11 Commits

Author SHA1 Message Date
José Lorenzo Rodríguez c27bd9edc1 Merge pull request #32 from m-ildefons/hadolint-240
hadolint: version bump to 2.4.0
2021-05-10 11:27:49 +02:00
Moritz Röhrich 110e47c1b7 hadolint: version bump to 2.4.0
- bump Hadolint version to 2.4.0
- change to debian based image
- add common config options
- expand integration tests for new options

fixes: https://github.com/hadolint/hadolint-action/issues/5
fixes: https://github.com/hadolint/hadolint-action/issues/8
fixes: https://github.com/hadolint/hadolint-action/issues/17
fixes: https://github.com/hadolint/hadolint-action/issues/18
fixes: https://github.com/hadolint/hadolint-action/issues/31
2021-05-08 14:54:03 +02:00
José Lorenzo Rodríguez 136c22c8f8 fix example 2021-04-15 13:44:25 +02:00
José Lorenzo Rodríguez 473e36ba30 Merge pull request #28 from hadolint/dependabot/docker/hadolint/hadolint-v2.1.0-alpine
build(deps): bump hadolint/hadolint from v1.19.0-alpine to v2.1.0-alpine
2021-04-15 13:40:41 +02:00
José Lorenzo Rodríguez edc054086d Merge pull request #29 from hadolint/hadolint-org
Updates to reflect changes to the Hadolint organization
2021-04-15 13:38:42 +02:00
Bruno Paz b18c7cf9dc Update README.md 2021-04-14 19:25:02 +01:00
dependabot[bot] 20e70041a2 build(deps): bump hadolint/hadolint from v1.19.0-alpine to v2.1.0-alpine
Bumps hadolint/hadolint from v1.19.0-alpine to v2.1.0-alpine.

Signed-off-by: dependabot[bot] <support@github.com>
2021-04-05 07:53:42 +00:00
Arne Jørgensen 1623ba6171 fix: Remove problem matcher after run (#16) 2020-12-06 19:10:45 +00:00
Bruno Paz bf7fe9f9b9 feat: misc updates 2020-12-06 09:54:22 +00:00
dependabot[bot] b56d18750c build(deps): bump hadolint/hadolint (#12)
Bumps hadolint/hadolint from v1.17.5-alpine to v1.19.0-alpine.

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-06 09:47:34 +00:00
Bruno Paz 37cdec0849 chore: update README and CI pipeline 2020-12-06 09:46:26 +00:00
9 changed files with 149 additions and 60 deletions
+54 -47
View File
@@ -10,74 +10,81 @@ env:
jobs:
lint:
runs-on: ubuntu-latest
container: pipelinecomponents/hadolint:latest
name: Lint
runs-on: ubuntu-20.04
container: pipelinecomponents/hadolint:0.10.1
steps:
- uses: actions/checkout@v1
- uses: actions/checkout@v2
- name: Run hadolint
run: hadolint Dockerfile
build:
runs-on: ubuntu-latest
needs: ['lint']
build-test:
name: Build and Test
runs-on: ubuntu-20.04
needs: ["lint"]
steps:
- uses: actions/checkout@v1
- uses: actions/checkout@v2
- name: Build Docker image
run: docker build -t $TEST_IMAGE_NAME .
- name: Save Docker image artifact
run: docker save -o action.tar $TEST_IMAGE_NAME
- name: Upload image artifact
uses: actions/upload-artifact@master
with:
name: action-image
path: action.tar
test:
name: Unit Tests
runs-on: ubuntu-latest
needs: build
steps:
- uses: actions/checkout@v1
- name: Pull Image artifact
uses: actions/download-artifact@master
with:
name: action-image
- name: Load image into docker context
run: docker load -i action.tar
- name: Get Image Name
id: image_name
run: echo "##[set-output name=image;]$(echo $TEST_IMAGE_NAME)"
- name: Run Structure tests
uses: brpaz/structure-tests-action@master
uses: brpaz/structure-tests-action@v1.1.2
with:
image: ${{ steps.image_name.outputs.image }}
image: ${{ env.TEST_IMAGE_NAME }}
integration:
integration-tests:
name: Integration Tests
runs-on: ubuntu-latest
needs: test
runs-on: ubuntu-20.04
needs: build-test
steps:
- uses: actions/checkout@v1
- uses: actions/checkout@v2
- name: Run integration test
- name: Run integration test 1
uses: ./
with:
dockerfile: testdata/Dockerfile
- name: Run integration test 2 - ignore a rule
# This step is supposed to print out an info level rule violation
# but completely ignore the two rules listed below
uses: ./
with:
dockerfile: testdata/warning.Dockerfile
ignore: DL3014 DL3008
- name: Run integration test 3 - set failure threshold
# This step will print out an info level rule violation, but not fail
# because of the high failure threshold.
uses: ./
with:
dockerfile: testdata/info.Dockerfile
failure-threshold: warning
- name: Run integration test 4 - output format
# This step will never fail, but will print out rule violations as json.
uses: ./
with:
dockerfile: testdata/warning.Dockerfile
failure-threshold: error
format: json
- name: Run integration test 4 - output format
# This step will never fail, but will print out rule violations.
uses: ./
with:
dockerfile: testdata/warning.Dockerfile
config: testdata/hadolint.yaml
release:
if: github.event_name == 'push' && github.ref == 'refs/heads/master'
name: Release
runs-on: ubuntu-latest
needs: integration
runs-on: ubuntu-20.04
needs: integration-tests
steps:
- uses: actions/checkout@v1
- name: Semantic Release
uses: brpaz/action-semantic-release@master
- uses: actions/checkout@v2
- uses: cycjimmy/semantic-release-action@v2
with:
extra_plugins: |
@semantic-release/git
env:
GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}
+1 -1
View File
@@ -1,4 +1,4 @@
FROM hadolint/hadolint:v1.17.5-alpine
FROM hadolint/hadolint:v2.4.0-debian
COPY LICENSE README.md problem-matcher.json /
COPY hadolint.sh /usr/local/bin/hadolint.sh
+35 -9
View File
@@ -1,26 +1,44 @@
# Hadolint GitHub Action
# Hadolint Action
> Action that runs [Hadolint](https://github.com/hadolint/hadolint) Dockerfile linting tool.
> GitHub Action that runs [Hadolint](https://github.com/hadolint/hadolint) Dockerfile linting tool.
[![GitHub Action](https://img.shields.io/badge/GitHub-Action-blue?style=for-the-badge)](https://github.com/features/actions)
[![License](https://img.shields.io/badge/License-MIT-yellow.svg?style=for-the-badge)](LICENSE)
[![Commitizen friendly](https://img.shields.io/badge/commitizen-friendly-brightgreen.svg?style=for-the-badge)](http://commitizen.github.io/cz-cli/)
[![semantic-release](https://img.shields.io/badge/%20%20%F0%9F%93%A6%F0%9F%9A%80-semantic--release-e10079.svg?style=for-the-badge)](https://github.com/semantic-release/semantic-release?style=for-the-badge)
[![GitHub Actions](https://github.com/brpaz/hadolint-action/workflows/CI/badge.svg?style=for-the-badge)](https://github.com/brpaz/hadolint-action/actions)
[![GitHub Workflow Status](https://img.shields.io/github/workflow/status/hadolint/hadolint-action/CI?style=for-the-badge)](https://github.com/hadolint/hadolint-action/action)
## Usage
Add the following step to your workflow configuration:
```yml
steps:
uses: brpaz/hadolint-action@master
- uses: hadolint/hadolint-action@v1.4.0
with:
dockerfile: Dockerfile
```
## Inputs
**`dockerfile`**
| Name | Description | Default |
|------------------ |------------------------------------------ |----------------- |
| dockerfile | The path to the Dockerfile to be tested | ./Dockerfile |
| format | The output format. One of [tty | json | | tty |
| | checkstyle | codeclimate | | |
| | gitlab_codeclimate] | |
| ignore | Space separated list of Hadolint rules to | <none> |
| | ignore. | |
| config | Custom path to a Hadolint config file | ./.hadolint.yaml |
| failure-threshold | Rule severity threshold for pipeline | info |
| | failure. One of [error | warning | info | | |
| | style | ignore] | |
## Hadolint Configuration
To configure Hadolint (for example ignore rules), you can create an `.hadolint.yaml` file in the root of your repository. Please check the Hadolint [documentation](https://github.com/hadolint/hadolint#configure).
The path to the Dockerfile to be tested. By default it will look for a Dockerfile in the current directory.
## 🤝 Contributing
@@ -32,11 +50,19 @@ Contributions are what make the open source community such an amazing place to b
4. Push to the Branch (`git push origin feature/AmazingFeature`)
5. Open a Pull Request
## Useful Resources
## 💛 Support the project
* [Building actions - GitHub Help](https://help.github.com/en/articles/building-actions)
* [actions/toolkit: The GitHub ToolKit for developing GitHub Actions.](https://github.com/actions/toolkit)
If this project was useful to you in some form, I would be glad to have your support. It will help to keep the project alive and to have more time to work on Open Source.
The sinplest form of support is to give a ⭐️ to this repo.
You can also contribute with [GitHub Sponsors](https://github.com/sponsors/brpaz).
[![GitHub Sponsors](https://img.shields.io/badge/GitHub%20Sponsors-Sponsor%20Me-red?style=for-the-badge)](https://github.com/sponsors/brpaz)
Or if you prefer a one time donation to the project, you can simple:
<a href="https://www.buymeacoffee.com/Z1Bu6asGV" target="_blank"><img src="https://www.buymeacoffee.com/assets/img/custom_images/orange_img.png" alt="Buy Me A Coffee" style="height: auto !important;width: auto !important;" ></a>
## Author
👤 **Bruno Paz**
+29
View File
@@ -3,13 +3,42 @@ description: 'Action that runs Hadolint Dockerfile linting tool'
author: 'Bruno Paz'
inputs:
dockerfile:
required: false
description: 'The path to the Dockerfile to lint'
default: 'Dockerfile'
format:
required: false
description: |
The output format, one of [tty (default) | json | checkstyle |
codeclimate | gitlab_codeclimate ]
default: 'tty'
failure-threshold:
required: false
description: |
Fail the pipeline only if rules with severity above this threshold are
violated. One of [error | warning | info (default) | style | ignore]
default: 'info'
ignore:
required: false
description: 'A space separated string of rules to ignore'
default:
config:
required: false
description: 'Path to a config file'
default:
runs:
using: 'docker'
image: 'Dockerfile'
args:
- -f
- ${{ inputs.format }}
- -t
- ${{ inputs.failure-threshold }}
- ${{ inputs.dockerfile }}
env:
HADOLINT_CONFIG: ${{ inputs.config }}
HADOLINT_IGNORE: ${{ inputs.ignore }}
branding:
icon: 'layers'
color: 'purple'
+19 -2
View File
@@ -7,8 +7,25 @@
TMP_FOLDER=$(mktemp -d -p .)
cp /problem-matcher.json "${TMP_FOLDER}"
chmod -R a+rX "${TMP_FOLDER}"
trap "rm -rf \"${TMP_FOLDER}\"" EXIT
# After the run has finished we remove the problem-matcher.json from
# the repository so we don't leave the checkout dirty. We also remove
# the matcher so it won't take effect in later steps.
cleanup() {
echo "::remove-matcher owner=brpaz/hadolint-action::"
rm -rf "${TMP_FOLDER}"
}
trap cleanup EXIT
echo "::add-matcher::${TMP_FOLDER}/problem-matcher.json"
hadolint "$@"
if [ -n "$HADOLINT_CONFIG" ]; then
HADOLINT_CONFIG="-c ${HADOLINT_CONFIG}"
fi
for i in $HADOLINT_IGNORE; do
HADOLINT_IGNORE_CMDLINE="${HADOLINT_IGNORE_CMDLINE} --ignore=${i}"
done
# shellcheck disable=SC2086
hadolint $HADOLINT_IGNORE_CMDLINE $HADOLINT_CONFIG "$@"
+1 -1
View File
@@ -1,7 +1,7 @@
{
"problemMatcher": [
{
"owner": "hadolint",
"owner": "brpaz/hadolint-action",
"pattern": [
{
"regexp": "(.*)\\:(\\d+)\\s(.*)",
+1
View File
@@ -0,0 +1 @@
failure-threshold: error
+5
View File
@@ -0,0 +1,5 @@
FROM debian:buster
# info level warning expected here:
RUN echo "Hello"
RUN echo "World"
+4
View File
@@ -0,0 +1,4 @@
FROM debian:buster
# emits an info and a warning level violation.
RUN apt-get install foo