This week I summarized my work during GSoC 2020. This is the last week on GSoC and I have spent a  great summer.

I will continue working on the Tern project. I am now focusing on the multistage dockerfile analysis. We have now passed the first step. 

However, I came up with a issue about building the multistage dockerfile. This is a tricky issue and I am working on this.

Thanks for my mentors and the Python Foundation!

My proposal

Organization: Python Software Foundation

Tag: Tern

Repositorie link: https://github.com/tern-tools/tern.

Tiltle: Use shlex to parse Dockerfile RUN instruction commands.

Details: Use shlex to parse Dockerfile RUN instruction commands. On looking at the type of parsing needed for full shell scripts embedded in the run command, we may need to develop a shell script parser to catch all places where software could have been installed.

Previous work on the project

Works towards docs:

1. Document YAML data output that Tern produces.  https://github.com/tern-tools/tern/pull/561.

Works towards dockerfile analysis:

1. Record git project name and sha. https://github.com/tern-tools/tern/pull/571.

2. Parsing ARG varibales. https://github.com/tern-tools/tern/pull/580.

3. Find Git Project URL. https://github.com/tern-tools/tern/pull/606.

Works towards bug fixing:

1. Fix linting error for helper.py. https://github.com/tern-tools/tern/pull/650.

2. Fix linting error for generator.py. https://github.com/tern-tools/tern/pull/651.

Work during GSoC

Works towards shell script parser:

1. Using Regex to split shell script. https://github.com/tern-tools/tern/pull/717.

2. Add test dockerfiles for split shell script. https://github.com/tern-tools/tern/pull/718.

3. Update functions to use the shell script parser. https://github.com/tern-tools/tern/pull/756.

4. Add report for branch statement. https://github.com/tern-tools/tern/pull/764.

Works towards analysis on multistage dockerfile:

1. Split multistage dockerfile by stage. https://github.com/tern-tools/tern/pull/774.

2. Analyze multistage. https://github.com/tern-tools/tern/pull/786. (Still work in progress).

Works towards bug fixing:

1. Bug fix with Dockerfile RUN parsing. https://github.com/tern-tools/tern/pull/773.

Progress on my GSoC 2020

During the preparation period on the GSoC 2020, I got familiar with the basic operations on Github (filing a issue, how to commit) by working on the docs(PR#561). Then I picked up the issue on the dockerfile analysis. I quickly got through the code and tried to make changes on it. My mentors were very helpful and helped me a lot on the coding style and logic.

I chose the proposal on the shell script parser. It seemed tricky at first, but if I took the plan step by step, it should work at end. The first step is to seperate the commands, and then pick out the key words, and do analysis on the command at last. We had a weekly meeting over Zoom to keep track on my progress and resolve some problems. Finally I finished my proposal by the beginning of August.

Next, I began to work on multistage dockerfile analysis. This was kind of relevant to my previous work. My plan is spliting the multistage dockerfile, building the image and analyzing on the image. Now I have finished the first step. I will keep working on the following steps. 

Thanks to my mentors, your help was greatly appreciated. Tern is awesome, I like it! This is the first time that I have participated in open source project, and I have spent a great summer in GSoC!

What I have done this week

1. Made changes on the PR(Split the multistage dockerfile for build) and after discussion with my mentor, my PR was merged. 

2. Rebased the PR(Analyze multistage dockerfile) to the latest branch. This draft PR is used to test the functionality and if it works, i will split it into small steps to implement it. So i will keep working on this issue after GSoC.

3. Discussed with my mentor on the final evaluation and made preparation on it. I will write a blog here to present my work this summer.

Next week

Finish my final evaluation.

What I have done this week

1. Modified the PR on split multistage dockerfile. The function works fine so far.

2. Filed a draft PR on building and analyzing the multistage dockerfile. This PR is used to test the feasibility and needs modifications. So far we can get the report on each stage. More tests will be run on this function.

Plan on next week

1. More tests on the draft PR and send feedbacks to mentors.

2. Try dockerfile lock.

Thoughts

I am not sure if this is the best way to implement analysis on multistage dockerfile. But at least this should work.

What I have done this week

Works towards analyzing multistage dockerfile. I combined the draft PR and the review from my mentors, the new commit is the first step of my plan. We split the multistage dockerfile into seperate dockefiles for build. Here are the changes in the new commit.

1. Modified function check_multistage_dockerfile() to return.

2. Remove function split_multistage_dockerfile() since we are working on the building stage. split_multistage_dockerfile() can be improved on analyze stage.

To Do

1. Improve readability for function check_multistage_dockerfile().

2. Try build images and analyze on them.

Did I get stuck somewhere?

Not yet.