CICDToolbox / hadolint

Validate your Dockerfiles using hadolint.

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

CICDToolbox Logo
Github Build Status Release Commits since release

Overview

A tool to lint your Dockerfiles in CI/CD pipelines using hadolint.

This tool has been written and tested using GitHub Actions but it should work out of the box with a lot of other CI/CD tools.

Usage

on: [push, pull_request]

jobs:
  build:
    runs-on: ubuntu-latest
    - name: Run Hadolint
      run: wget --quiet -O - https://raw.githubusercontent.com/CICDToolbox/hadolint/master/pipeline.sh | bash

Other Options

The following environment variables can be set in order to customise the script.

Name Purpose Default Value
EXCLUDE_FILES A comma separated list of files to exclude from being scanned. You can also use regex to do pattern matching. Unset
REPORT_ONLY Generate the report but do not fail the build even if an error occurred. False
SHOW_ERRORS Show the actual errors instead of just which files had errors. True
SHOW_SKIPPED Show which files are being skipped. False

You can use any combination of the above settings.

on: [push, pull_request]

jobs:
  build:
    runs-on: ubuntu-latest
    - name: Run Hadolint
      env:
        REPORT_ONLY: true
        SHOW_ERRORS: true
      run: bash <(curl -s https://raw.githubusercontent.com/CICDToolbox/hadolint/master/pipeline.sh)

Example Output

This is an example of the output report generated by this tool, this is the actual output from the tool running against itself.

-------------------------------------------------------------------------- Stage 1 - Parameters --
 No parameters given
--------------------------------------------------------------- Stage 2 - Install Prerequisites --
 [  OK  ] docker pull --quiet hadolint/hadolint
------------------------------------------------------ Stage 3 - Run hadolint/hadolint (latest) --
 [  OK  ] tests/Dockerfile
------------------------------------------------------------------------------ Stage 4 - Report --
 Total: 1, OK: 1, Failed: 0, Skipped: 0
---------------------------------------------------------------------------- Stage 5 - Complete --

File Identification

Target files are identified using the following code:

[[ ${filename} =~ \Dockerfile$ ]]

There is not magic type for Dockerfiles files so file -b is of not use for identifying the files.

About

Validate your Dockerfiles using hadolint.

License:MIT License


Languages

Language:Shell 99.6%Language:Dockerfile 0.4%