Merge pull request #516 from github/hadolint

hadolint...
This commit is contained in:
Lukas Gravley 2020-08-04 15:13:44 -05:00 committed by GitHub
commit 20ecaecabb
WARNING! Although there is a key with this ID in the database it does not verify this commit! This commit is SUSPICIOUS.
GPG key ID: 4AEE18F83AFDEB23
8 changed files with 77 additions and 13 deletions

View file

@ -8,6 +8,6 @@ WORKDIR /usr/src/app
COPY package.json /usr/src/app/ COPY package.json /usr/src/app/
RUN npm install RUN npm install
ADD server.js server.js COPY server.js server.js
EXPOSE 3000 EXPOSE 3000
CMD ["node", "server.js"] CMD ["node", "server.js"]

5
.github/linters/.hadolint.yml vendored Normal file
View file

@ -0,0 +1,5 @@
---
##########################
## Hadolint config file ##
##########################
ignored:

View file

@ -14,6 +14,7 @@ FROM golangci/golangci-lint:v1.30.0 as golangci-lint
FROM yoheimuta/protolint:v0.26.0 as protolint FROM yoheimuta/protolint:v0.26.0 as protolint
FROM koalaman/shellcheck:v0.7.1 as shellcheck FROM koalaman/shellcheck:v0.7.1 as shellcheck
FROM wata727/tflint:0.18.0 as tflint FROM wata727/tflint:0.18.0 as tflint
FROM hadolint/hadolint:latest-alpine as dockerfile-lint
################## ##################
# Get base image # # Get base image #
@ -176,6 +177,11 @@ COPY --from=clj-kondo /usr/local/bin/clj-kondo /usr/bin/
################################ ################################
COPY --from=editorconfig-checker /usr/bin/ec /usr/bin/editorconfig-checker COPY --from=editorconfig-checker /usr/bin/ec /usr/bin/editorconfig-checker
###############################
# Install hadolint dockerfile #
###############################
COPY --from=dockerfile-lint /bin/hadolint /usr/bin/hadolint
################## ##################
# Install ktlint # # Install ktlint #
################## ##################
@ -247,6 +253,7 @@ ENV ACTIONS_RUNNER_DEBUG=${ACTIONS_RUNNER_DEBUG} \
VALIDATE_CSS=${VALIDATE_CSS} \ VALIDATE_CSS=${VALIDATE_CSS} \
VALIDATE_DART=${VALIDATE_DART} \ VALIDATE_DART=${VALIDATE_DART} \
VALIDATE_DOCKER=${VALIDATE_DOCKER} \ VALIDATE_DOCKER=${VALIDATE_DOCKER} \
VALIDATE_DOCKER_HADOLINT=${VALIDATE_DOCKER_HADOLINT} \
VALIDATE_EDITORCONFIG=${VALIDATE_EDITORCONFIG} \ VALIDATE_EDITORCONFIG=${VALIDATE_EDITORCONFIG} \
VALIDATE_ENV=${VALIDATE_ENV} \ VALIDATE_ENV=${VALIDATE_ENV} \
VALIDATE_GO=${VALIDATE_GO} \ VALIDATE_GO=${VALIDATE_GO} \

View file

@ -50,7 +50,7 @@ Developers on **GitHub** can call the **GitHub Action** to lint their code base
| **Clojure** | [clj-kondo](https://github.com/borkdude/clj-kondo) | | **Clojure** | [clj-kondo](https://github.com/borkdude/clj-kondo) |
| **CoffeeScript** | [coffeelint](https://coffeelint.github.io/) | | **CoffeeScript** | [coffeelint](https://coffeelint.github.io/) |
| **Dart** | [dartanalyzer](https://dart.dev/guides/language/analysis-options) | | **Dart** | [dartanalyzer](https://dart.dev/guides/language/analysis-options) |
| **Dockerfile** | [dockerfilelint](https://github.com/replicatedhq/dockerfilelint.git) | | **Dockerfile** | [dockerfilelint](https://github.com/replicatedhq/dockerfilelint.git) https://github.com/hadolint/hadolint |
| **EDITORCONFIG** | [editorconfig-checker](https://github.com/editorconfig-checker/editorconfig-checker) | | **EDITORCONFIG** | [editorconfig-checker](https://github.com/editorconfig-checker/editorconfig-checker) |
| **ENV** | [dotenv-linter](https://github.com/dotenv-linter/dotenv-linter) | | **ENV** | [dotenv-linter](https://github.com/dotenv-linter/dotenv-linter) |
| **Golang** | [golangci-lint](https://github.com/golangci/golangci-lint) | | **Golang** | [golangci-lint](https://github.com/golangci/golangci-lint) |
@ -196,6 +196,7 @@ and won't run anything unexpected.
| **VALIDATE_CSS** | `true` | Flag to enable or disable the linting process of the CSS language. | | **VALIDATE_CSS** | `true` | Flag to enable or disable the linting process of the CSS language. |
| **VALIDATE_DART** | `true` | Flag to enable or disable the linting process of the Dart language. | | **VALIDATE_DART** | `true` | Flag to enable or disable the linting process of the Dart language. |
| **VALIDATE_DOCKER** | `true` | Flag to enable or disable the linting process of the Docker language. | | **VALIDATE_DOCKER** | `true` | Flag to enable or disable the linting process of the Docker language. |
| **VALIDATE_DOCKER_HADOLINT** | `true` | Flag to enable or disable the linting process of the Docker language. |
| **VALIDATE_EDITORCONFIG** | `true` | Flag to enable or disable the linting process with the editorconfig. | | **VALIDATE_EDITORCONFIG** | `true` | Flag to enable or disable the linting process with the editorconfig. |
| **VALIDATE_ENV** | `true` | Flag to enable or disable the linting process of the ENV language. | | **VALIDATE_ENV** | `true` | Flag to enable or disable the linting process of the ENV language. |
| **VALIDATE_GO** | `true` | Flag to enable or disable the linting process of the Golang language. | | **VALIDATE_GO** | `true` | Flag to enable or disable the linting process of the Golang language. |

5
TEMPLATES/.hadolint.yml Normal file
View file

@ -0,0 +1,5 @@
---
##########################
## Hadolint config file ##
##########################
ignored:

View file

@ -23,6 +23,7 @@ For some linters it is also possible to override rules on a case by case level w
- [CSS](#css) - [CSS](#css)
- [Dart](#dart) - [Dart](#dart)
- [Dockerfile](#dockerfile) - [Dockerfile](#dockerfile)
- [Dockerfile](#dockerfile-hadolint)
- [EDITORCONFIG-CHECKER](#editorconfig-checker) - [EDITORCONFIG-CHECKER](#editorconfig-checker)
- [ENV](#env) - [ENV](#env)
- [Golang](#golang) - [Golang](#golang)
@ -295,6 +296,30 @@ analyzer:
--- ---
## Dockerfile-Hadolint
- [hadolint](https://github.com/hadolint/hadolint)
### Hadolint standard Config file
- `.github/linters/.hadolint.yml`
- You can pass multiple rules and overwrite default rules
- File should be located at: `.github/linters/.hadolint.yml`
### Hadolint disable single line
- There is currently **No** way to disable rules inline of the file(s)
### Hadolint disable code block
- There is currently **No** way to disable rules inline of the file(s)
### Hadolint disable entire file
- There is currently **No** way to disable rules inline of the file(s)
---
## EDITORCONFIG-CHECKER ## EDITORCONFIG-CHECKER
- [editorconfig-checker](https://github.com/editorconfig-checker/editorconfig-checker) - [editorconfig-checker](https://github.com/editorconfig-checker/editorconfig-checker)

View file

@ -46,8 +46,11 @@ CSS_LINTER_RULES="${DEFAULT_RULES_LOCATION}/${CSS_FILE_NAME}" # Path to the CSS
DART_FILE_NAME='analysis_options.yaml' # Name of the file DART_FILE_NAME='analysis_options.yaml' # Name of the file
DART_LINTER_RULES="${DEFAULT_RULES_LOCATION}/${DART_FILE_NAME}" # Path to the DART lint rules DART_LINTER_RULES="${DEFAULT_RULES_LOCATION}/${DART_FILE_NAME}" # Path to the DART lint rules
# Docker Vars # Docker Vars
DOCKER_FILE_NAME='.dockerfilelintrc' # Name of the file DOCKERFILE_NAME='.dockerfilelintrc' # Name of the file
DOCKER_LINTER_RULES="${DEFAULT_RULES_LOCATION}/${DOCKER_FILE_NAME}" # Path to the Docker lint rules DOCKERFILE_LINTER_RULES="${DEFAULT_RULES_LOCATION}/${DOCKERFILE_NAME}" # Path to the Docker lint rules
# Dockerfile Hadolint
DOCKERFILE_HADOLINT_NAME='.hadolint.yml' # Name of the file
DOCKERFILE_HADOLINT_LINTER_RULES="${DEFAULT_RULES_LOCATION}/${DOCKERFILE_HADOLINT_NAME}" # Path to the Docker lint rules
# Golang Vars # Golang Vars
GO_FILE_NAME='.golangci.yml' # Name of the file GO_FILE_NAME='.golangci.yml' # Name of the file
GO_LINTER_RULES="${DEFAULT_RULES_LOCATION}/${GO_FILE_NAME}" # Path to the Go lint rules GO_LINTER_RULES="${DEFAULT_RULES_LOCATION}/${GO_FILE_NAME}" # Path to the Go lint rules
@ -119,7 +122,7 @@ YAML_LINTER_RULES="${DEFAULT_RULES_LOCATION}/${YAML_FILE_NAME}" # Path to the ya
# Linter array for information prints # # Linter array for information prints #
####################################### #######################################
LINTER_ARRAY=('ansible-lint' 'arm-ttk' 'asl-validator' 'cfn-lint' 'clj-kondo' 'coffeelint' LINTER_ARRAY=('ansible-lint' 'arm-ttk' 'asl-validator' 'cfn-lint' 'clj-kondo' 'coffeelint'
'dart' 'dockerfilelint' 'dotenv-linter' 'eslint' 'flake8' 'golangci-lint' 'htmlhint' 'dart' 'dockerfilelint' 'dotenv-linter' 'eslint' 'flake8' 'golangci-lint' 'hadolint' 'htmlhint'
'jsonlint' 'ktlint' 'lua' 'markdownlint' 'npm-groovy-lint' 'perl' 'protolint' 'pwsh' 'jsonlint' 'ktlint' 'lua' 'markdownlint' 'npm-groovy-lint' 'perl' 'protolint' 'pwsh'
'pylint' 'raku' 'rubocop' 'shellcheck' 'spectral' 'standard' 'stylelint' 'terrascan' 'pylint' 'raku' 'rubocop' 'shellcheck' 'spectral' 'standard' 'stylelint' 'terrascan'
'tflint' 'xmllint' 'yamllint') 'tflint' 'xmllint' 'yamllint')
@ -128,7 +131,7 @@ LINTER_ARRAY=('ansible-lint' 'arm-ttk' 'asl-validator' 'cfn-lint' 'clj-kondo' 'c
# Language array for prints # # Language array for prints #
############################# #############################
LANGUAGE_ARRAY=('ANSIBLE' 'ARM' 'BASH' 'CLOUDFORMATION' 'CLOJURE' 'COFFEESCRIPT' 'CSS' LANGUAGE_ARRAY=('ANSIBLE' 'ARM' 'BASH' 'CLOUDFORMATION' 'CLOJURE' 'COFFEESCRIPT' 'CSS'
'DART' 'DOCKER' 'ENV' 'GO' 'GROOVY' 'HTML' 'JAVASCRIPT_ES' 'JAVASCRIPT_STANDARD' 'DART' 'DOCKERFILE' 'DOCKERFILE_HADOLINT' 'ENV' 'GO' 'GROOVY' 'HTML' 'JAVASCRIPT_ES' 'JAVASCRIPT_STANDARD'
'JSON' 'JSX' 'KOTLIN' 'LUA' 'MARKDOWN' 'OPENAPI' 'PERL' 'PHP_BUILTIN' 'PHP_PHPCS' 'JSON' 'JSX' 'KOTLIN' 'LUA' 'MARKDOWN' 'OPENAPI' 'PERL' 'PHP_BUILTIN' 'PHP_PHPCS'
'PHP_PHPSTAN' 'PHP_PSALM' 'POWERSHELL' 'PROTOBUF' 'PYTHON_PYLINT' 'PYTHON_FLAKE8' 'PHP_PHPSTAN' 'PHP_PSALM' 'POWERSHELL' 'PROTOBUF' 'PYTHON_PYLINT' 'PYTHON_FLAKE8'
'RAKU' 'RUBY' 'STATES' 'TERRAFORM' 'TERRAFORM_TERRASCAN' 'TSX' 'TYPESCRIPT_ES' 'RAKU' 'RUBY' 'STATES' 'TERRAFORM' 'TERRAFORM_TERRASCAN' 'TSX' 'TYPESCRIPT_ES'
@ -165,6 +168,7 @@ VALIDATE_COFFEE="${VALIDATE_COFFEE}" # Boolean t
VALIDATE_CSS="${VALIDATE_CSS}" # Boolean to validate language VALIDATE_CSS="${VALIDATE_CSS}" # Boolean to validate language
VALIDATE_DART="${VALIDATE_DART}" # Boolean to validate language VALIDATE_DART="${VALIDATE_DART}" # Boolean to validate language
VALIDATE_DOCKER="${VALIDATE_DOCKER}" # Boolean to validate language VALIDATE_DOCKER="${VALIDATE_DOCKER}" # Boolean to validate language
VALIDATE_DOCKER_HADOLINT="${VALIDATE_DOCKER_HADOLINT}" # Boolean to validate language
VALIDATE_EDITORCONFIG="${VALIDATE_EDITORCONFIG}" # Boolean to validate files with editorconfig VALIDATE_EDITORCONFIG="${VALIDATE_EDITORCONFIG}" # Boolean to validate files with editorconfig
VALIDATE_ENV="${VALIDATE_ENV}" # Boolean to validate language VALIDATE_ENV="${VALIDATE_ENV}" # Boolean to validate language
VALIDATE_GO="${VALIDATE_GO}" # Boolean to validate language VALIDATE_GO="${VALIDATE_GO}" # Boolean to validate language
@ -260,7 +264,8 @@ FILE_ARRAY_CLOJURE=() # Array of files to check
FILE_ARRAY_COFFEESCRIPT=() # Array of files to check FILE_ARRAY_COFFEESCRIPT=() # Array of files to check
FILE_ARRAY_CSS=() # Array of files to check FILE_ARRAY_CSS=() # Array of files to check
FILE_ARRAY_DART=() # Array of files to check FILE_ARRAY_DART=() # Array of files to check
FILE_ARRAY_DOCKER=() # Array of files to check FILE_ARRAY_DOCKERFILE=() # Array of files to check
FILE_ARRAY_DOCKERFILE_HADOLINT=() # Array of files to check
FILE_ARRAY_ENV=() # Array of files to check FILE_ARRAY_ENV=() # Array of files to check
FILE_ARRAY_GO=() # Array of files to check FILE_ARRAY_GO=() # Array of files to check
FILE_ARRAY_GROOVY=() # Array of files to check FILE_ARRAY_GROOVY=() # Array of files to check
@ -311,8 +316,10 @@ ERRORS_FOUND_COFFEESCRIPT=0 # Count of errors found
export ERRORS_FOUND_COFFEESCRIPT # Workaround SC2034 export ERRORS_FOUND_COFFEESCRIPT # Workaround SC2034
ERRORS_FOUND_DART=0 # Count of errors found ERRORS_FOUND_DART=0 # Count of errors found
export ERRORS_FOUND_DART # Workaround SC2034 export ERRORS_FOUND_DART # Workaround SC2034
ERRORS_FOUND_DOCKER=0 # Count of errors found ERRORS_FOUND_DOCKERFILE=0 # Count of errors found
export ERRORS_FOUND_DOCKER # Workaround SC2034 export ERRORS_FOUND_DOCKERFILE # Workaround SC2034
ERRORS_FOUND_DOCKERFILE_HADOLINT=0 # Count of errors found
export ERRORS_FOUND_DOCKERFILE_HADOLINT # Workaround SC2034
ERRORS_FOUND_ENV=0 # Count of errors found ERRORS_FOUND_ENV=0 # Count of errors found
export ERRORS_FOUND_ENV # Workaround SC2034 export ERRORS_FOUND_ENV # Workaround SC2034
ERRORS_FOUND_GO=0 # Count of errors found ERRORS_FOUND_GO=0 # Count of errors found
@ -1113,7 +1120,9 @@ GetLinterRules "CSS"
# Get DART rules # Get DART rules
GetLinterRules "DART" GetLinterRules "DART"
# Get Docker rules # Get Docker rules
GetLinterRules "DOCKER" GetLinterRules "DOCKERFILE"
# Get Docker rules
GetLinterRules "DOCKERFILE_HADOLINT"
# Get Golang rules # Get Golang rules
GetLinterRules "GO" GetLinterRules "GO"
# Get Groovy rules # Get Groovy rules
@ -1318,7 +1327,18 @@ if [ "${VALIDATE_DOCKER}" == "true" ]; then
######################### #########################
# LintCodebase "FILE_TYPE" "LINTER_NAME" "LINTER_CMD" "FILE_TYPES_REGEX" "FILE_ARRAY" # LintCodebase "FILE_TYPE" "LINTER_NAME" "LINTER_CMD" "FILE_TYPES_REGEX" "FILE_ARRAY"
# NOTE: dockerfilelint's "-c" option expects the folder *containing* the DOCKER_LINTER_RULES file # NOTE: dockerfilelint's "-c" option expects the folder *containing* the DOCKER_LINTER_RULES file
LintCodebase "DOCKER" "dockerfilelint" "dockerfilelint -c $(dirname ${DOCKER_LINTER_RULES})" ".*\(Dockerfile\)\$" "${FILE_ARRAY_DOCKER[@]}" LintCodebase "DOCKERFILE" "dockerfilelint" "dockerfilelint -c $(dirname ${DOCKERFILE_LINTER_RULES})" ".*\(Dockerfile\)\$" "${FILE_ARRAY_DOCKER[@]}"
fi
###########################
# DOCKER LINTING HADOLINT #
###########################
if [ "${VALIDATE_DOCKER_HADOLINT}" == "true" ]; then
#########################
# Lint the docker files #
#########################
# LintCodebase "FILE_TYPE" "LINTER_NAME" "LINTER_CMD" "FILE_TYPES_REGEX" "FILE_ARRAY"
LintCodebase "DOCKERFILE_HADOLINT" "hadolint" "hadolint -c ${DOCKERFILE_HADOLINT_LINTER_RULES}" ".*\(Dockerfile\)\$" "${FILE_ARRAY_DOCKER[@]}"
fi fi
######################## ########################

View file

@ -363,7 +363,7 @@ function TestCodebase() {
####################################### #######################################
# Check if docker and get folder name # # Check if docker and get folder name #
####################################### #######################################
if [[ ${FILE_TYPE} == "DOCKER" ]]; then if [[ ${FILE_TYPE} == *"DOCKER"* ]]; then
if [[ ${FILE} == *"good"* ]]; then if [[ ${FILE} == *"good"* ]]; then
############# #############
# Good file # # Good file #
@ -576,7 +576,8 @@ function RunTestCases() {
TestCodebase "COFFEESCRIPT" "coffeelint" "coffeelint -f ${COFFEESCRIPT_LINTER_RULES}" ".*\.\(coffee\)\$" "coffeescript" TestCodebase "COFFEESCRIPT" "coffeelint" "coffeelint -f ${COFFEESCRIPT_LINTER_RULES}" ".*\.\(coffee\)\$" "coffeescript"
TestCodebase "CSS" "stylelint" "stylelint --config ${CSS_LINTER_RULES}" ".*\.\(css\)\$" "css" TestCodebase "CSS" "stylelint" "stylelint --config ${CSS_LINTER_RULES}" ".*\.\(css\)\$" "css"
TestCodebase "DART" "dart" "dartanalyzer --fatal-infos --fatal-warnings --options ${DART_LINTER_RULES}" ".*\.\(dart\)\$" "dart" TestCodebase "DART" "dart" "dartanalyzer --fatal-infos --fatal-warnings --options ${DART_LINTER_RULES}" ".*\.\(dart\)\$" "dart"
TestCodebase "DOCKER" "dockerfilelint" "dockerfilelint -c ${DOCKER_LINTER_RULES}" ".*\(Dockerfile\)\$" "docker" TestCodebase "DOCKERFILE" "dockerfilelint" "dockerfilelint -c ${DOCKERFILE_LINTER_RULES}" ".*\(Dockerfile\)\$" "docker"
TestCodebase "DOCKERFILE_HADOLINT" "hadolint" "hadolint -c ${DOCKERFILE_HADOLINT_LINTER_RULES}" ".*\(Dockerfile\)\$" "docker"
TestCodebase "EDITORCONFIG" "editorconfig-checker" "editorconfig-checker" ".*\.ext$" "editorconfig-checker" TestCodebase "EDITORCONFIG" "editorconfig-checker" "editorconfig-checker" ".*\.ext$" "editorconfig-checker"
TestCodebase "ENV" "dotenv-linter" "dotenv-linter" ".*\.\(env\)\$" "env" TestCodebase "ENV" "dotenv-linter" "dotenv-linter" ".*\.\(env\)\$" "env"
TestCodebase "GO" "golangci-lint" "golangci-lint run -c ${GO_LINTER_RULES}" ".*\.\(go\)\$" "golang" TestCodebase "GO" "golangci-lint" "golangci-lint run -c ${GO_LINTER_RULES}" ".*\.\(go\)\$" "golang"