DevRail
v1is stable. See STABILITY.md for component status.
DevRail developer toolchain container image — a single Docker image containing all linters, formatters, security scanners, and test runners for Python, Bash, Terraform, Ansible, Ruby, Go, JavaScript/TypeScript, and Rust projects.
-
Pull the image:
docker pull ghcr.io/devrail-dev/dev-toolchain:v1
-
Run checks against your project:
docker run --rm -v "$(pwd):/workspace" -w /workspace ghcr.io/devrail-dev/dev-toolchain:v1 make _check -
Or use the Makefile in your DevRail-configured project:
make check
Run make help to see all available targets:
build Build the container image locally
changelog Generate CHANGELOG.md from conventional commits
check Run all checks (lint, format, test, security, scan, docs)
docs Generate documentation
fix Auto-fix formatting issues in-place
format Run all formatters
help Show this help
init Scaffold config files for declared languages
install-hooks Install pre-commit hooks
lint Run all linters
release Cut a versioned release (usage: make release VERSION=1.6.0)
scan Run universal scanners (trivy, gitleaks)
security Run language-specific security scanners
test Run validation tests
| Category | Tools |
|---|---|
| Python | ruff, bandit, semgrep, pytest, mypy |
| Bash | shellcheck, shfmt, bats |
| Terraform | tflint, trivy config, checkov, terraform-docs, terraform, terragrunt |
| Ansible | ansible-lint, molecule |
| Ruby | rubocop, reek, brakeman, bundler-audit, rspec, sorbet |
| Go | golangci-lint, gofumpt, govulncheck, go test |
| JavaScript/TS | eslint, prettier, typescript, vitest, npm audit |
| Rust | clippy, rustfmt, cargo-audit, cargo-deny, cargo test |
| Security | trivy, gitleaks |
Projects configure their language support via .devrail.yml:
languages:
- python
- bash
- terraform
- ansible
- ruby
- go
- javascript
- rustOptional keys customize how the toolchain container runs. All are no-ops when omitted:
# Pass extra environment variables into the container.
env:
RAILS_ENV: test
DATABASE_HOST: myapp-pg
# Attach the container to a user-defined Docker network so it can reach a
# sibling service container (e.g. a Postgres at hostname `myapp-pg` during
# `make test`). Single network name.
docker_network: myapp-test
# Mount additional host paths or named volumes into the container. List of
# `host:container` (or `volume:container`) specs, passed straight to `docker -v`.
docker_volumes:
- ./fixtures:/workspace/fixtures
- shared-cache:/cache- Base image: Debian bookworm-slim (multi-arch: amd64 + arm64)
- Go builder stage: Compiles Go-based tools (tflint, terraform-docs, etc.)
- Rust builder stage: Provides Rust toolchain and cargo-audit/cargo-deny via cargo-binstall
- Modular install scripts: One script per language ecosystem
- Shared libraries:
lib/log.sh(logging) andlib/platform.sh(platform detection)
See DEVELOPMENT.md for development setup and contributing guidelines.
To add a new language ecosystem, see the Contributing to DevRail guide.