mirror of
https://github.com/hadolint/hadolint-action.git
synced 2026-07-06 00:21:39 +00:00
Compare commits
30 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
| d7b3858233 | |||
| fdf6f4b6d2 | |||
| 0bb0c4c131 | |||
| 8af94d9fae | |||
| afcbb72a70 | |||
| 34545a185d | |||
| 1fe9ddfd12 | |||
| 64243a4c85 | |||
| 9c70326916 | |||
| 6c5b4b97b1 | |||
| f49a60108f | |||
| 5f549be9cc | |||
| c27bd9edc1 | |||
| 110e47c1b7 | |||
| 785eabb2d4 | |||
| 136c22c8f8 | |||
| 473e36ba30 | |||
| edc054086d | |||
| b18c7cf9dc | |||
| 20e70041a2 | |||
| 1623ba6171 | |||
| bf7fe9f9b9 | |||
| b56d18750c | |||
| 37cdec0849 | |||
| 7e374b112f | |||
| 88386d9893 | |||
| 836016a45f | |||
| eb9b96be61 | |||
| 2a819735f7 | |||
| 5a3e6fd90a |
@@ -0,0 +1,10 @@
|
||||
version: 2
|
||||
updates:
|
||||
- package-ecosystem: "github-actions"
|
||||
directory: "/"
|
||||
schedule:
|
||||
interval: "daily"
|
||||
- package-ecosystem: "docker"
|
||||
directory: "/"
|
||||
schedule:
|
||||
interval: "daily"
|
||||
+54
-47
@@ -10,74 +10,81 @@ env:
|
||||
|
||||
jobs:
|
||||
lint:
|
||||
runs-on: ubuntu-latest
|
||||
container: pipelinecomponents/hadolint:latest
|
||||
name: Lint
|
||||
runs-on: ubuntu-20.04
|
||||
container: pipelinecomponents/hadolint:0.10.1
|
||||
steps:
|
||||
- uses: actions/checkout@v1
|
||||
- uses: actions/checkout@v2
|
||||
- name: Run hadolint
|
||||
run: hadolint Dockerfile
|
||||
|
||||
build:
|
||||
runs-on: ubuntu-latest
|
||||
needs: ['lint']
|
||||
build-test:
|
||||
name: Build and Test
|
||||
runs-on: ubuntu-20.04
|
||||
needs: ["lint"]
|
||||
steps:
|
||||
- uses: actions/checkout@v1
|
||||
- uses: actions/checkout@v2
|
||||
- name: Build Docker image
|
||||
run: docker build -t $TEST_IMAGE_NAME .
|
||||
|
||||
- name: Save Docker image artifact
|
||||
run: docker save -o action.tar $TEST_IMAGE_NAME
|
||||
|
||||
- name: Upload image artifact
|
||||
uses: actions/upload-artifact@master
|
||||
with:
|
||||
name: action-image
|
||||
path: action.tar
|
||||
|
||||
test:
|
||||
name: Unit Tests
|
||||
runs-on: ubuntu-latest
|
||||
needs: build
|
||||
steps:
|
||||
- uses: actions/checkout@v1
|
||||
|
||||
- name: Pull Image artifact
|
||||
uses: actions/download-artifact@master
|
||||
with:
|
||||
name: action-image
|
||||
|
||||
- name: Load image into docker context
|
||||
run: docker load -i action-image/action.tar
|
||||
|
||||
- name: Get Image Name
|
||||
id: image_name
|
||||
run: echo "##[set-output name=image;]$(echo $TEST_IMAGE_NAME)"
|
||||
|
||||
- name: Run Structure tests
|
||||
uses: brpaz/structure-tests-action@master
|
||||
uses: brpaz/structure-tests-action@v1.1.2
|
||||
with:
|
||||
image: ${{ steps.image_name.outputs.image }}
|
||||
image: ${{ env.TEST_IMAGE_NAME }}
|
||||
|
||||
integration:
|
||||
integration-tests:
|
||||
name: Integration Tests
|
||||
runs-on: ubuntu-latest
|
||||
needs: test
|
||||
runs-on: ubuntu-20.04
|
||||
needs: build-test
|
||||
steps:
|
||||
- uses: actions/checkout@v1
|
||||
- uses: actions/checkout@v2
|
||||
|
||||
- name: Run integration test
|
||||
- name: Run integration test 1
|
||||
uses: ./
|
||||
with:
|
||||
dockerfile: testdata/Dockerfile
|
||||
|
||||
- name: Run integration test 2 - ignore a rule
|
||||
# This step is supposed to print out an info level rule violation
|
||||
# but completely ignore the two rules listed below
|
||||
uses: ./
|
||||
with:
|
||||
dockerfile: testdata/warning.Dockerfile
|
||||
ignore: DL3014 DL3008 DL3015
|
||||
|
||||
- name: Run integration test 3 - set failure threshold
|
||||
# This step will print out an info level rule violation, but not fail
|
||||
# because of the high failure threshold.
|
||||
uses: ./
|
||||
with:
|
||||
dockerfile: testdata/info.Dockerfile
|
||||
failure-threshold: warning
|
||||
|
||||
- name: Run integration test 4 - output format
|
||||
# This step will never fail, but will print out rule violations as json.
|
||||
uses: ./
|
||||
with:
|
||||
dockerfile: testdata/warning.Dockerfile
|
||||
failure-threshold: error
|
||||
format: json
|
||||
|
||||
- name: Run integration test 4 - output format
|
||||
# This step will never fail, but will print out rule violations.
|
||||
uses: ./
|
||||
with:
|
||||
dockerfile: testdata/warning.Dockerfile
|
||||
config: testdata/hadolint.yaml
|
||||
|
||||
release:
|
||||
if: github.event_name == 'push' && github.ref == 'refs/heads/master'
|
||||
name: Release
|
||||
runs-on: ubuntu-latest
|
||||
needs: integration
|
||||
runs-on: ubuntu-20.04
|
||||
needs: integration-tests
|
||||
steps:
|
||||
- uses: actions/checkout@v1
|
||||
- name: Semantic Release
|
||||
uses: brpaz/action-semantic-release@master
|
||||
- uses: actions/checkout@v2
|
||||
- uses: cycjimmy/semantic-release-action@v2
|
||||
with:
|
||||
extra_plugins: |
|
||||
@semantic-release/git
|
||||
env:
|
||||
GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}
|
||||
|
||||
+4
-4
@@ -1,6 +1,6 @@
|
||||
FROM hadolint/hadolint:v1.17.2
|
||||
FROM hadolint/hadolint:v2.7.0-debian
|
||||
|
||||
COPY LICENSE README.md /
|
||||
|
||||
ENTRYPOINT [ "hadolint" ]
|
||||
COPY LICENSE README.md problem-matcher.json /
|
||||
COPY hadolint.sh /usr/local/bin/hadolint.sh
|
||||
|
||||
ENTRYPOINT [ "/usr/local/bin/hadolint.sh" ]
|
||||
|
||||
@@ -1,26 +1,46 @@
|
||||
# hadolint-action Action
|
||||
# Hadolint Action
|
||||
|
||||
> Action that runs [Hadolint](https://github.com/hadolint/hadolint) Dockerfile linting tool.
|
||||
> GitHub Action that runs [Hadolint](https://github.com/hadolint/hadolint) Dockerfile linting tool.
|
||||
|
||||
[](https://github.com/features/actions)
|
||||
[](LICENSE)
|
||||
[](http://commitizen.github.io/cz-cli/)
|
||||
[](https://github.com/semantic-release/semantic-release?style=for-the-badge)
|
||||
|
||||
[](https://github.com/brpaz/hadolint-action/actions)
|
||||
[](https://github.com/hadolint/hadolint-action/action)
|
||||
|
||||
## Usage
|
||||
|
||||
Add the following step to your workflow configuration:
|
||||
|
||||
```yml
|
||||
steps:
|
||||
uses: brpaz/hadolint-action@master
|
||||
- uses: actions/checkout@v2
|
||||
- uses: hadolint/hadolint-action@v1.5.0
|
||||
with:
|
||||
dockerfile: Dockerfile
|
||||
```
|
||||
|
||||
## Inputs
|
||||
|
||||
**`dockerfile`**
|
||||
| Name | Description | Default |
|
||||
|------------------ |------------------------------------------ |----------------- |
|
||||
| dockerfile | The path to the Dockerfile to be tested | ./Dockerfile |
|
||||
| recursive | Search for specified dockerfile | false |
|
||||
| | recursively, from the project root | |
|
||||
| format | The output format. One of [tty \| json \| | tty |
|
||||
| | checkstyle \| codeclimate \| | |
|
||||
| | gitlab_codeclimate] | |
|
||||
| ignore | Space separated list of Hadolint rules to | <none> |
|
||||
| | ignore. | |
|
||||
| config | Custom path to a Hadolint config file | ./.hadolint.yaml |
|
||||
| failure-threshold | Rule severity threshold for pipeline | info |
|
||||
| | failure. One of [error \| warning \| | |
|
||||
| | info \| style \| ignore] | |
|
||||
|
||||
The path to the Dockerfile to be tested. By default it will look for a Dockerfile in the current directory.
|
||||
## Hadolint Configuration
|
||||
|
||||
To configure Hadolint (for example ignore rules), you can create an `.hadolint.yaml` file in the root of your repository. Please check the Hadolint [documentation](https://github.com/hadolint/hadolint#configure).
|
||||
|
||||
## 🤝 Contributing
|
||||
|
||||
@@ -31,11 +51,13 @@ Contributions are what make the open source community such an amazing place to b
|
||||
3. Commit your Changes (`git commit -m 'Add some AmazingFeature'`)
|
||||
4. Push to the Branch (`git push origin feature/AmazingFeature`)
|
||||
5. Open a Pull Request
|
||||
## 💛 Support the project
|
||||
|
||||
## Useful Resources
|
||||
If this project was useful to you in some form, We would be glad to have your support. It will help keeping the project alive.
|
||||
|
||||
* [Building actions - GitHub Help](https://help.github.com/en/articles/building-actions)
|
||||
* [actions/toolkit: The GitHub ToolKit for developing GitHub Actions.](https://github.com/actions/toolkit)
|
||||
The sinplest form of support is to give a ⭐️ to this repo.
|
||||
|
||||
This project was originally created by [Bruno Paz](https://github.com/sponsors/brpaz) and incorporated into the Hadolint organization. If you appreciate the work done on this action, Bruno would be happy with your [sponsorship](https://github.com/sponsors/brpaz).
|
||||
|
||||
## Author
|
||||
|
||||
@@ -46,6 +68,4 @@ Contributions are what make the open source community such an amazing place to b
|
||||
|
||||
## 📝 License
|
||||
|
||||
Copyright © 2019 [Bruno Paz](https://github.com/brpaz).
|
||||
|
||||
This project is [MIT](LICENSE) licensed.
|
||||
[MIT](LICENSE)
|
||||
|
||||
+34
@@ -3,13 +3,47 @@ description: 'Action that runs Hadolint Dockerfile linting tool'
|
||||
author: 'Bruno Paz'
|
||||
inputs:
|
||||
dockerfile:
|
||||
required: false
|
||||
description: 'The path to the Dockerfile to lint'
|
||||
default: 'Dockerfile'
|
||||
recursive:
|
||||
required: false
|
||||
description: 'Search for specified dockerfile recursively, from the project root'
|
||||
default: 'false'
|
||||
format:
|
||||
required: false
|
||||
description: |
|
||||
The output format, one of [tty (default) | json | checkstyle |
|
||||
codeclimate | gitlab_codeclimate ]
|
||||
default: 'tty'
|
||||
failure-threshold:
|
||||
required: false
|
||||
description: |
|
||||
Fail the pipeline only if rules with severity above this threshold are
|
||||
violated. One of [error | warning | info (default) | style | ignore]
|
||||
default: 'info'
|
||||
ignore:
|
||||
required: false
|
||||
description: 'A space separated string of rules to ignore'
|
||||
default:
|
||||
config:
|
||||
required: false
|
||||
description: 'Path to a config file'
|
||||
default:
|
||||
|
||||
runs:
|
||||
using: 'docker'
|
||||
image: 'Dockerfile'
|
||||
args:
|
||||
- -f
|
||||
- ${{ inputs.format }}
|
||||
- -t
|
||||
- ${{ inputs.failure-threshold }}
|
||||
- ${{ inputs.dockerfile }}
|
||||
env:
|
||||
HADOLINT_CONFIG: ${{ inputs.config }}
|
||||
HADOLINT_IGNORE: ${{ inputs.ignore }}
|
||||
HADOLINT_RECURSIVE: ${{ inputs.recursive }}
|
||||
branding:
|
||||
icon: 'layers'
|
||||
color: 'purple'
|
||||
|
||||
Executable
+40
@@ -0,0 +1,40 @@
|
||||
#!/bin/bash
|
||||
|
||||
# The problem-matcher definition must be present in the repository
|
||||
# checkout (outside the Docker container running hadolint). We create
|
||||
# a temporary folder and copy problem-matcher.json to it and make it
|
||||
# readable.
|
||||
TMP_FOLDER=$(mktemp -d -p .)
|
||||
cp /problem-matcher.json "${TMP_FOLDER}"
|
||||
chmod -R a+rX "${TMP_FOLDER}"
|
||||
|
||||
# After the run has finished we remove the problem-matcher.json from
|
||||
# the repository so we don't leave the checkout dirty. We also remove
|
||||
# the matcher so it won't take effect in later steps.
|
||||
cleanup() {
|
||||
echo "::remove-matcher owner=brpaz/hadolint-action::"
|
||||
rm -rf "${TMP_FOLDER}"
|
||||
}
|
||||
trap cleanup EXIT
|
||||
|
||||
echo "::add-matcher::${TMP_FOLDER}/problem-matcher.json"
|
||||
|
||||
if [ -n "$HADOLINT_CONFIG" ]; then
|
||||
HADOLINT_CONFIG="-c ${HADOLINT_CONFIG}"
|
||||
fi
|
||||
|
||||
for i in $HADOLINT_IGNORE; do
|
||||
HADOLINT_IGNORE_CMDLINE="${HADOLINT_IGNORE_CMDLINE} --ignore=${i}"
|
||||
done
|
||||
|
||||
if [ "$HADOLINT_RECURSIVE" = "true" ]; then
|
||||
shopt -s globstar
|
||||
|
||||
filename="${!#}"
|
||||
flags="${@:1:$#-1}"
|
||||
|
||||
hadolint $HADOLINT_IGNORE_CMDLINE $HADOLINT_CONFIG $flags **/$filename
|
||||
else
|
||||
# shellcheck disable=SC2086
|
||||
hadolint $HADOLINT_IGNORE_CMDLINE $HADOLINT_CONFIG "$@"
|
||||
fi
|
||||
@@ -0,0 +1,15 @@
|
||||
{
|
||||
"problemMatcher": [
|
||||
{
|
||||
"owner": "brpaz/hadolint-action",
|
||||
"pattern": [
|
||||
{
|
||||
"regexp": "(.*)\\:(\\d+)\\s(.*)",
|
||||
"file": 1,
|
||||
"line": 2,
|
||||
"message": 3
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
Vendored
+1
@@ -0,0 +1 @@
|
||||
failure-threshold: error
|
||||
Vendored
+5
@@ -0,0 +1,5 @@
|
||||
FROM debian:buster
|
||||
|
||||
# info level warning expected here:
|
||||
RUN echo "Hello"
|
||||
RUN echo "World"
|
||||
Vendored
+4
@@ -0,0 +1,4 @@
|
||||
FROM debian:buster
|
||||
|
||||
# emits an info and a warning level violation.
|
||||
RUN apt-get install foo
|
||||
Reference in New Issue
Block a user