initial commit #1
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Docker Lint | |
on: | |
pull_request: | |
push: | |
branches: | |
- main | |
permissions: | |
contents: read | |
jobs: | |
docker-lint: | |
runs-on: ubuntu-latest | |
name: docker-lint | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Install hadolint | |
run: | | |
sudo wget https://github.com/hadolint/hadolint/releases/latest/download/hadolint-Linux-x86_64 -O /usr/bin/hadolint | |
sudo chmod +x /usr/bin/hadolint | |
- name: run lint | |
run: | | |
DOCKERFILES="$(find ./ -name Dockerfile)" | |
mapfile -t DOCKERFILES <<< "$DOCKERFILES" | |
for file in "${DOCKERFILES[@]}"; do | |
# DL3018 warning: Pin versions in apk add. Instead of `apk add <package>` use `apk add <package>=<version>` | |
# DL4006 warning: Set the SHELL option -o pipefail before RUN with a pipe in it. If you are using /bin/sh in an alpine image or if your shell is symlinked to busybox then consider explicitly setting your SHELL to /bin/ash, or disable this check | |
hadolint "$file" --ignore DL3018 --ignore DL4006 | tee -a ./hadolint.log | |
done | |
if grep -q "DL[0-9]\+\|SC[0-9]\+" ./hadolint.log; then | |
exit 1 | |
fi |