If Postgres jdbc points outside of the container#346
Open
edwardcrichton wants to merge 1 commit intodevelopfrom
Open
If Postgres jdbc points outside of the container#346edwardcrichton wants to merge 1 commit intodevelopfrom
edwardcrichton wants to merge 1 commit intodevelopfrom
Conversation
If the jdbc connection url points outside of the container, don't start up postgres inside the container If postgres is on the same host as the container, tune java options accordingly
✅
|
| Descriptor | Linter | Files | Fixed | Errors | Warnings | Elapsed time |
|---|---|---|---|---|---|---|
| ✅ ACTION | actionlint | 1 | 0 | 0 | 0.03s | |
| spectral | 1 | 0 | 1 | 2.38s | ||
| bash-exec | 11 | 10 | 0 | 0.05s | ||
| shellcheck | 11 | 26 | 0 | 0.52s | ||
| shfmt | 11 | 11 | 0 | 0.01s | ||
| jscpd | yes | 463 | no | 61.19s | ||
| npm-groovy-lint | 558 | 3 | 12972 | 434.33s | ||
| ✅ JSON | jsonlint | 11 | 0 | 0 | 0.14s | |
| prettier | 11 | 1 | 0 | 1.93s | ||
| ✅ JSON | v8r | 11 | 0 | 0 | 7.0s | |
| markdownlint | 6 | 27 | 0 | 0.78s | ||
| ✅ MARKDOWN | markdown-table-formatter | 6 | 0 | 0 | 0.34s | |
| checkov | yes | 5 | no | 59.57s | ||
| gitleaks | yes | 1 | 8 | 298.61s | ||
| ✅ REPOSITORY | git_diff | yes | no | no | 0.07s | |
| grype | yes | 1 | 1 | 87.28s | ||
| ✅ REPOSITORY | secretlint | yes | no | no | 7.28s | |
| ✅ REPOSITORY | syft | yes | no | no | 11.2s | |
| trivy | yes | 1 | no | 13.27s | ||
| ✅ REPOSITORY | trivy-sbom | yes | no | no | 0.62s | |
| ✅ REPOSITORY | trufflehog | yes | no | no | 15.08s | |
| cspell | 642 | 7448 | 0 | 241.61s | ||
| lychee | 30 | 74 | 0 | 92.4s | ||
| xmllint | 7 | 1 | 0 | 1.4s | ||
| prettier | 13 | 1 | 11 | 0.74s | ||
| ✅ YAML | v8r | 13 | 0 | 0 | 4.14s | |
| yamllint | 13 | 38 | 0 | 0.95s |
Detailed Issues
⚠️ BASH / bash-exec - 10 errors
Results of bash-exec linter (version 5.3.3)
See documentation on https://megalinter.io/9.4.0/descriptors/bash_bash_exec/
-----------------------------------------------
✅ [SUCCESS] gradlew
❌ [ERROR] mauro-api/docker/all/micronaut/micronaut-config.sh
Error: File:[mauro-api/docker/all/micronaut/micronaut-config.sh] is not executable
❌ [ERROR] mauro-api/docker/all/micronaut/micronaut-startup.sh
Error: File:[mauro-api/docker/all/micronaut/micronaut-startup.sh] is not executable
❌ [ERROR] mauro-api/docker/all/postgres/micronaut-config-for-postgres.sh
Error: File:[mauro-api/docker/all/postgres/micronaut-config-for-postgres.sh] is not executable
❌ [ERROR] mauro-api/docker/all/postgres/postgres-shutdown.sh
Error: File:[mauro-api/docker/all/postgres/postgres-shutdown.sh] is not executable
❌ [ERROR] mauro-api/docker/all/postgres/postgres-startup.sh
Error: File:[mauro-api/docker/all/postgres/postgres-startup.sh] is not executable
❌ [ERROR] mauro-api/docker/all/startup/docker-environment.sh
Error: File:[mauro-api/docker/all/startup/docker-environment.sh] is not executable
❌ [ERROR] mauro-api/docker/all/startup/docker-startup.sh
Error: File:[mauro-api/docker/all/startup/docker-startup.sh] is not executable
❌ [ERROR] mauro-api/docker/noDB/micronaut/micronaut-startup.sh
Error: File:[mauro-api/docker/noDB/micronaut/micronaut-startup.sh] is not executable
❌ [ERROR] mauro-api/docker/noDB/startup/docker-environment.sh
Error: File:[mauro-api/docker/noDB/startup/docker-environment.sh] is not executable
❌ [ERROR] mauro-api/docker/noDB/startup/docker-startup.sh
Error: File:[mauro-api/docker/noDB/startup/docker-startup.sh] is not executable
⚠️ REPOSITORY / checkov - 5 errors
or resource: /mauro-api/build/docker/main/Dockerfile.
File: /mauro-api/build/docker/main/Dockerfile:1-56
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-that-a-user-for-the-container-has-been-created
Code lines for this resource are too many. Please use IDE of your choice to review the file.
secrets scan results:
Passed checks: 0, Failed checks: 1, Skipped checks: 0
Check: CKV_SECRET_6: "Base64 High Entropy String"
FAILED for resource: HIDDEN_BY_MEGALINTER File: /keycloak/docker-compose.yml:14-15
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/secrets-policies/secrets-policy-index/git-secrets-6
14 | KC_CLIENT_SECRET: ZBXabk**********
github_actions scan results:
Passed checks: 64, Failed checks: 0, Skipped checks: 0
openapi scan results:
Passed checks: 2, Failed checks: 3, Skipped checks: 0
Check: CKV_OPENAPI_21: "Ensure that arrays have a maximum number of items"
FAILED for resource: paths
File: /mauro-api/build/classes/groovy/main/META-INF/swagger/mauro-0.0.yml:201-207
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/api-policies/openapi-policies/bc-openapi-21
201 | type: array
202 | items:
203 | type: object
204 | additionalProperties:
205 | type: string
206 | /api/admin/properties:
207 | get:
Check: CKV_OPENAPI_4: "Ensure that the global security field has rules defined"
FAILED for resource: security
File: /mauro-api/build/classes/groovy/main/META-INF/swagger/mauro-0.0.yml:1-15475
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/api-policies/openapi-policies/ensure-that-the-global-security-field-has-rules-defined
Code lines for this resource are too many. Please use IDE of your choice to review the file.
Check: CKV_OPENAPI_5: "Ensure that security operations is not empty."
FAILED for resource: security
File: /mauro-api/build/classes/groovy/main/META-INF/swagger/mauro-0.0.yml:1-15475
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/api-policies/openapi-policies/ensure-that-security-operations-is-not-empty
Code lines for this resource are too many. Please use IDE of your choice to review the file.
(Truncated to last 2352 characters out of 2521)
⚠️ SPELL / cspell - 7448 errors
"oauths",
"officedocument",
"opencontainers",
"openidprovider",
"openxmlformats",
"organisation",
"overriden",
"passwordless",
"pathable",
"pathsstring",
"persistencetest",
"picocli",
"pkce",
"pkgs",
"preparadas",
"primitivetype",
"primitivetypes",
"println",
"psql",
"rable",
"rables",
"rchen",
"rcio",
"reactivestreams",
"readarray",
"readlink",
"recaptcha",
"redirector",
"referencefile",
"referencetype",
"referencetypes",
"refreshable",
"replstate",
"researcherone",
"restauration",
"resteasy",
"rhus",
"rique",
"rkte",
"robj",
"rosas",
"rrez",
"sarif",
"sausgs",
"sdkman",
"sdkmanrc",
"seladen",
"serialisation",
"serialising",
"setcap",
"setgid",
"setuid",
"setweight",
"shellcheck",
"shellness",
"siastiques",
"sicas",
"slurpersupport",
"smalldatetime",
"smallint",
"smallmoney",
"snabbk",
"snakeyaml",
"softeng",
"soluta",
"sonarlint",
"spnego",
"spockframework",
"spreadsheetml",
"ssle",
"stackdump",
"starttls",
"stica",
"subfolders",
"suklaa",
"teborg",
"temurin",
"terminnology",
"termsby",
"threadname",
"timemachine",
"tinyint",
"tomillo",
"totp",
"tsquery",
"tsvector",
"tsvectors",
"turage",
"ugcu",
"unauthorised",
"uncapitalize",
"unde",
"unlogged",
"usermodel",
"vanniktech",
"varbinary",
"varchar",
"versionable",
"versionedfolder",
"versionedfolders",
"verte",
"webauthn",
"websearch",
"whatisthis",
"whichs",
"wrappper",
"xico",
"zaxxer",
"zoneinfo",
"zulip"
]
}
You can also copy-paste megalinter-reports/.cspell.json at the root of your repository
(Truncated to last 2352 characters out of 1711379)
⚠️ REPOSITORY / gitleaks - 1 error
^^^^^^^^^^^^^^^^^^^^^
warning: 8 warnings emitted
(Truncated to last 2352 characters out of 2213700)
⚠️ REPOSITORY / grype - 1 error
note: A low vulnerability in java-archive package: logback-core, version 1.5.19 was found at: /mauro-api/build/docker/main/layers/libs/logback-core-1.5.19.jar
error: A high vulnerability in java-archive package: jackson-core, version 2.19.2 was found at: /mauro-api/build/docker/main/layers/libs/jackson-core-2.19.2.jar
error: 1 errors emitted
⚠️ COPYPASTE / jscpd - 463 errors
[117:1 - 133:5] (16 lines, 99 tokens)
mauro-persistence/build.gradle [62:1 - 57:5]
┌────────────┬────────────────┬─────────────┬──────────────┬──────────────┬──────────────────┬───────────────────┐
│ Format │ Files analyzed │ Total lines │ Total tokens │ Clones found │ Duplicated lines │ Duplicated tokens │
├────────────┼────────────────┼─────────────┼──────────────┼──────────────┼──────────────────┼───────────────────┤
│ groovy │ 549 │ 55564 │ 461150 │ 452 │ 5142 (9.25%) │ 52382 (11.36%) │
├────────────┼────────────────┼─────────────┼──────────────┼──────────────┼──────────────────┼───────────────────┤
│ sql │ 17 │ 915 │ 9262 │ 6 │ 108 (11.8%) │ 1059 (11.43%) │
├────────────┼────────────────┼─────────────┼──────────────┼──────────────┼──────────────────┼───────────────────┤
│ bash │ 10 │ 622 │ 3613 │ 5 │ 131 (21.06%) │ 798 (22.09%) │
├────────────┼────────────────┼─────────────┼──────────────┼──────────────┼──────────────────┼───────────────────┤
│ properties │ 1 │ 5 │ 16 │ 0 │ 0 (0%) │ 0 (0%) │
├────────────┼────────────────┼─────────────┼──────────────┼──────────────┼──────────────────┼───────────────────┤
│ markdown │ 1 │ 640 │ 12170 │ 0 │ 0 (0%) │ 0 (0%) │
├────────────┼────────────────┼─────────────┼──────────────┼──────────────┼──────────────────┼───────────────────┤
│ Total: │ 578 │ 57746 │ 486211 │ 463 │ 5381 (9.32%) │ 54239 (11.16%) │
└────────────┴────────────────┴─────────────┴──────────────┴──────────────┴──────────────────┴───────────────────┘
Found 463 clones.
HTML report saved to megalinter-reports/copy-paste/html/
ERROR: jscpd found too many duplicates (9.32%) over threshold (0%)
Error: ERROR: jscpd found too many duplicates (9.32%) over threshold (0%)
at ThresholdReporter.report (/node-deps/node_modules/@jscpd/finder/dist/index.js:615:13)
at /node-deps/node_modules/@jscpd/finder/dist/index.js:109:18
at Array.forEach (<anonymous>)
at /node-deps/node_modules/@jscpd/finder/dist/index.js:108:22
at async /node-deps/node_modules/jscpd/dist/bin/jscpd.js:9:5
(Truncated to last 2352 characters out of 122126)
⚠️ SPELL / lychee - 74 errors
s in .github/workflows/gradle.yml
[404] https://megalinter.io/configuration/ | Network error: Not Found
Errors in mauro-api/src/test/resources/keycloak/realm.json
[ERROR] http://localhost:8088/oauth/login/keycloak | Network error: error sending request for url (http://localhost:8088/oauth/login/keycloak) Maybe a certificate error?
[ERROR] http://localhost:8088/ | Network error: error sending request for url (http://localhost:8088/) Maybe a certificate error?
Errors in mauro-api/src/test/resources/federatedPublishedModelsBytesAsText.json
[ERROR] http://accweb/emmployees/buchanan.bmp/ | Network error: error sending request for url (http://accweb/emmployees/buchanan.bmp/) Maybe a certificate error?
[ERROR] http://accweb/emmployees/peacock.bmp/ | Network error: error sending request for url (http://accweb/emmployees/peacock.bmp/) Maybe a certificate error?
[ERROR] http://accweb/emmployees/davolio.bmp/ | Network error: error sending request for url (http://accweb/emmployees/davolio.bmp/) Maybe a certificate error?
[ERROR] http://accweb/emmployees/peacock.bmp | Network error: error sending request for url (http://accweb/emmployees/peacock.bmp) Maybe a certificate error?
[ERROR] http://accweb/emmployees/buchanan.bmp | Network error: error sending request for url (http://accweb/emmployees/buchanan.bmp) Maybe a certificate error?
[ERROR] http://accweb/emmployees/fuller.bmp/ | Network error: error sending request for url (http://accweb/emmployees/fuller.bmp/) Maybe a certificate error?
[ERROR] http://accweb/emmployees/leverling.bmp/ | Network error: error sending request for url (http://accweb/emmployees/leverling.bmp/) Maybe a certificate error?
[TIMEOUT] http://modelcatalogue.cs.ox.ac.uk/sandbox | Timeout
[ERROR] http://accweb/emmployees/davolio.bmp | Network error: error sending request for url (http://accweb/emmployees/davolio.bmp) Maybe a certificate error?
[ERROR] http://accweb/emmployees/leverling.bmp | Network error: error sending request for url (http://accweb/emmployees/leverling.bmp) Maybe a certificate error?
[ERROR] http://accweb/emmployees/fuller.bmp | Network error: error sending request for url (http://accweb/emmployees/fuller.bmp) Maybe a certificate error?
Errors in mauro-client/README.md
[404] https://docs.micronaut.io/4.1.4/api/io/micronaut/context/annotation/Primary.html | Network error: Not Found
(Truncated to last 2352 characters out of 43403)
⚠️ MARKDOWN / markdownlint - 27 errors
Actual: 1]
README.md:2:1 error MD009/no-trailing-spaces Trailing spaces [Expected: 0 or 2; Actual: 1]
README.md:3:59 error MD009/no-trailing-spaces Trailing spaces [Expected: 0 or 2; Actual: 1]
README.md:7:68 error MD009/no-trailing-spaces Trailing spaces [Expected: 0 or 2; Actual: 1]
README.md:8:74 error MD009/no-trailing-spaces Trailing spaces [Expected: 0 or 2; Actual: 1]
README.md:13:92 error MD009/no-trailing-spaces Trailing spaces [Expected: 0 or 2; Actual: 1]
README.md:16:86 error MD009/no-trailing-spaces Trailing spaces [Expected: 0 or 2; Actual: 1]
README.md:18:94 error MD009/no-trailing-spaces Trailing spaces [Expected: 0 or 2; Actual: 1]
README.md:20:88 error MD009/no-trailing-spaces Trailing spaces [Expected: 0 or 2; Actual: 1]
README.md:22:90 error MD009/no-trailing-spaces Trailing spaces [Expected: 0 or 2; Actual: 1]
README.md:24:86 error MD009/no-trailing-spaces Trailing spaces [Expected: 0 or 2; Actual: 1]
README.md:34:90 error MD009/no-trailing-spaces Trailing spaces [Expected: 0 or 2; Actual: 1]
README.md:36:87 error MD009/no-trailing-spaces Trailing spaces [Expected: 0 or 2; Actual: 1]
README.md:38:95 error MD009/no-trailing-spaces Trailing spaces [Expected: 0 or 2; Actual: 1]
README.md:40:86 error MD009/no-trailing-spaces Trailing spaces [Expected: 0 or 2; Actual: 1]
README.md:45:89 error MD009/no-trailing-spaces Trailing spaces [Expected: 0 or 2; Actual: 1]
README.md:46:96 error MD009/no-trailing-spaces Trailing spaces [Expected: 0 or 2; Actual: 1]
README.md:49:100 error MD009/no-trailing-spaces Trailing spaces [Expected: 0 or 2; Actual: 1]
README.md:52:93 error MD009/no-trailing-spaces Trailing spaces [Expected: 0 or 2; Actual: 1]
README.md:55 error MD040/fenced-code-language Fenced code blocks should have a language specified [Context: "```"]
README.md:61 error MD040/fenced-code-language Fenced code blocks should have a language specified [Context: "```"]
README.md:64:91 error MD009/no-trailing-spaces Trailing spaces [Expected: 0 or 2; Actual: 1]
ready-configuration/index.md:1 error MD041/first-line-heading/first-line-h1 First line in a file should be a top-level heading [Context: "| Configuration | Description ..."]
ready-configuration/README.md:1 error MD041/first-line-heading/first-line-h1 First line in a file should be a top-level heading [Context: "Docker configurations are held..."]
(Truncated to last 2352 characters out of 2770)
⚠️ GROOVY / npm-groovy-lint - 3 errors
finition is preceded by javadoc. Enum definitions are not checked, due to strange behavior in the Groovy AST.
note: The opening brace for interface org.maurodata.persistence.SecuredContainerizedTest is not followed by a space or whitespace
┌─ mauro-persistence/src/testFixtures/groovy/org/maurodata/persistence/SecuredContainerizedTest.groovy:16:37
│
16 │ @interface SecuredContainerizedTest {}
│ ^
│
= Check that there is at least one space (blank) or whitespace after each opening brace ("{") for method/class/interface declarations, closure expressions and block statements.
note: The closing brace for interface org.maurodata.persistence.SecuredContainerizedTest is not preceded by a space or whitespace
┌─ mauro-persistence/src/testFixtures/groovy/org/maurodata/persistence/SecuredContainerizedTest.groovy:16:38
│
16 │ @interface SecuredContainerizedTest {}
│ ^
│
= Check that there is at least one space (blank) or whitespace before each closing brace ("}") for method/class/interface declarations, closure expressions and block statements.
warning: Class should be marked with one of @GrailsCompileStatic, @CompileStatic or @CompileDynamic
= Check that classes are explicitely annotated with either @GrailsCompileStatic, @CompileStatic or @CompileDynamic
note: The operator "=" within class None is not preceded by a space or whitespace
┌─ settings.gradle:2:17
│
2 │ rootProject.name="mauro-micronaut"
│ ^
│
= Check that there is at least one space (blank) or whitespace around each binary operator.
note: The operator "=" within class None is not followed by a space or whitespace
┌─ settings.gradle:2:17
│
2 │ rootProject.name="mauro-micronaut"
│ ^
│
= Check that there is at least one space (blank) or whitespace around each binary operator.
note: The String 'mauro-micronaut' can be wrapped in single quotes instead of double quotes
┌─ settings.gradle:2:19
│
2 │ rootProject.name="mauro-micronaut"
│ ^^^^^^^^^^^^^^^
│
= String objects should be created with single quotes, and GString objects created with double quotes. Creating normal String objects with double quotes is confusing to readers.
warning: 5243 warnings emitted
error: 3 errors emitted
(Truncated to last 2352 characters out of 5464573)
⚠️ JSON / prettier - 1 error
Checking formatting...
[warn] .groovylintrc.json
[warn] mauro-api/src/test/resources/federatedPublishedModelsBytesAsText.json
[warn] mauro-api/src/test/resources/keycloak/realm.json
[warn] mauro-api/src/test/resources/mauroJsonPublishedModels.json
[warn] mauro-api/src/test/resources/publishedModels.json
[warn] mauro-api/src/test/resources/publishedModelsNewerVersions.json
[warn] mauro-api/src/test/resources/subscribedCataloguePublishedModels.json
[warn] mauro-api/src/test/resources/subscribedCataloguePublishedModelsNewerVersions.json
[warn] mauro-domain/src/main/resources/ProfileSpecificationFieldProfile.json
[warn] Code style issues found in 9 files. Run Prettier with --write to fix.
⚠️ YAML / prettier - 1 error
Checking formatting...
[warn] .github/workflows/gradle.yml
[warn] keycloak/docker-compose.yml
[warn] mauro-api/micronaut-cli.yml
[warn] mauro-api/src/main/resources/application-docker.yml
[warn] mauro-api/src/main/resources/application-test.yml
[warn] mauro-api/src/main/resources/application.yml
[warn] mauro-api/src/test/resources/application-secured.yml
[warn] mauro-client/src/main/resources/application.yml
[warn] mauro-persistence/src/test/resources/application-test.yml
[warn] ready-configuration/quick-start/init/micronaut/application-mauro.yml
[warn] Code style issues found in 10 files. Run Prettier with --write to fix.
⚠️ BASH / shellcheck - 26 errors
fy location.
In mauro-api/docker/noDB/micronaut/micronaut-startup.sh line 19:
. "${f}"
^----^ SC1090 (warning): ShellCheck can't follow non-constant source. Use a directive to specify location.
In mauro-api/docker/noDB/micronaut/micronaut-startup.sh line 24:
cp -pf ${f} /home/app/plugins/.
^--^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
cp -pf "${f}" /home/app/plugins/.
In mauro-api/docker/noDB/micronaut/micronaut-startup.sh line 77:
echo ${JAVA_BIN} "${JAVA_OPTS}" -cp "/home/app/application.jar" "${APPLICATION_MAIN_CLASS}"
^---------^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
echo "${JAVA_BIN}" "${JAVA_OPTS}" -cp "/home/app/application.jar" "${APPLICATION_MAIN_CLASS}"
In mauro-api/docker/noDB/micronaut/micronaut-startup.sh line 78:
gosu micronaut ${JAVA_BIN} ${JAVA_OPTS} -cp /home/app/application.jar "${APPLICATION_MAIN_CLASS}"
^---------^ SC2086 (info): Double quote to prevent globbing and word splitting.
^----------^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
gosu micronaut "${JAVA_BIN}" "${JAVA_OPTS}" -cp /home/app/application.jar "${APPLICATION_MAIN_CLASS}"
In mauro-api/docker/noDB/startup/docker-environment.sh line 24:
export CPU_COUNT=$(nproc --all)
^-------^ SC2155 (warning): Declare and assign separately to avoid masking return values.
In mauro-api/docker/noDB/startup/docker-environment.sh line 27:
export DOCKER_SUBNET="$(ip -o -4 addr show 2>/dev/null | awk '/scope global/ {split($4,a,"/");split(a[1],b,".");printf "%d.%d.%d.0/%s\n",b[1],b[2],b[3],a[2];exit}')"
^-----------^ SC2155 (warning): Declare and assign separately to avoid masking return values.
In mauro-api/docker/noDB/startup/docker-startup.sh line 32:
source "$(which docker-environment.sh)"
^-- SC1090 (warning): ShellCheck can't follow non-constant source. Use a directive to specify location.
For more information:
https://www.shellcheck.net/wiki/SC1087 -- Use braces when expanding arrays,...
https://www.shellcheck.net/wiki/SC1090 -- ShellCheck can't follow non-const...
https://www.shellcheck.net/wiki/SC2155 -- Declare and assign separately to ...
(Truncated to last 2352 characters out of 7566)
⚠️ BASH / shfmt - 11 errors
+4,20 @@
# The actual maximum memory allowed is controlled by the
# docker engine VM's limit
-if [ -f /sys/fs/cgroup/memory.max ];
-then
- MEM_LIMIT=$(cat /sys/fs/cgroup/memory.max)
+if [ -f /sys/fs/cgroup/memory.max ]; then
+ MEM_LIMIT=$(cat /sys/fs/cgroup/memory.max)
elif [ -f /sys/fs/cgroup/memory/memory.limit_in_bytes ]; then
- MEM_LIMIT=$(cat /sys/fs/cgroup/memory/memory.limit_in_bytes)
+ MEM_LIMIT=$(cat /sys/fs/cgroup/memory/memory.limit_in_bytes)
else
- MEM_LIMIT="max"
-fi
-
-if [ "$MEM_LIMIT" = "max" ];
-then
- MEM_LIMIT_KB=$(grep MemTotal /proc/meminfo | awk '{print $2}')
- MEM_LIMIT=$((MEM_LIMIT_KB * 1024))
-fi
-
-export MEMORY_AVAILABLE_GB=$(( ( MEM_LIMIT + (1024 * 1024 * 1024) - 1 ) / 1024 / 1024 / 1024 ))
+ MEM_LIMIT="max"
+fi
+
+if [ "$MEM_LIMIT" = "max" ]; then
+ MEM_LIMIT_KB=$(grep MemTotal /proc/meminfo | awk '{print $2}')
+ MEM_LIMIT=$((MEM_LIMIT_KB * 1024))
+fi
+
+export MEMORY_AVAILABLE_GB=$(((MEM_LIMIT + (1024 * 1024 * 1024) - 1) / 1024 / 1024 / 1024))
echo "Detected memory limit: ${MEMORY_AVAILABLE_GB}GB"
export CPU_COUNT=$(nproc --all)
echo "Detected ${CPU_COUNT} cores"
diff mauro-api/docker/noDB/startup/docker-startup.sh.orig mauro-api/docker/noDB/startup/docker-startup.sh
--- mauro-api/docker/noDB/startup/docker-startup.sh.orig
+++ mauro-api/docker/noDB/startup/docker-startup.sh
@@ -2,31 +2,31 @@
set -e
if ! capsh --print | awk '/^Current:/ {print}' | grep -q cap_net_bind_service; then
- echo "ERROR: CAP_NET_BIND_SERVICE is required"
- echo
- capsh --print
- exit 1
+ echo "ERROR: CAP_NET_BIND_SERVICE is required"
+ echo
+ capsh --print
+ exit 1
fi
if ! capsh --print | awk '/^Current:/ {print}' | grep -q cap_setuid; then
- echo "ERROR: CAP_SETUID is required"
- echo
- capsh --print
- exit 1
+ echo "ERROR: CAP_SETUID is required"
+ echo
+ capsh --print
+ exit 1
fi
if ! capsh --print | awk '/^Current:/ {print}' | grep -q cap_setgid; then
- echo "ERROR: CAP_SETGID is required"
- echo
- capsh --print
- exit 1
+ echo "ERROR: CAP_SETGID is required"
+ echo
+ capsh --print
+ exit 1
fi
if ! capsh --print | awk '/^Current:/ {print}' | grep -q cap_chown; then
- echo "ERROR: CAP_CHOWN is required"
- echo
- capsh --print
- exit 1
+ echo "ERROR: CAP_CHOWN is required"
+ echo
+ capsh --print
+ exit 1
fi
source "$(which docker-environment.sh)"
(Truncated to last 2352 characters out of 53793)
⚠️ API / spectral - 1 warning
warning: The provided document does not match any of the registered formats [AsyncAPI 2.0.x, AsyncAPI 2.1.x, AsyncAPI 2.2.x, AsyncAPI 2.3.x, AsyncAPI 2.4.x, AsyncAPI 2.5.x, AsyncAPI 2.6.x, AsyncAPI 3.0.x, AsyncAPI 2.x, AsyncAPI 3.x, OpenAPI 2.0 (Swagger), OpenAPI 3.x, OpenAPI 3.0.x, OpenAPI 3.1.x]
┌─ mauro-api/src/main/resources/application.yml:1:1
│
1 │ ╭ micronaut:
2 │ │ application:
3 │ │ name: sandbox
4 │ │ client:
· │
118 │ │ audit:
119 │ │ scope: ALL
│ ╰──────────────^
warning: 1 warnings emitted
⚠️ REPOSITORY / trivy - 1 error
error: Artifact: mauro-api/build/docker/main/Dockerfile
Type: dockerfile
Vulnerability DS-0002
Severity: HIGH
Message: Specify at least 1 USER command in Dockerfile with non-root user as argument
Link: [DS-0002](https://avd.aquasec.com/misconfig/ds-0002)
┌─ mauro-api/build/docker/main/Dockerfile:1:1
│
1 │ FROM eclipse-temurin:21-jre-noble
│ ^
│
= Image user should not be 'root'
= Running containers with 'root' user can lead to a container escape situation. It is a best practice to run containers as non-root users, which can be done by adding a 'USER' statement to the Dockerfile.
error: 1 errors emitted
⚠️ XML / xmllint - 1 error
blished>2024-11-01T12:08:51Z</published>
<summary>test summary</summary>
<link href="https//localhost:8088/test/entry/D77476A1-8654-4B69-B579-93DB3467FDC1/artefact.json" rel="alternate" type="application/fhir+json"/>
<onto:permission code="restricted.read"/>
<source>
<title>NHS Digital data load feed</title>
<id>urn:uuid:b4484456-366a-4430-a8ae-56248003fc5a</id>
<link href="https://ontology.nhs.uk/syndication/feed/20241101_001_EXT_RC/syndication.xml" length="0" rel="alternate"/>
</source>
</entry>
</feed>
<?xml version="1.0"?>
<configuration>
<appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
<!--<withJansi>true</withJansi>-->
<!-- encoders are assigned the type
ch.qos.logback.classic.encoder.PatternLayoutEncoder by default -->
<encoder>
<pattern>%cyan(%d{HH:mm:ss.SSS}) %green([%thread]) %highlight(%-5level) %magenta(%logger{36}) - %msg%n</pattern>
</encoder>
</appender>
<root level="debug">
<appender-ref ref="STDOUT"/>
</root>
<logger name="io.micronaut.cache" level="info"/>
</configuration>
<?xml version="1.0"?>
<configuration>
<appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
<!--<withJansi>true</withJansi>-->
<!-- encoders are assigned the type
ch.qos.logback.classic.encoder.PatternLayoutEncoder by default -->
<encoder>
<pattern>%cyan(%d{HH:mm:ss.SSS}) %green([%thread]) %highlight(%-5level) %magenta(%logger{36}) - %msg%n</pattern>
</encoder>
</appender>
<root level="warn">
<appender-ref ref="STDOUT"/>
</root>
<!-- <logger name="io.micronaut.cache" level="info" /> -->
</configuration>
<?xml version="1.0"?>
<configuration>
<appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
<!--<withJansi>true</withJansi>-->
<!-- encoders are assigned the type
ch.qos.logback.classic.encoder.PatternLayoutEncoder by default -->
<encoder>
<pattern>%cyan(%d{HH:mm:ss.SSS}) %green([%thread]) %highlight(%-5level) %magenta(%logger{36}) - %msg%n</pattern>
</encoder>
</appender>
<root level="warn">
<appender-ref ref="STDOUT"/>
</root>
<!-- <logger name="io.micronaut.cache" level="info" /> -->
</configuration>
(Truncated to last 2352 characters out of 22666)
⚠️ YAML / yamllint - 38 errors
32:80 error trailing spaces (trailing-spaces)
152:258 error no new line character at the end of file (new-line-at-end-of-file)
keycloak/docker-compose.yml
1:1 warning missing document start "---" (document-start)
29:1 error too many blank lines (1 > 0) (empty-lines)
mauro-api/micronaut-cli.yml
1:1 warning missing document start "---" (document-start)
mauro-api/src/main/resources/application-docker.yml
1:1 warning missing document start "---" (document-start)
mauro-api/src/main/resources/application-test.yml
1:1 warning missing document start "---" (document-start)
8:1 warning comment not indented like content (comments-indentation)
mauro-api/src/main/resources/application.yml
1:1 warning missing document start "---" (document-start)
47:1 warning comment not indented like content (comments-indentation)
mauro-api/src/test/resources/application-secured.yml
1:1 warning missing document start "---" (document-start)
34:33 error no new line character at the end of file (new-line-at-end-of-file)
mauro-client/src/main/resources/application.yml
1:1 warning missing document start "---" (document-start)
8:24 error no new line character at the end of file (new-line-at-end-of-file)
mauro-persistence/src/main/resources/application.yml
1:1 warning missing document start "---" (document-start)
mauro-persistence/src/test/resources/application-test.yml
1:1 warning missing document start "---" (document-start)
19:1 warning comment not indented like content (comments-indentation)
21:31 error no new line character at the end of file (new-line-at-end-of-file)
ready-configuration/quick-start/init/micronaut/application-datasources.yml
1:1 warning missing document start "---" (document-start)
ready-configuration/quick-start/init/micronaut/application-javamail.yml
1:1 warning missing document start "---" (document-start)
ready-configuration/quick-start/init/micronaut/application-mauro.yml
1:1 warning missing document start "---" (document-start)
3:8 error too many spaces after hyphen (hyphens)
8:8 error too many spaces after hyphen (hyphens)
13:8 error too many spaces after hyphen (hyphens)
(Truncated to last 2352 characters out of 3392)
See detailed reports in MegaLinter artifacts
You could have the same capabilities but better runtime performances if you use a MegaLinter flavor:
- oxsecurity/megalinter/flavors/documentation@v9.4.0 (51 linters)
- oxsecurity/megalinter/flavors/ruby@v9.4.0 (52 linters)
- oxsecurity/megalinter/flavors/rust@v9.4.0 (52 linters)
Your project could benefit from a custom flavor, which would allow you to run only the linters you need, and thus improve runtime performances. (Skip this info by defining FLAVOR_SUGGESTIONS: false)
- Documentation: Custom Flavors
- Command:
npx mega-linter-runner@9.4.0 --custom-flavor-setup --custom-flavor-linters ACTION_ACTIONLINT,API_SPECTRAL,BASH_EXEC,BASH_SHELLCHECK,BASH_SHFMT,COPYPASTE_JSCPD,GROOVY_NPM_GROOVY_LINT,JSON_JSONLINT,JSON_V8R,JSON_PRETTIER,MARKDOWN_MARKDOWNLINT,MARKDOWN_MARKDOWN_TABLE_FORMATTER,REPOSITORY_CHECKOV,REPOSITORY_GIT_DIFF,REPOSITORY_GITLEAKS,REPOSITORY_GRYPE,REPOSITORY_SECRETLINT,REPOSITORY_SYFT,REPOSITORY_TRIVY,REPOSITORY_TRIVY_SBOM,REPOSITORY_TRUFFLEHOG,SPELL_CSPELL,SPELL_LYCHEE,XML_XMLLINT,YAML_PRETTIER,YAML_YAMLLINT,YAML_V8R
Show us your support by starring ⭐ the repository
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
If the jdbc connection url points outside of the container, don't start up postgres inside the container
If postgres is on the same host as the container, tune java options accordingly