ci: use docs flavor for document generation#1336
Conversation
|
| # syntax=docker/dockerfile:1 | ||
|
|
||
| ARG BASE_IMAGE=ghcr.io/philips-software/amp-devcontainer-base:edge | ||
| FROM ${BASE_IMAGE} |
| generate-documents: | ||
| name: Generate Documents | ||
| runs-on: ubuntu-latest | ||
| container: ghcr.io/philips-software/amp-devcontainer-docs:pr-1335 |
📦 Container Size AnalysisNote Comparing 📈 Size Comparison Table
|
✅
|
| Descriptor | Linter | Files | Fixed | Errors | Warnings | Elapsed time |
|---|---|---|---|---|---|---|
| ✅ ACTION | actionlint | 23 | 0 | 0 | 0.18s | |
| ✅ DOCKERFILE | hadolint | 4 | 0 | 0 | 0.29s | |
| ✅ JSON | npm-package-json-lint | yes | no | no | 0.5s | |
| ✅ JSON | prettier | 32 | 6 | 0 | 0 | 0.97s |
| ✅ JSON | v8r | 32 | 0 | 0 | 14.29s | |
| ✅ MARKDOWN | markdownlint | 12 | 0 | 0 | 0 | 1.32s |
| ✅ MARKDOWN | markdown-table-formatter | 12 | 0 | 0 | 0 | 0.34s |
| ✅ REPOSITORY | checkov | yes | no | no | 28.23s | |
| ✅ REPOSITORY | gitleaks | yes | no | no | 1.25s | |
| ✅ REPOSITORY | git_diff | yes | no | no | 0.01s | |
| ✅ REPOSITORY | grype | yes | no | no | 56.66s | |
| osv-scanner | yes | 1 | no | 1.2s | ||
| ✅ REPOSITORY | secretlint | yes | no | no | 2.23s | |
| ✅ REPOSITORY | syft | yes | no | no | 2.38s | |
| ✅ REPOSITORY | trivy | yes | no | no | 14.63s | |
| ✅ REPOSITORY | trivy-sbom | yes | no | no | 0.28s | |
| ✅ REPOSITORY | trufflehog | yes | no | no | 6.61s | |
| lychee | 99 | 3 | 0 | 41.44s | ||
| ✅ YAML | prettier | 32 | 0 | 0 | 0 | 1.31s |
| ✅ YAML | v8r | 32 | 0 | 0 | 14.02s | |
| ✅ YAML | yamllint | 32 | 0 | 0 | 1.38s |
Detailed Issues
⚠️ SPELL / lychee - 3 errors
📝 Summary
---------------------
🔍 Total..........143
🔗 Unique.........120
✅ Successful.....135
⏳ Timeouts.........0
🔀 Redirected......18
👻 Excluded.........0
❓ Unknown..........0
🚫 Errors...........3
⛔ Unsupported......3
Errors in .github/TOOL_VERSION_ISSUE_TEMPLATE.md
[403] https://developer.arm.com/downloads/-/arm-gnu-toolchain-downloads (at 38:7) | Rejected status code: 403 Forbidden
Errors in test/cpp/features/security.feature
[ERROR] https://slsa.dev/spec/v1.0/threats (at 28:19) | Connection failed. Check network connectivity and firewall settings
[ERROR] https://slsa.dev/spec/v1.0/verifying-artifacts (at 24:25) | Connection failed. Check network connectivity and firewall settings
Hint: Followed 18 redirects. You might want to consider replacing redirecting URLs with the resolved URLs. Use verbose mode (`-v`/`-vv`) to see redirection details.
Hint: You can configure accepted/rejected response codes with `-a` or `--accept`
⚠️ REPOSITORY / osv-scanner - 1 error
Scanning dir .
Starting filesystem walk for root: /
Scanned .devcontainer/docs/requirements.txt file and found 14 packages
Scanned .devcontainer/cpp/requirements.txt file and found 20 packages
Scanned package-lock.json file and found 73 packages
Scanned test/rust/workspace/cargo/Cargo.lock file and found 1 package
Scanned test/rust/workspace/test/Cargo.lock file and found 1 package
Scanned test/rust/workspace/cortex-m/Cargo.lock file and found 20 packages
Scanned test/rust/workspace/clippy/Cargo.lock file and found 1 package
Scanned test/rust/workspace/cortex-mf/Cargo.lock file and found 20 packages
End status: 92 dirs visited, 307 inodes visited, 8 Extract calls, 41.556409ms elapsed, 41.556629ms wall time
Total 2 packages affected by 2 known vulnerabilities (0 Critical, 0 High, 0 Medium, 0 Low, 2 Unknown) from 1 ecosystem.
0 vulnerabilities can be fixed.
+-----------------------------------+------+-----------+------------+---------+---------------+------------------------------------------+
| OSV URL | CVSS | ECOSYSTEM | PACKAGE | VERSION | FIXED VERSION | SOURCE |
+-----------------------------------+------+-----------+------------+---------+---------------+------------------------------------------+
| https://osv.dev/RUSTSEC-2026-0110 | | crates.io | bare-metal | 0.2.5 | -- | test/rust/workspace/cortex-m/Cargo.lock |
| https://osv.dev/RUSTSEC-2026-0110 | | crates.io | bare-metal | 0.2.5 | -- | test/rust/workspace/cortex-mf/Cargo.lock |
+-----------------------------------+------+-----------+------------+---------+---------------+------------------------------------------+
Notices
📣 MegaLinter 9.5.0 is out! Discover the new features and security recommendations in the release announcement. (Skip this info by defining SECURITY_SUGGESTIONS: false)
See detailed reports in MegaLinter artifacts
You could have the same capabilities but better runtime performances if you use a MegaLinter flavor:
- oxsecurity/megalinter/flavors/salesforce@v9.5.0 (59 linters)
- oxsecurity/megalinter/flavors/javascript@v9.5.0 (62 linters)
Your project could benefit from a custom flavor, which would allow you to run only the linters you need, and thus improve runtime performances. (Skip this info by defining FLAVOR_SUGGESTIONS: false)
- Documentation: Custom Flavors
- Command:
npx mega-linter-runner@9.5.0 --custom-flavor-setup --custom-flavor-linters ACTION_ACTIONLINT,DOCKERFILE_HADOLINT,JSON_V8R,JSON_PRETTIER,JSON_NPM_PACKAGE_JSON_LINT,MARKDOWN_MARKDOWNLINT,MARKDOWN_MARKDOWN_TABLE_FORMATTER,REPOSITORY_CHECKOV,REPOSITORY_GIT_DIFF,REPOSITORY_GITLEAKS,REPOSITORY_GRYPE,REPOSITORY_OSV_SCANNER,REPOSITORY_SECRETLINT,REPOSITORY_SYFT,REPOSITORY_TRIVY,REPOSITORY_TRIVY_SBOM,REPOSITORY_TRUFFLEHOG,SPELL_LYCHEE,YAML_PRETTIER,YAML_YAMLLINT,YAML_V8R

Show us your support by starring ⭐ the repository
There was a problem hiding this comment.
Pull request overview
Adds a new docs devcontainer flavor aimed at documentation generation, and wires it into CI/release automation so it is built, scanned, and maintained like the existing flavors.
Changes:
- Introduces the new
.devcontainer/docsflavor (Dockerfile + pinned apt/pip dependencies + VS Code metadata). - Adds integration tests and sample workspace files to validate PlantUML, Graphviz, and SBDL in the docs image.
- Updates GitHub workflows and release/dependency automation to include the new
docsimage.
Reviewed changes
Copilot reviewed 21 out of 21 changed files in this pull request and generated 2 comments.
Show a summary per file
| File | Description |
|---|---|
| test/docs/workspace/sample.sbdl | Adds a minimal SBDL model used by docs integration tests. |
| test/docs/workspace/graph.dot | Adds a simple Graphviz graph used by docs integration tests. |
| test/docs/workspace/diagram.puml | Adds a simple PlantUML diagram used by docs integration tests. |
| test/docs/integration-tests.bats | Adds version + functional verification tests for docs tooling. |
| README.md | Documents the new docs flavor and adds it to the published image list. |
| .github/workflows/wc-document-generation.yml | Switches document generation to run inside the docs container. |
| .github/workflows/vulnerability-scan.yml | Includes the docs image in scheduled vulnerability scanning. |
| .github/workflows/update-dependencies.yml | Includes docs in dependency and VS Code extension update automation. |
| .github/workflows/release-build.yml | Includes docs in release build/release-note generation matrix. |
| .github/workflows/pr-image-cleanup.yml | Cleans up PR tags for the docs/base packages as well. |
| .github/workflows/image-cleanup.yml | Cleans up untagged/orphaned docs/base images as well. |
| .github/workflows/build-push-test.yml | Builds/tests the new docs flavor in the main build workflow matrix. |
| .github/RELEASE_TEMPLATE.md | Adds release template placeholders for the docs image. |
| .github/dependabot.yml | Adds .devcontainer/docs to Dependabot update scope. |
| .devcontainer/docs/requirements.txt | Adds pinned, hashed Python dependencies for docs tooling. |
| .devcontainer/docs/requirements.in | Adds the primary pinned Python dependency input (sbdl). |
| .devcontainer/docs/Dockerfile | Defines the docs image build (apt + pip installs). |
| .devcontainer/docs/devcontainer.json | Adds local development devcontainer definition for docs flavor. |
| .devcontainer/docs/devcontainer-metadata.json | Adds VS Code extension metadata for docs flavor. |
| .devcontainer/docs/apt-requirements.json | Adds pinned apt package versions for docs tooling. |
| .devcontainer/docs-test/devcontainer.json | Adds test devcontainer config for validating built docs images. |
| generate-documents: | ||
| name: Generate Documents | ||
| runs-on: ubuntu-latest | ||
| container: ghcr.io/philips-software/amp-devcontainer-docs:pr-1335 |
| - flavor: docs | ||
| dockerfile: .devcontainer/docs/Dockerfile |
📦 Container Size AnalysisNote Comparing 📈 Size Comparison Table
|
📦 Container Size AnalysisNote Comparing 📈 Size Comparison Table
|
📦 Container Size AnalysisNote Comparing 📈 Size Comparison Table
|
📦 Container Size AnalysisNote Comparing 📈 Size Comparison Table
|




🚀 Hey, I have created a Pull Request
Description of changes
✔️ Checklist