGETPLATFORM} in \ @@ -876,6 +884,7 @@ ENV PATH="/root/.composer/vendor/bin:${PATH}" # ENV JAVA_HOME=/usr/lib/jvm/java-21-openjdk # Next line commented because already managed by another linter # ENV PATH="$JAVA_HOME/bin:${PATH}" +ENV XDG_DATA_HOME=/usr/local/share RUN sf plugins install @salesforce/plugin-packaging@${NPM_SALESFORCE_PLUGIN_PACKAGING_VERSION} \ && echo y|sf plugins install sfdx-hardis@${SFDX_HARDIS_VERSION} \ && (npm cache clean --force || true) \ @@ -892,9 +901,9 @@ RUN curl --retry-all-errors --retry 10 -fLo coursier https://github.com/coursier # TYPESCRIPT installation # VBDOTNET installation # Next line commented because already managed by another linter -# RUN apk add --no-cache dotnet10-sdk +# RUN apk add --no-cache dotnet10-sdk && install -d /usr/local/dotnet-tools # Next line commented because already managed by another linter -# ENV PATH="${PATH}:/root/.dotnet/tools" +# ENV PATH="${PATH}:/usr/local/dotnet-tools" # actionlint installation # Managed with COPY --link --from=actionlint /usr/local/bin/actionlint /usr/bin/actionlint # # shellcheck is a dependency for actionlint @@ -940,9 +949,9 @@ esac \ # jscpd installation # cpplint installation # csharpier installation - && dotnet tool install --allow-roll-forward --global csharpier --version "${CSHARP_CSHARPIER_VERSION}" \ + && dotnet tool install --allow-roll-forward --tool-path /usr/local/dotnet-tools csharpier --version "${CSHARP_CSHARPIER_VERSION}" \ # roslynator installation - && dotnet tool install --allow-roll-forward --global roslynator.dotnet.cli --version "${CSHARP_ROSLYNATOR_VERSION}" \ + && dotnet tool install --allow-roll-forward --tool-path /usr/local/dotnet-tools roslynator.dotnet.cli --version "${CSHARP_ROSLYNATOR_VERSION}" \ # stylelint installation # dartanalyzer installation && case ${TARGETPLATFORM} in \ @@ -1098,10 +1107,10 @@ ENV PATH="~/.raku/bin:/opt/rakudo-pkg/bin:/opt/rakudo-pkg/share/perl6/site/bin:$ # checkov installation # devskim installation # Next line commented because already managed by another linter -# RUN apk add --no-cache dotnet10-sdk +# RUN apk add --no-cache dotnet10-sdk && install -d /usr/local/dotnet-tools # Next line commented because already managed by another linter -# ENV PATH="${PATH}:/root/.dotnet/tools" -RUN dotnet tool install --allow-roll-forward --global Microsoft.CST.DevSkim.CLI --version ${REPOSITORY_DEVSKIM_VERSION} \ +# ENV PATH="${PATH}:/usr/local/dotnet-tools" +RUN dotnet tool install --allow-roll-forward --tool-path /usr/local/dotnet-tools Microsoft.CST.DevSkim.CLI --version ${REPOSITORY_DEVSKIM_VERSION} \ # dustilock installation # Managed with COPY --link --from=dustilock /usr/bin/dustilock /usr/bin/dustilock # gitleaks installation @@ -1168,10 +1177,10 @@ RUN dotnet tool install --allow-roll-forward --global Microsoft.CST.DevSkim.CLI # sqlfluff installation # tsqllint installation # Next line commented because already managed by another linter -# RUN apk add --no-cache dotnet10-sdk +# RUN apk add --no-cache dotnet10-sdk && install -d /usr/local/dotnet-tools # Next line commented because already managed by another linter -# ENV PATH="${PATH}:/root/.dotnet/tools" - && dotnet tool install --allow-roll-forward --global TSQLLint --version ${SQL_TSQLLINT_VERSION} +# ENV PATH="${PATH}:/usr/local/dotnet-tools" + && dotnet tool install --allow-roll-forward --tool-path /usr/local/dotnet-tools TSQLLint --version ${SQL_TSQLLINT_VERSION} # swiftlint installation # renovate: datasource=docker depName=ghcr.io/realm/swiftlint ENV SWIFT_SWIFTLINT_VERSION=0.63.3 @@ -1249,6 +1258,8 @@ LABEL com.github.actions.name="MegaLinter" \ #EXTRA_DOCKERFILE_LINES__START COPY entrypoint.sh /entrypoint.sh -RUN chmod +x entrypoint.sh +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user +RUN chmod +x entrypoint.sh && \ + chmod u+x /usr/bin/setup-runtime-user ENTRYPOINT ["/bin/bash", "/entrypoint.sh"] #EXTRA_DOCKERFILE_LINES__END diff --git a/docs/descriptors/csharp.md b/docs/descriptors/csharp.md index bffde3346f8..bb689af8bd7 100644 --- a/docs/descriptors/csharp.md +++ b/docs/descriptors/csharp.md @@ -36,7 +36,7 @@ description: dotnet-format, csharpier, roslynator are available to analyze CSHAR - Dockerfile commands : ```dockerfile -RUN apk add --no-cache dotnet10-sdk -ENV PATH="${PATH}:/root/.dotnet/tools" +RUN apk add --no-cache dotnet10-sdk && install -d /usr/local/dotnet-tools +ENV PATH="${PATH}:/usr/local/dotnet-tools" ``` diff --git a/docs/descriptors/csharp_csharpier.md b/docs/descriptors/csharp_csharpier.md index 628e6ab1104..fb118d9dce6 100644 --- a/docs/descriptors/csharp_csharpier.md +++ b/docs/descriptors/csharp_csharpier.md @@ -124,11 +124,11 @@ Commands: - Dockerfile commands : ```dockerfile # Parent descriptor install -RUN apk add --no-cache dotnet10-sdk -ENV PATH="${PATH}:/root/.dotnet/tools" +RUN apk add --no-cache dotnet10-sdk && install -d /usr/local/dotnet-tools +ENV PATH="${PATH}:/usr/local/dotnet-tools" # Linter install # renovate: datasource=nuget depName=csharpier ARG CSHARP_CSHARPIER_VERSION=1.2.6 -RUN dotnet tool install --allow-roll-forward --global csharpier --version "${CSHARP_CSHARPIER_VERSION}" +RUN dotnet tool install --allow-roll-forward --tool-path /usr/local/dotnet-tools csharpier --version "${CSHARP_CSHARPIER_VERSION}" ``` diff --git a/docs/descriptors/csharp_roslynator.md b/docs/descriptors/csharp_roslynator.md index a3f55b6b32a..64b14fd48ca 100644 --- a/docs/descriptors/csharp_roslynator.md +++ b/docs/descriptors/csharp_roslynator.md @@ -123,11 +123,11 @@ Run 'roslynator help [command]' for more information on a command. - Dockerfile commands : ```dockerfile # Parent descriptor install -RUN apk add --no-cache dotnet10-sdk -ENV PATH="${PATH}:/root/.dotnet/tools" +RUN apk add --no-cache dotnet10-sdk && install -d /usr/local/dotnet-tools +ENV PATH="${PATH}:/usr/local/dotnet-tools" # Linter install # renovate: datasource=nuget depName=roslynator.dotnet.cli ARG CSHARP_ROSLYNATOR_VERSION=0.12.0 -RUN dotnet tool install --allow-roll-forward --global roslynator.dotnet.cli --version "${CSHARP_ROSLYNATOR_VERSION}" +RUN dotnet tool install --allow-roll-forward --tool-path /usr/local/dotnet-tools roslynator.dotnet.cli --version "${CSHARP_ROSLYNATOR_VERSION}" ``` diff --git a/docs/descriptors/php.md b/docs/descriptors/php.md index 97f9c8ddfd8..fe2dab7a0a0 100644 --- a/docs/descriptors/php.md +++ b/docs/descriptors/php.md @@ -40,7 +40,8 @@ description: phpcs, phpstan, psalm, phplint, php-cs-fixer are available to analy ```dockerfile RUN update-alternatives --install /usr/bin/php php /usr/bin/php84 110 COPY --link --from=composer/composer:2-bin /composer /usr/bin/composer -ENV PATH="/root/.composer/vendor/bin:${PATH}" +ENV COMPOSER_HOME=/usr/local/composer +ENV PATH="/usr/local/composer/vendor/bin:${PATH}" ``` - APK packages (Linux): diff --git a/docs/descriptors/php_php_cs_fixer.md b/docs/descriptors/php_php_cs_fixer.md index 0d2bc0e456f..514a5821c65 100644 --- a/docs/descriptors/php_php_cs_fixer.md +++ b/docs/descriptors/php_php_cs_fixer.md @@ -156,7 +156,8 @@ Help: # Parent descriptor install RUN update-alternatives --install /usr/bin/php php /usr/bin/php84 110 COPY --link --from=composer/composer:2-bin /composer /usr/bin/composer -ENV PATH="/root/.composer/vendor/bin:${PATH}" +ENV COMPOSER_HOME=/usr/local/composer +ENV PATH="/usr/local/composer/vendor/bin:${PATH}" # Linter install # renovate: datasource=packagist depName=friendsofphp/php-cs-fixer ARG PHP_FRIENDSOFPHP_PHP_CS_FIXER_VERSION=v3.95.7 diff --git a/docs/descriptors/php_phpcs.md b/docs/descriptors/php_phpcs.md index d7ed4132dd6..59936abe854 100644 --- a/docs/descriptors/php_phpcs.md +++ b/docs/descriptors/php_phpcs.md @@ -251,7 +251,8 @@ Miscellaneous Options: # Parent descriptor install RUN update-alternatives --install /usr/bin/php php /usr/bin/php84 110 COPY --link --from=composer/composer:2-bin /composer /usr/bin/composer -ENV PATH="/root/.composer/vendor/bin:${PATH}" +ENV COMPOSER_HOME=/usr/local/composer +ENV PATH="/usr/local/composer/vendor/bin:${PATH}" # Linter install # renovate: datasource=packagist depName=squizlabs/php_codesniffer ARG PHP_SQUIZLABS_PHP_CODESNIFFER_VERSION=4.0.1 diff --git a/docs/descriptors/php_phplint.md b/docs/descriptors/php_phplint.md index 1983258c071..ae9325475e6 100644 --- a/docs/descriptors/php_phplint.md +++ b/docs/descriptors/php_phplint.md @@ -139,7 +139,8 @@ Options: # Parent descriptor install RUN update-alternatives --install /usr/bin/php php /usr/bin/php84 110 COPY --link --from=composer/composer:2-bin /composer /usr/bin/composer -ENV PATH="/root/.composer/vendor/bin:${PATH}" +ENV COMPOSER_HOME=/usr/local/composer +ENV PATH="/usr/local/composer/vendor/bin:${PATH}" # Linter install # renovate: datasource=packagist depName=overtrue/phplint ARG PHP_OVERTRUE_PHPLINT_VERSION=9.7.2 diff --git a/docs/descriptors/php_phpstan.md b/docs/descriptors/php_phpstan.md index 11987b8f5a7..0e2a93a1524 100644 --- a/docs/descriptors/php_phpstan.md +++ b/docs/descriptors/php_phpstan.md @@ -139,7 +139,8 @@ Options: # Parent descriptor install RUN update-alternatives --install /usr/bin/php php /usr/bin/php84 110 COPY --link --from=composer/composer:2-bin /composer /usr/bin/composer -ENV PATH="/root/.composer/vendor/bin:${PATH}" +ENV COMPOSER_HOME=/usr/local/composer +ENV PATH="/usr/local/composer/vendor/bin:${PATH}" # Linter install # renovate: datasource=packagist depName=phpstan/phpstan ARG PHP_PHPSTAN_PHPSTAN_VERSION=2.2.2 diff --git a/docs/descriptors/php_psalm.md b/docs/descriptors/php_psalm.md index 394b6dfa739..815e9976705 100644 --- a/docs/descriptors/php_psalm.md +++ b/docs/descriptors/php_psalm.md @@ -303,7 +303,8 @@ Miscellaneous: # Parent descriptor install RUN update-alternatives --install /usr/bin/php php /usr/bin/php84 110 COPY --link --from=composer/composer:2-bin /composer /usr/bin/composer -ENV PATH="/root/.composer/vendor/bin:${PATH}" +ENV COMPOSER_HOME=/usr/local/composer +ENV PATH="/usr/local/composer/vendor/bin:${PATH}" # Linter install # renovate: datasource=packagist depName=vimeo/psalm ARG PHP_VIMEO_PSALM_VERSION=6.16.1 diff --git a/docs/descriptors/repository_devskim.md b/docs/descriptors/repository_devskim.md index b171557c119..db864f38884 100644 --- a/docs/descriptors/repository_devskim.md +++ b/docs/descriptors/repository_devskim.md @@ -134,9 +134,9 @@ devskim 1.0.70+d69541fde7 ```dockerfile # renovate: datasource=nuget depName=Microsoft.CST.DevSkim.CLI ARG REPOSITORY_DEVSKIM_VERSION=1.0.70 -RUN apk add --no-cache dotnet10-sdk -ENV PATH="${PATH}:/root/.dotnet/tools" -RUN dotnet tool install --allow-roll-forward --global Microsoft.CST.DevSkim.CLI --version ${REPOSITORY_DEVSKIM_VERSION} +RUN apk add --no-cache dotnet10-sdk && install -d /usr/local/dotnet-tools +ENV PATH="${PATH}:/usr/local/dotnet-tools" +RUN dotnet tool install --allow-roll-forward --tool-path /usr/local/dotnet-tools Microsoft.CST.DevSkim.CLI --version ${REPOSITORY_DEVSKIM_VERSION} ``` diff --git a/docs/descriptors/salesforce.md b/docs/descriptors/salesforce.md index 69cb009dcb2..d49f846efb4 100644 --- a/docs/descriptors/salesforce.md +++ b/docs/descriptors/salesforce.md @@ -45,6 +45,7 @@ ARG NPM_SALESFORCE_PLUGIN_PACKAGING_VERSION=2.28.6 ARG SFDX_HARDIS_VERSION=7.15.0 ENV JAVA_HOME=/usr/lib/jvm/java-21-openjdk ENV PATH="$JAVA_HOME/bin:${PATH}" +ENV XDG_DATA_HOME=/usr/local/share RUN sf plugins install @salesforce/plugin-packaging@${NPM_SALESFORCE_PLUGIN_PACKAGING_VERSION} \ && echo y|sf plugins install sfdx-hardis@${SFDX_HARDIS_VERSION} \ && (npm cache clean --force || true) \ diff --git a/docs/descriptors/salesforce_code_analyzer_apex.md b/docs/descriptors/salesforce_code_analyzer_apex.md index 5b90177ab54..9226b107f8b 100644 --- a/docs/descriptors/salesforce_code_analyzer_apex.md +++ b/docs/descriptors/salesforce_code_analyzer_apex.md @@ -493,6 +493,7 @@ ARG NPM_SALESFORCE_PLUGIN_PACKAGING_VERSION=2.28.6 ARG SFDX_HARDIS_VERSION=7.15.0 ENV JAVA_HOME=/usr/lib/jvm/java-21-openjdk ENV PATH="$JAVA_HOME/bin:${PATH}" +ENV XDG_DATA_HOME=/usr/local/share RUN sf plugins install @salesforce/plugin-packaging@${NPM_SALESFORCE_PLUGIN_PACKAGING_VERSION} \ && echo y|sf plugins install sfdx-hardis@${SFDX_HARDIS_VERSION} \ && (npm cache clean --force || true) \ diff --git a/docs/descriptors/salesforce_code_analyzer_aura.md b/docs/descriptors/salesforce_code_analyzer_aura.md index cff46efcb00..4ff3658c2f8 100644 --- a/docs/descriptors/salesforce_code_analyzer_aura.md +++ b/docs/descriptors/salesforce_code_analyzer_aura.md @@ -718,6 +718,7 @@ ARG NPM_SALESFORCE_PLUGIN_PACKAGING_VERSION=2.28.6 ARG SFDX_HARDIS_VERSION=7.15.0 ENV JAVA_HOME=/usr/lib/jvm/java-21-openjdk ENV PATH="$JAVA_HOME/bin:${PATH}" +ENV XDG_DATA_HOME=/usr/local/share RUN sf plugins install @salesforce/plugin-packaging@${NPM_SALESFORCE_PLUGIN_PACKAGING_VERSION} \ && echo y|sf plugins install sfdx-hardis@${SFDX_HARDIS_VERSION} \ && (npm cache clean --force || true) \ diff --git a/docs/descriptors/salesforce_code_analyzer_lwc.md b/docs/descriptors/salesforce_code_analyzer_lwc.md index cd7531bf3a7..2b38c2da2ec 100644 --- a/docs/descriptors/salesforce_code_analyzer_lwc.md +++ b/docs/descriptors/salesforce_code_analyzer_lwc.md @@ -247,6 +247,7 @@ ARG NPM_SALESFORCE_PLUGIN_PACKAGING_VERSION=2.28.6 ARG SFDX_HARDIS_VERSION=7.15.0 ENV JAVA_HOME=/usr/lib/jvm/java-21-openjdk ENV PATH="$JAVA_HOME/bin:${PATH}" +ENV XDG_DATA_HOME=/usr/local/share RUN sf plugins install @salesforce/plugin-packaging@${NPM_SALESFORCE_PLUGIN_PACKAGING_VERSION} \ && echo y|sf plugins install sfdx-hardis@${SFDX_HARDIS_VERSION} \ && (npm cache clean --force || true) \ diff --git a/docs/descriptors/salesforce_lightning_flow_scanner.md b/docs/descriptors/salesforce_lightning_flow_scanner.md index 840068b913b..eeab71d1bd4 100644 --- a/docs/descriptors/salesforce_lightning_flow_scanner.md +++ b/docs/descriptors/salesforce_lightning_flow_scanner.md @@ -144,6 +144,7 @@ ARG NPM_SALESFORCE_PLUGIN_PACKAGING_VERSION=2.28.6 ARG SFDX_HARDIS_VERSION=7.15.0 ENV JAVA_HOME=/usr/lib/jvm/java-21-openjdk ENV PATH="$JAVA_HOME/bin:${PATH}" +ENV XDG_DATA_HOME=/usr/local/share RUN sf plugins install @salesforce/plugin-packaging@${NPM_SALESFORCE_PLUGIN_PACKAGING_VERSION} \ && echo y|sf plugins install sfdx-hardis@${SFDX_HARDIS_VERSION} \ && (npm cache clean --force || true) \ diff --git a/docs/descriptors/salesforce_sfdx_scanner_apex.md b/docs/descriptors/salesforce_sfdx_scanner_apex.md index bc216d7b8b6..20bbec7f36d 100644 --- a/docs/descriptors/salesforce_sfdx_scanner_apex.md +++ b/docs/descriptors/salesforce_sfdx_scanner_apex.md @@ -405,6 +405,7 @@ ARG NPM_SALESFORCE_PLUGIN_PACKAGING_VERSION=2.28.6 ARG SFDX_HARDIS_VERSION=7.15.0 ENV JAVA_HOME=/usr/lib/jvm/java-21-openjdk ENV PATH="$JAVA_HOME/bin:${PATH}" +ENV XDG_DATA_HOME=/usr/local/share RUN sf plugins install @salesforce/plugin-packaging@${NPM_SALESFORCE_PLUGIN_PACKAGING_VERSION} \ && echo y|sf plugins install sfdx-hardis@${SFDX_HARDIS_VERSION} \ && (npm cache clean --force || true) \ diff --git a/docs/descriptors/salesforce_sfdx_scanner_aura.md b/docs/descriptors/salesforce_sfdx_scanner_aura.md index 99b52c8415f..07f4f455c60 100644 --- a/docs/descriptors/salesforce_sfdx_scanner_aura.md +++ b/docs/descriptors/salesforce_sfdx_scanner_aura.md @@ -402,6 +402,7 @@ ARG NPM_SALESFORCE_PLUGIN_PACKAGING_VERSION=2.28.6 ARG SFDX_HARDIS_VERSION=7.15.0 ENV JAVA_HOME=/usr/lib/jvm/java-21-openjdk ENV PATH="$JAVA_HOME/bin:${PATH}" +ENV XDG_DATA_HOME=/usr/local/share RUN sf plugins install @salesforce/plugin-packaging@${NPM_SALESFORCE_PLUGIN_PACKAGING_VERSION} \ && echo y|sf plugins install sfdx-hardis@${SFDX_HARDIS_VERSION} \ && (npm cache clean --force || true) \ diff --git a/docs/descriptors/salesforce_sfdx_scanner_lwc.md b/docs/descriptors/salesforce_sfdx_scanner_lwc.md index 0d29d26554e..7c3be098bf3 100644 --- a/docs/descriptors/salesforce_sfdx_scanner_lwc.md +++ b/docs/descriptors/salesforce_sfdx_scanner_lwc.md @@ -403,6 +403,7 @@ ARG NPM_SALESFORCE_PLUGIN_PACKAGING_VERSION=2.28.6 ARG SFDX_HARDIS_VERSION=7.15.0 ENV JAVA_HOME=/usr/lib/jvm/java-21-openjdk ENV PATH="$JAVA_HOME/bin:${PATH}" +ENV XDG_DATA_HOME=/usr/local/share RUN sf plugins install @salesforce/plugin-packaging@${NPM_SALESFORCE_PLUGIN_PACKAGING_VERSION} \ && echo y|sf plugins install sfdx-hardis@${SFDX_HARDIS_VERSION} \ && (npm cache clean --force || true) \ diff --git a/docs/descriptors/sql_tsqllint.md b/docs/descriptors/sql_tsqllint.md index baa9e402032..0c2e4850f66 100644 --- a/docs/descriptors/sql_tsqllint.md +++ b/docs/descriptors/sql_tsqllint.md @@ -123,9 +123,9 @@ tsqllint [options] [file.sql] | [dir] | [file.sql | dir] ```dockerfile # renovate: datasource=nuget depName=TSQLLint ARG SQL_TSQLLINT_VERSION=1.16.0 -RUN apk add --no-cache dotnet10-sdk -ENV PATH="${PATH}:/root/.dotnet/tools" -RUN dotnet tool install --allow-roll-forward --global TSQLLint --version ${SQL_TSQLLINT_VERSION} +RUN apk add --no-cache dotnet10-sdk && install -d /usr/local/dotnet-tools +ENV PATH="${PATH}:/usr/local/dotnet-tools" +RUN dotnet tool install --allow-roll-forward --tool-path /usr/local/dotnet-tools TSQLLint --version ${SQL_TSQLLINT_VERSION} ``` diff --git a/docs/descriptors/vbdotnet.md b/docs/descriptors/vbdotnet.md index 3ed1ecec086..1d7633871a6 100644 --- a/docs/descriptors/vbdotnet.md +++ b/docs/descriptors/vbdotnet.md @@ -34,7 +34,7 @@ description: dotnet-format is available to analyze VBDOTNET files in MegaLinter - Dockerfile commands : ```dockerfile -RUN apk add --no-cache dotnet10-sdk -ENV PATH="${PATH}:/root/.dotnet/tools" +RUN apk add --no-cache dotnet10-sdk && install -d /usr/local/dotnet-tools +ENV PATH="${PATH}:/usr/local/dotnet-tools" ``` diff --git a/docs/mega-linter-runner.md b/docs/mega-linter-runner.md index d1185a743d9..0b8fd6527b2 100644 --- a/docs/mega-linter-runner.md +++ b/docs/mega-linter-runner.md @@ -89,8 +89,10 @@ The options are only related to mega-linter-runner. For MegaLinter options, plea | `--container-engine` | Allows to specify a docker engine (`docker` or `podman`) | `docker` | | `--container-name` | Specify MegaLinter container name | | | `--remove-container` | Remove MegaLinter Docker container when done | | +| `--user-map` | Run the container as a non-root user. On POSIX systems this uses your user. On other hosts it uses `1000:1000`. This helps avoid root-owned generated files on the host. | | +| `--no-user-map` | Run the container as root | | | `-i`
`--install` | Generate [MegaLinter local configuration](https://megalinter.io/beta/install-assisted/) files and CI/CD workflows | | -| `-i`
`--upgrade` | Upgrade your MegaLinter configuration files to use the latest version | | +| `-u`
`--upgrade` | Upgrade your MegaLinter configuration files to use the latest version | | | `--custom-flavor-setup` | Initialize a new repository to generate a [custom flavor](https://megalinter.io/beta/custom-flavors/) | | | `--custom-flavor-linters` | Comma-separated list of linter keys if using `--custom-flavor-setup` | | @@ -108,6 +110,11 @@ mega-linter-runner mega-linter-runner -p myFolder --fix ``` +```shell +# Run the container as your current non-root user on POSIX hosts +mega-linter-runner --user-map +``` + ```shell # Send environment variables mega-linter-runner -r beta -e "'ENABLE=MARKDOWN,YAML'" -e 'SHOW_ELAPSED_TIME=true' diff --git a/entrypoint.sh b/entrypoint.sh index 154bb626fb9..ceee7b6e4cb 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -6,6 +6,12 @@ export PYTHONPATH # Manage debug mode LOG_LEVEL="${LOG_LEVEL:-INFO}" # Default log level (VERBOSE, DEBUG, TRACE) +MEGALINTER_RUNTIME_UID="${MEGALINTER_UID:-}" +MEGALINTER_RUNTIME_GID="${MEGALINTER_GID:-}" +if [ "$(id -u)" -eq 0 ] && [ -n "${MEGALINTER_RUNTIME_UID}" ] && [ -n "${MEGALINTER_RUNTIME_GID}" ] && [ "${MEGALINTER_USER_SWITCHED:-false}" != "true" ]; then + exec /usr/bin/setup-runtime-user "$@" +fi + # Manage newest git versions (related to CVE https://github.blog/2022-04-12-git-security-vulnerability-announced/) # if [[ "${WORKSPACE_AS_SAFE_DIR}" != 'false' && "${DEFAULT_WORKSPACE}" && -d "${DEFAULT_WORKSPACE}" ]]; then @@ -106,7 +112,8 @@ else if [ "${MEGALINTER_SSH}" == "true" ]; then # MegaLinter SSH server set -eu - SSH_VOLUME_FOLDER=/root/docker_ssh + SSH_VOLUME_FOLDER=/tmp/docker_ssh + ML_ENV_VARS=/tmp/ml-env-vars if [ -d "$SSH_VOLUME_FOLDER" ]; then # SSH key copy from local volume echo "Docker ssh folder content:" @@ -116,18 +123,38 @@ else touch ~/.ssh/authorized_keys chmod 600 ~/.ssh/authorized_keys cat $SSH_VOLUME_FOLDER/id_rsa.pub >>~/.ssh/authorized_keys - chmod 644 /root/.ssh/authorized_keys + chmod 644 ~/.ssh/authorized_keys + fi + # SSH startup + echo "[MegaLinter init] SSH" + export -p >"${ML_ENV_VARS}" # save all environment variables configured during Dockerfile creation + if [ "$(id -u)" -eq 0 ]; then mkdir -p /var/run/sshd ssh-keygen -A sed -i s/^#PasswordAuthentication\ yes/PasswordAuthentication\ no/ /etc/ssh/sshd_config sed -i s/^#PermitRootLogin\ prohibit-password/PermitRootLogin\ yes/ /etc/ssh/sshd_config sed -i s/^#PermitUserEnvironment\ no/PermitUserEnvironment\ yes/ /etc/ssh/sshd_config echo "root:root" | chpasswd + /usr/sbin/sshd -D + else + SSH_PORT=2222 + SSH_RUNTIME_DIR=/tmp/megalinter-sshd + SSH_HOST_KEY="${SSH_RUNTIME_DIR}/ssh_host_ed25519_key" + mkdir -p "${SSH_RUNTIME_DIR}" + if [ ! -f "${SSH_HOST_KEY}" ]; then + ssh-keygen -t ed25519 -f "${SSH_HOST_KEY}" -N '' + fi + /usr/sbin/sshd -D \ + -o "Port ${SSH_PORT}" \ + -o "HostKey ${SSH_HOST_KEY}" \ + -o "AuthorizedKeysFile ${HOME}/.ssh/authorized_keys" \ + -o "PasswordAuthentication no" \ + -o "PermitRootLogin no" \ + -o "PermitUserEnvironment yes" \ + -o "UsePAM no" \ + -o "PidFile ${SSH_RUNTIME_DIR}/sshd.pid" \ + -o "Subsystem sftp internal-sftp" fi - # SSH startup - echo "[MegaLinter init] SSH" - export -p >/var/ml-env-vars # save all environment variables configured during Dockerfile creation - /usr/sbin/sshd -D else # Normal (run megalinter) echo "[MegaLinter init] ONE-SHOT RUN" diff --git a/flavors/c_cpp/Dockerfile b/flavors/c_cpp/Dockerfile index f2c96ecda3d..94892e33341 100644 --- a/flavors/c_cpp/Dockerfile +++ b/flavors/c_cpp/Dockerfile @@ -398,7 +398,8 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ NODE_ENV=production #NPM__START WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ +RUN npm config set prefix /usr/local \ + && npm --no-cache install --ignore-scripts --omit=dev \ jscpd@${NPM_JSCPD_VERSION} \ stylelint@${NPM_STYLELINT_VERSION} \ stylelint-config-standard@${NPM_STYLELINT_CONFIG_STANDARD_VERSION} \ @@ -615,6 +616,8 @@ LABEL com.github.actions.name="MegaLinter" \ #EXTRA_DOCKERFILE_LINES__START COPY entrypoint.sh /entrypoint.sh -RUN chmod +x entrypoint.sh +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user +RUN chmod +x entrypoint.sh && \ + chmod u+x /usr/bin/setup-runtime-user ENTRYPOINT ["/bin/bash", "/entrypoint.sh"] #EXTRA_DOCKERFILE_LINES__END diff --git a/flavors/ci_light/Dockerfile b/flavors/ci_light/Dockerfile index 4e4312a260c..5d83c027f34 100644 --- a/flavors/ci_light/Dockerfile +++ b/flavors/ci_light/Dockerfile @@ -244,7 +244,8 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ NODE_ENV=production #NPM__START WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ +RUN npm config set prefix /usr/local \ + && npm --no-cache install --ignore-scripts --omit=dev \ jscpd@${NPM_JSCPD_VERSION} \ npm-groovy-lint@${NPM_GROOVY_LINT_VERSION} \ @prantlf/jsonlint@${NPM_PRANTLF_JSONLINT_VERSION} \ @@ -384,6 +385,8 @@ LABEL com.github.actions.name="MegaLinter" \ #EXTRA_DOCKERFILE_LINES__START COPY entrypoint.sh /entrypoint.sh -RUN chmod +x entrypoint.sh +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user +RUN chmod +x entrypoint.sh && \ + chmod u+x /usr/bin/setup-runtime-user ENTRYPOINT ["/bin/bash", "/entrypoint.sh"] #EXTRA_DOCKERFILE_LINES__END diff --git a/flavors/cupcake/Dockerfile b/flavors/cupcake/Dockerfile index bfc91dd3a8c..1c1f3066f42 100644 --- a/flavors/cupcake/Dockerfile +++ b/flavors/cupcake/Dockerfile @@ -426,12 +426,18 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ ############################################################################################# #CARGO__START -RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain ${RUST_RUST_VERSION} \ - && export PATH="/root/.cargo/bin:/root/.cargo/env:${PATH}" \ +RUN export RUSTUP_HOME=/usr/local/rustup CARGO_HOME=/usr/local/cargo \ + && curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain ${RUST_RUST_VERSION} --no-modify-path \ + && export PATH="${CARGO_HOME}/bin:${PATH}" \ && rustup default stable \ && rustup component add clippy \ - && rm -rf /root/.cargo/registry /root/.cargo/git /root/.cache/sccache -ENV PATH="/root/.cargo/bin:/root/.cargo/env:${PATH}" + && for bin in "${CARGO_HOME}"/bin/*; do \ + ln -sf "$bin" /usr/local/bin/"$(basename "$bin")"; \ + done \ + && rm -rf "${CARGO_HOME}/registry" "${CARGO_HOME}/git" /root/.cache/sccache +ENV RUSTUP_HOME=/usr/local/rustup +ENV CARGO_HOME=/usr/local/cargo +ENV PATH="/usr/local/cargo/bin:${PATH}" #CARGO__END ############################## @@ -600,7 +606,8 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ NODE_ENV=production #NPM__START WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ +RUN npm config set prefix /usr/local \ + && npm --no-cache install --ignore-scripts --omit=dev \ typescript@${NPM_TYPESCRIPT_VERSION} \ jscpd@${NPM_JSCPD_VERSION} \ stylelint@${NPM_STYLELINT_VERSION} \ @@ -672,7 +679,8 @@ ENV PATH="$JAVA_HOME/bin:${PATH}" # PHP installation RUN update-alternatives --install /usr/bin/php php /usr/bin/php84 110 # Managed with COPY --link --from=composer/composer:2-bin /composer /usr/bin/composer -ENV PATH="/root/.composer/vendor/bin:${PATH}" +ENV COMPOSER_HOME=/usr/local/composer +ENV PATH="/usr/local/composer/vendor/bin:${PATH}" # TYPESCRIPT installation # actionlint installation # Managed with COPY --link --from=actionlint /usr/local/bin/actionlint /usr/bin/actionlint @@ -917,6 +925,8 @@ LABEL com.github.actions.name="MegaLinter" \ #EXTRA_DOCKERFILE_LINES__START COPY entrypoint.sh /entrypoint.sh -RUN chmod +x entrypoint.sh +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user +RUN chmod +x entrypoint.sh && \ + chmod u+x /usr/bin/setup-runtime-user ENTRYPOINT ["/bin/bash", "/entrypoint.sh"] #EXTRA_DOCKERFILE_LINES__END diff --git a/flavors/documentation/Dockerfile b/flavors/documentation/Dockerfile index e5f1e3e0a18..77abc8c3cb5 100644 --- a/flavors/documentation/Dockerfile +++ b/flavors/documentation/Dockerfile @@ -390,7 +390,8 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ NODE_ENV=production #NPM__START WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ +RUN npm config set prefix /usr/local \ + && npm --no-cache install --ignore-scripts --omit=dev \ jscpd@${NPM_JSCPD_VERSION} \ stylelint@${NPM_STYLELINT_VERSION} \ stylelint-config-standard@${NPM_STYLELINT_CONFIG_STANDARD_VERSION} \ @@ -603,6 +604,8 @@ LABEL com.github.actions.name="MegaLinter" \ #EXTRA_DOCKERFILE_LINES__START COPY entrypoint.sh /entrypoint.sh -RUN chmod +x entrypoint.sh +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user +RUN chmod +x entrypoint.sh && \ + chmod u+x /usr/bin/setup-runtime-user ENTRYPOINT ["/bin/bash", "/entrypoint.sh"] #EXTRA_DOCKERFILE_LINES__END diff --git a/flavors/dotnet/Dockerfile b/flavors/dotnet/Dockerfile index b89cd6ff408..b86a302d1f9 100644 --- a/flavors/dotnet/Dockerfile +++ b/flavors/dotnet/Dockerfile @@ -424,7 +424,8 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ NODE_ENV=production #NPM__START WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ +RUN npm config set prefix /usr/local \ + && npm --no-cache install --ignore-scripts --omit=dev \ jscpd@${NPM_JSCPD_VERSION} \ stylelint@${NPM_STYLELINT_VERSION} \ stylelint-config-standard@${NPM_STYLELINT_CONFIG_STANDARD_VERSION} \ @@ -476,8 +477,8 @@ esac \ && chmod +x /opt/microsoft/powershell/7/pwsh \ && ln -s /opt/microsoft/powershell/7/pwsh /usr/bin/pwsh \ # CSHARP installation - && apk add --no-cache dotnet10-sdk -ENV PATH="${PATH}:/root/.dotnet/tools" + && apk add --no-cache dotnet10-sdk && install -d /usr/local/dotnet-tools +ENV PATH="${PATH}:/usr/local/dotnet-tools" # KOTLIN installation ENV JAVA_HOME=/usr/lib/jvm/java-21-openjdk ENV PATH="$JAVA_HOME/bin:${PATH}" @@ -494,9 +495,9 @@ ENV PATH="$JAVA_HOME/bin:${PATH}" # && ln -s /opt/microsoft/powershell/7/pwsh /usr/bin/pwsh # VBDOTNET installation # Next line commented because already managed by another linter -# RUN apk add --no-cache dotnet10-sdk +# RUN apk add --no-cache dotnet10-sdk && install -d /usr/local/dotnet-tools # Next line commented because already managed by another linter -# ENV PATH="${PATH}:/root/.dotnet/tools" +# ENV PATH="${PATH}:/usr/local/dotnet-tools" # actionlint installation # Managed with COPY --link --from=actionlint /usr/local/bin/actionlint /usr/bin/actionlint # # shellcheck is a dependency for actionlint @@ -532,9 +533,9 @@ esac \ # jscpd installation # cpplint installation # csharpier installation - && dotnet tool install --allow-roll-forward --global csharpier --version "${CSHARP_CSHARPIER_VERSION}" \ + && dotnet tool install --allow-roll-forward --tool-path /usr/local/dotnet-tools csharpier --version "${CSHARP_CSHARPIER_VERSION}" \ # roslynator installation - && dotnet tool install --allow-roll-forward --global roslynator.dotnet.cli --version "${CSHARP_ROSLYNATOR_VERSION}" \ + && dotnet tool install --allow-roll-forward --tool-path /usr/local/dotnet-tools roslynator.dotnet.cli --version "${CSHARP_ROSLYNATOR_VERSION}" \ # stylelint installation # hadolint installation # Managed with COPY --link --from=hadolint /bin/hadolint /usr/bin/hadolint @@ -636,10 +637,10 @@ RUN curl --retry 5 --retry-delay 5 -sSLO https://github.com/pinterest/ktlint/rel # sqlfluff installation # tsqllint installation # Next line commented because already managed by another linter -# RUN apk add --no-cache dotnet10-sdk +# RUN apk add --no-cache dotnet10-sdk && install -d /usr/local/dotnet-tools # Next line commented because already managed by another linter -# ENV PATH="${PATH}:/root/.dotnet/tools" - && dotnet tool install --allow-roll-forward --global TSQLLint --version ${SQL_TSQLLINT_VERSION} +# ENV PATH="${PATH}:/usr/local/dotnet-tools" + && dotnet tool install --allow-roll-forward --tool-path /usr/local/dotnet-tools TSQLLint --version ${SQL_TSQLLINT_VERSION} # tekton-lint installation # prettier installation # yamllint installation @@ -702,6 +703,8 @@ LABEL com.github.actions.name="MegaLinter" \ #EXTRA_DOCKERFILE_LINES__START COPY entrypoint.sh /entrypoint.sh -RUN chmod +x entrypoint.sh +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user +RUN chmod +x entrypoint.sh && \ + chmod u+x /usr/bin/setup-runtime-user ENTRYPOINT ["/bin/bash", "/entrypoint.sh"] #EXTRA_DOCKERFILE_LINES__END diff --git a/flavors/dotnetweb/Dockerfile b/flavors/dotnetweb/Dockerfile index 11d5990636d..06afb211bda 100644 --- a/flavors/dotnetweb/Dockerfile +++ b/flavors/dotnetweb/Dockerfile @@ -460,7 +460,8 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ NODE_ENV=production #NPM__START WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ +RUN npm config set prefix /usr/local \ + && npm --no-cache install --ignore-scripts --omit=dev \ typescript@${NPM_TYPESCRIPT_VERSION} \ @coffeelint/cli@${NPM_COFFEELINT_CLI_VERSION} \ jscpd@${NPM_JSCPD_VERSION} \ @@ -530,8 +531,8 @@ esac \ && chmod +x /opt/microsoft/powershell/7/pwsh \ && ln -s /opt/microsoft/powershell/7/pwsh /usr/bin/pwsh \ # CSHARP installation - && apk add --no-cache dotnet10-sdk -ENV PATH="${PATH}:/root/.dotnet/tools" + && apk add --no-cache dotnet10-sdk && install -d /usr/local/dotnet-tools +ENV PATH="${PATH}:/usr/local/dotnet-tools" # KOTLIN installation ENV JAVA_HOME=/usr/lib/jvm/java-21-openjdk ENV PATH="$JAVA_HOME/bin:${PATH}" @@ -549,9 +550,9 @@ ENV PATH="$JAVA_HOME/bin:${PATH}" # TYPESCRIPT installation # VBDOTNET installation # Next line commented because already managed by another linter -# RUN apk add --no-cache dotnet10-sdk +# RUN apk add --no-cache dotnet10-sdk && install -d /usr/local/dotnet-tools # Next line commented because already managed by another linter -# ENV PATH="${PATH}:/root/.dotnet/tools" +# ENV PATH="${PATH}:/usr/local/dotnet-tools" # actionlint installation # Managed with COPY --link --from=actionlint /usr/local/bin/actionlint /usr/bin/actionlint # # shellcheck is a dependency for actionlint @@ -588,9 +589,9 @@ esac \ # jscpd installation # cpplint installation # csharpier installation - && dotnet tool install --allow-roll-forward --global csharpier --version "${CSHARP_CSHARPIER_VERSION}" \ + && dotnet tool install --allow-roll-forward --tool-path /usr/local/dotnet-tools csharpier --version "${CSHARP_CSHARPIER_VERSION}" \ # roslynator installation - && dotnet tool install --allow-roll-forward --global roslynator.dotnet.cli --version "${CSHARP_ROSLYNATOR_VERSION}" \ + && dotnet tool install --allow-roll-forward --tool-path /usr/local/dotnet-tools roslynator.dotnet.cli --version "${CSHARP_ROSLYNATOR_VERSION}" \ # stylelint installation # hadolint installation # Managed with COPY --link --from=hadolint /bin/hadolint /usr/bin/hadolint @@ -696,10 +697,10 @@ RUN curl --retry 5 --retry-delay 5 -sSLO https://github.com/pinterest/ktlint/rel # sqlfluff installation # tsqllint installation # Next line commented because already managed by another linter -# RUN apk add --no-cache dotnet10-sdk +# RUN apk add --no-cache dotnet10-sdk && install -d /usr/local/dotnet-tools # Next line commented because already managed by another linter -# ENV PATH="${PATH}:/root/.dotnet/tools" - && dotnet tool install --allow-roll-forward --global TSQLLint --version ${SQL_TSQLLINT_VERSION} +# ENV PATH="${PATH}:/usr/local/dotnet-tools" + && dotnet tool install --allow-roll-forward --tool-path /usr/local/dotnet-tools TSQLLint --version ${SQL_TSQLLINT_VERSION} # tekton-lint installation # eslint installation # eslint installation @@ -766,6 +767,8 @@ LABEL com.github.actions.name="MegaLinter" \ #EXTRA_DOCKERFILE_LINES__START COPY entrypoint.sh /entrypoint.sh -RUN chmod +x entrypoint.sh +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user +RUN chmod +x entrypoint.sh && \ + chmod u+x /usr/bin/setup-runtime-user ENTRYPOINT ["/bin/bash", "/entrypoint.sh"] #EXTRA_DOCKERFILE_LINES__END diff --git a/flavors/formatters/Dockerfile b/flavors/formatters/Dockerfile index 66f2b9d07e7..1e04dc79fa2 100644 --- a/flavors/formatters/Dockerfile +++ b/flavors/formatters/Dockerfile @@ -234,7 +234,8 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ NODE_ENV=production #NPM__START WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ +RUN npm config set prefix /usr/local \ + && npm --no-cache install --ignore-scripts --omit=dev \ typescript@${NPM_TYPESCRIPT_VERSION} \ prettier@${NPM_PRETTIER_VERSION} \ markdownlint-cli@${NPM_MARKDOWNLINT_CLI_VERSION} \ @@ -258,8 +259,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ ############################################################################################# #OTHER__START # CSHARP installation -RUN apk add --no-cache dotnet10-sdk -ENV PATH="${PATH}:/root/.dotnet/tools" +RUN apk add --no-cache dotnet10-sdk && install -d /usr/local/dotnet-tools +ENV PATH="${PATH}:/usr/local/dotnet-tools" # POWERSHELL installation RUN case ${TARGETPLATFORM} in \ "linux/amd64") POWERSHELL_ARCH=musl-x64 ;; \ @@ -273,15 +274,15 @@ esac \ # TYPESCRIPT installation # VBDOTNET installation # Next line commented because already managed by another linter -# RUN apk add --no-cache dotnet10-sdk +# RUN apk add --no-cache dotnet10-sdk && install -d /usr/local/dotnet-tools # Next line commented because already managed by another linter -# ENV PATH="${PATH}:/root/.dotnet/tools" +# ENV PATH="${PATH}:/usr/local/dotnet-tools" # shfmt installation # Managed with COPY --link --from=shfmt /bin/shfmt /usr/bin/ # csharpier installation - && dotnet tool install --allow-roll-forward --global csharpier --version "${CSHARP_CSHARPIER_VERSION}" \ + && dotnet tool install --allow-roll-forward --tool-path /usr/local/dotnet-tools csharpier --version "${CSHARP_CSHARPIER_VERSION}" \ # roslynator installation - && dotnet tool install --allow-roll-forward --global roslynator.dotnet.cli --version "${CSHARP_ROSLYNATOR_VERSION}" \ + && dotnet tool install --allow-roll-forward --tool-path /usr/local/dotnet-tools roslynator.dotnet.cli --version "${CSHARP_ROSLYNATOR_VERSION}" \ # prettier installation # prettier installation # markdownlint installation @@ -356,6 +357,8 @@ LABEL com.github.actions.name="MegaLinter" \ #EXTRA_DOCKERFILE_LINES__START COPY entrypoint.sh /entrypoint.sh -RUN chmod +x entrypoint.sh +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user +RUN chmod +x entrypoint.sh && \ + chmod u+x /usr/bin/setup-runtime-user ENTRYPOINT ["/bin/bash", "/entrypoint.sh"] #EXTRA_DOCKERFILE_LINES__END diff --git a/flavors/go/Dockerfile b/flavors/go/Dockerfile index 349f9d6d4fe..559a647355b 100644 --- a/flavors/go/Dockerfile +++ b/flavors/go/Dockerfile @@ -407,7 +407,8 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ NODE_ENV=production #NPM__START WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ +RUN npm config set prefix /usr/local \ + && npm --no-cache install --ignore-scripts --omit=dev \ jscpd@${NPM_JSCPD_VERSION} \ stylelint@${NPM_STYLELINT_VERSION} \ stylelint-config-standard@${NPM_STYLELINT_CONFIG_STANDARD_VERSION} \ @@ -629,6 +630,8 @@ LABEL com.github.actions.name="MegaLinter" \ #EXTRA_DOCKERFILE_LINES__START COPY entrypoint.sh /entrypoint.sh -RUN chmod +x entrypoint.sh +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user +RUN chmod +x entrypoint.sh && \ + chmod u+x /usr/bin/setup-runtime-user ENTRYPOINT ["/bin/bash", "/entrypoint.sh"] #EXTRA_DOCKERFILE_LINES__END diff --git a/flavors/java/Dockerfile b/flavors/java/Dockerfile index 217894d4afc..e36e316d6cd 100644 --- a/flavors/java/Dockerfile +++ b/flavors/java/Dockerfile @@ -402,7 +402,8 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ NODE_ENV=production #NPM__START WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ +RUN npm config set prefix /usr/local \ + && npm --no-cache install --ignore-scripts --omit=dev \ jscpd@${NPM_JSCPD_VERSION} \ stylelint@${NPM_STYLELINT_VERSION} \ stylelint-config-standard@${NPM_STYLELINT_CONFIG_STANDARD_VERSION} \ @@ -640,6 +641,8 @@ LABEL com.github.actions.name="MegaLinter" \ #EXTRA_DOCKERFILE_LINES__START COPY entrypoint.sh /entrypoint.sh -RUN chmod +x entrypoint.sh +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user +RUN chmod +x entrypoint.sh && \ + chmod u+x /usr/bin/setup-runtime-user ENTRYPOINT ["/bin/bash", "/entrypoint.sh"] #EXTRA_DOCKERFILE_LINES__END diff --git a/flavors/javascript/Dockerfile b/flavors/javascript/Dockerfile index 25f60fa0d4d..b5436f5f28f 100644 --- a/flavors/javascript/Dockerfile +++ b/flavors/javascript/Dockerfile @@ -430,7 +430,8 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ NODE_ENV=production #NPM__START WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ +RUN npm config set prefix /usr/local \ + && npm --no-cache install --ignore-scripts --omit=dev \ typescript@${NPM_TYPESCRIPT_VERSION} \ @coffeelint/cli@${NPM_COFFEELINT_CLI_VERSION} \ jscpd@${NPM_JSCPD_VERSION} \ @@ -674,6 +675,8 @@ LABEL com.github.actions.name="MegaLinter" \ #EXTRA_DOCKERFILE_LINES__START COPY entrypoint.sh /entrypoint.sh -RUN chmod +x entrypoint.sh +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user +RUN chmod +x entrypoint.sh && \ + chmod u+x /usr/bin/setup-runtime-user ENTRYPOINT ["/bin/bash", "/entrypoint.sh"] #EXTRA_DOCKERFILE_LINES__END diff --git a/flavors/php/Dockerfile b/flavors/php/Dockerfile index d39a727461b..a954105faf6 100644 --- a/flavors/php/Dockerfile +++ b/flavors/php/Dockerfile @@ -420,7 +420,8 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ NODE_ENV=production #NPM__START WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ +RUN npm config set prefix /usr/local \ + && npm --no-cache install --ignore-scripts --omit=dev \ jscpd@${NPM_JSCPD_VERSION} \ stylelint@${NPM_STYLELINT_VERSION} \ stylelint-config-standard@${NPM_STYLELINT_CONFIG_STANDARD_VERSION} \ @@ -464,7 +465,8 @@ ENV PATH="$JAVA_HOME/bin:${PATH}" # PHP installation RUN update-alternatives --install /usr/bin/php php /usr/bin/php84 110 # Managed with COPY --link --from=composer/composer:2-bin /composer /usr/bin/composer -ENV PATH="/root/.composer/vendor/bin:${PATH}" +ENV COMPOSER_HOME=/usr/local/composer +ENV PATH="/usr/local/composer/vendor/bin:${PATH}" # actionlint installation # Managed with COPY --link --from=actionlint /usr/local/bin/actionlint /usr/bin/actionlint # # shellcheck is a dependency for actionlint @@ -651,6 +653,8 @@ LABEL com.github.actions.name="MegaLinter" \ #EXTRA_DOCKERFILE_LINES__START COPY entrypoint.sh /entrypoint.sh -RUN chmod +x entrypoint.sh +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user +RUN chmod +x entrypoint.sh && \ + chmod u+x /usr/bin/setup-runtime-user ENTRYPOINT ["/bin/bash", "/entrypoint.sh"] #EXTRA_DOCKERFILE_LINES__END diff --git a/flavors/python/Dockerfile b/flavors/python/Dockerfile index 8a3e39715b1..700d3852205 100644 --- a/flavors/python/Dockerfile +++ b/flavors/python/Dockerfile @@ -475,7 +475,8 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ NODE_ENV=production #NPM__START WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ +RUN npm config set prefix /usr/local \ + && npm --no-cache install --ignore-scripts --omit=dev \ jscpd@${NPM_JSCPD_VERSION} \ stylelint@${NPM_STYLELINT_VERSION} \ stylelint-config-standard@${NPM_STYLELINT_CONFIG_STANDARD_VERSION} \ @@ -707,6 +708,8 @@ LABEL com.github.actions.name="MegaLinter" \ #EXTRA_DOCKERFILE_LINES__START COPY entrypoint.sh /entrypoint.sh -RUN chmod +x entrypoint.sh +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user +RUN chmod +x entrypoint.sh && \ + chmod u+x /usr/bin/setup-runtime-user ENTRYPOINT ["/bin/bash", "/entrypoint.sh"] #EXTRA_DOCKERFILE_LINES__END diff --git a/flavors/ruby/Dockerfile b/flavors/ruby/Dockerfile index 337069d0029..cab2f77ba8f 100644 --- a/flavors/ruby/Dockerfile +++ b/flavors/ruby/Dockerfile @@ -413,7 +413,8 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ NODE_ENV=production #NPM__START WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ +RUN npm config set prefix /usr/local \ + && npm --no-cache install --ignore-scripts --omit=dev \ jscpd@${NPM_JSCPD_VERSION} \ stylelint@${NPM_STYLELINT_VERSION} \ stylelint-config-standard@${NPM_STYLELINT_CONFIG_STANDARD_VERSION} \ @@ -627,6 +628,8 @@ LABEL com.github.actions.name="MegaLinter" \ #EXTRA_DOCKERFILE_LINES__START COPY entrypoint.sh /entrypoint.sh -RUN chmod +x entrypoint.sh +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user +RUN chmod +x entrypoint.sh && \ + chmod u+x /usr/bin/setup-runtime-user ENTRYPOINT ["/bin/bash", "/entrypoint.sh"] #EXTRA_DOCKERFILE_LINES__END diff --git a/flavors/rust/Dockerfile b/flavors/rust/Dockerfile index e84636735e8..73ad1e0e3aa 100644 --- a/flavors/rust/Dockerfile +++ b/flavors/rust/Dockerfile @@ -282,12 +282,18 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ ############################################################################################# #CARGO__START -RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain ${RUST_RUST_VERSION} \ - && export PATH="/root/.cargo/bin:/root/.cargo/env:${PATH}" \ +RUN export RUSTUP_HOME=/usr/local/rustup CARGO_HOME=/usr/local/cargo \ + && curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain ${RUST_RUST_VERSION} --no-modify-path \ + && export PATH="${CARGO_HOME}/bin:${PATH}" \ && rustup default stable \ && rustup component add clippy \ - && rm -rf /root/.cargo/registry /root/.cargo/git /root/.cache/sccache -ENV PATH="/root/.cargo/bin:/root/.cargo/env:${PATH}" + && for bin in "${CARGO_HOME}"/bin/*; do \ + ln -sf "$bin" /usr/local/bin/"$(basename "$bin")"; \ + done \ + && rm -rf "${CARGO_HOME}/registry" "${CARGO_HOME}/git" /root/.cache/sccache +ENV RUSTUP_HOME=/usr/local/rustup +ENV CARGO_HOME=/usr/local/cargo +ENV PATH="/usr/local/cargo/bin:${PATH}" #CARGO__END ############################## @@ -397,7 +403,8 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ NODE_ENV=production #NPM__START WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ +RUN npm config set prefix /usr/local \ + && npm --no-cache install --ignore-scripts --omit=dev \ jscpd@${NPM_JSCPD_VERSION} \ stylelint@${NPM_STYLELINT_VERSION} \ stylelint-config-standard@${NPM_STYLELINT_CONFIG_STANDARD_VERSION} \ @@ -610,6 +617,8 @@ LABEL com.github.actions.name="MegaLinter" \ #EXTRA_DOCKERFILE_LINES__START COPY entrypoint.sh /entrypoint.sh -RUN chmod +x entrypoint.sh +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user +RUN chmod +x entrypoint.sh && \ + chmod u+x /usr/bin/setup-runtime-user ENTRYPOINT ["/bin/bash", "/entrypoint.sh"] #EXTRA_DOCKERFILE_LINES__END diff --git a/flavors/salesforce/Dockerfile b/flavors/salesforce/Dockerfile index da462e7bb91..2a9e8d06d83 100644 --- a/flavors/salesforce/Dockerfile +++ b/flavors/salesforce/Dockerfile @@ -403,7 +403,8 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ NODE_ENV=production #NPM__START WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ +RUN npm config set prefix /usr/local \ + && npm --no-cache install --ignore-scripts --omit=dev \ @salesforce/cli@${NPM_SALESFORCE_CLI_VERSION} \ jscpd@${NPM_JSCPD_VERSION} \ stylelint@${NPM_STYLELINT_VERSION} \ @@ -452,6 +453,7 @@ ENV PATH="$JAVA_HOME/bin:${PATH}" # ENV JAVA_HOME=/usr/lib/jvm/java-21-openjdk # Next line commented because already managed by another linter # ENV PATH="$JAVA_HOME/bin:${PATH}" +ENV XDG_DATA_HOME=/usr/local/share RUN sf plugins install @salesforce/plugin-packaging@${NPM_SALESFORCE_PLUGIN_PACKAGING_VERSION} \ && echo y|sf plugins install sfdx-hardis@${SFDX_HARDIS_VERSION} \ && (npm cache clean --force || true) \ @@ -643,6 +645,8 @@ LABEL com.github.actions.name="MegaLinter" \ #EXTRA_DOCKERFILE_LINES__START COPY entrypoint.sh /entrypoint.sh -RUN chmod +x entrypoint.sh +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user +RUN chmod +x entrypoint.sh && \ + chmod u+x /usr/bin/setup-runtime-user ENTRYPOINT ["/bin/bash", "/entrypoint.sh"] #EXTRA_DOCKERFILE_LINES__END diff --git a/flavors/security/Dockerfile b/flavors/security/Dockerfile index fc506305a0b..b5d95d120b2 100644 --- a/flavors/security/Dockerfile +++ b/flavors/security/Dockerfile @@ -284,7 +284,8 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ NODE_ENV=production #NPM__START WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ +RUN npm config set prefix /usr/local \ + && npm --no-cache install --ignore-scripts --omit=dev \ secretlint@${NPM_SECRETLINT_VERSION} \ @secretlint/secretlint-rule-preset-recommend@${NPM_SECRETLINT_SECRETLINT_RULE_PRESET_RECOMMEND_VERSION} \ @secretlint/secretlint-formatter-sarif@${NPM_SECRETLINT_SECRETLINT_FORMATTER_SARIF_VERSION} && \ @@ -332,9 +333,9 @@ RUN printf '#!/bin/bash \n\nif [[ -x "$1" ]]; then exit 0; else echo "Error: Fil # bandit installation # checkov installation # devskim installation - && apk add --no-cache dotnet10-sdk -ENV PATH="${PATH}:/root/.dotnet/tools" -RUN dotnet tool install --allow-roll-forward --global Microsoft.CST.DevSkim.CLI --version ${REPOSITORY_DEVSKIM_VERSION} \ + && apk add --no-cache dotnet10-sdk && install -d /usr/local/dotnet-tools +ENV PATH="${PATH}:/usr/local/dotnet-tools" +RUN dotnet tool install --allow-roll-forward --tool-path /usr/local/dotnet-tools Microsoft.CST.DevSkim.CLI --version ${REPOSITORY_DEVSKIM_VERSION} \ # dustilock installation # Managed with COPY --link --from=dustilock /usr/bin/dustilock /usr/bin/dustilock # gitleaks installation @@ -423,6 +424,8 @@ LABEL com.github.actions.name="MegaLinter" \ #EXTRA_DOCKERFILE_LINES__START COPY entrypoint.sh /entrypoint.sh -RUN chmod +x entrypoint.sh +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user +RUN chmod +x entrypoint.sh && \ + chmod u+x /usr/bin/setup-runtime-user ENTRYPOINT ["/bin/bash", "/entrypoint.sh"] #EXTRA_DOCKERFILE_LINES__END diff --git a/flavors/swift/Dockerfile b/flavors/swift/Dockerfile index 436345a2970..ba3769e1920 100644 --- a/flavors/swift/Dockerfile +++ b/flavors/swift/Dockerfile @@ -392,7 +392,8 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ NODE_ENV=production #NPM__START WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ +RUN npm config set prefix /usr/local \ + && npm --no-cache install --ignore-scripts --omit=dev \ jscpd@${NPM_JSCPD_VERSION} \ stylelint@${NPM_STYLELINT_VERSION} \ stylelint-config-standard@${NPM_STYLELINT_CONFIG_STANDARD_VERSION} \ @@ -609,6 +610,8 @@ LABEL com.github.actions.name="MegaLinter" \ #EXTRA_DOCKERFILE_LINES__START COPY entrypoint.sh /entrypoint.sh -RUN chmod +x entrypoint.sh +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user +RUN chmod +x entrypoint.sh && \ + chmod u+x /usr/bin/setup-runtime-user ENTRYPOINT ["/bin/bash", "/entrypoint.sh"] #EXTRA_DOCKERFILE_LINES__END diff --git a/flavors/terraform/Dockerfile b/flavors/terraform/Dockerfile index fbaa1518d08..69fb08f4943 100644 --- a/flavors/terraform/Dockerfile +++ b/flavors/terraform/Dockerfile @@ -408,7 +408,8 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ NODE_ENV=production #NPM__START WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ +RUN npm config set prefix /usr/local \ + && npm --no-cache install --ignore-scripts --omit=dev \ jscpd@${NPM_JSCPD_VERSION} \ stylelint@${NPM_STYLELINT_VERSION} \ stylelint-config-standard@${NPM_STYLELINT_CONFIG_STANDARD_VERSION} \ @@ -629,6 +630,8 @@ LABEL com.github.actions.name="MegaLinter" \ #EXTRA_DOCKERFILE_LINES__START COPY entrypoint.sh /entrypoint.sh -RUN chmod +x entrypoint.sh +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user +RUN chmod +x entrypoint.sh && \ + chmod u+x /usr/bin/setup-runtime-user ENTRYPOINT ["/bin/bash", "/entrypoint.sh"] #EXTRA_DOCKERFILE_LINES__END diff --git a/linters/action_actionlint/Dockerfile b/linters/action_actionlint/Dockerfile index 82954ccda69..93c9617f089 100644 --- a/linters/action_actionlint/Dockerfile +++ b/linters/action_actionlint/Dockerfile @@ -240,15 +240,17 @@ ENV ENABLE_LINTERS=ACTION_ACTIONLINT \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/action_zizmor/Dockerfile b/linters/action_zizmor/Dockerfile index e2abeecdfef..4048f36943b 100644 --- a/linters/action_zizmor/Dockerfile +++ b/linters/action_zizmor/Dockerfile @@ -236,15 +236,17 @@ ENV ENABLE_LINTERS=ACTION_ZIZMOR \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/ansible_ansible_lint/Dockerfile b/linters/ansible_ansible_lint/Dockerfile index eaac6873e6f..5862efbbd69 100644 --- a/linters/ansible_ansible_lint/Dockerfile +++ b/linters/ansible_ansible_lint/Dockerfile @@ -239,15 +239,17 @@ ENV ENABLE_LINTERS=ANSIBLE_ANSIBLE_LINT \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/arm_arm_ttk/Dockerfile b/linters/arm_arm_ttk/Dockerfile index f37bab4b902..6b56dd7ae17 100644 --- a/linters/arm_arm_ttk/Dockerfile +++ b/linters/arm_arm_ttk/Dockerfile @@ -251,15 +251,17 @@ ENV ENABLE_LINTERS=ARM_ARM_TTK \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/bash_exec/Dockerfile b/linters/bash_exec/Dockerfile index fdce65dbdd5..c3ce7483d1f 100644 --- a/linters/bash_exec/Dockerfile +++ b/linters/bash_exec/Dockerfile @@ -229,15 +229,17 @@ ENV ENABLE_LINTERS=BASH_EXEC \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/bash_shellcheck/Dockerfile b/linters/bash_shellcheck/Dockerfile index f820cc90537..e937dff5f4e 100644 --- a/linters/bash_shellcheck/Dockerfile +++ b/linters/bash_shellcheck/Dockerfile @@ -241,15 +241,17 @@ ENV ENABLE_LINTERS=BASH_SHELLCHECK \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/bash_shfmt/Dockerfile b/linters/bash_shfmt/Dockerfile index 0657eaf1025..5970cf287bf 100644 --- a/linters/bash_shfmt/Dockerfile +++ b/linters/bash_shfmt/Dockerfile @@ -230,15 +230,17 @@ ENV ENABLE_LINTERS=BASH_SHFMT \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/bicep_bicep_linter/Dockerfile b/linters/bicep_bicep_linter/Dockerfile index 8ae99561bf6..16915f35229 100644 --- a/linters/bicep_bicep_linter/Dockerfile +++ b/linters/bicep_bicep_linter/Dockerfile @@ -239,15 +239,17 @@ ENV ENABLE_LINTERS=BICEP_BICEP_LINTER \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/c_clang_format/Dockerfile b/linters/c_clang_format/Dockerfile index 34e30f3db03..0a07d6cc06c 100644 --- a/linters/c_clang_format/Dockerfile +++ b/linters/c_clang_format/Dockerfile @@ -227,15 +227,17 @@ ENV ENABLE_LINTERS=C_CLANG_FORMAT \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/c_cppcheck/Dockerfile b/linters/c_cppcheck/Dockerfile index af84a4933f0..9fc157e8d0f 100644 --- a/linters/c_cppcheck/Dockerfile +++ b/linters/c_cppcheck/Dockerfile @@ -227,15 +227,17 @@ ENV ENABLE_LINTERS=C_CPPCHECK \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/c_cpplint/Dockerfile b/linters/c_cpplint/Dockerfile index d74ab831de3..8a77396581d 100644 --- a/linters/c_cpplint/Dockerfile +++ b/linters/c_cpplint/Dockerfile @@ -239,15 +239,17 @@ ENV ENABLE_LINTERS=C_CPPLINT \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/clojure_clj_kondo/Dockerfile b/linters/clojure_clj_kondo/Dockerfile index abc01517980..48af61bd1a6 100644 --- a/linters/clojure_clj_kondo/Dockerfile +++ b/linters/clojure_clj_kondo/Dockerfile @@ -233,15 +233,17 @@ ENV ENABLE_LINTERS=CLOJURE_CLJ_KONDO \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/clojure_cljstyle/Dockerfile b/linters/clojure_cljstyle/Dockerfile index 0f3a7afbcdc..e93bc1d1b40 100644 --- a/linters/clojure_cljstyle/Dockerfile +++ b/linters/clojure_cljstyle/Dockerfile @@ -232,15 +232,17 @@ ENV ENABLE_LINTERS=CLOJURE_CLJSTYLE \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/cloudformation_cfn_lint/Dockerfile b/linters/cloudformation_cfn_lint/Dockerfile index 0ba3c0dc12c..840812b9c26 100644 --- a/linters/cloudformation_cfn_lint/Dockerfile +++ b/linters/cloudformation_cfn_lint/Dockerfile @@ -239,15 +239,17 @@ ENV ENABLE_LINTERS=CLOUDFORMATION_CFN_LINT \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/coffee_coffeelint/Dockerfile b/linters/coffee_coffeelint/Dockerfile index c02ea1ee16a..82d4dc46046 100644 --- a/linters/coffee_coffeelint/Dockerfile +++ b/linters/coffee_coffeelint/Dockerfile @@ -148,7 +148,8 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ NODE_ENV=production #NPM__START WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ +RUN npm config set prefix /usr/local \ + && npm --no-cache install --ignore-scripts --omit=dev \ @coffeelint/cli@${NPM_COFFEELINT_CLI_VERSION} && \ echo "Cleaning npm cache…" \ && (npm cache clean --force || true) \ @@ -241,15 +242,17 @@ ENV ENABLE_LINTERS=COFFEE_COFFEELINT \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/copypaste_jscpd/Dockerfile b/linters/copypaste_jscpd/Dockerfile index 7f85dda1100..b34ab6052e5 100644 --- a/linters/copypaste_jscpd/Dockerfile +++ b/linters/copypaste_jscpd/Dockerfile @@ -148,7 +148,8 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ NODE_ENV=production #NPM__START WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ +RUN npm config set prefix /usr/local \ + && npm --no-cache install --ignore-scripts --omit=dev \ jscpd@${NPM_JSCPD_VERSION} && \ echo "Cleaning npm cache…" \ && (npm cache clean --force || true) \ @@ -241,15 +242,17 @@ ENV ENABLE_LINTERS=COPYPASTE_JSCPD \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/cpp_clang_format/Dockerfile b/linters/cpp_clang_format/Dockerfile index be58ae3f454..a9b58248158 100644 --- a/linters/cpp_clang_format/Dockerfile +++ b/linters/cpp_clang_format/Dockerfile @@ -227,15 +227,17 @@ ENV ENABLE_LINTERS=CPP_CLANG_FORMAT \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/cpp_cppcheck/Dockerfile b/linters/cpp_cppcheck/Dockerfile index 5610b7f6250..27cca8e668c 100644 --- a/linters/cpp_cppcheck/Dockerfile +++ b/linters/cpp_cppcheck/Dockerfile @@ -227,15 +227,17 @@ ENV ENABLE_LINTERS=CPP_CPPCHECK \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/cpp_cpplint/Dockerfile b/linters/cpp_cpplint/Dockerfile index 3dbdcfa4004..c1595d1e02f 100644 --- a/linters/cpp_cpplint/Dockerfile +++ b/linters/cpp_cpplint/Dockerfile @@ -239,15 +239,17 @@ ENV ENABLE_LINTERS=CPP_CPPLINT \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/csharp_csharpier/Dockerfile b/linters/csharp_csharpier/Dockerfile index d063506f7f0..d92ec41db33 100644 --- a/linters/csharp_csharpier/Dockerfile +++ b/linters/csharp_csharpier/Dockerfile @@ -156,10 +156,10 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ ############################################################################################# #OTHER__START # CSHARP installation -RUN apk add --no-cache dotnet10-sdk -ENV PATH="${PATH}:/root/.dotnet/tools" +RUN apk add --no-cache dotnet10-sdk && install -d /usr/local/dotnet-tools +ENV PATH="${PATH}:/usr/local/dotnet-tools" # csharpier installation -RUN dotnet tool install --allow-roll-forward --global csharpier --version "${CSHARP_CSHARPIER_VERSION}" +RUN dotnet tool install --allow-roll-forward --tool-path /usr/local/dotnet-tools csharpier --version "${CSHARP_CSHARPIER_VERSION}" #OTHER__END ################################ @@ -232,15 +232,17 @@ ENV ENABLE_LINTERS=CSHARP_CSHARPIER \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/csharp_dotnet_format/Dockerfile b/linters/csharp_dotnet_format/Dockerfile index 98ffcce5323..c4ac673be2d 100644 --- a/linters/csharp_dotnet_format/Dockerfile +++ b/linters/csharp_dotnet_format/Dockerfile @@ -154,8 +154,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ ############################################################################################# #OTHER__START # CSHARP installation -RUN apk add --no-cache dotnet10-sdk -ENV PATH="${PATH}:/root/.dotnet/tools" +RUN apk add --no-cache dotnet10-sdk && install -d /usr/local/dotnet-tools +ENV PATH="${PATH}:/usr/local/dotnet-tools" #OTHER__END ################################ @@ -228,15 +228,17 @@ ENV ENABLE_LINTERS=CSHARP_DOTNET_FORMAT \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/csharp_roslynator/Dockerfile b/linters/csharp_roslynator/Dockerfile index f0ef48d0fa9..0223c7f425e 100644 --- a/linters/csharp_roslynator/Dockerfile +++ b/linters/csharp_roslynator/Dockerfile @@ -156,10 +156,10 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ ############################################################################################# #OTHER__START # CSHARP installation -RUN apk add --no-cache dotnet10-sdk -ENV PATH="${PATH}:/root/.dotnet/tools" +RUN apk add --no-cache dotnet10-sdk && install -d /usr/local/dotnet-tools +ENV PATH="${PATH}:/usr/local/dotnet-tools" # roslynator installation -RUN dotnet tool install --allow-roll-forward --global roslynator.dotnet.cli --version "${CSHARP_ROSLYNATOR_VERSION}" +RUN dotnet tool install --allow-roll-forward --tool-path /usr/local/dotnet-tools roslynator.dotnet.cli --version "${CSHARP_ROSLYNATOR_VERSION}" #OTHER__END ################################ @@ -232,15 +232,17 @@ ENV ENABLE_LINTERS=CSHARP_ROSLYNATOR \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/css_stylelint/Dockerfile b/linters/css_stylelint/Dockerfile index e58142990e3..f3b97f0a9d5 100644 --- a/linters/css_stylelint/Dockerfile +++ b/linters/css_stylelint/Dockerfile @@ -167,7 +167,8 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ NODE_ENV=production #NPM__START WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ +RUN npm config set prefix /usr/local \ + && npm --no-cache install --ignore-scripts --omit=dev \ stylelint@${NPM_STYLELINT_VERSION} \ stylelint-config-standard@${NPM_STYLELINT_CONFIG_STANDARD_VERSION} \ stylelint-config-sass-guidelines@${NPM_STYLELINT_CONFIG_SASS_GUIDELINES_VERSION} \ @@ -263,15 +264,17 @@ ENV ENABLE_LINTERS=CSS_STYLELINT \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/dart_dartanalyzer/Dockerfile b/linters/dart_dartanalyzer/Dockerfile index 421e849815c..f823446444e 100644 --- a/linters/dart_dartanalyzer/Dockerfile +++ b/linters/dart_dartanalyzer/Dockerfile @@ -282,15 +282,17 @@ ENV ENABLE_LINTERS=DART_DARTANALYZER \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/dockerfile_hadolint/Dockerfile b/linters/dockerfile_hadolint/Dockerfile index 2b2cb89a801..251b3ebef1a 100644 --- a/linters/dockerfile_hadolint/Dockerfile +++ b/linters/dockerfile_hadolint/Dockerfile @@ -230,15 +230,17 @@ ENV ENABLE_LINTERS=DOCKERFILE_HADOLINT \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/editorconfig_editorconfig_checker/Dockerfile b/linters/editorconfig_editorconfig_checker/Dockerfile index 305a1346c4b..5f9398f5f1e 100644 --- a/linters/editorconfig_editorconfig_checker/Dockerfile +++ b/linters/editorconfig_editorconfig_checker/Dockerfile @@ -230,15 +230,17 @@ ENV ENABLE_LINTERS=EDITORCONFIG_EDITORCONFIG_CHECKER \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/env_dotenv_linter/Dockerfile b/linters/env_dotenv_linter/Dockerfile index 4792de33f20..2d57233a983 100644 --- a/linters/env_dotenv_linter/Dockerfile +++ b/linters/env_dotenv_linter/Dockerfile @@ -237,15 +237,17 @@ ENV ENABLE_LINTERS=ENV_DOTENV_LINTER \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/gherkin_gherkin_lint/Dockerfile b/linters/gherkin_gherkin_lint/Dockerfile index e08d43deebc..972a8cdaf3d 100644 --- a/linters/gherkin_gherkin_lint/Dockerfile +++ b/linters/gherkin_gherkin_lint/Dockerfile @@ -148,7 +148,8 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ NODE_ENV=production #NPM__START WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ +RUN npm config set prefix /usr/local \ + && npm --no-cache install --ignore-scripts --omit=dev \ gherkin-lint@${NPM_GHERKIN_LINT_VERSION} && \ echo "Cleaning npm cache…" \ && (npm cache clean --force || true) \ @@ -241,15 +242,17 @@ ENV ENABLE_LINTERS=GHERKIN_GHERKIN_LINT \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/go_golangci_lint/Dockerfile b/linters/go_golangci_lint/Dockerfile index c27fd63719b..79cbf06033d 100644 --- a/linters/go_golangci_lint/Dockerfile +++ b/linters/go_golangci_lint/Dockerfile @@ -236,15 +236,17 @@ ENV ENABLE_LINTERS=GO_GOLANGCI_LINT \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/go_revive/Dockerfile b/linters/go_revive/Dockerfile index c7f72b54cea..e8aa5f03a7d 100644 --- a/linters/go_revive/Dockerfile +++ b/linters/go_revive/Dockerfile @@ -243,15 +243,17 @@ ENV ENABLE_LINTERS=GO_REVIVE \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/graphql_graphql_schema_linter/Dockerfile b/linters/graphql_graphql_schema_linter/Dockerfile index 4256c7c44b4..89c83b2be55 100644 --- a/linters/graphql_graphql_schema_linter/Dockerfile +++ b/linters/graphql_graphql_schema_linter/Dockerfile @@ -150,7 +150,8 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ NODE_ENV=production #NPM__START WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ +RUN npm config set prefix /usr/local \ + && npm --no-cache install --ignore-scripts --omit=dev \ graphql@${NPM_GRAPHQL_VERSION} \ graphql-schema-linter@${NPM_GRAPHQL_SCHEMA_LINTER_VERSION} && \ echo "Cleaning npm cache…" \ @@ -244,15 +245,17 @@ ENV ENABLE_LINTERS=GRAPHQL_GRAPHQL_SCHEMA_LINTER \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/groovy_npm_groovy_lint/Dockerfile b/linters/groovy_npm_groovy_lint/Dockerfile index c2054d5ea69..f8c51e79551 100644 --- a/linters/groovy_npm_groovy_lint/Dockerfile +++ b/linters/groovy_npm_groovy_lint/Dockerfile @@ -149,7 +149,8 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ NODE_ENV=production #NPM__START WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ +RUN npm config set prefix /usr/local \ + && npm --no-cache install --ignore-scripts --omit=dev \ npm-groovy-lint@${NPM_GROOVY_LINT_VERSION} && \ echo "Cleaning npm cache…" \ && (npm cache clean --force || true) \ @@ -243,15 +244,17 @@ ENV ENABLE_LINTERS=GROOVY_NPM_GROOVY_LINT \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/html_djlint/Dockerfile b/linters/html_djlint/Dockerfile index 6a9dafa082d..10db013a53c 100644 --- a/linters/html_djlint/Dockerfile +++ b/linters/html_djlint/Dockerfile @@ -239,15 +239,17 @@ ENV ENABLE_LINTERS=HTML_DJLINT \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/html_htmlhint/Dockerfile b/linters/html_htmlhint/Dockerfile index 2461fa87532..fd16102a844 100644 --- a/linters/html_htmlhint/Dockerfile +++ b/linters/html_htmlhint/Dockerfile @@ -148,7 +148,8 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ NODE_ENV=production #NPM__START WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ +RUN npm config set prefix /usr/local \ + && npm --no-cache install --ignore-scripts --omit=dev \ htmlhint@${NPM_HTMLHINT_VERSION} && \ echo "Cleaning npm cache…" \ && (npm cache clean --force || true) \ @@ -241,15 +242,17 @@ ENV ENABLE_LINTERS=HTML_HTMLHINT \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/java_checkstyle/Dockerfile b/linters/java_checkstyle/Dockerfile index ded3b54c8b4..3230ed9deff 100644 --- a/linters/java_checkstyle/Dockerfile +++ b/linters/java_checkstyle/Dockerfile @@ -235,15 +235,17 @@ ENV ENABLE_LINTERS=JAVA_CHECKSTYLE \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/java_pmd/Dockerfile b/linters/java_pmd/Dockerfile index 43400cea656..bbd581a7e6e 100644 --- a/linters/java_pmd/Dockerfile +++ b/linters/java_pmd/Dockerfile @@ -239,15 +239,17 @@ ENV ENABLE_LINTERS=JAVA_PMD \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/javascript_es/Dockerfile b/linters/javascript_es/Dockerfile index 846888a3e4f..8fa0a50809a 100644 --- a/linters/javascript_es/Dockerfile +++ b/linters/javascript_es/Dockerfile @@ -166,7 +166,8 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ NODE_ENV=production #NPM__START WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ +RUN npm config set prefix /usr/local \ + && npm --no-cache install --ignore-scripts --omit=dev \ eslint@${NPM_ESLINT_VERSION} \ @eslint/js@${NPM_ESLINT_JS_VERSION} \ eslint-config-prettier@${NPM_ESLINT_CONFIG_PRETTIER_VERSION} \ @@ -268,15 +269,17 @@ ENV ENABLE_LINTERS=JAVASCRIPT_ES \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/javascript_prettier/Dockerfile b/linters/javascript_prettier/Dockerfile index eeb4b9058d6..79d99b249bb 100644 --- a/linters/javascript_prettier/Dockerfile +++ b/linters/javascript_prettier/Dockerfile @@ -148,7 +148,8 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ NODE_ENV=production #NPM__START WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ +RUN npm config set prefix /usr/local \ + && npm --no-cache install --ignore-scripts --omit=dev \ prettier@${NPM_PRETTIER_VERSION} && \ echo "Cleaning npm cache…" \ && (npm cache clean --force || true) \ @@ -241,15 +242,17 @@ ENV ENABLE_LINTERS=JAVASCRIPT_PRETTIER \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/javascript_standard/Dockerfile b/linters/javascript_standard/Dockerfile index 20c5d43fa62..433f016feca 100644 --- a/linters/javascript_standard/Dockerfile +++ b/linters/javascript_standard/Dockerfile @@ -148,7 +148,8 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ NODE_ENV=production #NPM__START WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ +RUN npm config set prefix /usr/local \ + && npm --no-cache install --ignore-scripts --omit=dev \ standard@${NPM_STANDARD_VERSION} && \ echo "Cleaning npm cache…" \ && (npm cache clean --force || true) \ @@ -241,15 +242,17 @@ ENV ENABLE_LINTERS=JAVASCRIPT_STANDARD \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/json_jsonlint/Dockerfile b/linters/json_jsonlint/Dockerfile index 5982e56927b..502fd583045 100644 --- a/linters/json_jsonlint/Dockerfile +++ b/linters/json_jsonlint/Dockerfile @@ -148,7 +148,8 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ NODE_ENV=production #NPM__START WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ +RUN npm config set prefix /usr/local \ + && npm --no-cache install --ignore-scripts --omit=dev \ @prantlf/jsonlint@${NPM_PRANTLF_JSONLINT_VERSION} && \ echo "Cleaning npm cache…" \ && (npm cache clean --force || true) \ @@ -241,15 +242,17 @@ ENV ENABLE_LINTERS=JSON_JSONLINT \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/json_npm_package_json_lint/Dockerfile b/linters/json_npm_package_json_lint/Dockerfile index 01949d6d90a..efe3378587c 100644 --- a/linters/json_npm_package_json_lint/Dockerfile +++ b/linters/json_npm_package_json_lint/Dockerfile @@ -150,7 +150,8 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ NODE_ENV=production #NPM__START WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ +RUN npm config set prefix /usr/local \ + && npm --no-cache install --ignore-scripts --omit=dev \ npm-package-json-lint@${NPM_PACKAGE_JSON_LINT_VERSION} \ npm-package-json-lint-config-default@${NPM_PACKAGE_JSON_LINT_CONFIG_DEFAULT_VERSION} && \ echo "Cleaning npm cache…" \ @@ -244,15 +245,17 @@ ENV ENABLE_LINTERS=JSON_NPM_PACKAGE_JSON_LINT \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/json_prettier/Dockerfile b/linters/json_prettier/Dockerfile index 50695be2da9..d5b1c866bac 100644 --- a/linters/json_prettier/Dockerfile +++ b/linters/json_prettier/Dockerfile @@ -148,7 +148,8 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ NODE_ENV=production #NPM__START WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ +RUN npm config set prefix /usr/local \ + && npm --no-cache install --ignore-scripts --omit=dev \ prettier@${NPM_PRETTIER_VERSION} && \ echo "Cleaning npm cache…" \ && (npm cache clean --force || true) \ @@ -241,15 +242,17 @@ ENV ENABLE_LINTERS=JSON_PRETTIER \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/json_v8r/Dockerfile b/linters/json_v8r/Dockerfile index 72a322888cb..25d3e19a247 100644 --- a/linters/json_v8r/Dockerfile +++ b/linters/json_v8r/Dockerfile @@ -148,7 +148,8 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ NODE_ENV=production #NPM__START WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ +RUN npm config set prefix /usr/local \ + && npm --no-cache install --ignore-scripts --omit=dev \ v8r@${NPM_V8R_VERSION} && \ echo "Cleaning npm cache…" \ && (npm cache clean --force || true) \ @@ -241,15 +242,17 @@ ENV ENABLE_LINTERS=JSON_V8R \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/jsx_eslint/Dockerfile b/linters/jsx_eslint/Dockerfile index 932bff81379..2f3e99e6b53 100644 --- a/linters/jsx_eslint/Dockerfile +++ b/linters/jsx_eslint/Dockerfile @@ -152,7 +152,8 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ NODE_ENV=production #NPM__START WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ +RUN npm config set prefix /usr/local \ + && npm --no-cache install --ignore-scripts --omit=dev \ eslint@${NPM_ESLINT_VERSION} \ @eslint-react/eslint-plugin@${NPM_ESLINT_REACT_ESLINT_PLUGIN_VERSION} \ @microsoft/eslint-formatter-sarif@${NPM_MICROSOFT_ESLINT_FORMATTER_SARIF_VERSION} && \ @@ -247,15 +248,17 @@ ENV ENABLE_LINTERS=JSX_ESLINT \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/kotlin_detekt/Dockerfile b/linters/kotlin_detekt/Dockerfile index 16668d699e5..f4898c17ebc 100644 --- a/linters/kotlin_detekt/Dockerfile +++ b/linters/kotlin_detekt/Dockerfile @@ -240,15 +240,17 @@ ENV ENABLE_LINTERS=KOTLIN_DETEKT \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/kotlin_ktlint/Dockerfile b/linters/kotlin_ktlint/Dockerfile index d00b6c4cfe2..d48234942c4 100644 --- a/linters/kotlin_ktlint/Dockerfile +++ b/linters/kotlin_ktlint/Dockerfile @@ -237,15 +237,17 @@ ENV ENABLE_LINTERS=KOTLIN_KTLINT \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/kubernetes_helm/Dockerfile b/linters/kubernetes_helm/Dockerfile index 9f70c03ee0a..5ddba37cc1f 100644 --- a/linters/kubernetes_helm/Dockerfile +++ b/linters/kubernetes_helm/Dockerfile @@ -227,15 +227,17 @@ ENV ENABLE_LINTERS=KUBERNETES_HELM \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/kubernetes_kubeconform/Dockerfile b/linters/kubernetes_kubeconform/Dockerfile index c3c9c7dc4ce..50e97f93971 100644 --- a/linters/kubernetes_kubeconform/Dockerfile +++ b/linters/kubernetes_kubeconform/Dockerfile @@ -230,15 +230,17 @@ ENV ENABLE_LINTERS=KUBERNETES_KUBECONFORM \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/kubernetes_kubescape/Dockerfile b/linters/kubernetes_kubescape/Dockerfile index abd0e06614a..78fc067cf7d 100644 --- a/linters/kubernetes_kubescape/Dockerfile +++ b/linters/kubernetes_kubescape/Dockerfile @@ -238,15 +238,17 @@ ENV ENABLE_LINTERS=KUBERNETES_KUBESCAPE \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/latex_chktex/Dockerfile b/linters/latex_chktex/Dockerfile index a4e49cefb06..7bfc823bb6f 100644 --- a/linters/latex_chktex/Dockerfile +++ b/linters/latex_chktex/Dockerfile @@ -228,15 +228,17 @@ ENV ENABLE_LINTERS=LATEX_CHKTEX \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/lua_luacheck/Dockerfile b/linters/lua_luacheck/Dockerfile index 1dc6f54d21e..a9c528bb264 100644 --- a/linters/lua_luacheck/Dockerfile +++ b/linters/lua_luacheck/Dockerfile @@ -242,15 +242,17 @@ ENV ENABLE_LINTERS=LUA_LUACHECK \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/lua_stylua/Dockerfile b/linters/lua_stylua/Dockerfile index 946f65a5800..31771f9134f 100644 --- a/linters/lua_stylua/Dockerfile +++ b/linters/lua_stylua/Dockerfile @@ -248,15 +248,17 @@ ENV ENABLE_LINTERS=LUA_STYLUA \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/markdown_markdown_table_formatter/Dockerfile b/linters/markdown_markdown_table_formatter/Dockerfile index a216536a673..a36aa8c07eb 100644 --- a/linters/markdown_markdown_table_formatter/Dockerfile +++ b/linters/markdown_markdown_table_formatter/Dockerfile @@ -148,7 +148,8 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ NODE_ENV=production #NPM__START WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ +RUN npm config set prefix /usr/local \ + && npm --no-cache install --ignore-scripts --omit=dev \ markdown-table-formatter@${NPM_MARKDOWN_TABLE_FORMATTER_VERSION} && \ echo "Cleaning npm cache…" \ && (npm cache clean --force || true) \ @@ -241,15 +242,17 @@ ENV ENABLE_LINTERS=MARKDOWN_MARKDOWN_TABLE_FORMATTER \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/markdown_markdownlint/Dockerfile b/linters/markdown_markdownlint/Dockerfile index 24526ba932b..a58533d91a6 100644 --- a/linters/markdown_markdownlint/Dockerfile +++ b/linters/markdown_markdownlint/Dockerfile @@ -148,7 +148,8 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ NODE_ENV=production #NPM__START WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ +RUN npm config set prefix /usr/local \ + && npm --no-cache install --ignore-scripts --omit=dev \ markdownlint-cli@${NPM_MARKDOWNLINT_CLI_VERSION} && \ echo "Cleaning npm cache…" \ && (npm cache clean --force || true) \ @@ -241,15 +242,17 @@ ENV ENABLE_LINTERS=MARKDOWN_MARKDOWNLINT \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/markdown_rumdl/Dockerfile b/linters/markdown_rumdl/Dockerfile index 126985ace9f..8b08709da88 100644 --- a/linters/markdown_rumdl/Dockerfile +++ b/linters/markdown_rumdl/Dockerfile @@ -239,15 +239,17 @@ ENV ENABLE_LINTERS=MARKDOWN_RUMDL \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/perl_perlcritic/Dockerfile b/linters/perl_perlcritic/Dockerfile index caef09f4a0a..f9cbccf6f00 100644 --- a/linters/perl_perlcritic/Dockerfile +++ b/linters/perl_perlcritic/Dockerfile @@ -234,15 +234,17 @@ ENV ENABLE_LINTERS=PERL_PERLCRITIC \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/php_phpcs/Dockerfile b/linters/php_phpcs/Dockerfile index b0ea002186e..01e2ff74762 100644 --- a/linters/php_phpcs/Dockerfile +++ b/linters/php_phpcs/Dockerfile @@ -175,7 +175,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ # PHP installation RUN update-alternatives --install /usr/bin/php php /usr/bin/php84 110 # Managed with COPY --link --from=composer/composer:2-bin /composer /usr/bin/composer -ENV PATH="/root/.composer/vendor/bin:${PATH}" +ENV COMPOSER_HOME=/usr/local/composer +ENV PATH="/usr/local/composer/vendor/bin:${PATH}" # phpcs installation RUN --mount=type=secret,id=GITHUB_TOKEN GITHUB_AUTH_TOKEN="$(cat /run/secrets/GITHUB_TOKEN)" && export GITHUB_AUTH_TOKEN && composer global require squizlabs/php_codesniffer:${PHP_SQUIZLABS_PHP_CODESNIFFER_VERSION} bartlett/sarif-php-converters:${PHP_BARTLETT_SARIF_PHP_CONVERTERS_VERSION} @@ -251,15 +252,17 @@ ENV ENABLE_LINTERS=PHP_PHPCS \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/php_phpcsfixer/Dockerfile b/linters/php_phpcsfixer/Dockerfile index f50a19cf663..8fb9cbe9389 100644 --- a/linters/php_phpcsfixer/Dockerfile +++ b/linters/php_phpcsfixer/Dockerfile @@ -173,7 +173,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ # PHP installation RUN update-alternatives --install /usr/bin/php php /usr/bin/php84 110 # Managed with COPY --link --from=composer/composer:2-bin /composer /usr/bin/composer -ENV PATH="/root/.composer/vendor/bin:${PATH}" +ENV COMPOSER_HOME=/usr/local/composer +ENV PATH="/usr/local/composer/vendor/bin:${PATH}" # php-cs-fixer installation RUN --mount=type=secret,id=GITHUB_TOKEN GITHUB_AUTH_TOKEN="$(cat /run/secrets/GITHUB_TOKEN)" && export GITHUB_AUTH_TOKEN && composer global require friendsofphp/php-cs-fixer:${PHP_FRIENDSOFPHP_PHP_CS_FIXER_VERSION} --with-all-dependencies @@ -249,15 +250,17 @@ ENV ENABLE_LINTERS=PHP_PHPCSFIXER \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/php_phplint/Dockerfile b/linters/php_phplint/Dockerfile index 7b8da134576..ae3c933a907 100644 --- a/linters/php_phplint/Dockerfile +++ b/linters/php_phplint/Dockerfile @@ -175,7 +175,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ # PHP installation RUN update-alternatives --install /usr/bin/php php /usr/bin/php84 110 # Managed with COPY --link --from=composer/composer:2-bin /composer /usr/bin/composer -ENV PATH="/root/.composer/vendor/bin:${PATH}" +ENV COMPOSER_HOME=/usr/local/composer +ENV PATH="/usr/local/composer/vendor/bin:${PATH}" # phplint installation RUN --mount=type=secret,id=GITHUB_TOKEN GITHUB_AUTH_TOKEN="$(cat /run/secrets/GITHUB_TOKEN)" && export GITHUB_AUTH_TOKEN && composer global require overtrue/phplint:${PHP_OVERTRUE_PHPLINT_VERSION} bartlett/sarif-php-converters:${PHP_BARTLETT_SARIF_PHP_CONVERTERS_VERSION} @@ -251,15 +252,17 @@ ENV ENABLE_LINTERS=PHP_PHPLINT \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/php_phpstan/Dockerfile b/linters/php_phpstan/Dockerfile index da7172d331f..17eb8aec42b 100644 --- a/linters/php_phpstan/Dockerfile +++ b/linters/php_phpstan/Dockerfile @@ -177,7 +177,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ # PHP installation RUN update-alternatives --install /usr/bin/php php /usr/bin/php84 110 # Managed with COPY --link --from=composer/composer:2-bin /composer /usr/bin/composer -ENV PATH="/root/.composer/vendor/bin:${PATH}" +ENV COMPOSER_HOME=/usr/local/composer +ENV PATH="/usr/local/composer/vendor/bin:${PATH}" # phpstan installation RUN --mount=type=secret,id=GITHUB_TOKEN GITHUB_AUTH_TOKEN="$(cat /run/secrets/GITHUB_TOKEN)" && export GITHUB_AUTH_TOKEN && composer config --global allow-plugins.phpstan/extension-installer true && composer global require phpstan/phpstan:${PHP_PHPSTAN_PHPSTAN_VERSION} phpstan/extension-installer:${PHP_PHPSTAN_EXTENSION_INSTALLER_VERSION} bartlett/sarif-php-converters:${PHP_BARTLETT_SARIF_PHP_CONVERTERS_VERSION} #OTHER__END @@ -252,15 +253,17 @@ ENV ENABLE_LINTERS=PHP_PHPSTAN \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/php_psalm/Dockerfile b/linters/php_psalm/Dockerfile index deb1be5cca1..f662980e90d 100644 --- a/linters/php_psalm/Dockerfile +++ b/linters/php_psalm/Dockerfile @@ -173,7 +173,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ # PHP installation RUN update-alternatives --install /usr/bin/php php /usr/bin/php84 110 # Managed with COPY --link --from=composer/composer:2-bin /composer /usr/bin/composer -ENV PATH="/root/.composer/vendor/bin:${PATH}" +ENV COMPOSER_HOME=/usr/local/composer +ENV PATH="/usr/local/composer/vendor/bin:${PATH}" # psalm installation RUN --mount=type=secret,id=GITHUB_TOKEN GITHUB_AUTH_TOKEN="$(cat /run/secrets/GITHUB_TOKEN)" && export GITHUB_AUTH_TOKEN && composer global require vimeo/psalm:${PHP_VIMEO_PSALM_VERSION} @@ -249,15 +250,17 @@ ENV ENABLE_LINTERS=PHP_PSALM \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/powershell_powershell/Dockerfile b/linters/powershell_powershell/Dockerfile index 3209ab88ec8..0a428322f97 100644 --- a/linters/powershell_powershell/Dockerfile +++ b/linters/powershell_powershell/Dockerfile @@ -244,15 +244,17 @@ ENV ENABLE_LINTERS=POWERSHELL_POWERSHELL \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/powershell_powershell_formatter/Dockerfile b/linters/powershell_powershell_formatter/Dockerfile index 7d1ba98bcd5..0115c720795 100644 --- a/linters/powershell_powershell_formatter/Dockerfile +++ b/linters/powershell_powershell_formatter/Dockerfile @@ -244,15 +244,17 @@ ENV ENABLE_LINTERS=POWERSHELL_POWERSHELL_FORMATTER \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/protobuf_protolint/Dockerfile b/linters/protobuf_protolint/Dockerfile index 1a7b9171e34..1fe688f7b38 100644 --- a/linters/protobuf_protolint/Dockerfile +++ b/linters/protobuf_protolint/Dockerfile @@ -230,15 +230,17 @@ ENV ENABLE_LINTERS=PROTOBUF_PROTOLINT \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/python_bandit/Dockerfile b/linters/python_bandit/Dockerfile index 9fd05398ad2..8c59dae4660 100644 --- a/linters/python_bandit/Dockerfile +++ b/linters/python_bandit/Dockerfile @@ -241,15 +241,17 @@ ENV ENABLE_LINTERS=PYTHON_BANDIT \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/python_black/Dockerfile b/linters/python_black/Dockerfile index e20b37b480e..a6c51a7381e 100644 --- a/linters/python_black/Dockerfile +++ b/linters/python_black/Dockerfile @@ -239,15 +239,17 @@ ENV ENABLE_LINTERS=PYTHON_BLACK \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/python_flake8/Dockerfile b/linters/python_flake8/Dockerfile index 692185e97b8..2e659abafe3 100644 --- a/linters/python_flake8/Dockerfile +++ b/linters/python_flake8/Dockerfile @@ -239,15 +239,17 @@ ENV ENABLE_LINTERS=PYTHON_FLAKE8 \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/python_isort/Dockerfile b/linters/python_isort/Dockerfile index 704465af210..c000e6c15d3 100644 --- a/linters/python_isort/Dockerfile +++ b/linters/python_isort/Dockerfile @@ -241,15 +241,17 @@ ENV ENABLE_LINTERS=PYTHON_ISORT \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/python_mypy/Dockerfile b/linters/python_mypy/Dockerfile index ac161e1be4c..102f4d9e708 100644 --- a/linters/python_mypy/Dockerfile +++ b/linters/python_mypy/Dockerfile @@ -240,15 +240,17 @@ ENV ENABLE_LINTERS=PYTHON_MYPY \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/python_nbqa_mypy/Dockerfile b/linters/python_nbqa_mypy/Dockerfile index 51d6f19a628..13e3b1e6c66 100644 --- a/linters/python_nbqa_mypy/Dockerfile +++ b/linters/python_nbqa_mypy/Dockerfile @@ -242,15 +242,17 @@ ENV ENABLE_LINTERS=PYTHON_NBQA_MYPY \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/python_pylint/Dockerfile b/linters/python_pylint/Dockerfile index 13809882c6e..75da6374433 100644 --- a/linters/python_pylint/Dockerfile +++ b/linters/python_pylint/Dockerfile @@ -241,15 +241,17 @@ ENV ENABLE_LINTERS=PYTHON_PYLINT \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/python_pyright/Dockerfile b/linters/python_pyright/Dockerfile index 385b2de8bec..9684aa88219 100644 --- a/linters/python_pyright/Dockerfile +++ b/linters/python_pyright/Dockerfile @@ -148,7 +148,8 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ NODE_ENV=production #NPM__START WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ +RUN npm config set prefix /usr/local \ + && npm --no-cache install --ignore-scripts --omit=dev \ pyright@${NPM_PYRIGHT_VERSION} && \ echo "Cleaning npm cache…" \ && (npm cache clean --force || true) \ @@ -241,15 +242,17 @@ ENV ENABLE_LINTERS=PYTHON_PYRIGHT \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/python_ruff/Dockerfile b/linters/python_ruff/Dockerfile index 300860ef3fe..6d5577dc581 100644 --- a/linters/python_ruff/Dockerfile +++ b/linters/python_ruff/Dockerfile @@ -239,15 +239,17 @@ ENV ENABLE_LINTERS=PYTHON_RUFF \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/python_ruff_format/Dockerfile b/linters/python_ruff_format/Dockerfile index bf455cfa081..15e69053252 100644 --- a/linters/python_ruff_format/Dockerfile +++ b/linters/python_ruff_format/Dockerfile @@ -239,15 +239,17 @@ ENV ENABLE_LINTERS=PYTHON_RUFF_FORMAT \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/r_lintr/Dockerfile b/linters/r_lintr/Dockerfile index b9807a1ecde..b67e05f48a7 100644 --- a/linters/r_lintr/Dockerfile +++ b/linters/r_lintr/Dockerfile @@ -240,15 +240,17 @@ ENV ENABLE_LINTERS=R_LINTR \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/raku_raku/Dockerfile b/linters/raku_raku/Dockerfile index 5ff8afc400d..1769c83307f 100644 --- a/linters/raku_raku/Dockerfile +++ b/linters/raku_raku/Dockerfile @@ -239,15 +239,17 @@ ENV ENABLE_LINTERS=RAKU_RAKU \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/repository_checkov/Dockerfile b/linters/repository_checkov/Dockerfile index 72521a876fd..0a29116c6d4 100644 --- a/linters/repository_checkov/Dockerfile +++ b/linters/repository_checkov/Dockerfile @@ -239,15 +239,17 @@ ENV ENABLE_LINTERS=REPOSITORY_CHECKOV \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/repository_devskim/Dockerfile b/linters/repository_devskim/Dockerfile index 209e0c87dcc..a694b872bb9 100644 --- a/linters/repository_devskim/Dockerfile +++ b/linters/repository_devskim/Dockerfile @@ -156,9 +156,9 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ ############################################################################################# #OTHER__START # devskim installation -RUN apk add --no-cache dotnet10-sdk -ENV PATH="${PATH}:/root/.dotnet/tools" -RUN dotnet tool install --allow-roll-forward --global Microsoft.CST.DevSkim.CLI --version ${REPOSITORY_DEVSKIM_VERSION} +RUN apk add --no-cache dotnet10-sdk && install -d /usr/local/dotnet-tools +ENV PATH="${PATH}:/usr/local/dotnet-tools" +RUN dotnet tool install --allow-roll-forward --tool-path /usr/local/dotnet-tools Microsoft.CST.DevSkim.CLI --version ${REPOSITORY_DEVSKIM_VERSION} #OTHER__END ################################ @@ -231,15 +231,17 @@ ENV ENABLE_LINTERS=REPOSITORY_DEVSKIM \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/repository_dustilock/Dockerfile b/linters/repository_dustilock/Dockerfile index 8805d58db69..70f56b9bf4a 100644 --- a/linters/repository_dustilock/Dockerfile +++ b/linters/repository_dustilock/Dockerfile @@ -235,15 +235,17 @@ ENV ENABLE_LINTERS=REPOSITORY_DUSTILOCK \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/repository_git_diff/Dockerfile b/linters/repository_git_diff/Dockerfile index 3f1991c8f22..cf754bc636f 100644 --- a/linters/repository_git_diff/Dockerfile +++ b/linters/repository_git_diff/Dockerfile @@ -226,15 +226,17 @@ ENV ENABLE_LINTERS=REPOSITORY_GIT_DIFF \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/repository_gitleaks/Dockerfile b/linters/repository_gitleaks/Dockerfile index e4287ba7964..e9633e8f214 100644 --- a/linters/repository_gitleaks/Dockerfile +++ b/linters/repository_gitleaks/Dockerfile @@ -230,15 +230,17 @@ ENV ENABLE_LINTERS=REPOSITORY_GITLEAKS \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/repository_grype/Dockerfile b/linters/repository_grype/Dockerfile index afca55ce254..7a22e803d40 100644 --- a/linters/repository_grype/Dockerfile +++ b/linters/repository_grype/Dockerfile @@ -229,15 +229,17 @@ ENV ENABLE_LINTERS=REPOSITORY_GRYPE \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/repository_kingfisher/Dockerfile b/linters/repository_kingfisher/Dockerfile index 264e84e756f..05bde788295 100644 --- a/linters/repository_kingfisher/Dockerfile +++ b/linters/repository_kingfisher/Dockerfile @@ -230,15 +230,17 @@ ENV ENABLE_LINTERS=REPOSITORY_KINGFISHER \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/repository_ls_lint/Dockerfile b/linters/repository_ls_lint/Dockerfile index 571e3c0bd41..e5d5615540e 100644 --- a/linters/repository_ls_lint/Dockerfile +++ b/linters/repository_ls_lint/Dockerfile @@ -237,15 +237,17 @@ ENV ENABLE_LINTERS=REPOSITORY_LS_LINT \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/repository_osv_scanner/Dockerfile b/linters/repository_osv_scanner/Dockerfile index bfdaaf3bd60..64185cb13fa 100644 --- a/linters/repository_osv_scanner/Dockerfile +++ b/linters/repository_osv_scanner/Dockerfile @@ -230,15 +230,17 @@ ENV ENABLE_LINTERS=REPOSITORY_OSV_SCANNER \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/repository_secretlint/Dockerfile b/linters/repository_secretlint/Dockerfile index e3e6c6f4c3a..e2f64a7ea78 100644 --- a/linters/repository_secretlint/Dockerfile +++ b/linters/repository_secretlint/Dockerfile @@ -152,7 +152,8 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ NODE_ENV=production #NPM__START WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ +RUN npm config set prefix /usr/local \ + && npm --no-cache install --ignore-scripts --omit=dev \ secretlint@${NPM_SECRETLINT_VERSION} \ @secretlint/secretlint-rule-preset-recommend@${NPM_SECRETLINT_SECRETLINT_RULE_PRESET_RECOMMEND_VERSION} \ @secretlint/secretlint-formatter-sarif@${NPM_SECRETLINT_SECRETLINT_FORMATTER_SARIF_VERSION} && \ @@ -247,15 +248,17 @@ ENV ENABLE_LINTERS=REPOSITORY_SECRETLINT \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/repository_semgrep/Dockerfile b/linters/repository_semgrep/Dockerfile index b98dad67dcb..63f9146a3f2 100644 --- a/linters/repository_semgrep/Dockerfile +++ b/linters/repository_semgrep/Dockerfile @@ -239,15 +239,17 @@ ENV ENABLE_LINTERS=REPOSITORY_SEMGREP \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/repository_syft/Dockerfile b/linters/repository_syft/Dockerfile index 6893a8e6295..2de62bf4d7a 100644 --- a/linters/repository_syft/Dockerfile +++ b/linters/repository_syft/Dockerfile @@ -229,15 +229,17 @@ ENV ENABLE_LINTERS=REPOSITORY_SYFT \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/repository_trivy/Dockerfile b/linters/repository_trivy/Dockerfile index e89b46e0c4f..8a2a88d243d 100644 --- a/linters/repository_trivy/Dockerfile +++ b/linters/repository_trivy/Dockerfile @@ -231,15 +231,17 @@ ENV ENABLE_LINTERS=REPOSITORY_TRIVY \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/repository_trivy_sbom/Dockerfile b/linters/repository_trivy_sbom/Dockerfile index 7eccc5b39f1..63705dcd598 100644 --- a/linters/repository_trivy_sbom/Dockerfile +++ b/linters/repository_trivy_sbom/Dockerfile @@ -231,15 +231,17 @@ ENV ENABLE_LINTERS=REPOSITORY_TRIVY_SBOM \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/repository_trufflehog/Dockerfile b/linters/repository_trufflehog/Dockerfile index 738c1a5f2a7..6e6316c1fdf 100644 --- a/linters/repository_trufflehog/Dockerfile +++ b/linters/repository_trufflehog/Dockerfile @@ -230,15 +230,17 @@ ENV ENABLE_LINTERS=REPOSITORY_TRUFFLEHOG \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/robotframework_robocop/Dockerfile b/linters/robotframework_robocop/Dockerfile index 72749aefbd6..8fd47318d67 100644 --- a/linters/robotframework_robocop/Dockerfile +++ b/linters/robotframework_robocop/Dockerfile @@ -239,15 +239,17 @@ ENV ENABLE_LINTERS=ROBOTFRAMEWORK_ROBOCOP \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/rst_rst_lint/Dockerfile b/linters/rst_rst_lint/Dockerfile index d400788946a..13ec7d63ca9 100644 --- a/linters/rst_rst_lint/Dockerfile +++ b/linters/rst_rst_lint/Dockerfile @@ -241,15 +241,17 @@ ENV ENABLE_LINTERS=RST_RST_LINT \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/rst_rstcheck/Dockerfile b/linters/rst_rstcheck/Dockerfile index 2b3977606ba..00716d9dcb6 100644 --- a/linters/rst_rstcheck/Dockerfile +++ b/linters/rst_rstcheck/Dockerfile @@ -241,15 +241,17 @@ ENV ENABLE_LINTERS=RST_RSTCHECK \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/rst_rstfmt/Dockerfile b/linters/rst_rstfmt/Dockerfile index b12e1395459..ac83ca9df65 100644 --- a/linters/rst_rstfmt/Dockerfile +++ b/linters/rst_rstfmt/Dockerfile @@ -239,15 +239,17 @@ ENV ENABLE_LINTERS=RST_RSTFMT \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/ruby_rubocop/Dockerfile b/linters/ruby_rubocop/Dockerfile index f7841168903..8869a8066f8 100644 --- a/linters/ruby_rubocop/Dockerfile +++ b/linters/ruby_rubocop/Dockerfile @@ -249,15 +249,17 @@ ENV ENABLE_LINTERS=RUBY_RUBOCOP \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/rust_clippy/Dockerfile b/linters/rust_clippy/Dockerfile index 5b8cdd46fc5..a5163a1f1a8 100644 --- a/linters/rust_clippy/Dockerfile +++ b/linters/rust_clippy/Dockerfile @@ -102,12 +102,18 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ ############################################################################################# #CARGO__START -RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain ${RUST_RUST_VERSION} \ - && export PATH="/root/.cargo/bin:/root/.cargo/env:${PATH}" \ +RUN export RUSTUP_HOME=/usr/local/rustup CARGO_HOME=/usr/local/cargo \ + && curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain ${RUST_RUST_VERSION} --no-modify-path \ + && export PATH="${CARGO_HOME}/bin:${PATH}" \ && rustup default stable \ && rustup component add clippy \ - && rm -rf /root/.cargo/registry /root/.cargo/git /root/.cache/sccache -ENV PATH="/root/.cargo/bin:/root/.cargo/env:${PATH}" + && for bin in "${CARGO_HOME}"/bin/*; do \ + ln -sf "$bin" /usr/local/bin/"$(basename "$bin")"; \ + done \ + && rm -rf "${CARGO_HOME}/registry" "${CARGO_HOME}/git" /root/.cache/sccache +ENV RUSTUP_HOME=/usr/local/rustup +ENV CARGO_HOME=/usr/local/cargo +ENV PATH="/usr/local/cargo/bin:${PATH}" #CARGO__END ############################## @@ -233,15 +239,17 @@ ENV ENABLE_LINTERS=RUST_CLIPPY \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/salesforce_code_analyzer_apex/Dockerfile b/linters/salesforce_code_analyzer_apex/Dockerfile index d73e3614d69..00f892f7b93 100644 --- a/linters/salesforce_code_analyzer_apex/Dockerfile +++ b/linters/salesforce_code_analyzer_apex/Dockerfile @@ -156,7 +156,8 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ NODE_ENV=production #NPM__START WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ +RUN npm config set prefix /usr/local \ + && npm --no-cache install --ignore-scripts --omit=dev \ @salesforce/cli@${NPM_SALESFORCE_CLI_VERSION} && \ echo "Cleaning npm cache…" \ && (npm cache clean --force || true) \ @@ -179,6 +180,7 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ # SALESFORCE installation ENV JAVA_HOME=/usr/lib/jvm/java-21-openjdk ENV PATH="$JAVA_HOME/bin:${PATH}" +ENV XDG_DATA_HOME=/usr/local/share RUN sf plugins install @salesforce/plugin-packaging@${NPM_SALESFORCE_PLUGIN_PACKAGING_VERSION} \ && echo y|sf plugins install sfdx-hardis@${SFDX_HARDIS_VERSION} \ && (npm cache clean --force || true) \ @@ -260,15 +262,17 @@ ENV ENABLE_LINTERS=SALESFORCE_CODE_ANALYZER_APEX \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/salesforce_code_analyzer_aura/Dockerfile b/linters/salesforce_code_analyzer_aura/Dockerfile index 83fdec17402..088d7de3d9f 100644 --- a/linters/salesforce_code_analyzer_aura/Dockerfile +++ b/linters/salesforce_code_analyzer_aura/Dockerfile @@ -156,7 +156,8 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ NODE_ENV=production #NPM__START WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ +RUN npm config set prefix /usr/local \ + && npm --no-cache install --ignore-scripts --omit=dev \ @salesforce/cli@${NPM_SALESFORCE_CLI_VERSION} && \ echo "Cleaning npm cache…" \ && (npm cache clean --force || true) \ @@ -179,6 +180,7 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ # SALESFORCE installation ENV JAVA_HOME=/usr/lib/jvm/java-21-openjdk ENV PATH="$JAVA_HOME/bin:${PATH}" +ENV XDG_DATA_HOME=/usr/local/share RUN sf plugins install @salesforce/plugin-packaging@${NPM_SALESFORCE_PLUGIN_PACKAGING_VERSION} \ && echo y|sf plugins install sfdx-hardis@${SFDX_HARDIS_VERSION} \ && (npm cache clean --force || true) \ @@ -260,15 +262,17 @@ ENV ENABLE_LINTERS=SALESFORCE_CODE_ANALYZER_AURA \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/salesforce_code_analyzer_lwc/Dockerfile b/linters/salesforce_code_analyzer_lwc/Dockerfile index b5e4f73024c..8a59ed1b53e 100644 --- a/linters/salesforce_code_analyzer_lwc/Dockerfile +++ b/linters/salesforce_code_analyzer_lwc/Dockerfile @@ -156,7 +156,8 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ NODE_ENV=production #NPM__START WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ +RUN npm config set prefix /usr/local \ + && npm --no-cache install --ignore-scripts --omit=dev \ @salesforce/cli@${NPM_SALESFORCE_CLI_VERSION} && \ echo "Cleaning npm cache…" \ && (npm cache clean --force || true) \ @@ -179,6 +180,7 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ # SALESFORCE installation ENV JAVA_HOME=/usr/lib/jvm/java-21-openjdk ENV PATH="$JAVA_HOME/bin:${PATH}" +ENV XDG_DATA_HOME=/usr/local/share RUN sf plugins install @salesforce/plugin-packaging@${NPM_SALESFORCE_PLUGIN_PACKAGING_VERSION} \ && echo y|sf plugins install sfdx-hardis@${SFDX_HARDIS_VERSION} \ && (npm cache clean --force || true) \ @@ -260,15 +262,17 @@ ENV ENABLE_LINTERS=SALESFORCE_CODE_ANALYZER_LWC \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/scala_scalafix/Dockerfile b/linters/scala_scalafix/Dockerfile index ba0ae5f9fb8..9f6f3f7a531 100644 --- a/linters/scala_scalafix/Dockerfile +++ b/linters/scala_scalafix/Dockerfile @@ -237,15 +237,17 @@ ENV ENABLE_LINTERS=SCALA_SCALAFIX \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/snakemake_lint/Dockerfile b/linters/snakemake_lint/Dockerfile index de073136549..99dd62e0bc2 100644 --- a/linters/snakemake_lint/Dockerfile +++ b/linters/snakemake_lint/Dockerfile @@ -239,15 +239,17 @@ ENV ENABLE_LINTERS=SNAKEMAKE_LINT \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/snakemake_snakefmt/Dockerfile b/linters/snakemake_snakefmt/Dockerfile index 103e11ae56b..3b4d02c0b1d 100644 --- a/linters/snakemake_snakefmt/Dockerfile +++ b/linters/snakemake_snakefmt/Dockerfile @@ -239,15 +239,17 @@ ENV ENABLE_LINTERS=SNAKEMAKE_SNAKEFMT \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/spell_codespell/Dockerfile b/linters/spell_codespell/Dockerfile index fdc56fad1f2..f347dd09608 100644 --- a/linters/spell_codespell/Dockerfile +++ b/linters/spell_codespell/Dockerfile @@ -239,15 +239,17 @@ ENV ENABLE_LINTERS=SPELL_CODESPELL \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/spell_cspell/Dockerfile b/linters/spell_cspell/Dockerfile index a4aa75a95fa..12e8400d20d 100644 --- a/linters/spell_cspell/Dockerfile +++ b/linters/spell_cspell/Dockerfile @@ -148,7 +148,8 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ NODE_ENV=production #NPM__START WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ +RUN npm config set prefix /usr/local \ + && npm --no-cache install --ignore-scripts --omit=dev \ cspell@${NPM_CSPELL_VERSION} && \ echo "Cleaning npm cache…" \ && (npm cache clean --force || true) \ @@ -241,15 +242,17 @@ ENV ENABLE_LINTERS=SPELL_CSPELL \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/spell_lychee/Dockerfile b/linters/spell_lychee/Dockerfile index 5ffb1c934c1..e84fac68a93 100644 --- a/linters/spell_lychee/Dockerfile +++ b/linters/spell_lychee/Dockerfile @@ -230,15 +230,17 @@ ENV ENABLE_LINTERS=SPELL_LYCHEE \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/spell_proselint/Dockerfile b/linters/spell_proselint/Dockerfile index fb66bf031ed..c5b0387cdec 100644 --- a/linters/spell_proselint/Dockerfile +++ b/linters/spell_proselint/Dockerfile @@ -239,15 +239,17 @@ ENV ENABLE_LINTERS=SPELL_PROSELINT \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/spell_vale/Dockerfile b/linters/spell_vale/Dockerfile index 3306edfc4f6..640fbd834d6 100644 --- a/linters/spell_vale/Dockerfile +++ b/linters/spell_vale/Dockerfile @@ -230,15 +230,17 @@ ENV ENABLE_LINTERS=SPELL_VALE \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/sql_sqlfluff/Dockerfile b/linters/sql_sqlfluff/Dockerfile index 0458d10572a..d40e20e8169 100644 --- a/linters/sql_sqlfluff/Dockerfile +++ b/linters/sql_sqlfluff/Dockerfile @@ -239,15 +239,17 @@ ENV ENABLE_LINTERS=SQL_SQLFLUFF \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/sql_tsqllint/Dockerfile b/linters/sql_tsqllint/Dockerfile index 4f467eccbfb..50487ee983b 100644 --- a/linters/sql_tsqllint/Dockerfile +++ b/linters/sql_tsqllint/Dockerfile @@ -156,9 +156,9 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ ############################################################################################# #OTHER__START # tsqllint installation -RUN apk add --no-cache dotnet10-sdk -ENV PATH="${PATH}:/root/.dotnet/tools" -RUN dotnet tool install --allow-roll-forward --global TSQLLint --version ${SQL_TSQLLINT_VERSION} +RUN apk add --no-cache dotnet10-sdk && install -d /usr/local/dotnet-tools +ENV PATH="${PATH}:/usr/local/dotnet-tools" +RUN dotnet tool install --allow-roll-forward --tool-path /usr/local/dotnet-tools TSQLLint --version ${SQL_TSQLLINT_VERSION} #OTHER__END ################################ @@ -231,15 +231,17 @@ ENV ENABLE_LINTERS=SQL_TSQLLINT \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/swift_swiftlint/Dockerfile b/linters/swift_swiftlint/Dockerfile index 7f9658a418f..8ff724cce20 100644 --- a/linters/swift_swiftlint/Dockerfile +++ b/linters/swift_swiftlint/Dockerfile @@ -231,15 +231,17 @@ ENV ENABLE_LINTERS=SWIFT_SWIFTLINT \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/tekton_tekton_lint/Dockerfile b/linters/tekton_tekton_lint/Dockerfile index c6ea9907dd2..4a77727733c 100644 --- a/linters/tekton_tekton_lint/Dockerfile +++ b/linters/tekton_tekton_lint/Dockerfile @@ -148,7 +148,8 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ NODE_ENV=production #NPM__START WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ +RUN npm config set prefix /usr/local \ + && npm --no-cache install --ignore-scripts --omit=dev \ @ibm/tekton-lint@${NPM_IBM_TEKTON_LINT_VERSION} && \ echo "Cleaning npm cache…" \ && (npm cache clean --force || true) \ @@ -241,15 +242,17 @@ ENV ENABLE_LINTERS=TEKTON_TEKTON_LINT \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/terraform_terraform_fmt/Dockerfile b/linters/terraform_terraform_fmt/Dockerfile index 4ea405b7577..c993376eff4 100644 --- a/linters/terraform_terraform_fmt/Dockerfile +++ b/linters/terraform_terraform_fmt/Dockerfile @@ -230,15 +230,17 @@ ENV ENABLE_LINTERS=TERRAFORM_TERRAFORM_FMT \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/terraform_terragrunt/Dockerfile b/linters/terraform_terragrunt/Dockerfile index 316e1fe3959..4dfd9575b86 100644 --- a/linters/terraform_terragrunt/Dockerfile +++ b/linters/terraform_terragrunt/Dockerfile @@ -230,15 +230,17 @@ ENV ENABLE_LINTERS=TERRAFORM_TERRAGRUNT \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/terraform_terrascan/Dockerfile b/linters/terraform_terrascan/Dockerfile index 51f058ba69d..efffde169d0 100644 --- a/linters/terraform_terrascan/Dockerfile +++ b/linters/terraform_terrascan/Dockerfile @@ -230,15 +230,17 @@ ENV ENABLE_LINTERS=TERRAFORM_TERRASCAN \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/terraform_tflint/Dockerfile b/linters/terraform_tflint/Dockerfile index 4f82a5d7bbb..a6f7d2e661e 100644 --- a/linters/terraform_tflint/Dockerfile +++ b/linters/terraform_tflint/Dockerfile @@ -230,15 +230,17 @@ ENV ENABLE_LINTERS=TERRAFORM_TFLINT \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/tsx_eslint/Dockerfile b/linters/tsx_eslint/Dockerfile index 07d07800fef..26674fb9702 100644 --- a/linters/tsx_eslint/Dockerfile +++ b/linters/tsx_eslint/Dockerfile @@ -168,7 +168,8 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ NODE_ENV=production #NPM__START WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ +RUN npm config set prefix /usr/local \ + && npm --no-cache install --ignore-scripts --omit=dev \ typescript@${NPM_TYPESCRIPT_VERSION} \ eslint@${NPM_ESLINT_VERSION} \ eslint-config-prettier@${NPM_ESLINT_CONFIG_PRETTIER_VERSION} \ @@ -271,15 +272,17 @@ ENV ENABLE_LINTERS=TSX_ESLINT \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/typescript_es/Dockerfile b/linters/typescript_es/Dockerfile index 3a27be7fb70..131df5bd32a 100644 --- a/linters/typescript_es/Dockerfile +++ b/linters/typescript_es/Dockerfile @@ -174,7 +174,8 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ NODE_ENV=production #NPM__START WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ +RUN npm config set prefix /usr/local \ + && npm --no-cache install --ignore-scripts --omit=dev \ typescript@${NPM_TYPESCRIPT_VERSION} \ eslint@${NPM_ESLINT_VERSION} \ @eslint/js@${NPM_ESLINT_JS_VERSION} \ @@ -281,15 +282,17 @@ ENV ENABLE_LINTERS=TYPESCRIPT_ES \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/typescript_prettier/Dockerfile b/linters/typescript_prettier/Dockerfile index 9d07788c165..0f9b3ade6ef 100644 --- a/linters/typescript_prettier/Dockerfile +++ b/linters/typescript_prettier/Dockerfile @@ -150,7 +150,8 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ NODE_ENV=production #NPM__START WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ +RUN npm config set prefix /usr/local \ + && npm --no-cache install --ignore-scripts --omit=dev \ typescript@${NPM_TYPESCRIPT_VERSION} \ prettier@${NPM_PRETTIER_VERSION} && \ echo "Cleaning npm cache…" \ @@ -245,15 +246,17 @@ ENV ENABLE_LINTERS=TYPESCRIPT_PRETTIER \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/typescript_standard/Dockerfile b/linters/typescript_standard/Dockerfile index 41999a72519..da1ad64bf58 100644 --- a/linters/typescript_standard/Dockerfile +++ b/linters/typescript_standard/Dockerfile @@ -150,7 +150,8 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ NODE_ENV=production #NPM__START WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ +RUN npm config set prefix /usr/local \ + && npm --no-cache install --ignore-scripts --omit=dev \ typescript@${NPM_TYPESCRIPT_VERSION} \ ts-standard@${NPM_TS_STANDARD_VERSION} && \ echo "Cleaning npm cache…" \ @@ -245,15 +246,17 @@ ENV ENABLE_LINTERS=TYPESCRIPT_STANDARD \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/vbdotnet_dotnet_format/Dockerfile b/linters/vbdotnet_dotnet_format/Dockerfile index 624c582005b..d5c271320f9 100644 --- a/linters/vbdotnet_dotnet_format/Dockerfile +++ b/linters/vbdotnet_dotnet_format/Dockerfile @@ -154,8 +154,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ ############################################################################################# #OTHER__START # VBDOTNET installation -RUN apk add --no-cache dotnet10-sdk -ENV PATH="${PATH}:/root/.dotnet/tools" +RUN apk add --no-cache dotnet10-sdk && install -d /usr/local/dotnet-tools +ENV PATH="${PATH}:/usr/local/dotnet-tools" #OTHER__END ################################ @@ -228,15 +228,17 @@ ENV ENABLE_LINTERS=VBDOTNET_DOTNET_FORMAT \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/xml_xmllint/Dockerfile b/linters/xml_xmllint/Dockerfile index 26046ad21c3..7620f8b115b 100644 --- a/linters/xml_xmllint/Dockerfile +++ b/linters/xml_xmllint/Dockerfile @@ -229,15 +229,17 @@ ENV ENABLE_LINTERS=XML_XMLLINT \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/yaml_prettier/Dockerfile b/linters/yaml_prettier/Dockerfile index 4b91d4e6178..7be23073b50 100644 --- a/linters/yaml_prettier/Dockerfile +++ b/linters/yaml_prettier/Dockerfile @@ -148,7 +148,8 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ NODE_ENV=production #NPM__START WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ +RUN npm config set prefix /usr/local \ + && npm --no-cache install --ignore-scripts --omit=dev \ prettier@${NPM_PRETTIER_VERSION} && \ echo "Cleaning npm cache…" \ && (npm cache clean --force || true) \ @@ -241,15 +242,17 @@ ENV ENABLE_LINTERS=YAML_PRETTIER \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/yaml_v8r/Dockerfile b/linters/yaml_v8r/Dockerfile index 09e6a25b979..1cb229ac1f9 100644 --- a/linters/yaml_v8r/Dockerfile +++ b/linters/yaml_v8r/Dockerfile @@ -148,7 +148,8 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ NODE_ENV=production #NPM__START WORKDIR /node-deps -RUN npm --no-cache install --ignore-scripts --omit=dev \ +RUN npm config set prefix /usr/local \ + && npm --no-cache install --ignore-scripts --omit=dev \ v8r@${NPM_V8R_VERSION} && \ echo "Cleaning npm cache…" \ && (npm cache clean --force || true) \ @@ -241,15 +242,17 @@ ENV ENABLE_LINTERS=YAML_V8R \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/linters/yaml_yamllint/Dockerfile b/linters/yaml_yamllint/Dockerfile index e44a8c18629..43b32ed114a 100644 --- a/linters/yaml_yamllint/Dockerfile +++ b/linters/yaml_yamllint/Dockerfile @@ -239,15 +239,17 @@ ENV ENABLE_LINTERS=YAML_YAMLLINT \ FILEIO_REPORTER=false \ CONFIG_REPORTER=false \ SARIF_TO_HUMAN=false -RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh +RUN mkdir /tmp/docker_ssh && mkdir /usr/bin/megalinter-sh EXPOSE 22 COPY entrypoint.sh /entrypoint.sh COPY sh /usr/bin/megalinter-sh COPY sh/megalinter_exec /usr/bin/megalinter_exec +COPY sh/setup-runtime-user /usr/bin/setup-runtime-user COPY sh/motd /etc/motd RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \ chmod +x entrypoint.sh && \ chmod +x /usr/bin/megalinter_exec && \ + chmod u+x /usr/bin/setup-runtime-user && \ echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \ echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \ diff --git a/mega-linter-runner/README.md b/mega-linter-runner/README.md index ead78a0249f..94d53dad1ad 100644 --- a/mega-linter-runner/README.md +++ b/mega-linter-runner/README.md @@ -107,8 +107,10 @@ The options are only related to mega-linter-runner. For MegaLinter options, plea | `--container-engine` | Allows to specify a docker engine (`docker` or `podman`) | `docker` | | `--container-name` | Specify MegaLinter container name | | | `--remove-container` | Remove MegaLinter Docker container when done | | +| `--user-map` | Run the container as a non-root user. On POSIX systems this uses your user. On other hosts it uses `1000:1000`. This helps avoid root-owned generated files on the host. | | +| `--no-user-map` | Run the container as root | | | `-i`
`--install` | Generate [MegaLinter local configuration](https://megalinter.io/beta/install-assisted/) files and CI/CD workflows | | -| `-i`
`--upgrade` | Upgrade your MegaLinter configuration files to use the latest version | | +| `-u`
`--upgrade` | Upgrade your MegaLinter configuration files to use the latest version | | | `--custom-flavor-setup` | Initialize a new repository to generate a [custom flavor](https://megalinter.io/beta/custom-flavors/) | | | `--custom-flavor-linters` | Comma-separated list of linter keys if using `--custom-flavor-setup` | | @@ -126,6 +128,11 @@ mega-linter-runner mega-linter-runner -p myFolder --fix ``` +```shell +# Run the container as your current non-root user on POSIX hosts +mega-linter-runner --user-map +``` + ```shell # Send environment variables mega-linter-runner -r beta -e "'ENABLE=MARKDOWN,YAML'" -e 'SHOW_ELAPSED_TIME=true' diff --git a/mega-linter-runner/lib/options.js b/mega-linter-runner/lib/options.js index 54839335db3..1d2a8ba0396 100644 --- a/mega-linter-runner/lib/options.js +++ b/mega-linter-runner/lib/options.js @@ -218,6 +218,18 @@ export const optionsDefinition = optionator.default({ description: "Keep the MegaLinter container after the run. Useful for `docker logs ` post-mortem.", }, + { + option: "user-map", + type: "Boolean", + description: + "Run the container as a non-root user. On POSIX systems this uses your user. On other hosts it uses 1000:1000.", + }, + { + option: "no-user-map", + type: "Boolean", + description: + "Run the container as root.", + }, { option: "codetotal", type: "Boolean", diff --git a/mega-linter-runner/lib/runner.js b/mega-linter-runner/lib/runner.js index f5277f9a034..95c83f083bb 100644 --- a/mega-linter-runner/lib/runner.js +++ b/mega-linter-runner/lib/runner.js @@ -218,6 +218,15 @@ export class MegaLinterRunner { } commandArgs.push(...["-v", "/var/run/docker.sock:/var/run/docker.sock:rw"]); commandArgs.push(...["-v", `${lintPath}:/tmp/lint:rw`]); + if (options["userMap"] === true) { + const runtimeUid = + typeof process.getuid === "function" ? process.getuid() : 1000; + const runtimeGid = + typeof process.getgid === "function" ? process.getgid() : 1000; + commandArgs.push(...["-e", `MEGALINTER_UID=${runtimeUid}`]); + commandArgs.push(...["-e", `MEGALINTER_GID=${runtimeGid}`]); + commandArgs.push(...["-e", "HOME=/home/megalinter"]); + } if (emptyEnvFile) { commandArgs.push(...["-v", `${emptyEnvFile}:/tmp/lint/.env:ro`]); } diff --git a/mega-linter-runner/test/cli-parse.test.js b/mega-linter-runner/test/cli-parse.test.js index 637c0eea085..7fc3f76e144 100644 --- a/mega-linter-runner/test/cli-parse.test.js +++ b/mega-linter-runner/test/cli-parse.test.js @@ -305,6 +305,21 @@ describe("CLI parsing — container options", () => { const o = parse(["--no-remove-container"]); assert.strictEqual(o.removeContainer, false); }); + + it("leaves user-map unset by default", () => { + const o = parse([]); + assert.strictEqual(o.userMap, undefined); + }); + + it("parses --user-map", () => { + const o = parse(["--user-map"]); + assert.strictEqual(o.userMap, true); + }); + + it("parses --no-user-map", () => { + const o = parse(["--no-user-map"]); + assert.strictEqual(o.userMap, false); + }); }); describe("CLI parsing — platform", () => { diff --git a/mega-linter-runner/test/runtime-image.test.js b/mega-linter-runner/test/runtime-image.test.js new file mode 100644 index 00000000000..8eb2a7b6a75 --- /dev/null +++ b/mega-linter-runner/test/runtime-image.test.js @@ -0,0 +1,367 @@ +import assert from "assert"; +import { spawnSync } from "child_process"; +import fs from "fs-extra"; +import os from "os"; +import path from "path"; +import { fileURLToPath } from "url"; + +const image = process.env.MEGALINTER_IMAGE; +const release = process.env.MEGALINTER_RELEASE || "beta"; +const nodockerpull = + process.env.MEGALINTER_NO_DOCKER_PULL === "true" ? true : false; +const testDir = path.dirname(fileURLToPath(import.meta.url)); +const repoRoot = path.resolve(testDir, "..", ".."); +const runnerCli = path.join(repoRoot, "mega-linter-runner", "lib", "index.js"); +const supportsUserMap = + typeof process.getuid === "function" && typeof process.getgid === "function"; +const runtimeModes = [ + { + id: "root", + label: "root", + dockerArgs: [], + envArgs: [], + sshPort: "22", + sshUser: "root", + sshExpectedUid: "0", + }, + ...(supportsUserMap + ? [ + { + id: "non-root", + label: "non-root", + dockerArgs: [], + envArgs: [ + "-e", + `MEGALINTER_UID=${process.getuid()}`, + "-e", + `MEGALINTER_GID=${process.getgid()}`, + "-e", + "HOME=/home/megalinter", + ], + sshPort: "2222", + sshUser: "megalinter", + sshExpectedUid: `${process.getuid()}`, + }, + ] + : []), +]; + +function runCommand(command, args, options = {}) { + return spawnSync(command, args, { + encoding: "utf8", + ...options, + }); +} + +function assertSuccess(result, message) { + const details = [result.stderr, result.stdout].filter(Boolean).join("\n"); + assert.strictEqual( + result.status, + 0, + details ? `${message}\n${details}` : message, + ); +} + +function readDockerLogs(containerName) { + const res = runCommand("docker", ["logs", containerName]); + return [res.stderr, res.stdout].filter(Boolean).join("\n"); +} + +function cleanupPathWithDocker(targetPath) { + runCommand("docker", [ + "run", + "--rm", + "-v", + `${targetPath}:/work`, + "alpine:3.24", + "sh", + "-lc", + "chmod -R u+w /work 2>/dev/null || true; rm -rf /work/* /work/.[!.]* /work/..?* 2>/dev/null || true", + ]); +} + +async function prepareFixtureDir(prefix, sourceRelativeDir) { + const tempDir = await fs.mkdtemp(path.join(os.tmpdir(), prefix)); + await fs.copy(path.join(repoRoot, sourceRelativeDir), tempDir); + return tempDir; +} + +async function preparePhpFixture() { + const tempDir = await fs.mkdtemp(path.join(os.tmpdir(), "megalinter-php-")); + await fs.copy( + path.join(repoRoot, ".automation", "test", "php", ".php-cs-fixer.risky.php"), + path.join(tempDir, ".php-cs-fixer.risky.php"), + ); + await fs.copy( + path.join(repoRoot, ".automation", "test", "php", "php_good_1.php"), + path.join(tempDir, "php_good_1.php"), + ); + await fs.copy( + path.join(repoRoot, ".automation", "test", "php", "php_good_2.php"), + path.join(tempDir, "php_good_2.php"), + ); + return tempDir; +} + +async function runFixture(pathToLint, enabledLinter, runtimeMode) { + const res = runCommand("docker", [ + "run", + "--rm", + ...runtimeMode.dockerArgs, + "-v", + `${pathToLint}:/tmp/lint:rw`, + "-e", + "DEFAULT_WORKSPACE=/tmp/lint", + "-e", + `ENABLE_LINTERS=${enabledLinter}`, + "-e", + "PLUGINS=", + ...runtimeMode.envArgs, + image, + ]); + const details = [res.stderr, res.stdout].filter(Boolean).join("\n"); + assert.strictEqual( + res.status, + 0, + details + ? `status is 0 (${res.status} returned)\n${details}` + : `status is 0 (${res.status} returned)`, + ); + return details; +} + +async function runFixtureWithRunner(pathToLint, enabledLinter) { + const args = [ + runnerCli, + "--path", + pathToLint, + "--release", + release, + "--env", + `ENABLE_LINTERS=${enabledLinter}`, + "--env", + "PLUGINS=", + ]; + if (nodockerpull) { + args.push("--nodockerpull"); + } + if (image) { + args.push("--image", image); + } + const res = runCommand("node", args, { cwd: repoRoot }); + const details = [res.stderr, res.stdout].filter(Boolean).join("\n"); + assert.strictEqual( + res.status, + 0, + details + ? `status is 0 (${res.status} returned)\n${details}` + : `status is 0 (${res.status} returned)`, + ); +} + +async function withFixtureDir(prepare, callback) { + const tempDir = await prepare(); + try { + await callback(tempDir); + } finally { + cleanupPathWithDocker(tempDir); + await fs.remove(tempDir); + } +} + +const runtimeFixtureCases = [ + { + title: "PHP_PHPCSFIXER", + prepare: preparePhpFixture, + enabledLinter: "PHP_PHPCSFIXER", + successPattern: + /✅ Linted \[PHP\] files with \[php-cs-fixer\] successfully/, + }, + { + title: "CSHARP_CSHARPIER", + prepare: () => + prepareFixtureDir( + "megalinter-csharp-", + path.join(".automation", "test", "csharp_csharpier", "good"), + ), + enabledLinter: "CSHARP_CSHARPIER", + successPattern: + /✅ Linted \[CSHARP\] files with \[csharpier\] successfully/, + }, + { + title: "RUST_CLIPPY", + prepare: () => + prepareFixtureDir( + "megalinter-rust-", + path.join(".automation", "test", "rust", "good"), + ), + enabledLinter: "RUST_CLIPPY", + successPattern: /✅ Linted \[RUST\] files with \[clippy\] successfully/, + }, + { + title: "JSON_NPM_PACKAGE_JSON_LINT", + prepare: () => + prepareFixtureDir( + "megalinter-npm-pkg-", + path.join(".automation", "test", "npm_package_json_lint", "good"), + ), + enabledLinter: "JSON_NPM_PACKAGE_JSON_LINT", + successPattern: + /✅ Linted \[JSON\] files with \[npm-package-json-lint\] successfully/, + }, + { + title: "SALESFORCE_CODE_ANALYZER_APEX", + prepare: () => + prepareFixtureDir( + "megalinter-salesforce-", + path.join(".automation", "test", "salesforce", "good"), + ), + enabledLinter: "SALESFORCE_CODE_ANALYZER_APEX", + successPattern: + /✅ Linted \[SALESFORCE\] files with \[code-analyzer-apex\] successfully/, + }, +]; + +describe("Runtime image", function () { + if (!image) { + it("requires MEGALINTER_IMAGE for runtime coverage", function () { + this.skip(); + }); + return; + } + + for (const runtimeMode of runtimeModes) { + for (const testCase of runtimeFixtureCases) { + it(`runs ${testCase.title} on the good fixture in ${runtimeMode.label} mode`, async () => { + await withFixtureDir(testCase.prepare, async (tempDir) => { + const details = await runFixture( + tempDir, + testCase.enabledLinter, + runtimeMode, + ); + assert.match(details, testCase.successPattern); + }); + }).timeout(600000); + } + } + + for (const testCase of runtimeFixtureCases) { + it(`runs ${testCase.title} on the good fixture with mega-linter-runner`, async () => { + await withFixtureDir(testCase.prepare, async (tempDir) => { + await runFixtureWithRunner(tempDir, testCase.enabledLinter); + }); + }).timeout(600000); + } + + for (const runtimeMode of runtimeModes) { + it(`accepts an SSH connection in ${runtimeMode.label} mode`, async () => { + const tempDir = await fs.mkdtemp(path.join(os.tmpdir(), "megalinter-ssh-")); + const containerName = `megalinter-ssh-${runtimeMode.id}-${Date.now()}`; + const privateKey = path.join(tempDir, "id_rsa"); + const publicKey = path.join(tempDir, "id_rsa.pub"); + try { + assertSuccess( + runCommand("ssh-keygen", [ + "-q", + "-t", + "ed25519", + "-N", + "", + "-f", + privateKey, + ]), + "expected ssh-keygen to create a temporary test key", + ); + + const runRes = runCommand("docker", [ + "run", + "-d", + "--rm", + "--name", + containerName, + ...runtimeMode.dockerArgs, + "-e", + "MEGALINTER_SSH=true", + ...runtimeMode.envArgs, + "-v", + `${tempDir}:/tmp/docker_ssh:ro`, + "-p", + `127.0.0.1::${runtimeMode.sshPort}`, + image, + ]); + if (runRes.status !== 0) { + const details = [runRes.stderr, runRes.stdout].filter(Boolean).join("\n"); + const logs = readDockerLogs(containerName); + assert.strictEqual( + runRes.status, + 0, + [details, logs].filter(Boolean).join("\n"), + ); + } + + const portRes = runCommand("docker", [ + "port", + containerName, + `${runtimeMode.sshPort}/tcp`, + ]); + if (portRes.status !== 0) { + const details = [portRes.stderr, portRes.stdout].filter(Boolean).join("\n"); + const logs = readDockerLogs(containerName); + assert.strictEqual( + portRes.status, + 0, + [ + `expected SSH test container to publish port ${runtimeMode.sshPort}`, + details, + logs, + ] + .filter(Boolean) + .join("\n"), + ); + } + const publishedPort = portRes.stdout.trim().split(":").pop(); + assert(publishedPort, "expected a published SSH port"); + + let sshResult = null; + for (let attempt = 0; attempt < 30; attempt += 1) { + sshResult = runCommand("ssh", [ + "-o", + "StrictHostKeyChecking=no", + "-o", + "UserKnownHostsFile=/dev/null", + "-i", + privateKey, + "-p", + publishedPort, + `${runtimeMode.sshUser}@127.0.0.1`, + "id -u", + ]); + if (sshResult.status === 0) { + break; + } + await new Promise((resolve) => setTimeout(resolve, 1000)); + } + + if (sshResult.status !== 0) { + assert.strictEqual( + sshResult.status, + 0, + [ + "expected SSH login to succeed", + [sshResult.stderr, sshResult.stdout].filter(Boolean).join("\n"), + readDockerLogs(containerName), + ] + .filter(Boolean) + .join("\n"), + ); + } + assert.strictEqual(sshResult.stdout.trim(), runtimeMode.sshExpectedUid); + assert(await fs.pathExists(publicKey), "expected SSH public key to exist"); + } finally { + runCommand("docker", ["rm", "-f", containerName]); + cleanupPathWithDocker(tempDir); + await fs.remove(tempDir); + } + }).timeout(180000); + } +}); diff --git a/megalinter/descriptors/csharp.megalinter-descriptor.yml b/megalinter/descriptors/csharp.megalinter-descriptor.yml index 629473ef1cf..a4d71dc4b64 100644 --- a/megalinter/descriptors/csharp.megalinter-descriptor.yml +++ b/megalinter/descriptors/csharp.megalinter-descriptor.yml @@ -10,8 +10,8 @@ file_extensions: - ".cs" install: dockerfile: - - RUN apk add --no-cache dotnet10-sdk - - ENV PATH="${PATH}:/root/.dotnet/tools" + - RUN apk add --no-cache dotnet10-sdk && install -d /usr/local/dotnet-tools + - ENV PATH="${PATH}:/usr/local/dotnet-tools" linters: # DOTNET FORMAT - class: DotnetFormatLinter @@ -108,7 +108,7 @@ linters: - |- # renovate: datasource=nuget depName=csharpier ARG CSHARP_CSHARPIER_VERSION=1.2.6 - - RUN dotnet tool install --allow-roll-forward --global csharpier --version "${CSHARP_CSHARPIER_VERSION}" + - RUN dotnet tool install --allow-roll-forward --tool-path /usr/local/dotnet-tools csharpier --version "${CSHARP_CSHARPIER_VERSION}" supported_platforms: platform: - linux/amd64 @@ -166,7 +166,7 @@ linters: - |- # renovate: datasource=nuget depName=roslynator.dotnet.cli ARG CSHARP_ROSLYNATOR_VERSION=0.12.0 - - RUN dotnet tool install --allow-roll-forward --global roslynator.dotnet.cli --version "${CSHARP_ROSLYNATOR_VERSION}" + - RUN dotnet tool install --allow-roll-forward --tool-path /usr/local/dotnet-tools roslynator.dotnet.cli --version "${CSHARP_ROSLYNATOR_VERSION}" supported_platforms: platform: - linux/amd64 diff --git a/megalinter/descriptors/php.megalinter-descriptor.yml b/megalinter/descriptors/php.megalinter-descriptor.yml index b48e18509f5..4e87748aa0b 100644 --- a/megalinter/descriptors/php.megalinter-descriptor.yml +++ b/megalinter/descriptors/php.megalinter-descriptor.yml @@ -26,7 +26,8 @@ install: dockerfile: - RUN update-alternatives --install /usr/bin/php php /usr/bin/php84 110 - COPY --link --from=composer/composer:2-bin /composer /usr/bin/composer - - ENV PATH="/root/.composer/vendor/bin:${PATH}" + - ENV COMPOSER_HOME=/usr/local/composer + - ENV PATH="/usr/local/composer/vendor/bin:${PATH}" supported_platforms: platform: - linux/amd64 diff --git a/megalinter/descriptors/repository.megalinter-descriptor.yml b/megalinter/descriptors/repository.megalinter-descriptor.yml index cecc7cfb5fe..c843d9629e1 100644 --- a/megalinter/descriptors/repository.megalinter-descriptor.yml +++ b/megalinter/descriptors/repository.megalinter-descriptor.yml @@ -143,9 +143,9 @@ linters: - |- # renovate: datasource=nuget depName=Microsoft.CST.DevSkim.CLI ARG REPOSITORY_DEVSKIM_VERSION=1.0.70 - - RUN apk add --no-cache dotnet10-sdk - - ENV PATH="${PATH}:/root/.dotnet/tools" - - RUN dotnet tool install --allow-roll-forward --global Microsoft.CST.DevSkim.CLI --version ${REPOSITORY_DEVSKIM_VERSION} + - RUN apk add --no-cache dotnet10-sdk && install -d /usr/local/dotnet-tools + - ENV PATH="${PATH}:/usr/local/dotnet-tools" + - RUN dotnet tool install --allow-roll-forward --tool-path /usr/local/dotnet-tools Microsoft.CST.DevSkim.CLI --version ${REPOSITORY_DEVSKIM_VERSION} supported_platforms: platform: - linux/amd64 diff --git a/megalinter/descriptors/salesforce.megalinter-descriptor.yml b/megalinter/descriptors/salesforce.megalinter-descriptor.yml index e394070b389..6be881fc032 100644 --- a/megalinter/descriptors/salesforce.megalinter-descriptor.yml +++ b/megalinter/descriptors/salesforce.megalinter-descriptor.yml @@ -21,6 +21,7 @@ install: ARG SFDX_HARDIS_VERSION=7.16.2 - ENV JAVA_HOME=/usr/lib/jvm/java-21-openjdk - ENV PATH="$JAVA_HOME/bin:${PATH}" + - ENV XDG_DATA_HOME=/usr/local/share - |- RUN sf plugins install @salesforce/plugin-packaging@${NPM_SALESFORCE_PLUGIN_PACKAGING_VERSION} \ && echo y|sf plugins install sfdx-hardis@${SFDX_HARDIS_VERSION} \ diff --git a/megalinter/descriptors/sql.megalinter-descriptor.yml b/megalinter/descriptors/sql.megalinter-descriptor.yml index ae304e8c2f3..cc2a0f37b15 100644 --- a/megalinter/descriptors/sql.megalinter-descriptor.yml +++ b/megalinter/descriptors/sql.megalinter-descriptor.yml @@ -143,9 +143,9 @@ linters: - |- # renovate: datasource=nuget depName=TSQLLint ARG SQL_TSQLLINT_VERSION=1.16.0 - - RUN apk add --no-cache dotnet10-sdk - - ENV PATH="${PATH}:/root/.dotnet/tools" - - RUN dotnet tool install --allow-roll-forward --global TSQLLint --version ${SQL_TSQLLINT_VERSION} + - RUN apk add --no-cache dotnet10-sdk && install -d /usr/local/dotnet-tools + - ENV PATH="${PATH}:/usr/local/dotnet-tools" + - RUN dotnet tool install --allow-roll-forward --tool-path /usr/local/dotnet-tools TSQLLint --version ${SQL_TSQLLINT_VERSION} supported_platforms: platform: - linux/amd64 diff --git a/megalinter/descriptors/vbdotnet.megalinter-descriptor.yml b/megalinter/descriptors/vbdotnet.megalinter-descriptor.yml index 143e67a6750..c2beabf91d9 100644 --- a/megalinter/descriptors/vbdotnet.megalinter-descriptor.yml +++ b/megalinter/descriptors/vbdotnet.megalinter-descriptor.yml @@ -10,8 +10,8 @@ file_extensions: - ".vb" install: dockerfile: - - RUN apk add --no-cache dotnet10-sdk - - ENV PATH="${PATH}:/root/.dotnet/tools" + - RUN apk add --no-cache dotnet10-sdk && install -d /usr/local/dotnet-tools + - ENV PATH="${PATH}:/usr/local/dotnet-tools" linters: # DOTNET FORMAT - class: DotnetFormatLinter diff --git a/sh/setup-runtime-user b/sh/setup-runtime-user new file mode 100755 index 00000000000..688b3ce7bf7 --- /dev/null +++ b/sh/setup-runtime-user @@ -0,0 +1,61 @@ +#!/usr/bin/env bash + +set -eu + +MEGALINTER_RUNTIME_UID="${MEGALINTER_UID:-}" +MEGALINTER_RUNTIME_GID="${MEGALINTER_GID:-}" +MEGALINTER_RUNTIME_USER="${MEGALINTER_USER:-megalinter}" +MEGALINTER_RUNTIME_HOME="${HOME:-/home/${MEGALINTER_RUNTIME_USER}}" + +find_passwd_by_uid() { + awk -F: -v uid="$1" '$3 == uid { print $1 ":" $6; exit }' /etc/passwd +} + +find_group_by_gid() { + awk -F: -v gid="$1" '$3 == gid { print $1; exit }' /etc/group +} + +find_uid_by_user() { + awk -F: -v user="$1" '$1 == user { print $3; exit }' /etc/passwd +} + +find_gid_by_group() { + awk -F: -v group="$1" '$1 == group { print $3; exit }' /etc/group +} + +if [ "$(id -u)" -ne 0 ] || [ -z "${MEGALINTER_RUNTIME_UID}" ] || [ -z "${MEGALINTER_RUNTIME_GID}" ]; then + exec /entrypoint.sh "$@" +fi + +existing_user_entry="$(find_passwd_by_uid "${MEGALINTER_RUNTIME_UID}")" +if [ -n "${existing_user_entry}" ]; then + MEGALINTER_RUNTIME_USER="${existing_user_entry%%:*}" + MEGALINTER_RUNTIME_HOME="${existing_user_entry#*:}" +else + existing_uid="$(find_uid_by_user "${MEGALINTER_RUNTIME_USER}")" + if [ -n "${existing_uid}" ] && [ "${existing_uid}" != "${MEGALINTER_RUNTIME_UID}" ]; then + deluser "${MEGALINTER_RUNTIME_USER}" >/dev/null 2>&1 || true + fi + + existing_group="$(find_group_by_gid "${MEGALINTER_RUNTIME_GID}")" + if [ -z "${existing_group}" ]; then + existing_gid="$(find_gid_by_group "${MEGALINTER_RUNTIME_USER}")" + if [ -n "${existing_gid}" ] && [ "${existing_gid}" != "${MEGALINTER_RUNTIME_GID}" ]; then + delgroup "${MEGALINTER_RUNTIME_USER}" >/dev/null 2>&1 || true + fi + addgroup -g "${MEGALINTER_RUNTIME_GID}" "${MEGALINTER_RUNTIME_USER}" + existing_group="${MEGALINTER_RUNTIME_USER}" + fi + + mkdir -p "${MEGALINTER_RUNTIME_HOME}" + adduser -D -H -u "${MEGALINTER_RUNTIME_UID}" -G "${existing_group}" -h "${MEGALINTER_RUNTIME_HOME}" -s /bin/bash "${MEGALINTER_RUNTIME_USER}" +fi + +mkdir -p "${MEGALINTER_RUNTIME_HOME}" +chown -R "${MEGALINTER_RUNTIME_UID}:${MEGALINTER_RUNTIME_GID}" "${MEGALINTER_RUNTIME_HOME}" >/dev/null 2>&1 || true + +export HOME="${MEGALINTER_RUNTIME_HOME}" +export USER="${MEGALINTER_RUNTIME_USER}" +export MEGALINTER_USER_SWITCHED=true + +exec su -p "${MEGALINTER_RUNTIME_USER}" -s /bin/bash -c 'exec /entrypoint.sh "$@"' bash "$@"