mirror of
https://github.com/hadolint/hadolint-action.git
synced 2026-07-06 08:31:42 +00:00
Compare commits
17 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
| c27bd9edc1 | |||
| 110e47c1b7 | |||
| 136c22c8f8 | |||
| 473e36ba30 | |||
| edc054086d | |||
| b18c7cf9dc | |||
| 20e70041a2 | |||
| 1623ba6171 | |||
| bf7fe9f9b9 | |||
| b56d18750c | |||
| 37cdec0849 | |||
| 7e374b112f | |||
| 88386d9893 | |||
| 836016a45f | |||
| eb9b96be61 | |||
| 2a819735f7 | |||
| 5a3e6fd90a |
@@ -0,0 +1,4 @@
|
||||
# https://help.github.com/en/articles/displaying-a-sponsor-button-in-your-repository
|
||||
github: brpaz
|
||||
patreon: brpaz
|
||||
custom: https://www.buymeacoffee.com/Z1Bu6asGV
|
||||
@@ -0,0 +1,10 @@
|
||||
version: 2
|
||||
updates:
|
||||
- package-ecosystem: "github-actions"
|
||||
directory: "/"
|
||||
schedule:
|
||||
interval: "daily"
|
||||
- package-ecosystem: "docker"
|
||||
directory: "/"
|
||||
schedule:
|
||||
interval: "daily"
|
||||
+54
-47
@@ -10,74 +10,81 @@ env:
|
||||
|
||||
jobs:
|
||||
lint:
|
||||
runs-on: ubuntu-latest
|
||||
container: pipelinecomponents/hadolint:latest
|
||||
name: Lint
|
||||
runs-on: ubuntu-20.04
|
||||
container: pipelinecomponents/hadolint:0.10.1
|
||||
steps:
|
||||
- uses: actions/checkout@v1
|
||||
- uses: actions/checkout@v2
|
||||
- name: Run hadolint
|
||||
run: hadolint Dockerfile
|
||||
|
||||
build:
|
||||
runs-on: ubuntu-latest
|
||||
needs: ['lint']
|
||||
build-test:
|
||||
name: Build and Test
|
||||
runs-on: ubuntu-20.04
|
||||
needs: ["lint"]
|
||||
steps:
|
||||
- uses: actions/checkout@v1
|
||||
- uses: actions/checkout@v2
|
||||
- name: Build Docker image
|
||||
run: docker build -t $TEST_IMAGE_NAME .
|
||||
|
||||
- name: Save Docker image artifact
|
||||
run: docker save -o action.tar $TEST_IMAGE_NAME
|
||||
|
||||
- name: Upload image artifact
|
||||
uses: actions/upload-artifact@master
|
||||
with:
|
||||
name: action-image
|
||||
path: action.tar
|
||||
|
||||
test:
|
||||
name: Unit Tests
|
||||
runs-on: ubuntu-latest
|
||||
needs: build
|
||||
steps:
|
||||
- uses: actions/checkout@v1
|
||||
|
||||
- name: Pull Image artifact
|
||||
uses: actions/download-artifact@master
|
||||
with:
|
||||
name: action-image
|
||||
|
||||
- name: Load image into docker context
|
||||
run: docker load -i action-image/action.tar
|
||||
|
||||
- name: Get Image Name
|
||||
id: image_name
|
||||
run: echo "##[set-output name=image;]$(echo $TEST_IMAGE_NAME)"
|
||||
|
||||
- name: Run Structure tests
|
||||
uses: brpaz/structure-tests-action@master
|
||||
uses: brpaz/structure-tests-action@v1.1.2
|
||||
with:
|
||||
image: ${{ steps.image_name.outputs.image }}
|
||||
image: ${{ env.TEST_IMAGE_NAME }}
|
||||
|
||||
integration:
|
||||
integration-tests:
|
||||
name: Integration Tests
|
||||
runs-on: ubuntu-latest
|
||||
needs: test
|
||||
runs-on: ubuntu-20.04
|
||||
needs: build-test
|
||||
steps:
|
||||
- uses: actions/checkout@v1
|
||||
- uses: actions/checkout@v2
|
||||
|
||||
- name: Run integration test
|
||||
- name: Run integration test 1
|
||||
uses: ./
|
||||
with:
|
||||
dockerfile: testdata/Dockerfile
|
||||
|
||||
- name: Run integration test 2 - ignore a rule
|
||||
# This step is supposed to print out an info level rule violation
|
||||
# but completely ignore the two rules listed below
|
||||
uses: ./
|
||||
with:
|
||||
dockerfile: testdata/warning.Dockerfile
|
||||
ignore: DL3014 DL3008
|
||||
|
||||
- name: Run integration test 3 - set failure threshold
|
||||
# This step will print out an info level rule violation, but not fail
|
||||
# because of the high failure threshold.
|
||||
uses: ./
|
||||
with:
|
||||
dockerfile: testdata/info.Dockerfile
|
||||
failure-threshold: warning
|
||||
|
||||
- name: Run integration test 4 - output format
|
||||
# This step will never fail, but will print out rule violations as json.
|
||||
uses: ./
|
||||
with:
|
||||
dockerfile: testdata/warning.Dockerfile
|
||||
failure-threshold: error
|
||||
format: json
|
||||
|
||||
- name: Run integration test 4 - output format
|
||||
# This step will never fail, but will print out rule violations.
|
||||
uses: ./
|
||||
with:
|
||||
dockerfile: testdata/warning.Dockerfile
|
||||
config: testdata/hadolint.yaml
|
||||
|
||||
release:
|
||||
if: github.event_name == 'push' && github.ref == 'refs/heads/master'
|
||||
name: Release
|
||||
runs-on: ubuntu-latest
|
||||
needs: integration
|
||||
runs-on: ubuntu-20.04
|
||||
needs: integration-tests
|
||||
steps:
|
||||
- uses: actions/checkout@v1
|
||||
- name: Semantic Release
|
||||
uses: brpaz/action-semantic-release@master
|
||||
- uses: actions/checkout@v2
|
||||
- uses: cycjimmy/semantic-release-action@v2
|
||||
with:
|
||||
extra_plugins: |
|
||||
@semantic-release/git
|
||||
env:
|
||||
GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}
|
||||
|
||||
+4
-4
@@ -1,6 +1,6 @@
|
||||
FROM hadolint/hadolint:v1.17.2
|
||||
FROM hadolint/hadolint:v2.4.0-debian
|
||||
|
||||
COPY LICENSE README.md /
|
||||
|
||||
ENTRYPOINT [ "hadolint" ]
|
||||
COPY LICENSE README.md problem-matcher.json /
|
||||
COPY hadolint.sh /usr/local/bin/hadolint.sh
|
||||
|
||||
ENTRYPOINT [ "/usr/local/bin/hadolint.sh" ]
|
||||
|
||||
@@ -1,26 +1,44 @@
|
||||
# hadolint-action Action
|
||||
# Hadolint Action
|
||||
|
||||
> Action that runs [Hadolint](https://github.com/hadolint/hadolint) Dockerfile linting tool.
|
||||
> GitHub Action that runs [Hadolint](https://github.com/hadolint/hadolint) Dockerfile linting tool.
|
||||
|
||||
[](https://github.com/features/actions)
|
||||
[](LICENSE)
|
||||
[](http://commitizen.github.io/cz-cli/)
|
||||
[](https://github.com/semantic-release/semantic-release?style=for-the-badge)
|
||||
|
||||
[](https://github.com/brpaz/hadolint-action/actions)
|
||||
[](https://github.com/hadolint/hadolint-action/action)
|
||||
|
||||
## Usage
|
||||
|
||||
Add the following step to your workflow configuration:
|
||||
|
||||
```yml
|
||||
steps:
|
||||
uses: brpaz/hadolint-action@master
|
||||
- uses: hadolint/hadolint-action@v1.4.0
|
||||
with:
|
||||
dockerfile: Dockerfile
|
||||
```
|
||||
|
||||
## Inputs
|
||||
|
||||
**`dockerfile`**
|
||||
| Name | Description | Default |
|
||||
|------------------ |------------------------------------------ |----------------- |
|
||||
| dockerfile | The path to the Dockerfile to be tested | ./Dockerfile |
|
||||
| format | The output format. One of [tty | json | | tty |
|
||||
| | checkstyle | codeclimate | | |
|
||||
| | gitlab_codeclimate] | |
|
||||
| ignore | Space separated list of Hadolint rules to | <none> |
|
||||
| | ignore. | |
|
||||
| config | Custom path to a Hadolint config file | ./.hadolint.yaml |
|
||||
| failure-threshold | Rule severity threshold for pipeline | info |
|
||||
| | failure. One of [error | warning | info | | |
|
||||
| | style | ignore] | |
|
||||
|
||||
## Hadolint Configuration
|
||||
|
||||
To configure Hadolint (for example ignore rules), you can create an `.hadolint.yaml` file in the root of your repository. Please check the Hadolint [documentation](https://github.com/hadolint/hadolint#configure).
|
||||
|
||||
The path to the Dockerfile to be tested. By default it will look for a Dockerfile in the current directory.
|
||||
|
||||
## 🤝 Contributing
|
||||
|
||||
@@ -32,11 +50,19 @@ Contributions are what make the open source community such an amazing place to b
|
||||
4. Push to the Branch (`git push origin feature/AmazingFeature`)
|
||||
5. Open a Pull Request
|
||||
|
||||
## Useful Resources
|
||||
## 💛 Support the project
|
||||
|
||||
* [Building actions - GitHub Help](https://help.github.com/en/articles/building-actions)
|
||||
* [actions/toolkit: The GitHub ToolKit for developing GitHub Actions.](https://github.com/actions/toolkit)
|
||||
If this project was useful to you in some form, I would be glad to have your support. It will help to keep the project alive and to have more time to work on Open Source.
|
||||
|
||||
The sinplest form of support is to give a ⭐️ to this repo.
|
||||
|
||||
You can also contribute with [GitHub Sponsors](https://github.com/sponsors/brpaz).
|
||||
|
||||
[](https://github.com/sponsors/brpaz)
|
||||
|
||||
Or if you prefer a one time donation to the project, you can simple:
|
||||
|
||||
<a href="https://www.buymeacoffee.com/Z1Bu6asGV" target="_blank"><img src="https://www.buymeacoffee.com/assets/img/custom_images/orange_img.png" alt="Buy Me A Coffee" style="height: auto !important;width: auto !important;" ></a>
|
||||
## Author
|
||||
|
||||
👤 **Bruno Paz**
|
||||
|
||||
+29
@@ -3,13 +3,42 @@ description: 'Action that runs Hadolint Dockerfile linting tool'
|
||||
author: 'Bruno Paz'
|
||||
inputs:
|
||||
dockerfile:
|
||||
required: false
|
||||
description: 'The path to the Dockerfile to lint'
|
||||
default: 'Dockerfile'
|
||||
format:
|
||||
required: false
|
||||
description: |
|
||||
The output format, one of [tty (default) | json | checkstyle |
|
||||
codeclimate | gitlab_codeclimate ]
|
||||
default: 'tty'
|
||||
failure-threshold:
|
||||
required: false
|
||||
description: |
|
||||
Fail the pipeline only if rules with severity above this threshold are
|
||||
violated. One of [error | warning | info (default) | style | ignore]
|
||||
default: 'info'
|
||||
ignore:
|
||||
required: false
|
||||
description: 'A space separated string of rules to ignore'
|
||||
default:
|
||||
config:
|
||||
required: false
|
||||
description: 'Path to a config file'
|
||||
default:
|
||||
|
||||
runs:
|
||||
using: 'docker'
|
||||
image: 'Dockerfile'
|
||||
args:
|
||||
- -f
|
||||
- ${{ inputs.format }}
|
||||
- -t
|
||||
- ${{ inputs.failure-threshold }}
|
||||
- ${{ inputs.dockerfile }}
|
||||
env:
|
||||
HADOLINT_CONFIG: ${{ inputs.config }}
|
||||
HADOLINT_IGNORE: ${{ inputs.ignore }}
|
||||
branding:
|
||||
icon: 'layers'
|
||||
color: 'purple'
|
||||
|
||||
Executable
+31
@@ -0,0 +1,31 @@
|
||||
#!/bin/sh
|
||||
|
||||
# The problem-matcher definition must be present in the repository
|
||||
# checkout (outside the Docker container running hadolint). We create
|
||||
# a temporary folder and copy problem-matcher.json to it and make it
|
||||
# readable.
|
||||
TMP_FOLDER=$(mktemp -d -p .)
|
||||
cp /problem-matcher.json "${TMP_FOLDER}"
|
||||
chmod -R a+rX "${TMP_FOLDER}"
|
||||
|
||||
# After the run has finished we remove the problem-matcher.json from
|
||||
# the repository so we don't leave the checkout dirty. We also remove
|
||||
# the matcher so it won't take effect in later steps.
|
||||
cleanup() {
|
||||
echo "::remove-matcher owner=brpaz/hadolint-action::"
|
||||
rm -rf "${TMP_FOLDER}"
|
||||
}
|
||||
trap cleanup EXIT
|
||||
|
||||
echo "::add-matcher::${TMP_FOLDER}/problem-matcher.json"
|
||||
|
||||
if [ -n "$HADOLINT_CONFIG" ]; then
|
||||
HADOLINT_CONFIG="-c ${HADOLINT_CONFIG}"
|
||||
fi
|
||||
|
||||
for i in $HADOLINT_IGNORE; do
|
||||
HADOLINT_IGNORE_CMDLINE="${HADOLINT_IGNORE_CMDLINE} --ignore=${i}"
|
||||
done
|
||||
|
||||
# shellcheck disable=SC2086
|
||||
hadolint $HADOLINT_IGNORE_CMDLINE $HADOLINT_CONFIG "$@"
|
||||
@@ -0,0 +1,15 @@
|
||||
{
|
||||
"problemMatcher": [
|
||||
{
|
||||
"owner": "brpaz/hadolint-action",
|
||||
"pattern": [
|
||||
{
|
||||
"regexp": "(.*)\\:(\\d+)\\s(.*)",
|
||||
"file": 1,
|
||||
"line": 2,
|
||||
"message": 3
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
Vendored
+1
@@ -0,0 +1 @@
|
||||
failure-threshold: error
|
||||
Vendored
+5
@@ -0,0 +1,5 @@
|
||||
FROM debian:buster
|
||||
|
||||
# info level warning expected here:
|
||||
RUN echo "Hello"
|
||||
RUN echo "World"
|
||||
Vendored
+4
@@ -0,0 +1,4 @@
|
||||
FROM debian:buster
|
||||
|
||||
# emits an info and a warning level violation.
|
||||
RUN apt-get install foo
|
||||
Reference in New Issue
Block a user