Dockerized quality and security checks for Rust projects 🦀
This project bakes and publishes a Docker image intended for Rust CI pipelines with an eye on quality, supply-chain security and reproducible results.
The following tools are pre-installed :
- Latest Rust toolchain + components (
fmt,clippy) - Latest cargo-deny
- Latest cargo-machete
- Latest cargo-msrv
- Latest cargo-cyclonedx
All Cargo extensions have pinned versions by design, ensuring reproducibility as containerized executions. New versions for these extensions are automatically managed by Renovate along with our merging + publishing CI/CD automation.
You can bring callinectes to your CI pipeline with Docker:
docker run --rm -v "${PWD}:/usr/src" "ghcr.io/dotanuki-labs/callinectes" <task> <task> ...where task is one of the following
fmtclippymsrvdenycyclonedx
For example, to check quality on Rust sources:
docker run --rm -v "${PWD}:/usr/src" "ghcr.io/dotanuki-labs/callinectes" fmt clippyPlease check our entrypoint script to learn specifics on how those tasks are executed.
callinectes is also known as the Atlantic blue crab.
Copyright (c) 2024 - Dotanuki Labs - The MIT license