Add an analyzer-debug script (!11) · Merge requests · GitLab.org / Secure Stage / tools / Analyzer Scripts

James Liu requested to merge jliu/debug-script into master Jun 10, 2022

This MR adds an analyzer-debug script that offers a convenient way of spinning up a Docker image containing the analyser, its upstream dependencies, and Delve. The intent is to introduce some basic debugging capabilities in a production-like environment.

The script is designed to be used in concert with analyzer-build. An invocation might look like:

# ~/code/gl/security-products/analyzers/kics

analyzer-build  # produces the kics:main Docker image
analyzer-debug ~/code/gl/security-products/tests/cloudformation  # derived from kics:main, produces kics:main-debug, and execs into it

The script builds a new Docker image derived from the one produced by analyzer-build (i.e. the runtime image pulled by customers). It determines the Linux distro of the base image and the CPU architecture it's running on to make the necessary adjustments to install Delve. When the script is successful, it drops you into the container where you can start a Delve session for debugging. The analyser repository is mounted into the container, so changes can be made on the host machine and Delve can be reloaded without rebuilding the whole container.

Edited Jun 14, 2022 by James Liu

Add an analyzer-debug script

Merge request reports