When building images for binary type, it is expected to not install
executables from untrusted sources, and gem, sensu-install, npm or
pip packages for instance should come from the distro itself.
This commit adds a `validate-binary-build.sh` script that checks for
forbidden commands in the rendered Dockerfile templates for the binary
type builds and hooks this script with the pep8 CI job.
The output is just informative for now until we've fixed the culprit
Dockerfiles, then we'll make the script return an error code and with
the ability to fail the pep8 CI check. This should prevent unwanted
commands from entering binary type Dockerfiles.
Delegate code style validation to computers, they're better than human
at it :)
This commit adds a new `tools/validate-indentation.sh` script that
errors when it finds an indented Dockerfile instruction, and enables
the validation in the pep8 check.
Also adjust the logic of `tools/validate-all-dockerfiles.sh` so that it
doesn't stop on first errors but instead shows all of them.
Fixes the remaining indentations in Dockerfiles.