oxsecurity · echoix · Sep 10, 2024 · Sep 9, 2024 · Sep 9, 2024 · Sep 9, 2024
@@ -464,6 +464,11 @@
     "image": "https://repository-images.githubusercontent.com/239106765/29bc0580-5b2f-11ea-89e2-d985890508c1",
     "title": "GitHub - secretlint/secretlint: Pluggable linting tool to prevent committing credential."
   },
+  "selene": {
+    "description": "selene is a command line tool designed to help write correct and idiomatic Lua code.",
+    "image": null,
+    "title": "selene - selene Documentation"
+  },
   "semgrep": {
     "description": "None",
     "image": null,

@@ -1,7 +1,8 @@
 local embracer = {}
 
-local function helper()
+local function helper(opt)
    -- NYI wontfix
+  print(opt)
 end
 
 function embracer.embrace(opt)

@@ -118,15 +118,17 @@
         "minizlib",
         "mkdirp",
         "msgon",
+        "neovim",
         "netbeans",
         "nextick",
-        "numprocesses",
         "noni",
         "noout",
         "nopt",
         "npm-packlist",
         "npmpackagejsonlintignore",
         "npmpackagejsonlintrc",
+        "numprocesses",
+        "nvim",
         "oKXXN0",
         "oKXXXXNXXX0l",
         "ontainer",

@@ -102,6 +102,7 @@ jobs:
             "kubernetes_kubescape",
             "latex_chktex",
             "lua_luacheck",
+            "lua_selene",
             "markdown_markdownlint",
             "markdown_markdown_link_check",
             "markdown_markdown_table_formatter",

@@ -84,6 +84,7 @@ jobs:
             "kubernetes_kubescape",
             "latex_chktex",
             "lua_luacheck",
+            "lua_selene",
             "markdown_markdownlint",
             "markdown_markdown_link_check",
             "markdown_markdown_table_formatter",

@@ -97,6 +97,7 @@ jobs:
             "kubernetes_kubescape",
             "latex_chktex",
             "lua_luacheck",
+            "lua_selene",
             "markdown_markdownlint",
             "markdown_markdown_link_check",
             "markdown_markdown_table_formatter",

@@ -117,6 +117,8 @@ ARG PMD_VERSION=7.5.0
 # renovate: datasource=github-tags depName=detekt/detekt
 ARG DETEKT_VERSION=1.23.7
 
+# renovate: datasource=crate depName=selene
+ARG LUA_SELENE_VERSION=0.27.1
 # renovate: datasource=nuget depName=PSScriptAnalyzer registryUrl=https://www.powershellgallery.com/api/v2/
 ARG PSSA_VERSION='1.22.0'
 
@@ -217,7 +219,7 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \
 #CARGO__START
 RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable \
     && export PATH="/root/.cargo/bin:${PATH}" \
-    && rustup component add clippy && cargo install --force --locked sarif-fmt  shellcheck-sarif \
+    && rustup component add clippy && cargo install --force --locked sarif-fmt  shellcheck-sarif  selene@${LUA_SELENE_VERSION} \
     && rm -rf /root/.cargo/registry /root/.cargo/git /root/.cache/sccache
 ENV PATH="/root/.cargo/bin:${PATH}"
 #CARGO__END
@@ -493,6 +495,14 @@ ENV PATH="$JAVA_HOME/bin:${PATH}"
 # ENV JAVA_HOME=/usr/lib/jvm/java-21-openjdk
 # Next line commented because already managed by another linter
 # ENV PATH="$JAVA_HOME/bin:${PATH}"
+#
+# LUA installation
+RUN wget --tries=5 https://www.lua.org/ftp/lua-5.3.5.tar.gz -O - -q | tar -xzf - \
+    && cd lua-5.3.5 \
+    && make linux \
+    && make install \
+    && cd .. && rm -r lua-5.3.5/
+
 #
 # PHP installation
 RUN --mount=type=secret,id=GITHUB_TOKEN GITHUB_AUTH_TOKEN="$(cat /run/secrets/GITHUB_TOKEN)" \
@@ -657,11 +667,6 @@ RUN wget --quiet https://github.com/pmd/pmd/releases/download/pmd_releases%2F${P
     && cd ~ && touch .chktexrc && cd / \
 #
 # luacheck installation
-    && wget --tries=5 https://www.lua.org/ftp/lua-5.3.5.tar.gz -O - -q | tar -xzf - \
-    && cd lua-5.3.5 \
-    && make linux \
-    && make install \
-    && cd .. && rm -r lua-5.3.5/ \
     && wget --tries=5 https://github.com/cvega/luarocks/archive/v3.3.1-super-linter.tar.gz -O - -q | tar -xzf - \
     && cd luarocks-3.3.1-super-linter \
     && ./configure --with-lua-include=/usr/local/include \
@@ -671,6 +676,8 @@ RUN wget --quiet https://github.com/pmd/pmd/releases/download/pmd_releases%2F${P
     && luarocks install luacheck \
     && cd / \
 #
+# selene installation
+#
 # perlcritic installation
     && curl -fsSL https://raw.githubusercontent.com/skaji/cpm/main/cpm | perl - install -g --show-build-log-on-failure --without-build --without-test --without-runtime Perl::Critic \
     && rm -rf /root/.perl-cpm

@@ -52,6 +52,7 @@
 | KUBERNETES_KUBESCAPE              | oxsecurity/megalinter-only-kubernetes_kubescape:beta              |       ![Docker Image Size (tag)](https://img.shields.io/docker/image-size/oxsecurity/megalinter-only-kubernetes_kubescape/beta)        |
 | LATEX_CHKTEX                      | oxsecurity/megalinter-only-latex_chktex:beta                      |           ![Docker Image Size (tag)](https://img.shields.io/docker/image-size/oxsecurity/megalinter-only-latex_chktex/beta)            |
 | LUA_LUACHECK                      | oxsecurity/megalinter-only-lua_luacheck:beta                      |           ![Docker Image Size (tag)](https://img.shields.io/docker/image-size/oxsecurity/megalinter-only-lua_luacheck/beta)            |
+| LUA_SELENE                        | oxsecurity/megalinter-only-lua_selene:beta                        |            ![Docker Image Size (tag)](https://img.shields.io/docker/image-size/oxsecurity/megalinter-only-lua_selene/beta)             |
 | MAKEFILE_CHECKMAKE                | oxsecurity/megalinter-only-makefile_checkmake:beta                |        ![Docker Image Size (tag)](https://img.shields.io/docker/image-size/oxsecurity/megalinter-only-makefile_checkmake/beta)         |
 | MARKDOWN_MARKDOWNLINT             | oxsecurity/megalinter-only-markdown_markdownlint:beta             |       ![Docker Image Size (tag)](https://img.shields.io/docker/image-size/oxsecurity/megalinter-only-markdown_markdownlint/beta)       |
 | MARKDOWN_REMARK_LINT              | oxsecurity/megalinter-only-markdown_remark_lint:beta              |       ![Docker Image Size (tag)](https://img.shields.io/docker/image-size/oxsecurity/megalinter-only-markdown_remark_lint/beta)        |

@@ -143,12 +143,14 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \
 ## @generated by .automation/build.py using descriptor files, please do not update manually ##
 #############################################################################################
 #OTHER__START
-# luacheck installation
+# LUA installation
 RUN wget --tries=5 https://www.lua.org/ftp/lua-5.3.5.tar.gz -O - -q | tar -xzf - \
     && cd lua-5.3.5 \
     && make linux \
     && make install \
     && cd .. && rm -r lua-5.3.5/ \
+#
+# luacheck installation
     && wget --tries=5 https://github.com/cvega/luarocks/archive/v3.3.1-super-linter.tar.gz -O - -q | tar -xzf - \
     && cd luarocks-3.3.1-super-linter \
     && ./configure --with-lua-include=/usr/local/include \

@@ -0,0 +1,244 @@
+# syntax=docker/dockerfile:1
+###########################################
+###########################################
+## Dockerfile to run MegaLinter ##
+###########################################
+###########################################
+
+# @not-generated
+
+#############################################################################################
+## @generated by .automation/build.py using descriptor files, please do not update manually ##
+#############################################################################################
+#ARGTOP__START
+
+#ARGTOP__END
+
+#############################################################################################
+## @generated by .automation/build.py using descriptor files, please do not update manually ##
+#############################################################################################
+#FROM__START
+
+#FROM__END
+
+##################
+# Build wheel for megalinter python package
+##################
+FROM ghcr.io/astral-sh/uv:0.4.7 AS uv
+FROM python:3.12.5-alpine3.20 AS build-ml-core
+WORKDIR /
+COPY pyproject.toml .
+COPY --from=uv /uv /bin/uv
+RUN --mount=type=cache,target=/root/.cache/uv \
+     uv pip install --system -r pyproject.toml
+COPY . .
+RUN --mount=type=cache,target=/root/.cache/uv \
+    uv pip install --system .
+
+##################
+# Get base image #
+##################
+FROM python:3.12.5-alpine3.20
+
+#############################################################################################
+## @generated by .automation/build.py using descriptor files, please do not update manually ##
+#############################################################################################
+#ARG__START
+# renovate: datasource=crate depName=selene
+ARG LUA_SELENE_VERSION=0.27.1
+#ARG__END
+
+####################
+# Run APK installs #
+####################
+
+WORKDIR /
+
+#############################################################################################
+## @generated by .automation/build.py using descriptor files, please do not update manually ##
+#############################################################################################
+#APK__START
+RUN apk add --no-cache \
+                bash \
+                ca-certificates \
+                curl \
+                gcc \
+                git \
+                git-lfs \
+                libffi-dev \
+                make \
+                musl-dev \
+                openssh \
+    && git config --global core.autocrlf true
+#APK__END
+
+# PATH for golang & python
+ENV GOROOT=/usr/lib/go \
+    GOPATH=/go
+    # PYTHONPYCACHEPREFIX="$HOME/.cache/cpython/" NV: not working for all packages :/
+# hadolint ignore=DL3044
+ENV PATH="$PATH":"$GOROOT"/bin:"$GOPATH"/bin
+RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \
+    # Ignore npm package issues
+    yarn config set ignore-engines true || true
+
+##############################
+# Installs rust dependencies #
+#############################################################################################
+## @generated by .automation/build.py using descriptor files, please do not update manually ##
+#############################################################################################
+
+#CARGO__START
+RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable \
+    && export PATH="/root/.cargo/bin:${PATH}" \
+    && cargo install --force --locked selene@${LUA_SELENE_VERSION} \
+    && rm -rf /root/.cargo/registry /root/.cargo/git /root/.cache/sccache /root/.rustup
+ENV PATH="/root/.cargo/bin:${PATH}"
+#CARGO__END
+
+################################
+# Installs python dependencies #
+#############################################################################################
+## @generated by .automation/build.py using descriptor files, please do not update manually ##
+#############################################################################################
+
+#PIPVENV__START
+
+#PIPVENV__END
+
+############################
+# Install NPM dependencies #
+#############################################################################################
+## @generated by .automation/build.py using descriptor files, please do not update manually ##
+#############################################################################################
+
+ENV NODE_OPTIONS="--max-old-space-size=8192" \
+    NODE_ENV=production
+#NPM__START
+
+#NPM__END
+
+# Add node packages to path #
+ENV PATH="/node-deps/node_modules/.bin:${PATH}" \
+    NODE_PATH="/node-deps/node_modules"
+
+##############################
+# Installs ruby dependencies #
+#############################################################################################
+## @generated by .automation/build.py using descriptor files, please do not update manually ##
+#############################################################################################
+
+#GEM__START
+
+#GEM__END
+
+##############################
+# COPY instructions #
+#############################################################################################
+## @generated by .automation/build.py using descriptor files, please do not update manually ##
+#############################################################################################
+
+#COPY__START
+
+#COPY__END
+
+#############################################################################################
+## @generated by .automation/build.py using descriptor files, please do not update manually ##
+#############################################################################################
+#OTHER__START
+# LUA installation
+RUN wget --tries=5 https://www.lua.org/ftp/lua-5.3.5.tar.gz -O - -q | tar -xzf - \
+    && cd lua-5.3.5 \
+    && make linux \
+    && make install \
+    && cd .. && rm -r lua-5.3.5/
+
+#
+# selene installation
+#
+#OTHER__END
+
+################################
+# Installs python dependencies #
+################################
+COPY --from=build-ml-core pyproject.toml README.md ./
+COPY --from=build-ml-core megalinter /megalinter/
+RUN --mount=type=cache,target=/root/.cache/uv,from=build-ml-core \
+    --mount=from=uv,source=/uv,target=/bin/uv \
+    uv pip install --system -e .
+
+#######################################
+# Copy scripts and rules to container #
+#######################################
+COPY megalinter/descriptors /megalinter-descriptors
+COPY TEMPLATES /action/lib/.automation
+
+# Copy server scripts
+COPY server /server
+
+###########################
+# Get the build arguments #
+###########################
+ARG BUILD_DATE
+ARG BUILD_REVISION
+ARG BUILD_VERSION
+
+#################################################
+# Set ENV values used for debugging the version #
+#################################################
+ENV BUILD_DATE=$BUILD_DATE \
+    BUILD_REVISION=$BUILD_REVISION \
+    BUILD_VERSION=$BUILD_VERSION
+
+#FLAVOR__START
+ENV MEGALINTER_FLAVOR=none
+#FLAVOR__END
+
+#########################################
+# Label the instance and set maintainer #
+#########################################
+LABEL com.github.actions.name="MegaLinter" \
+      com.github.actions.description="The ultimate linters aggregator to make sure your projects are clean" \
+      com.github.actions.icon="code" \
+      com.github.actions.color="red" \
+      maintainer="Nicolas Vuillamy <[email protected]>" \
+      org.opencontainers.image.created=$BUILD_DATE \
+      org.opencontainers.image.revision=$BUILD_REVISION \
+      org.opencontainers.image.version=$BUILD_VERSION \
+      org.opencontainers.image.authors="Nicolas Vuillamy <[email protected]>" \
+      org.opencontainers.image.url="https://megalinter.io" \
+      org.opencontainers.image.source="https://github.com/oxsecurity/megalinter" \
+      org.opencontainers.image.documentation="https://megalinter.io" \
+      org.opencontainers.image.vendor="Nicolas Vuillamy" \
+      org.opencontainers.image.description="Lint your code base with GitHub Actions"
+
+#EXTRA_DOCKERFILE_LINES__START
+ENV ENABLE_LINTERS=LUA_SELENE \
+    FLAVOR_SUGGESTIONS=false \
+    SINGLE_LINTER=LUA_SELENE \
+    PRINT_ALPACA=false \
+    LOG_FILE=none \
+    SARIF_REPORTER=true \
+    TEXT_REPORTER=false \
+    UPDATED_SOURCES_REPORTER=false \
+    GITHUB_STATUS_REPORTER=false \
+    GITHUB_COMMENT_REPORTER=false \
+    EMAIL_REPORTER=false \
+    FILEIO_REPORTER=false \
+    CONFIG_REPORTER=false \
+    SARIF_TO_HUMAN=false
+RUN mkdir /root/docker_ssh && mkdir /usr/bin/megalinter-sh
+EXPOSE 22
+COPY entrypoint.sh /entrypoint.sh
+COPY sh /usr/bin/megalinter-sh
+COPY sh/megalinter_exec /usr/bin/megalinter_exec
+COPY sh/motd /etc/motd
+RUN find /usr/bin/megalinter-sh/ -type f -iname "*.sh" -exec chmod +x {} \; && \
+    chmod +x entrypoint.sh && \
+    chmod +x /usr/bin/megalinter_exec && \
+    echo "alias megalinter='python -m megalinter.run'" >> ~/.bashrc && source ~/.bashrc && \
+    echo "alias megalinter_exec='/usr/bin/megalinter_exec'" >> ~/.bashrc && source ~/.bashrc
+RUN export STANDALONE_LINTER_VERSION="$(python -m megalinter.run --input /tmp --linterversion)" && \
+    echo $STANDALONE_LINTER_VERSION
+ENTRYPOINT ["/bin/bash", "/entrypoint.sh"]
+#EXTRA_DOCKERFILE_LINES__END