Code Analysis
.deepsource.toml
This section covers.deepsource.toml
configuration specific to the docker
analyzer. Please make sure to read the general configuration guide first.
name
- Type: String
- Presence: mandatory
- Description: Shortcode of the analyzer.
- Example:
enabled
- Type: Boolean
- Presence: optional
- Description: Toggle whether this analyzer should be run.
- Example:
meta
- Type: Table
- Presence: optional
- Description: Any supported metadata to pass to the analyzer.
- Example:
dockerfile_paths
- Type: Array
- Presence: optional
- Description: Specify the dockerfile(s) to run analysis on.
- Available Value: None. Expects path(s) of dockerfile(s)
- Default Value: File named
Dockerfile
in the repository root, if it exists. - Example:
Dockerfile
in the repository root by default. If your Dockerfile name or path is different, you must provide the path to the file in the dockerfile_paths
meta field.
If dockerfile_paths
is specified, DeepSource will run analysis on all the files provided, along with the default Dockerfile
file from the repository root, if it exists.
trusted_registries
- Type: String
- Presence: optional
- Description: Specify trusted registries from where images are to be pulled.
- Available Value: None. The user must provide the registries.
- Default Value: None
- Example:
trusted_registries
, the analyzer will not flag untrusted registries when encountered. However, when trusted_registries
is provided, DeepSource will consider only the specified registries as allowed, and will raise an issue for any other registry that images are pulled from.