From 8d0208ddb3aeffd73f170845b581cfc750a9200d Mon Sep 17 00:00:00 2001
From: Daya Adianto <dayaadianto@cs.ui.ac.id>
Date: Fri, 13 Sep 2019 16:28:54 +0700
Subject: [PATCH] Fix shellcheck installation (#7)

---
 .devcontainer/Dockerfile | 12 ++++++----
 .hadolint.yaml           |  1 +
 Dockerfile               | 14 +++++++----
 README.md                | 50 ++++++++++++++++++++++++++++++++++++++--
 4 files changed, 66 insertions(+), 11 deletions(-)

diff --git a/.devcontainer/Dockerfile b/.devcontainer/Dockerfile
index 8fcb253..7177afc 100644
--- a/.devcontainer/Dockerfile
+++ b/.devcontainer/Dockerfile
@@ -20,7 +20,7 @@ RUN apt-get update \
     && apt-get -y install --no-install-recommends git procps lsb-release \
     #
     # Install project-specific tools
-    && apt-get -y install --no-install-recommends ca-certificates wget \
+    && apt-get -y install --no-install-recommends ca-certificates wget xz-utils \
     #
     # Create a non-root user to use if preferred - see https://aka.ms/vscode-remote/containers/non-root-user.
     && groupadd --gid $USER_GID $USERNAME \
@@ -36,14 +36,18 @@ RUN apt-get update \
     && rm -rf /var/lib/apt/lists/*
 
 # Configure hadolint
-ARG HADOLINT_VERSION=v1.17.1
+ARG HADOLINT_VERSION=v1.17.2
 RUN wget -O /usr/local/bin/hadolint https://github.com/hadolint/hadolint/releases/download/${HADOLINT_VERSION}/hadolint-Linux-x86_64 \
     && chmod +x /usr/local/bin/hadolint
 
 # Configure shellcheck
 ARG SHELLCHECK_VERSION=latest
-RUN wget -O /usr/local/bin/shellcheck https://shellcheck.storage.googleapis.com/shellcheck-${SHELLCHECK_VERSION}.linux.x86_64.tar.xz \
-    && chmod +x /usr/local/bin/shellcheck
+RUN wget -O /opt/shellcheck-${SHELLCHECK_VERSION}.tar.xz https://shellcheck.storage.googleapis.com/shellcheck-${SHELLCHECK_VERSION}.linux.x86_64.tar.xz \
+    && cd /opt \
+    && tar -xf shellcheck-${SHELLCHECK_VERSION}.tar.xz \
+    && rm shellcheck-${SHELLCHECK_VERSION}.tar.xz \
+    && chmod +x /opt/shellcheck-${SHELLCHECK_VERSION}/shellcheck \
+    && ln -s /opt/shellcheck-${SHELLCHECK_VERSION}/shellcheck /usr/local/bin/shellcheck
 
 # Switch back to dialog for any ad-hoc use of apt-get
 ENV DEBIAN_FRONTEND=''
diff --git a/.hadolint.yaml b/.hadolint.yaml
index b138ee2..08c8a50 100644
--- a/.hadolint.yaml
+++ b/.hadolint.yaml
@@ -1,3 +1,4 @@
 ---
 ignored:
+  - DL3003
   - DL3008
\ No newline at end of file
diff --git a/Dockerfile b/Dockerfile
index d27c2d0..98c25ea 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -10,7 +10,7 @@ ARG USER_GID=$USER_UID
 
 # Install packages
 RUN apt-get update \
-    && apt-get -y install --no-install-recommends ca-certificates git nodejs unzip wget \
+    && apt-get -y install --no-install-recommends ca-certificates git nodejs unzip wget xz-utils \
     # Create a non-root user to use if preferred - see https://aka.ms/vscode-remote/containers/non-root-user.
     && groupadd --gid $USER_GID $USERNAME \
     && useradd -s /bin/bash --uid $USER_UID --gid $USER_GID -m $USERNAME \
@@ -29,8 +29,12 @@ RUN wget -O sonar-scanner-cli.zip https://binaries.sonarsource.com/Distribution/
 
 # Configure shellcheck
 ARG SHELLCHECK_VERSION=latest
-RUN wget -O /usr/local/bin/shellcheck https://shellcheck.storage.googleapis.com/shellcheck-${SHELLCHECK_VERSION}.linux.x86_64.tar.xz \
-    && chmod +x /usr/local/bin/shellcheck
+RUN wget -O /opt/shellcheck-${SHELLCHECK_VERSION}.tar.xz https://shellcheck.storage.googleapis.com/shellcheck-${SHELLCHECK_VERSION}.linux.x86_64.tar.xz \
+    && cd /opt \
+    && tar -xf shellcheck-${SHELLCHECK_VERSION}.tar.xz \
+    && rm shellcheck-${SHELLCHECK_VERSION}.tar.xz \
+    && chmod +x /opt/shellcheck-${SHELLCHECK_VERSION}/shellcheck \
+    && ln -s /opt/shellcheck-${SHELLCHECK_VERSION}/shellcheck /usr/local/bin/shellcheck
 
 # Switch back to dialog for any ad-hoc use of apt-get
 ENV DEBIAN_FRONTEND=''
@@ -38,9 +42,9 @@ ENV DEBIAN_FRONTEND=''
 ## Note to editors: Make sure name of USER and its WORKDIR path matches with
 ## the value of USERNAME above
 USER sonar
-WORKDIR /home/sonar
+WORKDIR /home/sonar/workspace
 
-CMD ["/bin/bash"]
+ENTRYPOINT ["sonar-scanner"]
 
 # Container image metadata
 ## Note to editors: metadata values for `created`, `version`, and `revision`
diff --git a/README.md b/README.md
index 44549a2..371a791 100644
--- a/README.md
+++ b/README.md
@@ -2,11 +2,57 @@
 
 > Sonar Scanner CLI bundled in a container image.
 
+## Usage
+
+First, you need to have a SonarScanner properties file (e.g. [`sonar-project.properties`](sonar-project.properties))
+in current working directory. Make sure to avoid putting sensitive information
+or values that might change over time in the properties file such as SonarQube's
+authentication token. Those kind of values and configuration can be passed
+into SonarScanner via CLI prompt.
+
+To run the container image locally using Docker:
+
+```bash
+docker run -v $(pwd):/home/sonar/workspace addianto/sonar-scanner-cli:latest [sonar-scanner options]
+```
+
+Example:
+
+```bash
+docker run -v $(pwd):/home/sonar/workspace addianto/sonar-scanner-cli:latest -Dsonar.host.url=https://pmpl.cs.ui.ac.id/sonarqube -Dsonar.login=[REDACTED]
+```
+
+> Note: It is also possible to pass all possible SonarScanner's properties
+> via CLI options. YMMV.
+
+To use the container image as a base image for a CI job on GitLab CI/CD:
+
+```yaml
+SonarScanner Analysis:
+  image: addianto/sonar-scanner-cli:latest
+  # Ideally you want to run SonarScanner after the test suite has generated
+  # test & coverage report. The following is only an example to run
+  # SonarScanner concurrently with CI job(s) in `test` stage.
+  stage: test
+  script:
+    # Obtain the host and token from GitLab CI environment variables
+    - sonar-scanner
+      -Dsonar.host.url=$SONARQUBE_HOST
+      -Dsonar.login=$SONARQUBE_TOKEN
+  only:
+    # Perform SonarScanner analysis only on `master` branch
+    - master
+```
+
 ## Maintainers
 
 - [Daya Adianto](https://gitlab.com/addianto)
 
 ## License
 
-Copyright (c) 2019 Faculty of Computer Science Universitas Indonesia. Licensed
-under the [GNU Lesser General Public, Version 3.0](LICENSE).
+[SonarScanner CLI](https://github.com/Sonarsource/sonar-scanner-cli) is a
+product of [SonarSource](https://www.sonarsource.com) and licensed under the
+[GNU Lesser General Public License, Version 3.0](http://www.gnu.org/licenses/lgpl.txt).
+
+The Dockerfiles and associated scripts found in this project are licensed under
+the [GNU Lesser General Public License, Version 3.0](LICENSE).
-- 
GitLab