Adds two auxiliary checks for missing ignore file: .gitignore and .do…

…ckerignore and upgrades version

README.md

@@ -118,7 +118,9 @@ jobs:
 #### Auxiliary Checks
 
 1. Name: `check_for_missing_codeowners_file` - checks for missing [CODEOWNERS](https://docs.github.com/en/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/about-code-owners) file.
-1. Name: `check_for_missing_security_md_file` - checks for missing [SECURITY.md](https://docs.github.com/en/code-security/getting-started/adding-a-security-policy-to-your-repository) file.
+2. Name: `check_for_missing_security_md_file` - checks for missing [SECURITY.md](https://docs.github.com/en/code-security/getting-started/adding-a-security-policy-to-your-repository) file.
+3. Name: `check_for_missing_gitignore_file` - check for missing [gitignore](https://docs.github.com/en/get-started/getting-started-with-git/ignoring-files) file.
+4. Name: `check_for_missing_dockerignore_file` - check for missing [dockerignore](https://docs.docker.com/engine/reference/builder/#dockerignore-file) file.
 
 ### References
 

__about__.py

@@ -1,3 +1,3 @@
 """ about.py """
 
-__version__ = "1.7.8"
+__version__ = "1.8.8"

analyzer/analyzer.py

@@ -40,6 +40,8 @@ def __init__(
         self.auxiliary_checks = [
             "_check_for_missing_codeowners_file",
             "_check_for_missing_security_md_file",
+            "_check_for_missing_gitignore_file",
+            "_check_for_missing_dockerignore_file",
         ]
         self.action = {}
         self.jobs = {}
@@ -372,13 +374,38 @@ def _check_for_missing_security_md_file(self) -> None:
             if self.verbose:
                 print(f"{Colors.LIGHT_BLUE}AUXI{Colors.END} found SECURITY.md file!")
 
+    def _check_for_missing_gitignore_file(self) -> None:
+        if not Path('.gitignore').exists():
+            print(
+                f"{Colors.LIGHT_BLUE}AUXI{Colors.END} missing .gitignore file - make sure you aren't commiting any sensitive folders/files."
+            )
+        else:
+            if self.verbose:
+                print(f"{Colors.LIGHT_BLUE}AUXI{Colors.END} found .gitignore file!")
+
+    def _check_for_missing_dockerignore_file(self) -> None:
+        using_docker = False
+        for f in Path(".").iterdir():
+            if f.is_file():
+                if f.suffix == ".dockerfile":
+                    using_docker = True
+                elif f == "Dockerfile":
+                    using_docker = True
+        if using_docker:
+            if not Path(".dockerignore").exists():
+                print(
+                    f"{Colors.LIGHT_BLUE}AUXI{Colors.END} missing .dockerignore file - make sure you aren't commiting any sensitive folders/files into your containerized apps."
+                )
+            else:
+                if self.verbose:
+                    print(f"{Colors.LIGHT_BLUE}AUXI{Colors.END} found .dockerignore file!")
+
     def _run_aux_checks(self) -> None:
         """Runs auxiliary checks which are checks for security-related
         configurations/properties/mechanisms that contribute to more secure
         GitHub Actions workflows.
         """
         # TODO:
-        # - Add check for missing dockerignore/gitignore file with missing sensitive file based on programming language detected
         for check in self.auxiliary_checks:
             Analyzer.__dict__[check](self)
 

example.dockerfile

@@ -0,0 +1,2 @@
+FROM nginxdemos/hello:latest
+EXPOSE 80