This application utilizes a cookiecutter template to generate boilerplate code for a project, and then creates a new repository on GitHub to push this code.
#test
docker build -t repo-generator-test . --target test
docker run -it --rm -v $(pwd):/coverage repo-generator-test
#scan
#start sonarqube
docker run -d --name sonarqube -p 9000:9000 sonarqube
#monitor startup (optional)
docker logs -f sonarqube
# navigate to localhost:9000 when complete, using username/password of admin/admin
# generate an api token
#sonar scan:
docker run -it --rm -e SONAR_HOST_URL="http://host.docker.internal:9000" -e SONAR_LOGIN="<your-generated-token>" -v $(pwd):/usr/src sonarsource/sonar-scanner-cli
#trivy scan:
docker run -v /var/run/docker.sock:/var/run/docker.sock -v $(pwd):/output aquasec/trivy image --format table --output /output/trivy-report.txt --scanners vuln repo-generator:latest
#run
docker build -t repo-generator .
TEMPLATE_URL="https://github.com/cookiecutter-flask/cookiecutter-flask"
GITHUB_TOKEN="YOUR_TOKEN_HERE"
REPO_URL="https://github.com/rdlucas2/improved-fiesta"
JSON_FILE_PATH="/app/output/overrides.json"
docker run -it --rm -v $(pwd)/generated_code:/app/output repo-generator --template_url $TEMPLATE_URL --repo_url $REPO_URL --token $GITHUB_TOKEN --json_file $JSON_FILE_PATH --output-dir /app/output- Docker installed on your machine.
- A GitHub Personal Access Token (PAT) with permissions to create repositories. For generating one, follow the instructions here.
-
Clone this Repository:
git clone https://github.com/rdlucas2/cookiecutter_helper.git cd cookiecutter_helper -
Build the Docker Image:
#build artifact docker build -t repo-generator . #build tests docker build -t repo-generator-test . --target test
-
Run the Application with Docker:
TEMPLATE_URL="https://github.com/cookiecutter-flask/cookiecutter-flask" GITHUB_TOKEN="YOUR_TOKEN_HERE" REPO_URL="https://github.com/rdlucas2/improved-fiesta" JSON_FILE_PATH="/app/output/overrides.json" docker run -it --rm -v $(pwd)/generated_code:/app/output repo-generator --template_url $TEMPLATE_URL --repo_url $REPO_URL --token $GITHUB_TOKEN --json_file $JSON_FILE_PATH --output-dir /app/output #debug: docker run -it --rm -v $(pwd)/generated_code:/app/output --entrypoint /bin/bash repo-generator #run tests docker run -it --rm -v $(pwd):/coverage repo-generator-test
$TEMPLATE_URL="https://github.com/cookiecutter-flask/cookiecutter-flask" $GITHUB_TOKEN="YOUR_TOKEN_HERE" $REPO_URL="https://github.com/rdlucas2/improved-fiesta" $JSON_FILE_PATH="/app/output/overrides.json" docker run -it --rm -v "$(pwd)/generated_code:/app/output" repo-generator --template_url $TEMPLATE_URL --repo_url $REPO_URL --token $GITHUB_TOKEN --json_file $JSON_FILE_PATH --output-dir /app/output #debug: docker run -it --rm -v "$(pwd)/generated_code:/app/output" --entrypoint /bin/bash repo-generator #run tests (TODO: this calls pytest, but we need additional args or better default CMD): docker run -it --rm -v "$(pwd):/coverage" repo-generator-test
Replace placeholders like TEMPLATE_URL, REPO_URL, etc., with the appropriate values when running the container.
Note: If specifying an output directory within the container, the generated code will reside inside the Docker container's file system. If you want to access it from your host machine, consider mounting a volume or copying files out of the container.
-
TEMPLATE_URL: The GitHub URL of the cookiecutter template.
-
REPO_NAME: Name for the new GitHub repository to be created.
-
GITHUB_TOKEN: Your GitHub Personal Access Token.
-
JSON_FILE_PATH: Path to a JSON file containing overrides for the cookiecutter template. It should be formatted like:
{ "variable_name1": "value1", "variable_name2": "value2" } -
OUTPUT_DIR (optional): Directory within the container where the boilerplate should be generated. Defaults to the current directory.
This guide will walk you through setting up SonarQube locally using Docker to scan your code for vulnerabilities.
- Docker installed on your local machine.
- Local codebase that you want to analyze.
Pull the latest SonarQube image from Docker Hub:
#start sonarqube
docker run -d --name sonarqube -p 9000:9000 sonarqube
#monitor startup
docker logs -f sonarqube
# navigate to localhost:9000 when complete, using username/password of admin/admin
# generate an api tokendocker run -it --rm -e SONAR_HOST_URL="http://host.docker.internal:9000" -e SONAR_LOGIN="<your-generated-token>" -v "$(pwd):/usr/src" sonarsource/sonar-scanner-cliRemember to replace with the token you generate in SonarQube for authentication. This can be done in the SonarQube dashboard under your user account settings in the security section.
Remove --scanners vuln to enable secret scanning, but it will take longer.
docker run -v /var/run/docker.sock:/var/run/docker.sock -v "$(pwd):/output" aquasec/trivy image --format table --output /output/trivy-report.txt --scanners vuln repo-generator:latest
docker run -v /var/run/docker.sock:/var/run/docker.sock -v "$(pwd):/output" aquasec/trivy image --format json --output /output/trivy-report.json --scanners vuln repo-generator:latestdocker run -v /var/run/docker.sock:/var/run/docker.sock -v $(pwd):/output aquasec/trivy image --format table --output /output/trivy-report.txt --scanners vuln repo-generator:latest
docker run -v /var/run/docker.sock:/var/run/docker.sock -v $(pwd):/output aquasec/trivy image --format json --output /output/trivy-report.json --scanners vuln repo-generator:latestThis project is open source and available under the MIT License.
- when changing file/directory permissions, sometimes need to delete anything generated from the scripts