From 862bcd59e94f718154e426ebd847c8fef0ef0fdb Mon Sep 17 00:00:00 2001 From: Lucas Gravley <29484535+admiralAwkbar@users.noreply.github.com> Date: Tue, 4 Aug 2020 13:53:32 -0500 Subject: [PATCH 1/8] hadolint... --- Dockerfile | 6 ++++++ README.md | 3 ++- TEMPLATES/.hadolint.yaml | 5 +++++ lib/linter.sh | 34 ++++++++++++++++++++++++++-------- lib/worker.sh | 3 ++- 5 files changed, 41 insertions(+), 10 deletions(-) create mode 100644 TEMPLATES/.hadolint.yaml diff --git a/Dockerfile b/Dockerfile index fb496cd0..c523da57 100644 --- a/Dockerfile +++ b/Dockerfile @@ -14,6 +14,7 @@ FROM golangci/golangci-lint:v1.30.0 as golangci-lint FROM yoheimuta/protolint:v0.26.0 as protolint FROM koalaman/shellcheck:v0.7.1 as shellcheck FROM wata727/tflint:0.18.0 as tflint +FROM hadolint/hadolint:latest-alpine as dockerfile-lint ################## # Get base image # @@ -176,6 +177,11 @@ COPY --from=clj-kondo /usr/local/bin/clj-kondo /usr/bin/ ################################ COPY --from=editorconfig-checker /usr/bin/ec /usr/bin/editorconfig-checker +############################### +# Install hadolint dockerfile # +############################### +COPY --from=dockerfile-lint /bin/habolint /usr/bin/hadolint + ################## # Install ktlint # ################## diff --git a/README.md b/README.md index eec27ebb..1fefdd9a 100644 --- a/README.md +++ b/README.md @@ -50,7 +50,7 @@ Developers on **GitHub** can call the **GitHub Action** to lint their code base | **Clojure** | [clj-kondo](https://github.com/borkdude/clj-kondo) | | **CoffeeScript** | [coffeelint](https://coffeelint.github.io/) | | **Dart** | [dartanalyzer](https://dart.dev/guides/language/analysis-options) | -| **Dockerfile** | [dockerfilelint](https://github.com/replicatedhq/dockerfilelint.git) | +| **Dockerfile** | [dockerfilelint](https://github.com/replicatedhq/dockerfilelint.git) https://github.com/hadolint/hadolint | | **EDITORCONFIG** | [editorconfig-checker](https://github.com/editorconfig-checker/editorconfig-checker) | | **ENV** | [dotenv-linter](https://github.com/dotenv-linter/dotenv-linter) | | **Golang** | [golangci-lint](https://github.com/golangci/golangci-lint) | @@ -196,6 +196,7 @@ and won't run anything unexpected. | **VALIDATE_CSS** | `true` | Flag to enable or disable the linting process of the CSS language. | | **VALIDATE_DART** | `true` | Flag to enable or disable the linting process of the Dart language. | | **VALIDATE_DOCKER** | `true` | Flag to enable or disable the linting process of the Docker language. | +| **VALIDATE_DOCKER_HADOLINT** | `true` | Flag to enable or disable the linting process of the Docker language. | | **VALIDATE_EDITORCONFIG** | `true` | Flag to enable or disable the linting process with the editorconfig. | | **VALIDATE_ENV** | `true` | Flag to enable or disable the linting process of the ENV language. | | **VALIDATE_GO** | `true` | Flag to enable or disable the linting process of the Golang language. | diff --git a/TEMPLATES/.hadolint.yaml b/TEMPLATES/.hadolint.yaml new file mode 100644 index 00000000..b408c6b2 --- /dev/null +++ b/TEMPLATES/.hadolint.yaml @@ -0,0 +1,5 @@ +--- +########################## +## Hadolint config file ## +########################## +ignored: diff --git a/lib/linter.sh b/lib/linter.sh index e044726d..1dc13423 100755 --- a/lib/linter.sh +++ b/lib/linter.sh @@ -46,8 +46,11 @@ CSS_LINTER_RULES="${DEFAULT_RULES_LOCATION}/${CSS_FILE_NAME}" # Path to the CSS DART_FILE_NAME='analysis_options.yaml' # Name of the file DART_LINTER_RULES="${DEFAULT_RULES_LOCATION}/${DART_FILE_NAME}" # Path to the DART lint rules # Docker Vars -DOCKER_FILE_NAME='.dockerfilelintrc' # Name of the file -DOCKER_LINTER_RULES="${DEFAULT_RULES_LOCATION}/${DOCKER_FILE_NAME}" # Path to the Docker lint rules +DOCKERFILE_NAME='.dockerfilelintrc' # Name of the file +DOCKERFILE_LINTER_RULES="${DEFAULT_RULES_LOCATION}/${DOCKERFILE_NAME}" # Path to the Docker lint rules +# Dockerfile Hadolint +DOCKERFILE_HADOLINT_NAME='.hadolint.yml' # Name of the file +DOCKERFILE_HADOLINT_LINTER_RULES="${DEFAULT_RULES_LOCATION}/${DOCKERFILE_HADOLINT_NAME}" # Path to the Docker lint rules # Golang Vars GO_FILE_NAME='.golangci.yml' # Name of the file GO_LINTER_RULES="${DEFAULT_RULES_LOCATION}/${GO_FILE_NAME}" # Path to the Go lint rules @@ -119,7 +122,7 @@ YAML_LINTER_RULES="${DEFAULT_RULES_LOCATION}/${YAML_FILE_NAME}" # Path to the ya # Linter array for information prints # ####################################### LINTER_ARRAY=('ansible-lint' 'arm-ttk' 'asl-validator' 'cfn-lint' 'clj-kondo' 'coffeelint' - 'dart' 'dockerfilelint' 'dotenv-linter' 'eslint' 'flake8' 'golangci-lint' 'htmlhint' + 'dart' 'dockerfilelint' 'dotenv-linter' 'eslint' 'flake8' 'golangci-lint' 'hadolint' 'htmlhint' 'jsonlint' 'ktlint' 'lua' 'markdownlint' 'npm-groovy-lint' 'perl' 'protolint' 'pwsh' 'pylint' 'raku' 'rubocop' 'shellcheck' 'spectral' 'standard' 'stylelint' 'terrascan' 'tflint' 'xmllint' 'yamllint') @@ -128,7 +131,7 @@ LINTER_ARRAY=('ansible-lint' 'arm-ttk' 'asl-validator' 'cfn-lint' 'clj-kondo' 'c # Language array for prints # ############################# LANGUAGE_ARRAY=('ANSIBLE' 'ARM' 'BASH' 'CLOUDFORMATION' 'CLOJURE' 'COFFEESCRIPT' 'CSS' - 'DART' 'DOCKER' 'ENV' 'GO' 'GROOVY' 'HTML' 'JAVASCRIPT_ES' 'JAVASCRIPT_STANDARD' + 'DART' 'DOCKERFILE' 'DOCKERFILE_HADOLINT' 'ENV' 'GO' 'GROOVY' 'HTML' 'JAVASCRIPT_ES' 'JAVASCRIPT_STANDARD' 'JSON' 'JSX' 'KOTLIN' 'LUA' 'MARKDOWN' 'OPENAPI' 'PERL' 'PHP_BUILTIN' 'PHP_PHPCS' 'PHP_PHPSTAN' 'PHP_PSALM' 'POWERSHELL' 'PROTOBUF' 'PYTHON_PYLINT' 'PYTHON_FLAKE8' 'RAKU' 'RUBY' 'STATES' 'TERRAFORM' 'TERRAFORM_TERRASCAN' 'TSX' 'TYPESCRIPT_ES' @@ -165,6 +168,7 @@ VALIDATE_COFFEE="${VALIDATE_COFFEE}" # Boolean t VALIDATE_CSS="${VALIDATE_CSS}" # Boolean to validate language VALIDATE_DART="${VALIDATE_DART}" # Boolean to validate language VALIDATE_DOCKER="${VALIDATE_DOCKER}" # Boolean to validate language +VALIDATE_DOCKER_HADOLINT="${VALIDATE_DOCKER_HADOLINT}" # Boolean to validate language VALIDATE_EDITORCONFIG="${VALIDATE_EDITORCONFIG}" # Boolean to validate files with editorconfig VALIDATE_ENV="${VALIDATE_ENV}" # Boolean to validate language VALIDATE_GO="${VALIDATE_GO}" # Boolean to validate language @@ -260,7 +264,8 @@ FILE_ARRAY_CLOJURE=() # Array of files to check FILE_ARRAY_COFFEESCRIPT=() # Array of files to check FILE_ARRAY_CSS=() # Array of files to check FILE_ARRAY_DART=() # Array of files to check -FILE_ARRAY_DOCKER=() # Array of files to check +FILE_ARRAY_DOCKERFILE=() # Array of files to check +FILE_ARRAY_DOCKERFILE_HADOLINT=() # Array of files to check FILE_ARRAY_ENV=() # Array of files to check FILE_ARRAY_GO=() # Array of files to check FILE_ARRAY_GROOVY=() # Array of files to check @@ -311,8 +316,10 @@ ERRORS_FOUND_COFFEESCRIPT=0 # Count of errors found export ERRORS_FOUND_COFFEESCRIPT # Workaround SC2034 ERRORS_FOUND_DART=0 # Count of errors found export ERRORS_FOUND_DART # Workaround SC2034 -ERRORS_FOUND_DOCKER=0 # Count of errors found -export ERRORS_FOUND_DOCKER # Workaround SC2034 +ERRORS_FOUND_DOCKERFILE=0 # Count of errors found +export ERRORS_FOUND_DOCKERFILE # Workaround SC2034 +ERRORS_FOUND_DOCKERFILE_HADOLINT=0 # Count of errors found +export ERRORS_FOUND_DOCKERFILE_HADOLINT # Workaround SC2034 ERRORS_FOUND_ENV=0 # Count of errors found export ERRORS_FOUND_ENV # Workaround SC2034 ERRORS_FOUND_GO=0 # Count of errors found @@ -1318,7 +1325,18 @@ if [ "${VALIDATE_DOCKER}" == "true" ]; then ######################### # LintCodebase "FILE_TYPE" "LINTER_NAME" "LINTER_CMD" "FILE_TYPES_REGEX" "FILE_ARRAY" # NOTE: dockerfilelint's "-c" option expects the folder *containing* the DOCKER_LINTER_RULES file - LintCodebase "DOCKER" "dockerfilelint" "dockerfilelint -c $(dirname ${DOCKER_LINTER_RULES})" ".*\(Dockerfile\)\$" "${FILE_ARRAY_DOCKER[@]}" + LintCodebase "DOCKER" "dockerfilelint" "dockerfilelint -c $(dirname ${DOCKERFILE_LINTER_RULES})" ".*\(Dockerfile\)\$" "${FILE_ARRAY_DOCKER[@]}" +fi + +########################### +# DOCKER LINTING HADOLINT # +########################### +if [ "${VALIDATE_DOCKER_HADOLINT}" == "true" ]; then + ######################### + # Lint the docker files # + ######################### + # LintCodebase "FILE_TYPE" "LINTER_NAME" "LINTER_CMD" "FILE_TYPES_REGEX" "FILE_ARRAY" + LintCodebase "DOCKER" "hadolint" "hadolint -c ${DOCKERFILE_HADOLINT_LINTER_RULES}" ".*\(Dockerfile\)\$" "${FILE_ARRAY_DOCKER[@]}" fi ######################## diff --git a/lib/worker.sh b/lib/worker.sh index 3cde38b6..45b8e8a4 100755 --- a/lib/worker.sh +++ b/lib/worker.sh @@ -576,7 +576,8 @@ function RunTestCases() { TestCodebase "COFFEESCRIPT" "coffeelint" "coffeelint -f ${COFFEESCRIPT_LINTER_RULES}" ".*\.\(coffee\)\$" "coffeescript" TestCodebase "CSS" "stylelint" "stylelint --config ${CSS_LINTER_RULES}" ".*\.\(css\)\$" "css" TestCodebase "DART" "dart" "dartanalyzer --fatal-infos --fatal-warnings --options ${DART_LINTER_RULES}" ".*\.\(dart\)\$" "dart" - TestCodebase "DOCKER" "dockerfilelint" "dockerfilelint -c ${DOCKER_LINTER_RULES}" ".*\(Dockerfile\)\$" "docker" + TestCodebase "DOCKER" "dockerfilelint" "dockerfilelint -c ${DOCKERFILE_LINTER_RULES}" ".*\(Dockerfile\)\$" "docker" + TestCodebase "DOCKER" "hadolint" "hadolint -c ${DOCKERFILE_HADOLINT_LINTER_RULES}" ".*\(Dockerfile\)\$" "docker" TestCodebase "EDITORCONFIG" "editorconfig-checker" "editorconfig-checker" ".*\.ext$" "editorconfig-checker" TestCodebase "ENV" "dotenv-linter" "dotenv-linter" ".*\.\(env\)\$" "env" TestCodebase "GO" "golangci-lint" "golangci-lint run -c ${GO_LINTER_RULES}" ".*\.\(go\)\$" "golang" From 4e4c8595de28ad87d4db7a6f12b449dd202d79c8 Mon Sep 17 00:00:00 2001 From: Lucas Gravley <29484535+admiralAwkbar@users.noreply.github.com> Date: Tue, 4 Aug 2020 13:55:14 -0500 Subject: [PATCH 2/8] Now with less typos --- Dockerfile | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index c523da57..144f2c19 100644 --- a/Dockerfile +++ b/Dockerfile @@ -180,7 +180,7 @@ COPY --from=editorconfig-checker /usr/bin/ec /usr/bin/editorconfig-checker ############################### # Install hadolint dockerfile # ############################### -COPY --from=dockerfile-lint /bin/habolint /usr/bin/hadolint +COPY --from=dockerfile-lint /bin/hadolint /usr/bin/hadolint ################## # Install ktlint # @@ -253,6 +253,7 @@ ENV ACTIONS_RUNNER_DEBUG=${ACTIONS_RUNNER_DEBUG} \ VALIDATE_CSS=${VALIDATE_CSS} \ VALIDATE_DART=${VALIDATE_DART} \ VALIDATE_DOCKER=${VALIDATE_DOCKER} \ + VALIDATE_DOCKER_HADOLINT=${VALIDATE_DOCKER_HADOLINT} \ VALIDATE_EDITORCONFIG=${VALIDATE_EDITORCONFIG} \ VALIDATE_ENV=${VALIDATE_ENV} \ VALIDATE_GO=${VALIDATE_GO} \ From dee51753b02d48a4cd6cb50cc3ad3f00de0231b9 Mon Sep 17 00:00:00 2001 From: Lucas Gravley <29484535+admiralAwkbar@users.noreply.github.com> Date: Tue, 4 Aug 2020 13:57:50 -0500 Subject: [PATCH 3/8] now with connecting vars --- lib/linter.sh | 4 ++-- lib/worker.sh | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/lib/linter.sh b/lib/linter.sh index 1dc13423..dc71938c 100755 --- a/lib/linter.sh +++ b/lib/linter.sh @@ -1325,7 +1325,7 @@ if [ "${VALIDATE_DOCKER}" == "true" ]; then ######################### # LintCodebase "FILE_TYPE" "LINTER_NAME" "LINTER_CMD" "FILE_TYPES_REGEX" "FILE_ARRAY" # NOTE: dockerfilelint's "-c" option expects the folder *containing* the DOCKER_LINTER_RULES file - LintCodebase "DOCKER" "dockerfilelint" "dockerfilelint -c $(dirname ${DOCKERFILE_LINTER_RULES})" ".*\(Dockerfile\)\$" "${FILE_ARRAY_DOCKER[@]}" + LintCodebase "DOCKERFILE" "dockerfilelint" "dockerfilelint -c $(dirname ${DOCKERFILE_LINTER_RULES})" ".*\(Dockerfile\)\$" "${FILE_ARRAY_DOCKER[@]}" fi ########################### @@ -1336,7 +1336,7 @@ if [ "${VALIDATE_DOCKER_HADOLINT}" == "true" ]; then # Lint the docker files # ######################### # LintCodebase "FILE_TYPE" "LINTER_NAME" "LINTER_CMD" "FILE_TYPES_REGEX" "FILE_ARRAY" - LintCodebase "DOCKER" "hadolint" "hadolint -c ${DOCKERFILE_HADOLINT_LINTER_RULES}" ".*\(Dockerfile\)\$" "${FILE_ARRAY_DOCKER[@]}" + LintCodebase "DOCKERFILE_HADOLINT" "hadolint" "hadolint -c ${DOCKERFILE_HADOLINT_LINTER_RULES}" ".*\(Dockerfile\)\$" "${FILE_ARRAY_DOCKER[@]}" fi ######################## diff --git a/lib/worker.sh b/lib/worker.sh index 45b8e8a4..b32b5952 100755 --- a/lib/worker.sh +++ b/lib/worker.sh @@ -576,8 +576,8 @@ function RunTestCases() { TestCodebase "COFFEESCRIPT" "coffeelint" "coffeelint -f ${COFFEESCRIPT_LINTER_RULES}" ".*\.\(coffee\)\$" "coffeescript" TestCodebase "CSS" "stylelint" "stylelint --config ${CSS_LINTER_RULES}" ".*\.\(css\)\$" "css" TestCodebase "DART" "dart" "dartanalyzer --fatal-infos --fatal-warnings --options ${DART_LINTER_RULES}" ".*\.\(dart\)\$" "dart" - TestCodebase "DOCKER" "dockerfilelint" "dockerfilelint -c ${DOCKERFILE_LINTER_RULES}" ".*\(Dockerfile\)\$" "docker" - TestCodebase "DOCKER" "hadolint" "hadolint -c ${DOCKERFILE_HADOLINT_LINTER_RULES}" ".*\(Dockerfile\)\$" "docker" + TestCodebase "DOCKERFILE" "dockerfilelint" "dockerfilelint -c ${DOCKERFILE_LINTER_RULES}" ".*\(Dockerfile\)\$" "docker" + TestCodebase "DOCKERFILE_HADOLINT" "hadolint" "hadolint -c ${DOCKERFILE_HADOLINT_LINTER_RULES}" ".*\(Dockerfile\)\$" "docker" TestCodebase "EDITORCONFIG" "editorconfig-checker" "editorconfig-checker" ".*\.ext$" "editorconfig-checker" TestCodebase "ENV" "dotenv-linter" "dotenv-linter" ".*\.\(env\)\$" "env" TestCodebase "GO" "golangci-lint" "golangci-lint run -c ${GO_LINTER_RULES}" ".*\.\(go\)\$" "golang" From c78f7f0ed848c1f35c94a3b7891c19ca12432622 Mon Sep 17 00:00:00 2001 From: Lucas Gravley <29484535+admiralAwkbar@users.noreply.github.com> Date: Tue, 4 Aug 2020 14:19:29 -0500 Subject: [PATCH 4/8] adding better finder --- .automation/test/docker/good/Dockerfile | 2 +- lib/worker.sh | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.automation/test/docker/good/Dockerfile b/.automation/test/docker/good/Dockerfile index 9b15c22e..33ed48d0 100644 --- a/.automation/test/docker/good/Dockerfile +++ b/.automation/test/docker/good/Dockerfile @@ -8,6 +8,6 @@ WORKDIR /usr/src/app COPY package.json /usr/src/app/ RUN npm install -ADD server.js server.js +COPY server.js server.js EXPOSE 3000 CMD ["node", "server.js"] diff --git a/lib/worker.sh b/lib/worker.sh index b32b5952..8caefd05 100755 --- a/lib/worker.sh +++ b/lib/worker.sh @@ -363,7 +363,7 @@ function TestCodebase() { ####################################### # Check if docker and get folder name # ####################################### - if [[ ${FILE_TYPE} == "DOCKER" ]]; then + if [[ ${FILE_TYPE} == *"DOCKER"* ]]; then if [[ ${FILE} == *"good"* ]]; then ############# # Good file # From c85f38665253100fce4f333430d9de4803dc260f Mon Sep 17 00:00:00 2001 From: Lucas Gravley <29484535+admiralAwkbar@users.noreply.github.com> Date: Tue, 4 Aug 2020 14:29:25 -0500 Subject: [PATCH 5/8] adding details --- docs/disabling-linters.md | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) diff --git a/docs/disabling-linters.md b/docs/disabling-linters.md index 15ddb185..00b246a2 100644 --- a/docs/disabling-linters.md +++ b/docs/disabling-linters.md @@ -23,6 +23,7 @@ For some linters it is also possible to override rules on a case by case level w - [CSS](#css) - [Dart](#dart) - [Dockerfile](#dockerfile) + - [Dockerfile](#dockerfile-hadolint) - [EDITORCONFIG-CHECKER](#editorconfig-checker) - [ENV](#env) - [Golang](#golang) @@ -295,6 +296,30 @@ analyzer: --- +## Dockerfile-Hadolint + +- [hadolint](https://github.com/hadolint/hadolint) + +### Hadolint standard Config file + +- `.github/linters/.hadolint.yml` +- You can pass multiple rules and overwrite default rules +- File should be located at: `.github/linters/.hadolint.yml` + +### Hadolint disable single line + +- There is currently **No** way to disable rules inline of the file(s) + +### Hadolint disable code block + +- There is currently **No** way to disable rules inline of the file(s) + +### Hadolint disable entire file + +- There is currently **No** way to disable rules inline of the file(s) + +--- + ## EDITORCONFIG-CHECKER - [editorconfig-checker](https://github.com/editorconfig-checker/editorconfig-checker) From 6a6bb772700c8dfe9ae9a47a57c70b9b571199e5 Mon Sep 17 00:00:00 2001 From: Lucas Gravley <29484535+admiralAwkbar@users.noreply.github.com> Date: Tue, 4 Aug 2020 14:41:10 -0500 Subject: [PATCH 6/8] Fixing them rules --- lib/linter.sh | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/lib/linter.sh b/lib/linter.sh index dc71938c..7aea92da 100755 --- a/lib/linter.sh +++ b/lib/linter.sh @@ -1120,7 +1120,9 @@ GetLinterRules "CSS" # Get DART rules GetLinterRules "DART" # Get Docker rules -GetLinterRules "DOCKER" +GetLinterRules "DOCKERFILE" +# Get Docker rules +GetLinterRules "DOCKERFILE_HADOLINT" # Get Golang rules GetLinterRules "GO" # Get Groovy rules From f5ecd52d7917fd1784e381546f7d118b8ec68529 Mon Sep 17 00:00:00 2001 From: Lucas Gravley <29484535+admiralAwkbar@users.noreply.github.com> Date: Tue, 4 Aug 2020 14:51:00 -0500 Subject: [PATCH 7/8] eat our own dogfood --- .github/linters/.hadolint.yaml | 5 +++++ 1 file changed, 5 insertions(+) create mode 100644 .github/linters/.hadolint.yaml diff --git a/.github/linters/.hadolint.yaml b/.github/linters/.hadolint.yaml new file mode 100644 index 00000000..b408c6b2 --- /dev/null +++ b/.github/linters/.hadolint.yaml @@ -0,0 +1,5 @@ +--- +########################## +## Hadolint config file ## +########################## +ignored: From a457364fced90f3095021b5cbe35f2ed9c195367 Mon Sep 17 00:00:00 2001 From: Lucas Gravley <29484535+admiralAwkbar@users.noreply.github.com> Date: Tue, 4 Aug 2020 15:03:18 -0500 Subject: [PATCH 8/8] now with matching names --- .github/linters/{.hadolint.yaml => .hadolint.yml} | 0 TEMPLATES/{.hadolint.yaml => .hadolint.yml} | 0 2 files changed, 0 insertions(+), 0 deletions(-) rename .github/linters/{.hadolint.yaml => .hadolint.yml} (100%) rename TEMPLATES/{.hadolint.yaml => .hadolint.yml} (100%) diff --git a/.github/linters/.hadolint.yaml b/.github/linters/.hadolint.yml similarity index 100% rename from .github/linters/.hadolint.yaml rename to .github/linters/.hadolint.yml diff --git a/TEMPLATES/.hadolint.yaml b/TEMPLATES/.hadolint.yml similarity index 100% rename from TEMPLATES/.hadolint.yaml rename to TEMPLATES/.hadolint.yml