gazr-io / gazr Goto Github PK

• Jenkins
• Gitlab-CI
• Travis

there is a make run but why no build step ?

Example :

build:
  docker build -t xxx/yyy .

Here's what I got when I go on https://gazr.io/ :

I struggled (and did not succeed to date) to make a working sample for a project which requires internet access to run the tasks, when executed behind my company's proxy.

This issue occurs for java / JVM projects (maven / gradle / sbt ... download depdencies from internet during build phase), and I guess it would also be an issue for ruby, javascript projects. Basically any stack which declares and download dependencies.

It is quite tricky to have docker images which work both behind an http proxy and without one. I think transparent proxy is a possibility but needs to be investigated further.

I really like the idea behind this project ! (I attended Stan presentation in Worldline yesterday).

Seems to me that Windows developpers would also need to install some tool to support Makefiles ... any recommendation from your experience ?

We'd like to suggest adding a recipe to the Gazr specs for a common use-case.

For each of our projects, we scan the external dependencies for vulnerabilities (pyupip/safety for python, snyk for nodejs, etc.). We have a top-level security recipe that calls security-sast and security-dependencies-audit.

We'd like to suggest adding security-dependencies-audit or similar to the Gazr specs :)

I'd like to add a common use-case: external dependencies vulnerability checks.

As there is security-sast, I'd like to suggest adding security-dependency-audit or something in that spirit (I couldn't find a shorter name).
We could also add a top security makefile receipe that then calls security-sast and security-dependency-audit.

Hi there,

Would you consider adding an "optional" make init command dedicated to pre-docker / non-docker stuff (e.g. importing a file/db dump from a remote s3, prompting user from some values...) ?

We just started to implement this on our side, but we would love to see it becoming part of the project if it makes any sense :).

Let me know if we can help

I heard that you also have java services in Dailymotion, would you share here as samples how they are integrated in gazr ?

I think adoption will be related to the diversity / coverage of languages & tools provided in the samples.