28 Commits

Author SHA1 Message Date
José Lorenzo Rodríguez 0bc6199b82 upgrade to 2.9.2 2022-03-22 09:41:42 +01:00
José Lorenzo Rodríguez 070f68df71 Merge pull request #43 from m-ildefons/config-options
features: config options, saving to file, SARIF
2022-03-22 09:41:12 +01:00
José Lorenzo Rodríguez 40f98da752 Merge pull request #45 from mblottiere/fix/missing-problem-matcher
fix: missing problem-matcher
2022-03-22 09:40:46 +01:00
Matthieu Blottière 390bcfc1bc fix: attempt to fix missing problem-matcher
It uses the solution mentioned in
https://github.com/actions/toolkit/issues/305#issuecomment-585515210
2021-12-08 17:26:25 +01:00
Moritz Röhrich 98fb3f8040 features: config options, saving to file, SARIF
- Upgrade to Hadolint 2.8.0, enabling the SARIF formatter
- Expand config options to reflect more of those regularly available
  with Hadolint including `no-fail` and `failure-threshold` options
- Enable the creation of report files

Breaking change: The list of ignored rules is now comma separated and
not space separated.

fixes: #23
fixes: #36
fixes: #42
2021-11-20 12:02:12 +01:00
José Lorenzo Rodríguez 3cfc69d4b2 Merge pull request #41 from revolunet/patch-1
docs: fix example
2021-10-19 16:19:35 +02:00
Julien Bouquillon 03ff2f358b docs: fix example 2021-10-19 15:49:02 +02:00
José Lorenzo Rodríguez d7b3858233 Make tests pass 2021-08-26 13:31:58 +02:00
José Lorenzo Rodríguez fdf6f4b6d2 Merge pull request #34 from itamargiv/feature/recursive-dir-check
Feature: Recursive dir check - Lint multiple files
2021-08-26 13:29:29 +02:00
José Lorenzo Rodríguez 0bb0c4c131 Merge pull request #39 from Juneezee/hadolint-v2.7.0
build: bump hadolint from v2.4.0 to v2.7.0
2021-08-26 12:42:52 +02:00
Eng Zer Jun 8af94d9fae build: bump hadolint from v2.4.0 to v2.7.0
Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
2021-08-26 17:47:50 +08:00
Itamar Givon afcbb72a70 Update docs 2021-06-14 12:02:23 +02:00
Itamar Givon 34545a185d Add recursive linting 2021-06-14 12:01:11 +02:00
José Lorenzo Rodríguez 1fe9ddfd12 Merge pull request #33 from brpaz/update-readme
update support section and remove funding configuration
2021-06-13 13:20:59 +02:00
José Lorenzo Rodríguez 64243a4c85 Merge pull request #35 from jward-bw/patch-1
Improve readability of `Inputs` table.
2021-06-13 13:19:51 +02:00
Jacob Ward 9c70326916 Improve readability of Inputs table.
In my opinion it's still not very easy to read, but it is correctly formatted now.
2021-06-04 16:49:26 +01:00
Bruno Paz 6c5b4b97b1 docs(README): update support section and remove funding configuration 2021-05-17 19:06:18 +01:00
José Lorenzo Rodríguez f49a60108f Merge pull request #30 from kalikiana/docs_readme_checkout
doc: Add checkout action to the example
2021-05-10 11:31:15 +02:00
José Lorenzo Rodríguez 5f549be9cc Merge branch 'master' into docs_readme_checkout 2021-05-10 11:31:03 +02:00
José Lorenzo Rodríguez c27bd9edc1 Merge pull request #32 from m-ildefons/hadolint-240
hadolint: version bump to 2.4.0
2021-05-10 11:27:49 +02:00
Moritz Röhrich 110e47c1b7 hadolint: version bump to 2.4.0
- bump Hadolint version to 2.4.0
- change to debian based image
- add common config options
- expand integration tests for new options

fixes: https://github.com/hadolint/hadolint-action/issues/5
fixes: https://github.com/hadolint/hadolint-action/issues/8
fixes: https://github.com/hadolint/hadolint-action/issues/17
fixes: https://github.com/hadolint/hadolint-action/issues/18
fixes: https://github.com/hadolint/hadolint-action/issues/31
2021-05-08 14:54:03 +02:00
Christian Dywan 785eabb2d4 doc: Add checkout action to the example
Fixes: #25
2021-05-02 08:45:07 +02:00
José Lorenzo Rodríguez 136c22c8f8 fix example 2021-04-15 13:44:25 +02:00
José Lorenzo Rodríguez 473e36ba30 Merge pull request #28 from hadolint/dependabot/docker/hadolint/hadolint-v2.1.0-alpine
build(deps): bump hadolint/hadolint from v1.19.0-alpine to v2.1.0-alpine
2021-04-15 13:40:41 +02:00
José Lorenzo Rodríguez edc054086d Merge pull request #29 from hadolint/hadolint-org
Updates to reflect changes to the Hadolint organization
2021-04-15 13:38:42 +02:00
Bruno Paz b18c7cf9dc Update README.md 2021-04-14 19:25:02 +01:00
dependabot[bot] 20e70041a2 build(deps): bump hadolint/hadolint from v1.19.0-alpine to v2.1.0-alpine
Bumps hadolint/hadolint from v1.19.0-alpine to v2.1.0-alpine.

Signed-off-by: dependabot[bot] <support@github.com>
2021-04-05 07:53:42 +00:00
Arne Jørgensen 1623ba6171 fix: Remove problem matcher after run (#16) 2020-12-06 19:10:45 +00:00
10 changed files with 212 additions and 36 deletions
-4
View File
@@ -1,4 +0,0 @@
# https://help.github.com/en/articles/displaying-a-sponsor-button-in-your-repository
github: brpaz
patreon: brpaz
custom: https://www.buymeacoffee.com/Z1Bu6asGV
+41 -1
View File
@@ -39,11 +39,51 @@ jobs:
steps:
- uses: actions/checkout@v2
- name: Run integration test
- name: Run integration test 1
uses: ./
with:
dockerfile: testdata/Dockerfile
- name: Run integration test 2 - ignore a rule
# This step is supposed to print out an info level rule violation
# but completely ignore the two rules listed below
uses: ./
with:
dockerfile: testdata/warning.Dockerfile
ignore: 'DL3014,DL3008'
no-fail: true
- name: Run integration test 3 - set failure threshold
# This step will print out an info level rule violation, but not fail
# because of the high failure threshold.
uses: ./
with:
dockerfile: testdata/info.Dockerfile
failure-threshold: warning
- name: Run integration test 4 - output format
# This step will never fail, but will print out rule violations as json.
uses: ./
with:
dockerfile: testdata/warning.Dockerfile
failure-threshold: error
format: json
- name: Run integration test 5 - output format
# This step will never fail, but will print out rule violations.
uses: ./
with:
dockerfile: testdata/warning.Dockerfile
config: testdata/hadolint.yaml
- name: Run integration test 6 - output to file
# This step will never fail, but will print out rule violations.
uses: ./
with:
dockerfile: testdata/warning.Dockerfile
format: sarif
output-file: /report.sarif
release:
if: github.event_name == 'push' && github.ref == 'refs/heads/master'
name: Release
+1 -1
View File
@@ -1,4 +1,4 @@
FROM hadolint/hadolint:v1.19.0-alpine
FROM hadolint/hadolint:v2.9.2-debian
COPY LICENSE README.md problem-matcher.json /
COPY hadolint.sh /usr/local/bin/hadolint.sh
+36 -19
View File
@@ -7,7 +7,7 @@
[![Commitizen friendly](https://img.shields.io/badge/commitizen-friendly-brightgreen.svg?style=for-the-badge)](http://commitizen.github.io/cz-cli/)
[![semantic-release](https://img.shields.io/badge/%20%20%F0%9F%93%A6%F0%9F%9A%80-semantic--release-e10079.svg?style=for-the-badge)](https://github.com/semantic-release/semantic-release?style=for-the-badge)
[![GitHub Workflow Status](https://img.shields.io/github/workflow/status/brpaz/hadolint-action/CI?style=for-the-badge)](https://github.com/brpaz/hadolint-action/action)
[![GitHub Workflow Status](https://img.shields.io/github/workflow/status/hadolint/hadolint-action/CI?style=for-the-badge)](https://github.com/hadolint/hadolint-action/action)
## Usage
@@ -15,22 +15,47 @@ Add the following step to your workflow configuration:
```yml
steps:
- uses: brpaz/hadolint-action@v1.2.1
with:
dockerfile: Dockerfile
- uses: actions/checkout@v2
- uses: hadolint/hadolint-action@v1.6.0
with:
dockerfile: Dockerfile
```
## Inputs
| Name | Description | Default |
|------------ |----------------------------------------- |-------------- |
| dockerfile | The path to the Dockerfile to be tested | ./Dockerfile |
| Name | Description | Default |
|------------------- |------------------------------------------ |----------------- |
| dockerfile | The path to the Dockerfile to be tested | ./Dockerfile |
| recursive | Search for specified dockerfile | false |
| | recursively, from the project root | |
| config | Custom path to a Hadolint config file | ./.hadolint.yaml |
| output-file | A sub-path where to save the | |
| | output as a file to | |
| no-color | Don't create colored output | |
| no-fail | Never fail the action | |
| verbose | Output more information | |
| format | The output format. One of [tty \| json \| | tty |
| | checkstyle \| codeclimate \| | |
| | gitlab_codeclimate \| codacy \| sarif] | |
| failure-threshold | Rule severity threshold for pipeline | info |
| | failure. One of [error \| warning \| | |
| | info \| style \| ignore] | |
| override-error | List of rules to treat with 'error' | |
| | severity | |
| override-warning | List of rules to treat with 'warning' | |
| | severity | |
| override-info | List of rules to treat with 'info' | |
| | severity | |
| override-style | List of rules to treat with 'style' | |
| | severity | |
| ignore | Space separated list of Hadolint rules to | <none> |
| | ignore. | |
| trusted-resgitries | List of urls of trusted registries | |
## Hadolint Configuration
To configure Hadolint (for example ignore rules), you can create an `.hadolint.yaml` file in the root of your repository. Please check the Hadolint [documentation](https://github.com/hadolint/hadolint#configure).
## 🤝 Contributing
Contributions are what make the open source community such an amazing place to be learn, inspire, and create. Any contributions you make are **greatly appreciated**.
@@ -40,20 +65,14 @@ Contributions are what make the open source community such an amazing place to b
3. Commit your Changes (`git commit -m 'Add some AmazingFeature'`)
4. Push to the Branch (`git push origin feature/AmazingFeature`)
5. Open a Pull Request
## 💛 Support the project
If this project was useful to you in some form, I would be glad to have your support. It will help to keep the project alive and to have more time to work on Open Source.
If this project was useful to you in some form, We would be glad to have your support. It will help keeping the project alive.
The sinplest form of support is to give a ⭐️ to this repo.
You can also contribute with [GitHub Sponsors](https://github.com/sponsors/brpaz).
This project was originally created by [Bruno Paz](https://github.com/sponsors/brpaz) and incorporated into the Hadolint organization. If you appreciate the work done on this action, Bruno would be happy with your [sponsorship](https://github.com/sponsors/brpaz).
[![GitHub Sponsors](https://img.shields.io/badge/GitHub%20Sponsors-Sponsor%20Me-red?style=for-the-badge)](https://github.com/sponsors/brpaz)
Or if you prefer a one time donation to the project, you can simple:
<a href="https://www.buymeacoffee.com/Z1Bu6asGV" target="_blank"><img src="https://www.buymeacoffee.com/assets/img/custom_images/orange_img.png" alt="Buy Me A Coffee" style="height: auto !important;width: auto !important;" ></a>
## Author
👤 **Bruno Paz**
@@ -63,6 +82,4 @@ Or if you prefer a one time donation to the project, you can simple:
## 📝 License
Copyright © 2019 [Bruno Paz](https://github.com/brpaz).
This project is [MIT](LICENSE) licensed.
[MIT](LICENSE)
+85
View File
@@ -3,13 +3,98 @@ description: 'Action that runs Hadolint Dockerfile linting tool'
author: 'Bruno Paz'
inputs:
dockerfile:
required: false
description: 'The path to the Dockerfile to lint'
default: 'Dockerfile'
config:
required: false
description: 'Path to a config file'
default:
recursive:
required: false
description:
'Search for specified dockerfile recursively, from the project root'
default: 'false'
output-file:
required: false
description: 'The path where to save the linting results to'
default:
# standart hadolint options:
no-color:
required: false
description: Don't create colored output.
default: 'false'
no-fail:
required: false
description: Never exit with a failure status code
default: 'false'
verbose:
required: false
description: Print more information about the running config
default: 'false'
format:
required: false
description: |
The output format, one of [tty (default) | json | checkstyle |
codeclimate | gitlab_codeclimate | codacy | sarif]
default: 'tty'
failure-threshold:
required: false
description: |
Fail the pipeline only if rules with severity above this threshold are
violated. One of [error | warning | info (default) | style | ignore]
default: 'info'
override-error:
required: false
description:
'A comma separated list of rules whose severity will be `error`'
default:
override-warning:
required: false
description:
'A comma separated list of rules whose severity will be `warning`'
default:
override-info:
required: false
description:
'A comma separated list of rules whose severity will be `info`'
default:
override-style:
required: false
description:
'A comma separated list of rules whose severity will be `style`'
default:
ignore:
required: false
description: 'A comma separated string of rules to ignore'
default:
trusted-registries:
required: false
description: 'A comma separated list of trusted registry urls'
default:
runs:
using: 'docker'
image: 'Dockerfile'
args:
- ${{ inputs.dockerfile }}
env:
NO_COLOR: ${{ inputs.no-color }}
HADOLINT_NOFAIL: ${{ inputs.no-fail }}
HADOLINT_VERBOSE: ${{ inputs.verbose }}
HADOLINT_FORMAT: ${{ inputs.format }}
HADOLINT_FAILURE_THRESHOLD: ${{ inputs.failure-threshold }}
HADOLINT_OVERRIDE_ERROR: ${{ inputs.override-error }}
HADOLINT_OVERRIDE_WARNING: ${{ inputs.override-warning }}
HADOLINT_OVERRIDE_INFO: ${{ inputs.override-info }}
HADOLINT_OVERRIDE_STYLE: ${{ inputs.override-style }}
HADOLINT_IGNORE: ${{ inputs.ignore }}
HADOLINT_TRUSTED_REGISTRIES: ${{ inputs.trusted-registries }}
HADOLINT_CONFIG: ${{ inputs.config }}
HADOLINT_RECURSIVE: ${{ inputs.recursive }}
HADOLINT_OUTPUT: ${{ inputs.output-file }}
branding:
icon: 'layers'
color: 'purple'
+38 -10
View File
@@ -1,14 +1,42 @@
#!/bin/sh
#!/bin/bash
# The problem-matcher definition must be present in the repository
# checkout (outside the Docker container running hadolint). We create
# a temporary folder and copy problem-matcher.json to it and make it
# readable.
TMP_FOLDER=$(mktemp -d -p .)
cp /problem-matcher.json "${TMP_FOLDER}"
chmod -R a+rX "${TMP_FOLDER}"
trap "rm -rf \"${TMP_FOLDER}\"" EXIT
# checkout (outside the Docker container running hadolint). We copy
# problem-matcher.json to the home folder.
cp /problem-matcher.json "$HOME/"
echo "::add-matcher::${TMP_FOLDER}/problem-matcher.json"
# After the run has finished we remove the problem-matcher.json from
# the repository so we don't leave the checkout dirty. We also remove
# the matcher so it won't take effect in later steps.
cleanup() {
echo "::remove-matcher owner=brpaz/hadolint-action::"
}
trap cleanup EXIT
hadolint "$@"
echo "::add-matcher::$HOME/problem-matcher.json"
if [ -n "$HADOLINT_CONFIG" ]; then
HADOLINT_CONFIG="-c ${HADOLINT_CONFIG}"
fi
OUTPUT=
if [ -n "$HADOLINT_OUTPUT" ]; then
if [ -f "$HADOLINT_OUTPUT" ]; then
HADOLINT_OUTPUT="$TMP_FOLDER/$HADOLINT_OUTPUT"
fi
OUTPUT=" | tee $HADOLINT_OUTPUT"
fi
if [ "$HADOLINT_RECURSIVE" = "true" ]; then
shopt -s globstar
filename="${!#}"
flags="${@:1:$#-1}"
hadolint $HADOLINT_CONFIG $flags **/$filename $OUTPUT
else
# shellcheck disable=SC2086
hadolint $HADOLINT_CONFIG "$@" $OUTPUT
fi
[ -z "$HADOLINT_OUTPUT" ] || echo "Hadolint output saved to: $HADOLINT_OUTPUT"
+1 -1
View File
@@ -1,7 +1,7 @@
{
"problemMatcher": [
{
"owner": "hadolint",
"owner": "brpaz/hadolint-action",
"pattern": [
{
"regexp": "(.*)\\:(\\d+)\\s(.*)",
+1
View File
@@ -0,0 +1 @@
failure-threshold: error
+5
View File
@@ -0,0 +1,5 @@
FROM debian:buster
# info level warning expected here:
RUN echo "Hello"
RUN echo "World"
+4
View File
@@ -0,0 +1,4 @@
FROM debian:buster
# emits an info and a warning level violation.
RUN apt-get install foo