diff --git a/Dockerfile b/Dockerfile index fb496cd0..c523da57 100644 --- a/Dockerfile +++ b/Dockerfile @@ -14,6 +14,7 @@ FROM golangci/golangci-lint:v1.30.0 as golangci-lint FROM yoheimuta/protolint:v0.26.0 as protolint FROM koalaman/shellcheck:v0.7.1 as shellcheck FROM wata727/tflint:0.18.0 as tflint +FROM hadolint/hadolint:latest-alpine as dockerfile-lint ################## # Get base image # @@ -176,6 +177,11 @@ COPY --from=clj-kondo /usr/local/bin/clj-kondo /usr/bin/ ################################ COPY --from=editorconfig-checker /usr/bin/ec /usr/bin/editorconfig-checker +############################### +# Install hadolint dockerfile # +############################### +COPY --from=dockerfile-lint /bin/habolint /usr/bin/hadolint + ################## # Install ktlint # ################## diff --git a/README.md b/README.md index eec27ebb..1fefdd9a 100644 --- a/README.md +++ b/README.md @@ -50,7 +50,7 @@ Developers on **GitHub** can call the **GitHub Action** to lint their code base | **Clojure** | [clj-kondo](https://github.com/borkdude/clj-kondo) | | **CoffeeScript** | [coffeelint](https://coffeelint.github.io/) | | **Dart** | [dartanalyzer](https://dart.dev/guides/language/analysis-options) | -| **Dockerfile** | [dockerfilelint](https://github.com/replicatedhq/dockerfilelint.git) | +| **Dockerfile** | [dockerfilelint](https://github.com/replicatedhq/dockerfilelint.git) https://github.com/hadolint/hadolint | | **EDITORCONFIG** | [editorconfig-checker](https://github.com/editorconfig-checker/editorconfig-checker) | | **ENV** | [dotenv-linter](https://github.com/dotenv-linter/dotenv-linter) | | **Golang** | [golangci-lint](https://github.com/golangci/golangci-lint) | @@ -196,6 +196,7 @@ and won't run anything unexpected. | **VALIDATE_CSS** | `true` | Flag to enable or disable the linting process of the CSS language. | | **VALIDATE_DART** | `true` | Flag to enable or disable the linting process of the Dart language. | | **VALIDATE_DOCKER** | `true` | Flag to enable or disable the linting process of the Docker language. | +| **VALIDATE_DOCKER_HADOLINT** | `true` | Flag to enable or disable the linting process of the Docker language. | | **VALIDATE_EDITORCONFIG** | `true` | Flag to enable or disable the linting process with the editorconfig. | | **VALIDATE_ENV** | `true` | Flag to enable or disable the linting process of the ENV language. | | **VALIDATE_GO** | `true` | Flag to enable or disable the linting process of the Golang language. | diff --git a/TEMPLATES/.hadolint.yaml b/TEMPLATES/.hadolint.yaml new file mode 100644 index 00000000..b408c6b2 --- /dev/null +++ b/TEMPLATES/.hadolint.yaml @@ -0,0 +1,5 @@ +--- +########################## +## Hadolint config file ## +########################## +ignored: diff --git a/lib/linter.sh b/lib/linter.sh index e044726d..1dc13423 100755 --- a/lib/linter.sh +++ b/lib/linter.sh @@ -46,8 +46,11 @@ CSS_LINTER_RULES="${DEFAULT_RULES_LOCATION}/${CSS_FILE_NAME}" # Path to the CSS DART_FILE_NAME='analysis_options.yaml' # Name of the file DART_LINTER_RULES="${DEFAULT_RULES_LOCATION}/${DART_FILE_NAME}" # Path to the DART lint rules # Docker Vars -DOCKER_FILE_NAME='.dockerfilelintrc' # Name of the file -DOCKER_LINTER_RULES="${DEFAULT_RULES_LOCATION}/${DOCKER_FILE_NAME}" # Path to the Docker lint rules +DOCKERFILE_NAME='.dockerfilelintrc' # Name of the file +DOCKERFILE_LINTER_RULES="${DEFAULT_RULES_LOCATION}/${DOCKERFILE_NAME}" # Path to the Docker lint rules +# Dockerfile Hadolint +DOCKERFILE_HADOLINT_NAME='.hadolint.yml' # Name of the file +DOCKERFILE_HADOLINT_LINTER_RULES="${DEFAULT_RULES_LOCATION}/${DOCKERFILE_HADOLINT_NAME}" # Path to the Docker lint rules # Golang Vars GO_FILE_NAME='.golangci.yml' # Name of the file GO_LINTER_RULES="${DEFAULT_RULES_LOCATION}/${GO_FILE_NAME}" # Path to the Go lint rules @@ -119,7 +122,7 @@ YAML_LINTER_RULES="${DEFAULT_RULES_LOCATION}/${YAML_FILE_NAME}" # Path to the ya # Linter array for information prints # ####################################### LINTER_ARRAY=('ansible-lint' 'arm-ttk' 'asl-validator' 'cfn-lint' 'clj-kondo' 'coffeelint' - 'dart' 'dockerfilelint' 'dotenv-linter' 'eslint' 'flake8' 'golangci-lint' 'htmlhint' + 'dart' 'dockerfilelint' 'dotenv-linter' 'eslint' 'flake8' 'golangci-lint' 'hadolint' 'htmlhint' 'jsonlint' 'ktlint' 'lua' 'markdownlint' 'npm-groovy-lint' 'perl' 'protolint' 'pwsh' 'pylint' 'raku' 'rubocop' 'shellcheck' 'spectral' 'standard' 'stylelint' 'terrascan' 'tflint' 'xmllint' 'yamllint') @@ -128,7 +131,7 @@ LINTER_ARRAY=('ansible-lint' 'arm-ttk' 'asl-validator' 'cfn-lint' 'clj-kondo' 'c # Language array for prints # ############################# LANGUAGE_ARRAY=('ANSIBLE' 'ARM' 'BASH' 'CLOUDFORMATION' 'CLOJURE' 'COFFEESCRIPT' 'CSS' - 'DART' 'DOCKER' 'ENV' 'GO' 'GROOVY' 'HTML' 'JAVASCRIPT_ES' 'JAVASCRIPT_STANDARD' + 'DART' 'DOCKERFILE' 'DOCKERFILE_HADOLINT' 'ENV' 'GO' 'GROOVY' 'HTML' 'JAVASCRIPT_ES' 'JAVASCRIPT_STANDARD' 'JSON' 'JSX' 'KOTLIN' 'LUA' 'MARKDOWN' 'OPENAPI' 'PERL' 'PHP_BUILTIN' 'PHP_PHPCS' 'PHP_PHPSTAN' 'PHP_PSALM' 'POWERSHELL' 'PROTOBUF' 'PYTHON_PYLINT' 'PYTHON_FLAKE8' 'RAKU' 'RUBY' 'STATES' 'TERRAFORM' 'TERRAFORM_TERRASCAN' 'TSX' 'TYPESCRIPT_ES' @@ -165,6 +168,7 @@ VALIDATE_COFFEE="${VALIDATE_COFFEE}" # Boolean t VALIDATE_CSS="${VALIDATE_CSS}" # Boolean to validate language VALIDATE_DART="${VALIDATE_DART}" # Boolean to validate language VALIDATE_DOCKER="${VALIDATE_DOCKER}" # Boolean to validate language +VALIDATE_DOCKER_HADOLINT="${VALIDATE_DOCKER_HADOLINT}" # Boolean to validate language VALIDATE_EDITORCONFIG="${VALIDATE_EDITORCONFIG}" # Boolean to validate files with editorconfig VALIDATE_ENV="${VALIDATE_ENV}" # Boolean to validate language VALIDATE_GO="${VALIDATE_GO}" # Boolean to validate language @@ -260,7 +264,8 @@ FILE_ARRAY_CLOJURE=() # Array of files to check FILE_ARRAY_COFFEESCRIPT=() # Array of files to check FILE_ARRAY_CSS=() # Array of files to check FILE_ARRAY_DART=() # Array of files to check -FILE_ARRAY_DOCKER=() # Array of files to check +FILE_ARRAY_DOCKERFILE=() # Array of files to check +FILE_ARRAY_DOCKERFILE_HADOLINT=() # Array of files to check FILE_ARRAY_ENV=() # Array of files to check FILE_ARRAY_GO=() # Array of files to check FILE_ARRAY_GROOVY=() # Array of files to check @@ -311,8 +316,10 @@ ERRORS_FOUND_COFFEESCRIPT=0 # Count of errors found export ERRORS_FOUND_COFFEESCRIPT # Workaround SC2034 ERRORS_FOUND_DART=0 # Count of errors found export ERRORS_FOUND_DART # Workaround SC2034 -ERRORS_FOUND_DOCKER=0 # Count of errors found -export ERRORS_FOUND_DOCKER # Workaround SC2034 +ERRORS_FOUND_DOCKERFILE=0 # Count of errors found +export ERRORS_FOUND_DOCKERFILE # Workaround SC2034 +ERRORS_FOUND_DOCKERFILE_HADOLINT=0 # Count of errors found +export ERRORS_FOUND_DOCKERFILE_HADOLINT # Workaround SC2034 ERRORS_FOUND_ENV=0 # Count of errors found export ERRORS_FOUND_ENV # Workaround SC2034 ERRORS_FOUND_GO=0 # Count of errors found @@ -1318,7 +1325,18 @@ if [ "${VALIDATE_DOCKER}" == "true" ]; then ######################### # LintCodebase "FILE_TYPE" "LINTER_NAME" "LINTER_CMD" "FILE_TYPES_REGEX" "FILE_ARRAY" # NOTE: dockerfilelint's "-c" option expects the folder *containing* the DOCKER_LINTER_RULES file - LintCodebase "DOCKER" "dockerfilelint" "dockerfilelint -c $(dirname ${DOCKER_LINTER_RULES})" ".*\(Dockerfile\)\$" "${FILE_ARRAY_DOCKER[@]}" + LintCodebase "DOCKER" "dockerfilelint" "dockerfilelint -c $(dirname ${DOCKERFILE_LINTER_RULES})" ".*\(Dockerfile\)\$" "${FILE_ARRAY_DOCKER[@]}" +fi + +########################### +# DOCKER LINTING HADOLINT # +########################### +if [ "${VALIDATE_DOCKER_HADOLINT}" == "true" ]; then + ######################### + # Lint the docker files # + ######################### + # LintCodebase "FILE_TYPE" "LINTER_NAME" "LINTER_CMD" "FILE_TYPES_REGEX" "FILE_ARRAY" + LintCodebase "DOCKER" "hadolint" "hadolint -c ${DOCKERFILE_HADOLINT_LINTER_RULES}" ".*\(Dockerfile\)\$" "${FILE_ARRAY_DOCKER[@]}" fi ######################## diff --git a/lib/worker.sh b/lib/worker.sh index 3cde38b6..45b8e8a4 100755 --- a/lib/worker.sh +++ b/lib/worker.sh @@ -576,7 +576,8 @@ function RunTestCases() { TestCodebase "COFFEESCRIPT" "coffeelint" "coffeelint -f ${COFFEESCRIPT_LINTER_RULES}" ".*\.\(coffee\)\$" "coffeescript" TestCodebase "CSS" "stylelint" "stylelint --config ${CSS_LINTER_RULES}" ".*\.\(css\)\$" "css" TestCodebase "DART" "dart" "dartanalyzer --fatal-infos --fatal-warnings --options ${DART_LINTER_RULES}" ".*\.\(dart\)\$" "dart" - TestCodebase "DOCKER" "dockerfilelint" "dockerfilelint -c ${DOCKER_LINTER_RULES}" ".*\(Dockerfile\)\$" "docker" + TestCodebase "DOCKER" "dockerfilelint" "dockerfilelint -c ${DOCKERFILE_LINTER_RULES}" ".*\(Dockerfile\)\$" "docker" + TestCodebase "DOCKER" "hadolint" "hadolint -c ${DOCKERFILE_HADOLINT_LINTER_RULES}" ".*\(Dockerfile\)\$" "docker" TestCodebase "EDITORCONFIG" "editorconfig-checker" "editorconfig-checker" ".*\.ext$" "editorconfig-checker" TestCodebase "ENV" "dotenv-linter" "dotenv-linter" ".*\.\(env\)\$" "env" TestCodebase "GO" "golangci-lint" "golangci-lint run -c ${GO_LINTER_RULES}" ".*\.\(go\)\$" "golang"