Shipwright: A Human-in-the-Loop System for Dockerfile Repair

by   Jordan Henkel, et al.

Docker is a tool for lightweight OS-level virtualization. Docker images are created by performing a build, controlled by a source-level artifact called a Dockerfile. We studied Dockerfiles on GitHub, and – to our great surprise – found that over a quarter of the examined Dockerfiles failed to build (and thus to produce images). To address this problem, we propose SHIPWRIGHT, a human-in-the-loop system for finding repairs to broken Dockerfiles. SHIPWRIGHT uses a modified version of the BERT language model to embed build logs and to cluster broken Dockerfiles. Using these clusters and a search-based procedure, we were able to design 13 rules for making automated repairs to Dockerfiles. With the aid of SHIPWRIGHT, we submitted 45 pull requests (with a 42.2 acceptance rate) to GitHub projects with broken Dockerfiles. Furthermore, in a "time-travel" analysis of broken Dockerfiles that were later fixed, we found that SHIPWRIGHT proposed repairs that were equivalent to human-authored patches in 22.77 state-of-the-art, static Dockerfile analyses, and found that, while static tools detected possible build-failure-inducing issues in 20.6–33.8 files we examined, SHIPWRIGHT was able to detect possible issues in 73.25 the files and, additionally, provide automated repairs for 18.9


Sorald: Automatic Patch Suggestions for SonarQube Static Analysis Violations

Previous work has shown that early resolution of issues detected by stat...

Parfum: Detection and Automatic Repair of Dockerfile Smells

Docker is a popular tool for developers and organizations to package, de...

Learning from, Understanding, and Supporting DevOps Artifacts for Docker

With the growing use of DevOps tools and frameworks, there is an increas...

Automated Localization for Unreproducible Builds

Reproducibility is the ability of recreating identical binaries under pr...

Detecting and Characterizing Bots that Commit Code

Background: Some developer activity traditionally performed manually, su...

On the acceptance by code reviewers of candidate security patches suggested by Automated Program Repair tools

Background: Testing and validation of the semantic correctness of patche...

Please sign up or login with your details

Forgot password? Click here to reset