mirror of
https://github.com/hadolint/hadolint-action.git
synced 2026-07-05 16:11:38 +00:00
Compare commits
40 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
| 2332a7b74a | |||
| 2bfd2b95f8 | |||
| 0931ae0972 | |||
| 3fc49fb50d | |||
| 45eb072a0b | |||
| 97f3e4f6be | |||
| 3e9a095cc7 | |||
| 3285327e7a | |||
| 8bde06f9ce | |||
| 24598f413e | |||
| cc71e1bfd1 | |||
| 2f0331e821 | |||
| 715c307046 | |||
| d292784f8f | |||
| 5d0317e9d0 | |||
| 7857e0b9ce | |||
| 218bc411d7 | |||
| 726b0bb298 | |||
| a17195f03e | |||
| 88c79a349b | |||
| a4d0f06c93 | |||
| c8298ca3ec | |||
| 8b07a99429 | |||
| 87a23faa1f | |||
| 79c12b5608 | |||
| 54c9adbab1 | |||
| 0ef98d9a5c | |||
| 1a139ce6cc | |||
| e88bddc55d | |||
| 676012c475 | |||
| 77e79bb879 | |||
| 4b5806eb9c | |||
| e977686583 | |||
| 67d715bb13 | |||
| 48c4120377 | |||
| e81a8de9db | |||
| 68a2276a3c | |||
| eeab5ede16 | |||
| 169ddcf265 | |||
| d51839a6b5 |
+54
-17
@@ -3,27 +3,49 @@ on:
|
||||
push:
|
||||
branches:
|
||||
- master
|
||||
|
||||
pull_request:
|
||||
|
||||
env:
|
||||
TEST_IMAGE_NAME: hadolint-action:${{github.sha}}
|
||||
|
||||
permissions:
|
||||
contents: write
|
||||
issues: write # Used by Release step to update "The automated release is failing" issue
|
||||
pull-requests: write # Used by ShellCheck Action to add comments on PR
|
||||
|
||||
jobs:
|
||||
lint:
|
||||
name: Lint
|
||||
runs-on: ubuntu-20.04
|
||||
container: pipelinecomponents/hadolint:0.10.1
|
||||
runs-on: ubuntu-24.04
|
||||
container: pipelinecomponents/hadolint:0.27.2
|
||||
steps:
|
||||
- uses: actions/checkout@v2
|
||||
- uses: actions/checkout@v5
|
||||
|
||||
- name: Run hadolint
|
||||
run: hadolint Dockerfile
|
||||
|
||||
shellcheck:
|
||||
name: ShellCheck
|
||||
runs-on: ubuntu-24.04
|
||||
steps:
|
||||
- uses: actions/checkout@v5
|
||||
|
||||
- name: Run ShellCheck
|
||||
uses: reviewdog/action-shellcheck@v1.31.0
|
||||
with:
|
||||
reporter: github-pr-review
|
||||
fail_on_error: true
|
||||
|
||||
build-test:
|
||||
name: Build and Test
|
||||
runs-on: ubuntu-20.04
|
||||
needs: ["lint"]
|
||||
runs-on: ubuntu-24.04
|
||||
needs:
|
||||
- lint
|
||||
- shellcheck
|
||||
steps:
|
||||
- uses: actions/checkout@v2
|
||||
- uses: actions/checkout@v5
|
||||
|
||||
- name: Build Docker image
|
||||
run: docker build -t $TEST_IMAGE_NAME .
|
||||
|
||||
@@ -34,10 +56,11 @@ jobs:
|
||||
|
||||
integration-tests:
|
||||
name: Integration Tests
|
||||
runs-on: ubuntu-20.04
|
||||
needs: build-test
|
||||
runs-on: ubuntu-24.04
|
||||
needs:
|
||||
- build-test
|
||||
steps:
|
||||
- uses: actions/checkout@v2
|
||||
- uses: actions/checkout@v5
|
||||
|
||||
- name: Run integration test 1
|
||||
uses: ./
|
||||
@@ -69,8 +92,9 @@ jobs:
|
||||
failure-threshold: error
|
||||
format: json
|
||||
|
||||
- name: Run integration test 5 - output format
|
||||
# This step will never fail, but will print out rule violations.
|
||||
- name: Run integration test 5 - config file
|
||||
# This step will never fail, but will print out rule violations
|
||||
# because in config is set the error failure threshold.
|
||||
id: hadolint5
|
||||
uses: ./
|
||||
with:
|
||||
@@ -79,9 +103,20 @@ jobs:
|
||||
|
||||
- name: Run integration test 6 - verify results output parameter
|
||||
# This step will never fail, but will print out the results from step5
|
||||
run: echo "${{ steps.hadolint5.outputs.results }}"
|
||||
env:
|
||||
results: ${{ steps.hadolint5.outputs.results }}
|
||||
run: echo "$results"
|
||||
|
||||
#- name: Run integration test 6 - output to file
|
||||
- name: Run integration test 7 - set recursive
|
||||
# This step will never fail, but will print out rule violations
|
||||
# for all the Dockerfiles in repository.
|
||||
uses: ./
|
||||
with:
|
||||
dockerfile: "*Dockerfile"
|
||||
failure-threshold: error
|
||||
recursive: true
|
||||
|
||||
#- name: Run integration test 8 - output to file
|
||||
# # This step will never fail, but will print out rule violations.
|
||||
# uses: ./
|
||||
# with:
|
||||
@@ -92,11 +127,13 @@ jobs:
|
||||
release:
|
||||
if: github.event_name == 'push' && github.ref == 'refs/heads/master'
|
||||
name: Release
|
||||
runs-on: ubuntu-20.04
|
||||
needs: integration-tests
|
||||
runs-on: ubuntu-24.04
|
||||
needs:
|
||||
- integration-tests
|
||||
steps:
|
||||
- uses: actions/checkout@v2
|
||||
- uses: cycjimmy/semantic-release-action@v2
|
||||
- uses: actions/checkout@v5
|
||||
|
||||
- uses: cycjimmy/semantic-release-action@v5
|
||||
with:
|
||||
extra_plugins: |
|
||||
@semantic-release/git
|
||||
|
||||
+1
-1
@@ -1,4 +1,4 @@
|
||||
FROM hadolint/hadolint:v2.9.3-debian
|
||||
FROM ghcr.io/hadolint/hadolint:v2.14.0-debian
|
||||
|
||||
COPY LICENSE README.md problem-matcher.json /
|
||||
COPY hadolint.sh /usr/local/bin/hadolint.sh
|
||||
|
||||
@@ -6,7 +6,8 @@
|
||||
[](LICENSE)
|
||||
[](http://commitizen.github.io/cz-cli/)
|
||||
[](https://github.com/semantic-release/semantic-release?style=for-the-badge)
|
||||
[](https://github.com/hadolint/hadolint-action/action)
|
||||
[](https://github.com/hadolint/hadolint-action/action)
|
||||
|
||||
|
||||
## Usage
|
||||
|
||||
@@ -14,8 +15,8 @@ Add the following step to your workflow configuration:
|
||||
|
||||
```yml
|
||||
steps:
|
||||
- uses: actions/checkout@v2
|
||||
- uses: hadolint/hadolint-action@v2.0.0
|
||||
- uses: actions/checkout@v3
|
||||
- uses: hadolint/hadolint-action@v3.1.0
|
||||
with:
|
||||
dockerfile: Dockerfile
|
||||
```
|
||||
@@ -27,10 +28,10 @@ steps:
|
||||
| `dockerfile` | The path to the Dockerfile to be tested | `./Dockerfile` |
|
||||
| `recursive` | Search for specified dockerfile </br> recursively, from the project root | `false` |
|
||||
| `config` | Custom path to a Hadolint config file | `./.hadolint.yaml` |
|
||||
| `output-file` | A sub-path where to save the </br> output as a file to | |
|
||||
| `no-color` | Don't create colored output (`true`/`false`) | |
|
||||
| `no-fail` | Never fail the action (`true`/`false`) | |
|
||||
| `verbose` | Output more information (`true`/`false`) | |
|
||||
| `output-file` | A sub-path where to save the </br> output as a file to | `/dev/stdout` |
|
||||
| `no-color` | Don't create colored output (`true`/`false`) | `false` |
|
||||
| `no-fail` | Never fail the action (`true`/`false`) | `false` |
|
||||
| `verbose` | Output more information (`true`/`false`) | `false` |
|
||||
| `format` | The output format. One of [`tty` \| `json` \| </br> `checkstyle` \| `codeclimate` \| </br> `gitlab_codeclimate` \| `codacy` \| `sarif`] | `tty` |
|
||||
| `failure-threshold` | Rule severity threshold for pipeline </br> failure. One of [`error` \| `warning` \| </br> `info` \| `style` \| `ignore`] | `info` |
|
||||
| `override-error` | Comma separated list of rules to treat with `error` severity | |
|
||||
|
||||
+1
-1
@@ -18,7 +18,7 @@ inputs:
|
||||
output-file:
|
||||
required: false
|
||||
description: 'The path where to save the linting results to'
|
||||
default:
|
||||
default: "/dev/stdout"
|
||||
|
||||
# standart hadolint options:
|
||||
no-color:
|
||||
|
||||
+25
-11
@@ -1,15 +1,18 @@
|
||||
#!/bin/bash
|
||||
|
||||
# The problem-matcher definition must be present in the repository
|
||||
# checkout (outside the Docker container running hadolint). We copy
|
||||
# problem-matcher.json to the home folder.
|
||||
cp /problem-matcher.json "$HOME/"
|
||||
|
||||
PROBLEM_MATCHER_FILE="/problem-matcher.json"
|
||||
if [ -f "$PROBLEM_MATCHER_FILE" ]; then
|
||||
cp "$PROBLEM_MATCHER_FILE" "$HOME/"
|
||||
fi
|
||||
# After the run has finished we remove the problem-matcher.json from
|
||||
# the repository so we don't leave the checkout dirty. We also remove
|
||||
# the matcher so it won't take effect in later steps.
|
||||
# shellcheck disable=SC2317
|
||||
cleanup() {
|
||||
echo "::remove-matcher owner=brpaz/hadolint-action::"
|
||||
echo "::remove-matcher owner=brpaz/hadolint-action::"
|
||||
}
|
||||
trap cleanup EXIT
|
||||
|
||||
@@ -20,19 +23,21 @@ if [ -n "$HADOLINT_CONFIG" ]; then
|
||||
fi
|
||||
|
||||
if [ -z "$HADOLINT_TRUSTED_REGISTRIES" ]; then
|
||||
unset HADOLINT_TRUSTED_REGISTRIES;
|
||||
unset HADOLINT_TRUSTED_REGISTRIES
|
||||
fi
|
||||
|
||||
COMMAND="hadolint $HADOLINT_CONFIG"
|
||||
|
||||
if [ "$HADOLINT_RECURSIVE" = "true" ]; then
|
||||
shopt -s globstar
|
||||
|
||||
filename="${!#}"
|
||||
flags="${@:1:$#-1}"
|
||||
flags="${*:1:$#-1}"
|
||||
|
||||
RESULTS=$(hadolint $HADOLINT_CONFIG $flags **/$filename)
|
||||
RESULTS=$(eval "$COMMAND $flags" -- **/"$filename")
|
||||
else
|
||||
# shellcheck disable=SC2086
|
||||
RESULTS=$(hadolint $HADOLINT_CONFIG "$@")
|
||||
flags=$*
|
||||
RESULTS=$(eval "$COMMAND" "$flags")
|
||||
fi
|
||||
FAILED=$?
|
||||
|
||||
@@ -40,13 +45,22 @@ if [ -n "$HADOLINT_OUTPUT" ]; then
|
||||
if [ -f "$HADOLINT_OUTPUT" ]; then
|
||||
HADOLINT_OUTPUT="$TMP_FOLDER/$HADOLINT_OUTPUT"
|
||||
fi
|
||||
echo "$RESULTS" > $HADOLINT_OUTPUT
|
||||
echo "$RESULTS" >"$HADOLINT_OUTPUT"
|
||||
fi
|
||||
|
||||
RESULTS="${RESULTS//$'\\n'/''}"
|
||||
echo "::set-output name=results::$RESULTS"
|
||||
|
||||
{ echo "HADOLINT_RESULTS<<EOF"; echo "$RESULTS"; echo "EOF"; } >> $GITHUB_ENV
|
||||
{
|
||||
echo "results<<EOF"
|
||||
echo "$RESULTS"
|
||||
echo "EOF"
|
||||
} >>"$GITHUB_OUTPUT"
|
||||
|
||||
{
|
||||
echo "HADOLINT_RESULTS<<EOF"
|
||||
echo "$RESULTS"
|
||||
echo "EOF"
|
||||
} >>"$GITHUB_ENV"
|
||||
|
||||
[ -z "$HADOLINT_OUTPUT" ] || echo "Hadolint output saved to: $HADOLINT_OUTPUT"
|
||||
|
||||
|
||||
Reference in New Issue
Block a user