Docker-in-Docker configuration

The Docker-in-Docker pipeline configuration allows you to use the Meterian Dockerized Client directly in your pipeline. The key advantage of this configuration is that you do not have to worry about installing the supporting tooling that would be used to perform a scan on your project beforehand as it is already provided in our Docker image.

The example below uses a very specific tag latest-java. This Meterian Dockerized Client tag ensures that a variant which only includes the tooling to support Java scans (the java runtime, Maven, Gradle, Ant) is employed for the analysis. This ensures that build times are reduced as language-specific variants images are considerably lighter than the main (latest) image that contains all the tooling for the languages we support.

meterian-analysis:
 image: docker:latest
 
 services:
   - docker:dind
 
 stage: test
 
 script:
   - ROOT=`pwd`
   - METERIAN_IMAGE=meterian/cli:latest-java
   - docker pull --quiet $METERIAN_IMAGE
   - METERIAN_CLI_OPT="--report-console"
   - docker run --rm --volume $ROOT:/workspace --env METERIAN_API_TOKEN=$METERIAN_API_TOKEN $METERIAN_IMAGE $METERIAN_CLI_OPT

You can also pin a specific version of the image, like docker:20.10.16. If you use a tag like docker:latest, you may have no control over which version is used, and in certain situations this can cause incompatibility problems when new versions are released.

meterian-analysis:
  image: docker:20.10.16

  services:
    - docker:20.10.16-dind

  stage: test
 
 script:
   - ROOT=`pwd`
   - METERIAN_IMAGE=meterian/cli:latest-java
   - docker pull --quiet $METERIAN_IMAGE
   - METERIAN_CLI_OPT="--report-console"
   - docker run --rm --volume $ROOT:/workspace --env METERIAN_API_TOKEN=$METERIAN_API_TOKEN $METERIAN_IMAGE $METERIAN_CLI_OPT

A live example can be found in this sample project based on Java hosted on GitLab.