Fix failing regoval tests due to Dockerfile in .gitignore

Signed-off-by: Santosh <[email protected]>
intelops · Jun 17, 2024 · 884f56a · 884f56a
1 parent a08b817
commit 884f56a
Show file tree

Hide file tree

Showing 5 changed files with 44 additions and 4 deletions.
diff --git a/.gitignore b/.gitignore
@@ -12,3 +12,4 @@ cosign
 !.devcontainer/Dockerfile
 results.json
 .env
+!pkg/validate/testdata/Dockerfile/
diff --git a/cmd/regoval_dockerfileval.go b/cmd/regoval_dockerfileval.go
@@ -24,9 +24,6 @@ func init() {
 		log.Fatalf("Error marking flag as required: %v", err)
 	}
 	dockerfilevalCmd.Flags().StringVarP(&dockerfilevalArgs.policy, "policy", "p", "", "Path for the Rego policy file, polciy can be passed from either Local or from remote URL")
-	// if err := dockerfilevalCmd.MarkFlagRequired("policy"); err != nil {
-	// 	log.Fatalf("Error marking flag as required: %v", err)
-	// }
 
 	regovalCmd.AddCommand(dockerfilevalCmd)
 }

diff --git a/pkg/validate/types.go → pkg/validate/celtypes.go b/pkg/validate/types.go → pkg/validate/celtypes.go
diff --git a/pkg/validate/regoval_test.go b/pkg/validate/regoval_test.go
@@ -45,7 +45,7 @@ func TestValidateWithRego(t *testing.T) {
 		},
 		{
 			name:          "valid Dockerfile and policy",
-			inputContent:  "Dockerfile",
+			inputContent:  "Docker-file",
 			regoPolicy:    "/rego/dockerfilepolicies/",
 			expectedError: false,
 		},

diff --git a/pkg/validate/testdata/Docker-file b/pkg/validate/testdata/Docker-file
@@ -0,0 +1,42 @@
+# Stage 1: Build the application
+FROM cgr.dev/chainguard/wolfi-base AS builder
+
+RUN  --no-cache apk update && apk add python-3.11 && \
+        apk add py3.11-pip --no-cache
+USER nonroot
+
+ENV PYTHONDONTWRITEBYTECODE=1
+ENV PYTHONUNBUFFERED=1
+EXPOSE 22
+USER nonroot
+
+WORKDIR /app
+
+COPY --chown=nonroot:nonroot requirements.txt /app/requirements.txt
+
+RUN pip install -r /app/requirements.txt --user
+
+
+# Stage 2: Copy the venv and run the application
+FROM cgr.dev/chainguard/wolfi-base AS final
+
+RUN --no-cache apk update && apk add python-3.11 && \
+    apk add py3.11-pip
+
+RUN pip install --upgrade pip setuptools
+
+USER nonroot
+
+WORKDIR /app
+
+ENV PYTHONUNBUFFERED=1
+
+COPY --chown=nonroot:nonroot . .
+
+COPY --from=builder --chown=nonroot:nonroot /home/nonroot/.local /home/nonroot/.local
+
+ENV PATH=/home/nonroot/.local/bin:$PATH
+
+EXPOSE 8000
+
+CMD ["uvicorn", "main:app","--host", "0.0.0.0","--port", "8000"]