Michael B - 2025-04-04

I am having trouble Dockerizing cppcheck premium. I attempted to translate the apt instructions to a Dockerfile.

My Dockerfile is as follows:

FROM ubuntu:24.04

# Avoid interactive prompts during package installation
ENV DEBIAN_FRONTEND=noninteractive

# 1. Install software
RUN apt-get update
RUN apt-get install \
    ca-certificates \
    curl \
    gnupg \
    git \
    cmake \
    build-essential \
    python3 \
    python3-pip \
    python3-dev \
    python3-venv \
    python3-setuptools \
    libpcre3 \
    libpcre3-dev \
    -y

# Clone, build, install because apt doesn't have 2.17.0 (which includes SARIF output options)
RUN cd /tmp                                                                                                                                         && \
    git clone https://github.com/danmar/cppcheck.git                                                                                                && \
    cd cppcheck                                                                                                                                     && \
    git checkout 2.17.0                                                                                                                             && \
    make MATCHCOMPILER=yes FILESDIR=/usr/share/cppcheck HAVE_RULES=yes CXXFLAGS="-O2 -DNDEBUG -Wall -Wno-sign-compare -Wno-unused-function" install && \
    cd /tmp                                                                                                                                         && \
    rm -rf /tmp/cppcheck                                                                                                                            && \
    ldconfig                                                                                                                                        && \
    cppcheck --version

# 2. Add Cppcheck Premium official GPG key used to sign repository. Download the Cppcheck Premium gpg key:

RUN mkdir -p /etc/apt/keyrings
RUN curl -fsSL https://files.cppchecksolutions.com/pgp-key.public | gpg --dearmor -o /etc/apt/keyrings/cppcheckpremium.gpg

# 3. Add repository
RUN echo \
    "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/cppcheckpremium.gpg] https://files.cppchecksolutions.com/apt-repo \
    noble stable" | tee /etc/apt/sources.list.d/cppcheckpremium.list > /dev/null

# 4. Install Cppcheck Premium
RUN apt-get update
RUN apt-get install cppcheckpremium -y

# 5. Copy license file
COPY cppcheck-premium.lic ~/.cppcheckpremium/
COPY cppcheck-premium.lic /etc/cppcheckpremium/

RUN apt-cache policy cppcheckpremium | grep -q "25.3.0"

# 6. Check that it works
RUN cppcheck --version

# Set the working directory
WORKDIR /workspace

# Default command to run when starting the container
CMD ["/bin/bash"]

and the docker-compose.yml:

services:
  # Generic
  cppcheck-premium:
    image: cppcheck-premium:experimental
    stdin_open: true # docker run -i
    tty: true        # docker run -t
    network_mode: none
    working_dir: /radix
    volumes:
      - type: bind
        target: /radix
        source: ../..
        read_only: false

      - build-cache:/cache

      - type: tmpfs
        target: /work

volumes:
  build-cache:
    name: build-cache-cppcheck-premium

the RUN apt-cache policy cppcheckpremium | grep -q "25.3.0" line passing proves that cppcheckpremium was successfully installed, and the cppcheck --version line does the same for cppcheck. However, attempting to use the container shows issues.

Below is a demonstration of the --premium flag not being recognized.

(venv) mbonnet@pinkbattlestation:~$ docker build -t cppcheck-premium:experimental .
2025/04/03 17:04:40 in: []string{}
2025/04/03 17:04:40 Parsed entitlements: []
[+] Building 298.6s (19/19) FINISHED                                                                                                                                                                                                                                                                                                                                       docker:default
 => [internal] load build definition from Dockerfile                                                                                                                                                                                                                                                                                                                                 0.0s
 => => transferring dockerfile: 2.73kB                                                                                                                                                                                                                                                                                                                                               0.0s
 => [internal] load metadata for docker.io/library/ubuntu:24.04                                                                                                                                                                                                                                                                                                                      0.6s
 => [internal] load .dockerignore                                                                                                                                                                                                                                                                                                                                                    0.0s
 => => transferring context: 2B                                                                                                                                                                                                                                                                                                                                                      0.0s
 => CACHED [ 1/14] FROM docker.io/library/ubuntu:24.04@sha256:72297848456d5d37d1262630108ab308d3e9ec7ed1c3286a32fe09856619a782                                                                                                                                                                                                                                                       0.0s
 => [internal] load build context                                                                                                                                                                                                                                                                                                                                                    0.0s
 => => transferring context: 41B                                                                                                                                                                                                                                                                                                                                                     0.0s
 => [ 2/14] RUN apt-get update                                                                                                                                                                                                                                                                                                                                                       3.7s
 => [ 3/14] RUN apt-get install     ca-certificates     curl     gnupg     git     cmake     build-essential     python3     python3-pip     python3-dev     python3-venv     python3-setuptools     libpcre3     libpcre3-dev     -y                                                                                                                                               23.1s
 => [ 4/14] RUN cd /tmp                                                                                                                                         &&     git clone https://github.com/danmar/cppcheck.git                                                                                                &&     cd cppcheck                                          137.6s 
 => [ 5/14] RUN mkdir -p /etc/apt/keyrings                                                                                                                                                                                                                                                                                                                                           0.2s 
 => [ 6/14] RUN curl -fsSL https://files.cppchecksolutions.com/pgp-key.public | gpg --dearmor -o /etc/apt/keyrings/cppcheckpremium.gpg                                                                                                                                                                                                                                               0.6s 
 => [ 7/14] RUN echo     "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/cppcheckpremium.gpg] https://files.cppchecksolutions.com/apt-repo     noble stable" | tee /etc/apt/sources.list.d/cppcheckpremium.list > /dev/null                                                                                                                                      0.1s 
 => [ 8/14] RUN apt-get update                                                                                                                                                                                                                                                                                                                                                       1.8s 
 => [ 9/14] RUN apt-get install cppcheckpremium -y                                                                                                                                                                                                                                                                                                                                 128.1s 
 => [10/14] COPY cppcheck-premium.lic ~/.cppcheckpremium/                                                                                                                                                                                                                                                                                                                            0.0s 
 => [11/14] COPY cppcheck-premium.lic /etc/cppcheckpremium/                                                                                                                                                                                                                                                                                                                          0.0s 
 => [12/14] RUN apt-cache policy cppcheckpremium | grep -q "25.3.0"                                                                                                                                                                                                                                                                                                                  0.6s 
 => [13/14] RUN cppcheck --version                                                                                                                                                                                                                                                                                                                                                   0.1s 
 => [14/14] WORKDIR /workspace                                                                                                                                                                                                                                                                                                                                                       0.0s 
 => exporting to image                                                                                                                                                                                                                                                                                                                                                               1.9s 
 => => exporting layers                                                                                                                                                                                                                                                                                                                                                              1.8s
 => => writing image sha256:360b13d3292ac5e3fcd47dbaa566c998eb5f97941a45ccc973fa22fb1141520b                                                                                                                                                                                                                                                                                         0.0s
 => => naming to docker.io/library/cppcheck-premium:experimental                                                                                                                                                                                                                                                                                                                     0.0s
(venv) mbonnet@workstation:~$ docker-compose up --detach
Creating mbonnet_cppcheck-premium_1 ... done
(venv) mbonnet@workstation:~$ docker exec -it mbonnet_cppcheck-premium_1 /bin/bash
root@d31e880f7d54:/radix# cppcheck --version
Cppcheck 2.17.0
root@d31e880f7d54:/radix# cppcheck --premium=autosar
cppcheck: error: unrecognized command line option: "--premium=autosar".
root@d31e880f7d54:/radix# apt-cache policy cppcheckpremium
cppcheckpremium:
  Installed: 25.3.0
  Candidate: 25.3.0
  Version table:
 *** 25.3.0 500
        500 https://files.cppchecksolutions.com/apt-repo noble/stable amd64 Packages
        100 /var/lib/dpkg/status
root@d31e880f7d54:/radix#

As you can tell, both cppcheck and cppcheckpremium are installed, but the cppcheckpremium --premium flag is not recognized.

What is the issue and how do I fix it?