108 Commits

Author SHA1 Message Date
Moritz Röhrich 2332a7b74a feat: trigger release workflow
Release action only triggers if there is a commit with a keyword in the
title since the last release tag was made...

Signed-off-by: Moritz Röhrich <moritz@ildefons.de>
2025-09-22 13:43:49 +02:00
Moritz Röhrich 2bfd2b95f8 Don't trigger release workflow on Tag
Tags are automatically generated and applied by the release action

Signed-off-by: Moritz Röhrich <moritz@ildefons.de>
2025-09-22 13:41:56 +02:00
Moritz Röhrich 0931ae0972 Release v3.3.0
Signed-off-by: Moritz Röhrich <moritz@ildefons.de>
2025-09-22 13:33:25 +02:00
Moritz Röhrich 3fc49fb50d feat: new minor release
Signed-off-by: Moritz Röhrich <moritz@ildefons.de>
2025-09-03 15:29:46 +02:00
Moritz Röhrich 45eb072a0b Trigger release workflow on tag
Signed-off-by: Moritz Röhrich <moritz@ildefons.de>
2025-09-03 15:22:29 +02:00
Moritz Röhrich 97f3e4f6be Merge pull request #94 from felipecrs/patch-1
Update hadolint to v2.13.1
2025-09-03 15:14:35 +02:00
Felipe Santos 3e9a095cc7 Merge branch 'master' into patch-1 2025-09-03 08:42:26 -03:00
Moritz Röhrich 3285327e7a Merge pull request #96 from m-ildefons/update-ci-yml
Update CI yml
2025-09-03 11:48:58 +02:00
Moritz Röhrich 8bde06f9ce Update CI yml
Update versions of runner images and action steps

Signed-off-by: Moritz Röhrich <moritz@ildefons.de>
2025-09-03 11:45:35 +02:00
Felipe Santos 24598f413e Update base image for Hadolint 2025-09-02 14:10:55 -03:00
Felipe Santos cc71e1bfd1 Update Dockerfile to use stable hadolint version 2025-09-02 14:10:17 -03:00
Felipe Santos 2f0331e821 Update Dockerfile 2025-07-20 00:31:17 -03:00
Felipe Santos 715c307046 Update hadolint to v2.13.1-beta2 2025-07-20 00:26:51 -03:00
José Lorenzo Rodríguez d292784f8f Merge pull request #74 from ViacheslavKudinov/master
Fix of ShellCheck. Doc update. Int testing updates. Added ShellCheck job.
2023-02-09 10:27:24 +01:00
José Lorenzo Rodríguez 5d0317e9d0 Merge pull request #75 from DracoBlue/patch-1
Example uses 3.1.0, too
2023-02-09 10:26:34 +01:00
DracoBlue 7857e0b9ce Example uses 3.1.0, too 2023-02-08 07:12:24 +01:00
Viacheslav Kudinov 218bc411d7 Fix of ShellCheck and doc update. Int testing updates. Added ShellCheck action. (#3)
Co-authored-by: OCP4 migration script <deleng@atg.se>
2023-01-20 09:55:56 +01:00
Viacheslav Kudinov 726b0bb298 Fix of ShellCheck and doc update. Int testing updates. Added ShellCheck action. (#2) 2023-01-19 20:16:51 +01:00
Viacheslav Kudinov a17195f03e Fix of ShellCheck and doc update. Int testing updates. Added ShellCheck action. (#1) 2023-01-19 20:09:05 +01:00
José Lorenzo Rodríguez 88c79a349b Merge pull request #72 from hadolint/revert-68-master 2023-01-18 19:22:12 +01:00
José Lorenzo Rodríguez a4d0f06c93 Revert "Some shellcheck fixes and new input to print Hadolint results to console" 2023-01-18 19:22:00 +01:00
José Lorenzo Rodríguez c8298ca3ec Merge pull request #69 from CandiedCode/update-readme 2023-01-18 16:23:32 +01:00
José Lorenzo Rodríguez 8b07a99429 Merge pull request #70 from DracoBlue/patch-1 2023-01-18 16:19:20 +01:00
José Lorenzo Rodríguez 87a23faa1f Merge pull request #68 from vk-org/master 2023-01-18 16:17:53 +01:00
Viacheslav Kudinov 79c12b5608 Merge branch 'master' into master 2023-01-17 17:36:09 +01:00
José Lorenzo Rodríguez 54c9adbab1 fix release 2023-01-17 17:19:55 +01:00
José Lorenzo Rodríguez 0ef98d9a5c Merge pull request #71 from DracoBlue/patch-2
Make output-file by default to /dev/stdout
2023-01-17 17:09:37 +01:00
DracoBlue 1a139ce6cc Make output-file by default to /dev/stdout
To fix https://github.com/hadolint/hadolint-action/issues/60 in hadolint-action>v2.0.0
2023-01-17 15:38:26 +01:00
DracoBlue e88bddc55d Fix the url to the build badge
As suggested in https://github.com/badges/shields/issues/8671
2023-01-17 15:05:26 +01:00
Jennifer Cwagenberg 676012c475 update example usage in readme 2023-01-14 14:59:41 -06:00
Viacheslav Kudinov 77e79bb879 Some shellcheck fixes and new input (#1) 2022-11-15 20:14:37 +01:00
José Lorenzo Rodríguez 4b5806eb9c Merge pull request #66 from javoweb/hadolint-2.11
Upgrade hadolint to 2.12
2022-11-11 12:13:19 +01:00
José Lorenzo Rodríguez e977686583 Merge pull request #56 from mgray88/patch-1
Update usage example
2022-11-11 12:10:59 +01:00
José Lorenzo Rodríguez 67d715bb13 Merge pull request #65 from mrdoodles/fix-github-deprecations
fix: update deprecated commands
2022-11-11 12:08:51 +01:00
Gonzalo Tixilima 48c4120377 upgrade hadolint to 2.12 2022-11-11 05:52:50 -05:00
Gonzalo Tixilima e81a8de9db upgrade hadolint to 2.11 2022-11-11 01:18:35 -05:00
mrdoodles 68a2276a3c fix-github-deprecations 2022-11-08 21:33:58 +00:00
José Lorenzo Rodríguez eeab5ede16 Merge pull request #57 from offa/hadolint_2.10
Update hadolint to 2.10
2022-05-13 12:59:47 +02:00
offa 169ddcf265 Update hadolint to 2.10
Use GHCR instead of Dockerhub and a fully qualified FROM
2022-05-13 12:48:12 +02:00
Mike Gray d51839a6b5 Update usage example
"Example to create a comment in a PR" doesn't work with v2.0.0
2022-04-23 10:19:23 -04:00
José Lorenzo Rodríguez f988afea3d Merge pull request #55 from harmw/set-output
feat: expose results of hadolint to env var
2022-03-31 15:57:42 +02:00
Harm Weites 55991004e8 chore: spotted a little typo in readme 2022-03-31 15:32:03 +02:00
Harm Weites d73282b64c chore: update readme 2022-03-31 14:56:53 +02:00
Harm Weites 2faf5c6ef4 chore: remove createComment(), depends on githubToken scopes 2022-03-31 14:17:52 +02:00
Harm Weites 724e05f46b chore: typo in step id 2022-03-31 12:57:54 +02:00
Harm Weites a78be8d386 chore: use env var 2022-03-31 12:52:56 +02:00
Harm Weites 652bc66203 chore: also push results to env var 2022-03-31 12:49:42 +02:00
Harm Weites 1dd44fc493 chore: fix issue with multiline strings in output
Looking at [1] this should do some magic, so let's see.

[1] https://github.community/t/set-output-truncates-multiline-strings/16852
2022-03-31 12:45:58 +02:00
Harm Weites 5fc1b0e2fb chore: escape backticks in results var 2022-03-31 11:14:55 +02:00
Harm Weites a8bbf351c0 chore: update PR with text as test of results 2022-03-31 10:31:29 +02:00
Harm Weites e3462c378d chore: quotes to not parse it by mistake 2022-03-31 10:08:14 +02:00
Harm Weites 0c7fcaa67b chore: typo 2022-03-31 10:03:56 +02:00
Harm Weites 8ea032569b chore: empty commit to trigger ci 2022-03-31 10:01:01 +02:00
Harm Weites 262f403978 chore: add simple integration test 2022-03-31 09:57:07 +02:00
Harm Weites 1878581f63 chore: fix typos 2022-03-31 09:56:25 +02:00
Harm Weites bc289f2eaa feat: use 'set-output name=results'
This will introduce a parameter with name results that holds the
hadolint output. Other steps in a workflow can make use of this.

Also fix an error with the piping to tee that was broken.
2022-03-31 09:51:31 +02:00
José Lorenzo Rodríguez 83b3de1e17 fix example 2022-03-25 10:31:04 +01:00
José Lorenzo Rodríguez 289302ad8f Merge pull request #52 from mikenye/master
Update README.md
2022-03-25 10:28:55 +01:00
Mike Nye 89e60e4868 more info for inputs 2022-03-25 13:09:48 +08:00
Mike Nye 8a428b4815 prettify readme 2022-03-25 13:07:15 +08:00
José Lorenzo Rodríguez 0a6d062e78 disable broken test 2022-03-24 15:36:08 +01:00
José Lorenzo Rodríguez 0b08ca228d fix path 2022-03-24 15:32:24 +01:00
José Lorenzo Rodríguez 9a555bc2d4 run all tests properly 2022-03-24 15:29:17 +01:00
José Lorenzo Rodríguez e8cde77aa0 avoid failing on missing trusted registries 2022-03-24 15:28:03 +01:00
José Lorenzo Rodríguez bc86787e19 bump Hadolint version 2022-03-24 15:18:44 +01:00
José Lorenzo Rodríguez d2b4ab26ff don't fail in CI tests 2022-03-24 15:02:38 +01:00
José Lorenzo Rodríguez 2bcb99c6e2 Merge pull request #50 from paulbarton90/check_exit_status
Apply exit code to hadolint.sh
2022-03-24 14:57:38 +01:00
Paul Barton 63666e594d Apply exit code to hadolint.sh 2022-03-24 13:32:02 +00:00
José Lorenzo Rodríguez 96339c1113 Merge pull request #49 from offa/doc_inputs_typo
Fix typo in input docs
2022-03-22 13:59:30 +01:00
offa 37f399667b Fix markdown 2022-03-22 11:44:03 +01:00
offa aa70df94a2 Fix typo in inputs 2022-03-22 11:40:08 +01:00
José Lorenzo Rodríguez 0bc6199b82 upgrade to 2.9.2 2022-03-22 09:41:42 +01:00
José Lorenzo Rodríguez 070f68df71 Merge pull request #43 from m-ildefons/config-options
features: config options, saving to file, SARIF
2022-03-22 09:41:12 +01:00
José Lorenzo Rodríguez 40f98da752 Merge pull request #45 from mblottiere/fix/missing-problem-matcher
fix: missing problem-matcher
2022-03-22 09:40:46 +01:00
Matthieu Blottière 390bcfc1bc fix: attempt to fix missing problem-matcher
It uses the solution mentioned in
https://github.com/actions/toolkit/issues/305#issuecomment-585515210
2021-12-08 17:26:25 +01:00
Moritz Röhrich 98fb3f8040 features: config options, saving to file, SARIF
- Upgrade to Hadolint 2.8.0, enabling the SARIF formatter
- Expand config options to reflect more of those regularly available
  with Hadolint including `no-fail` and `failure-threshold` options
- Enable the creation of report files

Breaking change: The list of ignored rules is now comma separated and
not space separated.

fixes: #23
fixes: #36
fixes: #42
2021-11-20 12:02:12 +01:00
José Lorenzo Rodríguez 3cfc69d4b2 Merge pull request #41 from revolunet/patch-1
docs: fix example
2021-10-19 16:19:35 +02:00
Julien Bouquillon 03ff2f358b docs: fix example 2021-10-19 15:49:02 +02:00
José Lorenzo Rodríguez d7b3858233 Make tests pass 2021-08-26 13:31:58 +02:00
José Lorenzo Rodríguez fdf6f4b6d2 Merge pull request #34 from itamargiv/feature/recursive-dir-check
Feature: Recursive dir check - Lint multiple files
2021-08-26 13:29:29 +02:00
José Lorenzo Rodríguez 0bb0c4c131 Merge pull request #39 from Juneezee/hadolint-v2.7.0
build: bump hadolint from v2.4.0 to v2.7.0
2021-08-26 12:42:52 +02:00
Eng Zer Jun 8af94d9fae build: bump hadolint from v2.4.0 to v2.7.0
Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
2021-08-26 17:47:50 +08:00
Itamar Givon afcbb72a70 Update docs 2021-06-14 12:02:23 +02:00
Itamar Givon 34545a185d Add recursive linting 2021-06-14 12:01:11 +02:00
José Lorenzo Rodríguez 1fe9ddfd12 Merge pull request #33 from brpaz/update-readme
update support section and remove funding configuration
2021-06-13 13:20:59 +02:00
José Lorenzo Rodríguez 64243a4c85 Merge pull request #35 from jward-bw/patch-1
Improve readability of `Inputs` table.
2021-06-13 13:19:51 +02:00
Jacob Ward 9c70326916 Improve readability of Inputs table.
In my opinion it's still not very easy to read, but it is correctly formatted now.
2021-06-04 16:49:26 +01:00
Bruno Paz 6c5b4b97b1 docs(README): update support section and remove funding configuration 2021-05-17 19:06:18 +01:00
José Lorenzo Rodríguez f49a60108f Merge pull request #30 from kalikiana/docs_readme_checkout
doc: Add checkout action to the example
2021-05-10 11:31:15 +02:00
José Lorenzo Rodríguez 5f549be9cc Merge branch 'master' into docs_readme_checkout 2021-05-10 11:31:03 +02:00
José Lorenzo Rodríguez c27bd9edc1 Merge pull request #32 from m-ildefons/hadolint-240
hadolint: version bump to 2.4.0
2021-05-10 11:27:49 +02:00
Moritz Röhrich 110e47c1b7 hadolint: version bump to 2.4.0
- bump Hadolint version to 2.4.0
- change to debian based image
- add common config options
- expand integration tests for new options

fixes: https://github.com/hadolint/hadolint-action/issues/5
fixes: https://github.com/hadolint/hadolint-action/issues/8
fixes: https://github.com/hadolint/hadolint-action/issues/17
fixes: https://github.com/hadolint/hadolint-action/issues/18
fixes: https://github.com/hadolint/hadolint-action/issues/31
2021-05-08 14:54:03 +02:00
Christian Dywan 785eabb2d4 doc: Add checkout action to the example
Fixes: #25
2021-05-02 08:45:07 +02:00
José Lorenzo Rodríguez 136c22c8f8 fix example 2021-04-15 13:44:25 +02:00
José Lorenzo Rodríguez 473e36ba30 Merge pull request #28 from hadolint/dependabot/docker/hadolint/hadolint-v2.1.0-alpine
build(deps): bump hadolint/hadolint from v1.19.0-alpine to v2.1.0-alpine
2021-04-15 13:40:41 +02:00
José Lorenzo Rodríguez edc054086d Merge pull request #29 from hadolint/hadolint-org
Updates to reflect changes to the Hadolint organization
2021-04-15 13:38:42 +02:00
Bruno Paz b18c7cf9dc Update README.md 2021-04-14 19:25:02 +01:00
dependabot[bot] 20e70041a2 build(deps): bump hadolint/hadolint from v1.19.0-alpine to v2.1.0-alpine
Bumps hadolint/hadolint from v1.19.0-alpine to v2.1.0-alpine.

Signed-off-by: dependabot[bot] <support@github.com>
2021-04-05 07:53:42 +00:00
Arne Jørgensen 1623ba6171 fix: Remove problem matcher after run (#16) 2020-12-06 19:10:45 +00:00
Bruno Paz bf7fe9f9b9 feat: misc updates 2020-12-06 09:54:22 +00:00
dependabot[bot] b56d18750c build(deps): bump hadolint/hadolint (#12)
Bumps hadolint/hadolint from v1.17.5-alpine to v1.19.0-alpine.

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-06 09:47:34 +00:00
Bruno Paz 37cdec0849 chore: update README and CI pipeline 2020-12-06 09:46:26 +00:00
Arne Jørgensen 7e374b112f fix: Fix problem matcher (#14) 2020-12-05 18:38:01 +00:00
Arne Jørgensen 88386d9893 feat: Add problem matcher
* Add problem matcher

* Fix loading tar file from artifacts
2020-12-05 17:34:32 +00:00
Arne Jørgensen 836016a45f chore: add dependabot config 2020-12-05 17:23:00 +00:00
Bruno Paz eb9b96be61 feat: update hadolint version and use alpine 2020-04-10 11:54:11 +01:00
Bruno Paz 2a819735f7 chore: create FUNDING.yml 2019-12-03 20:08:54 +00:00
Bruno Paz 5a3e6fd90a docs: Change name in readme 2019-10-03 21:31:44 +01:00
11 changed files with 362 additions and 66 deletions
+10
View File
@@ -0,0 +1,10 @@
version: 2
updates:
- package-ecosystem: "github-actions"
directory: "/"
schedule:
interval: "daily"
- package-ecosystem: "docker"
directory: "/"
schedule:
interval: "daily"
+105 -47
View File
@@ -3,81 +3,139 @@ on:
push:
branches:
- master
pull_request:
env:
TEST_IMAGE_NAME: hadolint-action:${{github.sha}}
permissions:
contents: write
issues: write # Used by Release step to update "The automated release is failing" issue
pull-requests: write # Used by ShellCheck Action to add comments on PR
jobs:
lint:
runs-on: ubuntu-latest
container: pipelinecomponents/hadolint:latest
name: Lint
runs-on: ubuntu-24.04
container: pipelinecomponents/hadolint:0.27.2
steps:
- uses: actions/checkout@v1
- uses: actions/checkout@v5
- name: Run hadolint
run: hadolint Dockerfile
build:
runs-on: ubuntu-latest
needs: ['lint']
shellcheck:
name: ShellCheck
runs-on: ubuntu-24.04
steps:
- uses: actions/checkout@v1
- uses: actions/checkout@v5
- name: Run ShellCheck
uses: reviewdog/action-shellcheck@v1.31.0
with:
reporter: github-pr-review
fail_on_error: true
build-test:
name: Build and Test
runs-on: ubuntu-24.04
needs:
- lint
- shellcheck
steps:
- uses: actions/checkout@v5
- name: Build Docker image
run: docker build -t $TEST_IMAGE_NAME .
- name: Save Docker image artifact
run: docker save -o action.tar $TEST_IMAGE_NAME
- name: Upload image artifact
uses: actions/upload-artifact@master
with:
name: action-image
path: action.tar
test:
name: Unit Tests
runs-on: ubuntu-latest
needs: build
steps:
- uses: actions/checkout@v1
- name: Pull Image artifact
uses: actions/download-artifact@master
with:
name: action-image
- name: Load image into docker context
run: docker load -i action-image/action.tar
- name: Get Image Name
id: image_name
run: echo "##[set-output name=image;]$(echo $TEST_IMAGE_NAME)"
- name: Run Structure tests
uses: brpaz/structure-tests-action@master
uses: brpaz/structure-tests-action@v1.1.2
with:
image: ${{ steps.image_name.outputs.image }}
image: ${{ env.TEST_IMAGE_NAME }}
integration:
integration-tests:
name: Integration Tests
runs-on: ubuntu-latest
needs: test
runs-on: ubuntu-24.04
needs:
- build-test
steps:
- uses: actions/checkout@v1
- uses: actions/checkout@v5
- name: Run integration test
- name: Run integration test 1
uses: ./
with:
dockerfile: testdata/Dockerfile
- name: Run integration test 2 - ignore a rule
# This step is supposed to print out an info level rule violation
# but completely ignore the two rules listed below
uses: ./
with:
dockerfile: testdata/warning.Dockerfile
ignore: 'DL3014,DL3008'
no-fail: true
- name: Run integration test 3 - set failure threshold
# This step will print out an info level rule violation, but not fail
# because of the high failure threshold.
uses: ./
with:
dockerfile: testdata/info.Dockerfile
failure-threshold: warning
- name: Run integration test 4 - output format
# This step will never fail, but will print out rule violations as json.
uses: ./
with:
dockerfile: testdata/warning.Dockerfile
failure-threshold: error
format: json
- name: Run integration test 5 - config file
# This step will never fail, but will print out rule violations
# because in config is set the error failure threshold.
id: hadolint5
uses: ./
with:
dockerfile: testdata/warning.Dockerfile
config: testdata/hadolint.yaml
- name: Run integration test 6 - verify results output parameter
# This step will never fail, but will print out the results from step5
env:
results: ${{ steps.hadolint5.outputs.results }}
run: echo "$results"
- name: Run integration test 7 - set recursive
# This step will never fail, but will print out rule violations
# for all the Dockerfiles in repository.
uses: ./
with:
dockerfile: "*Dockerfile"
failure-threshold: error
recursive: true
#- name: Run integration test 8 - output to file
# # This step will never fail, but will print out rule violations.
# uses: ./
# with:
# dockerfile: testdata/warning.Dockerfile
# format: sarif
# output-file: report.sarif
release:
if: github.event_name == 'push' && github.ref == 'refs/heads/master'
name: Release
runs-on: ubuntu-latest
needs: integration
runs-on: ubuntu-24.04
needs:
- integration-tests
steps:
- uses: actions/checkout@v1
- name: Semantic Release
uses: brpaz/action-semantic-release@master
- uses: actions/checkout@v5
- uses: cycjimmy/semantic-release-action@v5
with:
extra_plugins: |
@semantic-release/git
env:
GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}
+4 -4
View File
@@ -1,6 +1,6 @@
FROM hadolint/hadolint:v1.17.2
FROM ghcr.io/hadolint/hadolint:v2.14.0-debian
COPY LICENSE README.md /
ENTRYPOINT [ "hadolint" ]
COPY LICENSE README.md problem-matcher.json /
COPY hadolint.sh /usr/local/bin/hadolint.sh
ENTRYPOINT [ "/usr/local/bin/hadolint.sh" ]
+3 -3
View File
@@ -1,7 +1,7 @@
IMAGE_NAME:=hadolint-action
lint-dockerfile: ## Runs hadoint against application dockerfile
lint-dockerfile: ## Runs hadolint against application dockerfile
@docker run --rm -v "$(PWD):/data" -w "/data" hadolint/hadolint hadolint Dockerfile
lint-yaml: ## Lints yaml configurations
@@ -12,8 +12,8 @@ build: ## Builds the docker image
test: build ## Runs a test in the image
@docker run -i --rm \
-v /var/run/docker.sock:/var/run/docker.sock \
-v ${PWD}:/test zemanlx/container-structure-test:v1.8.0-alpine \
-v /var/run/docker.sock:/var/run/docker.sock \
-v ${PWD}:/test zemanlx/container-structure-test:v1.8.0-alpine \
test \
--image $(IMAGE_NAME) \
--config test/structure-tests.yaml
+63 -12
View File
@@ -1,26 +1,76 @@
# hadolint-action Action
# Hadolint Action
> Action that runs [Hadolint](https://github.com/hadolint/hadolint) Dockerfile linting tool.
> GitHub Action that runs [Hadolint](https://github.com/hadolint/hadolint) Dockerfile linting tool.
[![GitHub Action](https://img.shields.io/badge/GitHub-Action-blue?style=for-the-badge)](https://github.com/features/actions)
[![License](https://img.shields.io/badge/License-MIT-yellow.svg?style=for-the-badge)](LICENSE)
[![Commitizen friendly](https://img.shields.io/badge/commitizen-friendly-brightgreen.svg?style=for-the-badge)](http://commitizen.github.io/cz-cli/)
[![semantic-release](https://img.shields.io/badge/%20%20%F0%9F%93%A6%F0%9F%9A%80-semantic--release-e10079.svg?style=for-the-badge)](https://github.com/semantic-release/semantic-release?style=for-the-badge)
[![GitHub Workflow Status](https://img.shields.io/github/actions/workflow/status/hadolint/hadolint-action/ci.yml?branch=master&style=for-the-badge)](https://github.com/hadolint/hadolint-action/action)
[![GitHub Actions](https://github.com/brpaz/hadolint-action/workflows/CI/badge.svg?style=for-the-badge)](https://github.com/brpaz/hadolint-action/actions)
## Usage
Add the following step to your workflow configuration:
```yml
steps:
uses: brpaz/hadolint-action@master
- uses: actions/checkout@v3
- uses: hadolint/hadolint-action@v3.1.0
with:
dockerfile: Dockerfile
```
## Inputs
**`dockerfile`**
| Name | Description | Default |
|----------------------|-----------------------------------------------------------------------------------------------------------------------------------------|--------------------|
| `dockerfile` | The path to the Dockerfile to be tested | `./Dockerfile` |
| `recursive` | Search for specified dockerfile </br> recursively, from the project root | `false` |
| `config` | Custom path to a Hadolint config file | `./.hadolint.yaml` |
| `output-file` | A sub-path where to save the </br> output as a file to | `/dev/stdout` |
| `no-color` | Don't create colored output (`true`/`false`) | `false` |
| `no-fail` | Never fail the action (`true`/`false`) | `false` |
| `verbose` | Output more information (`true`/`false`) | `false` |
| `format` | The output format. One of [`tty` \| `json` \| </br> `checkstyle` \| `codeclimate` \| </br> `gitlab_codeclimate` \| `codacy` \| `sarif`] | `tty` |
| `failure-threshold` | Rule severity threshold for pipeline </br> failure. One of [`error` \| `warning` \| </br> `info` \| `style` \| `ignore`] | `info` |
| `override-error` | Comma separated list of rules to treat with `error` severity | |
| `override-warning` | Comma separated list of rules to treat with `warning` severity | |
| `override-info` | Comma separated list of rules to treat with `info` severity | |
| `override-style` | Comma separated list of rules to treat with `style` severity | |
| `ignore` | Comma separated list of Hadolint rules to ignore. | <none> |
| `trusted-registries` | Comma separated list of urls of trusted registries | |
The path to the Dockerfile to be tested. By default it will look for a Dockerfile in the current directory.
## Output
The Action will store results in an environment variable that can be used in other steps in a workflow.
Example to create a comment in a PR:
```
- name: Update Pull Request
uses: actions/github-script@v6
if: github.event_name == 'pull_request'
with:
script: |
const output = `
#### Hadolint: \`${{ steps.hadolint.outcome }}\`
\`\`\`
${process.env.HADOLINT_RESULTS}
\`\`\`
`;
github.rest.issues.createComment({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo,
body: output
})
```
## Hadolint Configuration
To configure Hadolint (for example ignore rules), you can create an `.hadolint.yaml` file in the root of your repository. Please check the Hadolint [documentation](https://github.com/hadolint/hadolint#configure).
## 🤝 Contributing
@@ -32,10 +82,13 @@ Contributions are what make the open source community such an amazing place to b
4. Push to the Branch (`git push origin feature/AmazingFeature`)
5. Open a Pull Request
## Useful Resources
## 💛 Support the project
* [Building actions - GitHub Help](https://help.github.com/en/articles/building-actions)
* [actions/toolkit: The GitHub ToolKit for developing GitHub Actions.](https://github.com/actions/toolkit)
If this project was useful to you in some form, We would be glad to have your support. It will help keeping the project alive.
The sinplest form of support is to give a ⭐️ to this repo.
This project was originally created by [Bruno Paz](https://github.com/sponsors/brpaz) and incorporated into the Hadolint organization. If you appreciate the work done on this action, Bruno would be happy with your [sponsorship](https://github.com/sponsors/brpaz).
## Author
@@ -46,6 +99,4 @@ Contributions are what make the open source community such an amazing place to b
## 📝 License
Copyright © 2019 [Bruno Paz](https://github.com/brpaz).
This project is [MIT](LICENSE) licensed.
[MIT](LICENSE)
+85
View File
@@ -3,13 +3,98 @@ description: 'Action that runs Hadolint Dockerfile linting tool'
author: 'Bruno Paz'
inputs:
dockerfile:
required: false
description: 'The path to the Dockerfile to lint'
default: 'Dockerfile'
config:
required: false
description: 'Path to a config file'
default:
recursive:
required: false
description:
'Search for specified dockerfile recursively, from the project root'
default: 'false'
output-file:
required: false
description: 'The path where to save the linting results to'
default: "/dev/stdout"
# standart hadolint options:
no-color:
required: false
description: Don't create colored output.
default: 'false'
no-fail:
required: false
description: Never exit with a failure status code
default: 'false'
verbose:
required: false
description: Print more information about the running config
default: 'false'
format:
required: false
description: |
The output format, one of [tty (default) | json | checkstyle |
codeclimate | gitlab_codeclimate | codacy | sarif]
default: 'tty'
failure-threshold:
required: false
description: |
Fail the pipeline only if rules with severity above this threshold are
violated. One of [error | warning | info (default) | style | ignore]
default: 'info'
override-error:
required: false
description:
'A comma separated list of rules whose severity will be `error`'
default:
override-warning:
required: false
description:
'A comma separated list of rules whose severity will be `warning`'
default:
override-info:
required: false
description:
'A comma separated list of rules whose severity will be `info`'
default:
override-style:
required: false
description:
'A comma separated list of rules whose severity will be `style`'
default:
ignore:
required: false
description: 'A comma separated string of rules to ignore'
default:
trusted-registries:
required: false
description: 'A comma separated list of trusted registry urls'
default:
runs:
using: 'docker'
image: 'Dockerfile'
args:
- ${{ inputs.dockerfile }}
env:
NO_COLOR: ${{ inputs.no-color }}
HADOLINT_NOFAIL: ${{ inputs.no-fail }}
HADOLINT_VERBOSE: ${{ inputs.verbose }}
HADOLINT_FORMAT: ${{ inputs.format }}
HADOLINT_FAILURE_THRESHOLD: ${{ inputs.failure-threshold }}
HADOLINT_OVERRIDE_ERROR: ${{ inputs.override-error }}
HADOLINT_OVERRIDE_WARNING: ${{ inputs.override-warning }}
HADOLINT_OVERRIDE_INFO: ${{ inputs.override-info }}
HADOLINT_OVERRIDE_STYLE: ${{ inputs.override-style }}
HADOLINT_IGNORE: ${{ inputs.ignore }}
HADOLINT_TRUSTED_REGISTRIES: ${{ inputs.trusted-registries }}
HADOLINT_CONFIG: ${{ inputs.config }}
HADOLINT_RECURSIVE: ${{ inputs.recursive }}
HADOLINT_OUTPUT: ${{ inputs.output-file }}
branding:
icon: 'layers'
color: 'purple'
Executable
+67
View File
@@ -0,0 +1,67 @@
#!/bin/bash
# The problem-matcher definition must be present in the repository
# checkout (outside the Docker container running hadolint). We copy
# problem-matcher.json to the home folder.
PROBLEM_MATCHER_FILE="/problem-matcher.json"
if [ -f "$PROBLEM_MATCHER_FILE" ]; then
cp "$PROBLEM_MATCHER_FILE" "$HOME/"
fi
# After the run has finished we remove the problem-matcher.json from
# the repository so we don't leave the checkout dirty. We also remove
# the matcher so it won't take effect in later steps.
# shellcheck disable=SC2317
cleanup() {
echo "::remove-matcher owner=brpaz/hadolint-action::"
}
trap cleanup EXIT
echo "::add-matcher::$HOME/problem-matcher.json"
if [ -n "$HADOLINT_CONFIG" ]; then
HADOLINT_CONFIG="-c ${HADOLINT_CONFIG}"
fi
if [ -z "$HADOLINT_TRUSTED_REGISTRIES" ]; then
unset HADOLINT_TRUSTED_REGISTRIES
fi
COMMAND="hadolint $HADOLINT_CONFIG"
if [ "$HADOLINT_RECURSIVE" = "true" ]; then
shopt -s globstar
filename="${!#}"
flags="${*:1:$#-1}"
RESULTS=$(eval "$COMMAND $flags" -- **/"$filename")
else
flags=$*
RESULTS=$(eval "$COMMAND" "$flags")
fi
FAILED=$?
if [ -n "$HADOLINT_OUTPUT" ]; then
if [ -f "$HADOLINT_OUTPUT" ]; then
HADOLINT_OUTPUT="$TMP_FOLDER/$HADOLINT_OUTPUT"
fi
echo "$RESULTS" >"$HADOLINT_OUTPUT"
fi
RESULTS="${RESULTS//$'\\n'/''}"
{
echo "results<<EOF"
echo "$RESULTS"
echo "EOF"
} >>"$GITHUB_OUTPUT"
{
echo "HADOLINT_RESULTS<<EOF"
echo "$RESULTS"
echo "EOF"
} >>"$GITHUB_ENV"
[ -z "$HADOLINT_OUTPUT" ] || echo "Hadolint output saved to: $HADOLINT_OUTPUT"
exit $FAILED
+15
View File
@@ -0,0 +1,15 @@
{
"problemMatcher": [
{
"owner": "brpaz/hadolint-action",
"pattern": [
{
"regexp": "(.*)\\:(\\d+)\\s(.*)",
"file": 1,
"line": 2,
"message": 3
}
]
}
]
}
+1
View File
@@ -0,0 +1 @@
failure-threshold: error
+5
View File
@@ -0,0 +1,5 @@
FROM debian:buster
# info level warning expected here:
RUN echo "Hello"
RUN echo "World"
+4
View File
@@ -0,0 +1,4 @@
FROM debian:buster
# emits an info and a warning level violation.
RUN apt-get install foo