From aa70df94a2a309104631a7c9bd36f998580c59cb Mon Sep 17 00:00:00 2001 From: offa Date: Tue, 22 Mar 2022 11:40:08 +0100 Subject: [PATCH 01/52] Fix typo in inputs --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 355c85d..ca81eea 100644 --- a/README.md +++ b/README.md @@ -50,7 +50,7 @@ steps: | | severity | | | ignore | Space separated list of Hadolint rules to | | | | ignore. | | -| trusted-resgitries | List of urls of trusted registries | | +| trusted-registries | List of urls of trusted registries | | ## Hadolint Configuration From 37f399667b624b594536d3dffa11cbc46d95c349 Mon Sep 17 00:00:00 2001 From: offa Date: Tue, 22 Mar 2022 11:44:03 +0100 Subject: [PATCH 02/52] Fix markdown --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index ca81eea..57d4a3e 100644 --- a/README.md +++ b/README.md @@ -65,6 +65,7 @@ Contributions are what make the open source community such an amazing place to b 3. Commit your Changes (`git commit -m 'Add some AmazingFeature'`) 4. Push to the Branch (`git push origin feature/AmazingFeature`) 5. Open a Pull Request + ## 💛 Support the project If this project was useful to you in some form, We would be glad to have your support. It will help keeping the project alive. From 63666e594d2012fe7ba9d06d80efbbad3d8fd440 Mon Sep 17 00:00:00 2001 From: Paul Barton <28630076+paulbarton90@users.noreply.github.com> Date: Thu, 24 Mar 2022 12:57:02 +0000 Subject: [PATCH 03/52] Apply exit code to hadolint.sh --- hadolint.sh | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/hadolint.sh b/hadolint.sh index cb4df62..b8a9911 100755 --- a/hadolint.sh +++ b/hadolint.sh @@ -27,16 +27,19 @@ if [ -n "$HADOLINT_OUTPUT" ]; then OUTPUT=" | tee $HADOLINT_OUTPUT" fi +FAILED=0 if [ "$HADOLINT_RECURSIVE" = "true" ]; then shopt -s globstar filename="${!#}" flags="${@:1:$#-1}" - hadolint $HADOLINT_CONFIG $flags **/$filename $OUTPUT + hadolint $HADOLINT_CONFIG $flags **/$filename $OUTPUT || FAILED=1 else # shellcheck disable=SC2086 - hadolint $HADOLINT_CONFIG "$@" $OUTPUT + hadolint $HADOLINT_CONFIG "$@" $OUTPUT || FAILED=1 fi [ -z "$HADOLINT_OUTPUT" ] || echo "Hadolint output saved to: $HADOLINT_OUTPUT" + +exit $FAILED From d2b4ab26ff853b589562d13adaafdc9b1b448bef Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jos=C3=A9=20Lorenzo=20Rodr=C3=ADguez?= Date: Thu, 24 Mar 2022 15:02:38 +0100 Subject: [PATCH 04/52] don't fail in CI tests --- .github/workflows/ci.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 84ea826..086fb43 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -43,6 +43,7 @@ jobs: uses: ./ with: dockerfile: testdata/Dockerfile + no-fail: true - name: Run integration test 2 - ignore a rule # This step is supposed to print out an info level rule violation From bc86787e1972382e2e524170a0b5481bce5b24a4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jos=C3=A9=20Lorenzo=20Rodr=C3=ADguez?= Date: Thu, 24 Mar 2022 15:18:44 +0100 Subject: [PATCH 05/52] bump Hadolint version --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 8c7638b..57da5f5 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM hadolint/hadolint:v2.9.2-debian +FROM hadolint/hadolint:v2.9.3-debian COPY LICENSE README.md problem-matcher.json / COPY hadolint.sh /usr/local/bin/hadolint.sh From e8cde77aa057b2bef05bb3ef290afa214b349602 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jos=C3=A9=20Lorenzo=20Rodr=C3=ADguez?= Date: Thu, 24 Mar 2022 15:28:03 +0100 Subject: [PATCH 06/52] avoid failing on missing trusted registries --- hadolint.sh | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/hadolint.sh b/hadolint.sh index b8a9911..f0fd926 100755 --- a/hadolint.sh +++ b/hadolint.sh @@ -19,6 +19,10 @@ if [ -n "$HADOLINT_CONFIG" ]; then HADOLINT_CONFIG="-c ${HADOLINT_CONFIG}" fi +if [ -z "$HADOLINT_TRUSTED_REGISTRIES" ]; then + unset HADOLINT_TRUSTED_REGISTRIES; +fi + OUTPUT= if [ -n "$HADOLINT_OUTPUT" ]; then if [ -f "$HADOLINT_OUTPUT" ]; then From 9a555bc2d4ce551b90ad67f294eef541ea486211 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jos=C3=A9=20Lorenzo=20Rodr=C3=ADguez?= Date: Thu, 24 Mar 2022 15:29:17 +0100 Subject: [PATCH 07/52] run all tests properly --- .github/workflows/ci.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 086fb43..84ea826 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -43,7 +43,6 @@ jobs: uses: ./ with: dockerfile: testdata/Dockerfile - no-fail: true - name: Run integration test 2 - ignore a rule # This step is supposed to print out an info level rule violation From 0b08ca228dfaedbf8c28837a18c11218f0ec6e85 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jos=C3=A9=20Lorenzo=20Rodr=C3=ADguez?= Date: Thu, 24 Mar 2022 15:32:24 +0100 Subject: [PATCH 08/52] fix path --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 84ea826..23904fd 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -82,7 +82,7 @@ jobs: with: dockerfile: testdata/warning.Dockerfile format: sarif - output-file: /report.sarif + output-file: report.sarif release: if: github.event_name == 'push' && github.ref == 'refs/heads/master' From 0a6d062e780d218ea909a18365e0ab2e36d09612 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jos=C3=A9=20Lorenzo=20Rodr=C3=ADguez?= Date: Thu, 24 Mar 2022 15:36:08 +0100 Subject: [PATCH 09/52] disable broken test --- .github/workflows/ci.yml | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 23904fd..f80523d 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -76,13 +76,13 @@ jobs: dockerfile: testdata/warning.Dockerfile config: testdata/hadolint.yaml - - name: Run integration test 6 - output to file - # This step will never fail, but will print out rule violations. - uses: ./ - with: - dockerfile: testdata/warning.Dockerfile - format: sarif - output-file: report.sarif + #- name: Run integration test 6 - output to file + # # This step will never fail, but will print out rule violations. + # uses: ./ + # with: + # dockerfile: testdata/warning.Dockerfile + # format: sarif + # output-file: report.sarif release: if: github.event_name == 'push' && github.ref == 'refs/heads/master' From 8a428b481548d64b03c26b46529ce1da982d6aff Mon Sep 17 00:00:00 2001 From: Mike Nye Date: Fri, 25 Mar 2022 13:07:15 +0800 Subject: [PATCH 10/52] prettify readme --- README.md | 45 +++++++++++++++++---------------------------- 1 file changed, 17 insertions(+), 28 deletions(-) diff --git a/README.md b/README.md index 57d4a3e..a882421 100644 --- a/README.md +++ b/README.md @@ -23,34 +23,23 @@ steps: ## Inputs -| Name | Description | Default | -|------------------- |------------------------------------------ |----------------- | -| dockerfile | The path to the Dockerfile to be tested | ./Dockerfile | -| recursive | Search for specified dockerfile | false | -| | recursively, from the project root | | -| config | Custom path to a Hadolint config file | ./.hadolint.yaml | -| output-file | A sub-path where to save the | | -| | output as a file to | | -| no-color | Don't create colored output | | -| no-fail | Never fail the action | | -| verbose | Output more information | | -| format | The output format. One of [tty \| json \| | tty | -| | checkstyle \| codeclimate \| | | -| | gitlab_codeclimate \| codacy \| sarif] | | -| failure-threshold | Rule severity threshold for pipeline | info | -| | failure. One of [error \| warning \| | | -| | info \| style \| ignore] | | -| override-error | List of rules to treat with 'error' | | -| | severity | | -| override-warning | List of rules to treat with 'warning' | | -| | severity | | -| override-info | List of rules to treat with 'info' | | -| | severity | | -| override-style | List of rules to treat with 'style' | | -| | severity | | -| ignore | Space separated list of Hadolint rules to | | -| | ignore. | | -| trusted-registries | List of urls of trusted registries | | +| Name | Description | Default | +|----------------------|-----------------------------------------------------------------------------------------------------------------------------------------|--------------------| +| `dockerfile` | The path to the Dockerfile to be tested | `./Dockerfile` | +| `recursive` | Search for specified dockerfile
recursively, from the project root | `false` | +| `config` | Custom path to a Hadolint config file | `./.hadolint.yaml` | +| `output-file` | A sub-path where to save the
output as a file to | | +| `no-color` | Don't create colored output | | +| `no-fail` | Never fail the action | | +| `verbose` | Output more information | | +| `format` | The output format. One of [`tty` \| `json` \|
`checkstyle` \| `codeclimate` \|
`gitlab_codeclimate` \| `codacy` \| `sarif`] | `tty` | +| `failure-threshold` | Rule severity threshold for pipeline
failure. One of [`error` \| `warning` \|
`info` \| `style` \| `ignore`] | `info` | +| `override-error` | List of rules to treat with `error` severity | | +| `override-warning` | List of rules to treat with `warning` severity | | +| `override-info` | List of rules to treat with `info` severity | | +| `override-style` | List of rules to treat with `style` severity | | +| `ignore` | Comma separated list of Hadolint rules to ignore. | | +| `trusted-registries` | List of urls of trusted registries | | ## Hadolint Configuration From 89e60e486833059dfeb56997efe2375d33c7525e Mon Sep 17 00:00:00 2001 From: Mike Nye Date: Fri, 25 Mar 2022 13:09:48 +0800 Subject: [PATCH 11/52] more info for inputs --- README.md | 17 ++++++++--------- 1 file changed, 8 insertions(+), 9 deletions(-) diff --git a/README.md b/README.md index a882421..67f6b00 100644 --- a/README.md +++ b/README.md @@ -6,7 +6,6 @@ [![License](https://img.shields.io/badge/License-MIT-yellow.svg?style=for-the-badge)](LICENSE) [![Commitizen friendly](https://img.shields.io/badge/commitizen-friendly-brightgreen.svg?style=for-the-badge)](http://commitizen.github.io/cz-cli/) [![semantic-release](https://img.shields.io/badge/%20%20%F0%9F%93%A6%F0%9F%9A%80-semantic--release-e10079.svg?style=for-the-badge)](https://github.com/semantic-release/semantic-release?style=for-the-badge) - [![GitHub Workflow Status](https://img.shields.io/github/workflow/status/hadolint/hadolint-action/CI?style=for-the-badge)](https://github.com/hadolint/hadolint-action/action) ## Usage @@ -29,17 +28,17 @@ steps: | `recursive` | Search for specified dockerfile
recursively, from the project root | `false` | | `config` | Custom path to a Hadolint config file | `./.hadolint.yaml` | | `output-file` | A sub-path where to save the
output as a file to | | -| `no-color` | Don't create colored output | | -| `no-fail` | Never fail the action | | -| `verbose` | Output more information | | +| `no-color` | Don't create colored output (`true`/`false`) | | +| `no-fail` | Never fail the action (`true`/`false`) | | +| `verbose` | Output more information (`true`/`false`) | | | `format` | The output format. One of [`tty` \| `json` \|
`checkstyle` \| `codeclimate` \|
`gitlab_codeclimate` \| `codacy` \| `sarif`] | `tty` | | `failure-threshold` | Rule severity threshold for pipeline
failure. One of [`error` \| `warning` \|
`info` \| `style` \| `ignore`] | `info` | -| `override-error` | List of rules to treat with `error` severity | | -| `override-warning` | List of rules to treat with `warning` severity | | -| `override-info` | List of rules to treat with `info` severity | | -| `override-style` | List of rules to treat with `style` severity | | +| `override-error` | Comma separated list of rules to treat with `error` severity | | +| `override-warning` | Comma separated list of rules to treat with `warning` severity | | +| `override-info` | Comma separated list of rules to treat with `info` severity | | +| `override-style` | Comma separated list of rules to treat with `style` severity | | | `ignore` | Comma separated list of Hadolint rules to ignore. | | -| `trusted-registries` | List of urls of trusted registries | | +| `trusted-registries` | Comma separated list of urls of trusted registries | | ## Hadolint Configuration From 83b3de1e17b6142475e2db4b6f3b77541cc28902 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jos=C3=A9=20Lorenzo=20Rodr=C3=ADguez?= Date: Fri, 25 Mar 2022 10:31:04 +0100 Subject: [PATCH 12/52] fix example --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 67f6b00..84b3c0b 100644 --- a/README.md +++ b/README.md @@ -15,7 +15,7 @@ Add the following step to your workflow configuration: ```yml steps: - uses: actions/checkout@v2 - - uses: hadolint/hadolint-action@v1.6.0 + - uses: hadolint/hadolint-action@v2.0.0 with: dockerfile: Dockerfile ``` From bc289f2eaa84c94cc5686b19f6e9d69696dcee46 Mon Sep 17 00:00:00 2001 From: Harm Weites Date: Thu, 31 Mar 2022 09:51:31 +0200 Subject: [PATCH 13/52] feat: use 'set-output name=results' This will introduce a parameter with name results that holds the hadolint output. Other steps in a workflow can make use of this. Also fix an error with the piping to tee that was broken. --- hadolint.sh | 23 ++++++++++++----------- 1 file changed, 12 insertions(+), 11 deletions(-) diff --git a/hadolint.sh b/hadolint.sh index f0fd926..e33a516 100755 --- a/hadolint.sh +++ b/hadolint.sh @@ -23,25 +23,26 @@ if [ -z "$HADOLINT_TRUSTED_REGISTRIES" ]; then unset HADOLINT_TRUSTED_REGISTRIES; fi -OUTPUT= -if [ -n "$HADOLINT_OUTPUT" ]; then - if [ -f "$HADOLINT_OUTPUT" ]; then - HADOLINT_OUTPUT="$TMP_FOLDER/$HADOLINT_OUTPUT" - fi - OUTPUT=" | tee $HADOLINT_OUTPUT" -fi - -FAILED=0 if [ "$HADOLINT_RECURSIVE" = "true" ]; then shopt -s globstar filename="${!#}" flags="${@:1:$#-1}" - hadolint $HADOLINT_CONFIG $flags **/$filename $OUTPUT || FAILED=1 + RESULTS=$(hadolint $HADOLINT_CONFIG $flags **/$filename) else # shellcheck disable=SC2086 - hadolint $HADOLINT_CONFIG "$@" $OUTPUT || FAILED=1 + RESULTS=$(hadolint $HADOLINT_CONFIG "$@") +fi +FAILED=$? + +echo "::set-output name=results::$RESULTS" + +if [ -n "$HADOLINT_OUTPUT" ]; then + if [ -f "$HADOLINT_OUTPUT" ]; then + HADOLINT_OUTPUT="$TMP_FOLDER/$HADOLINT_OUTPUT" + fi + echo "$RESULTS" > $HADOLINT_OUTPUT fi [ -z "$HADOLINT_OUTPUT" ] || echo "Hadolint output saved to: $HADOLINT_OUTPUT" From 1878581f63e113f9d829e91aca18c064d776b631 Mon Sep 17 00:00:00 2001 From: Harm Weites Date: Thu, 31 Mar 2022 09:56:25 +0200 Subject: [PATCH 14/52] chore: fix typos --- Makefile | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/Makefile b/Makefile index 32cdadb..a35729b 100644 --- a/Makefile +++ b/Makefile @@ -1,7 +1,7 @@ IMAGE_NAME:=hadolint-action -lint-dockerfile: ## Runs hadoint against application dockerfile +lint-dockerfile: ## Runs hadolint against application dockerfile @docker run --rm -v "$(PWD):/data" -w "/data" hadolint/hadolint hadolint Dockerfile lint-yaml: ## Lints yaml configurations @@ -12,8 +12,8 @@ build: ## Builds the docker image test: build ## Runs a test in the image @docker run -i --rm \ - -v /var/run/docker.sock:/var/run/docker.sock \ - -v ${PWD}:/test zemanlx/container-structure-test:v1.8.0-alpine \ + -v /var/run/docker.sock:/var/run/docker.sock \ + -v ${PWD}:/test zemanlx/container-structure-test:v1.8.0-alpine \ test \ --image $(IMAGE_NAME) \ --config test/structure-tests.yaml From 262f40397810c1a01998430f38b17cd9a7697707 Mon Sep 17 00:00:00 2001 From: Harm Weites Date: Thu, 31 Mar 2022 09:57:07 +0200 Subject: [PATCH 15/52] chore: add simple integration test --- .github/workflows/ci.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index f80523d..2d6db56 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -71,11 +71,16 @@ jobs: - name: Run integration test 5 - output format # This step will never fail, but will print out rule violations. + id: hadolint5 uses: ./ with: dockerfile: testdata/warning.Dockerfile config: testdata/hadolint.yaml + - name: Run integration test 6 - verify results output parameter + # This step will never fail, but will print out the results from step5 + run: echo {{ steps.hadolint5.outputs.results }} + #- name: Run integration test 6 - output to file # # This step will never fail, but will print out rule violations. # uses: ./ From 8ea032569b24dae3bbdf98a0029fbc1fbb51f067 Mon Sep 17 00:00:00 2001 From: Harm Weites Date: Thu, 31 Mar 2022 10:01:01 +0200 Subject: [PATCH 16/52] chore: empty commit to trigger ci From 0c7fcaa67b450ad5a798c9041387d29625497353 Mon Sep 17 00:00:00 2001 From: Harm Weites Date: Thu, 31 Mar 2022 10:03:56 +0200 Subject: [PATCH 17/52] chore: typo --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 2d6db56..78cbad4 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -79,7 +79,7 @@ jobs: - name: Run integration test 6 - verify results output parameter # This step will never fail, but will print out the results from step5 - run: echo {{ steps.hadolint5.outputs.results }} + run: echo ${{ steps.hadolint5.outputs.results }} #- name: Run integration test 6 - output to file # # This step will never fail, but will print out rule violations. From e3462c378d887a5572c5a13c7a7b4e254dcfa226 Mon Sep 17 00:00:00 2001 From: Harm Weites Date: Thu, 31 Mar 2022 10:08:14 +0200 Subject: [PATCH 18/52] chore: quotes to not parse it by mistake --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 78cbad4..5af4b0d 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -79,7 +79,7 @@ jobs: - name: Run integration test 6 - verify results output parameter # This step will never fail, but will print out the results from step5 - run: echo ${{ steps.hadolint5.outputs.results }} + run: echo "${{ steps.hadolint5.outputs.results }}" #- name: Run integration test 6 - output to file # # This step will never fail, but will print out rule violations. From a8bbf351c01209b4ebd877e26005e8929054dcdb Mon Sep 17 00:00:00 2001 From: Harm Weites Date: Thu, 31 Mar 2022 10:31:29 +0200 Subject: [PATCH 19/52] chore: update PR with text as test of results --- .github/workflows/ci.yml | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 5af4b0d..87d9e3b 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -81,6 +81,26 @@ jobs: # This step will never fail, but will print out the results from step5 run: echo "${{ steps.hadolint5.outputs.results }}" + - name: Update Pull Request + uses: actions/github-script@v6 + if: github.event_name == 'pull_request' + with: + script: | + const output = ` + #### Hadolint: \`${{ steps.hadolint.outcome }}\` + _output from integration test 5_ + \`\`\` + ${{ steps.hadolint5.outputs.results }} + \`\`\` + `; + + github.rest.issues.createComment({ + issue_number: context.issue.number, + owner: context.repo.owner, + repo: context.repo.repo, + body: output + }) + #- name: Run integration test 6 - output to file # # This step will never fail, but will print out rule violations. # uses: ./ From 5fc1b0e2fbe6dd3e10bb58342a65dd14a3e17282 Mon Sep 17 00:00:00 2001 From: Harm Weites Date: Thu, 31 Mar 2022 11:14:55 +0200 Subject: [PATCH 20/52] chore: escape backticks in results var --- hadolint.sh | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/hadolint.sh b/hadolint.sh index e33a516..c08c64b 100755 --- a/hadolint.sh +++ b/hadolint.sh @@ -36,8 +36,6 @@ else fi FAILED=$? -echo "::set-output name=results::$RESULTS" - if [ -n "$HADOLINT_OUTPUT" ]; then if [ -f "$HADOLINT_OUTPUT" ]; then HADOLINT_OUTPUT="$TMP_FOLDER/$HADOLINT_OUTPUT" @@ -45,6 +43,9 @@ if [ -n "$HADOLINT_OUTPUT" ]; then echo "$RESULTS" > $HADOLINT_OUTPUT fi +RESULTS="${RESULTS//\`/\\\`}" +echo "::set-output name=results::$RESULTS" + [ -z "$HADOLINT_OUTPUT" ] || echo "Hadolint output saved to: $HADOLINT_OUTPUT" exit $FAILED From 1dd44fc4932800c5a933bcddee6437a2750ec005 Mon Sep 17 00:00:00 2001 From: Harm Weites Date: Thu, 31 Mar 2022 12:45:58 +0200 Subject: [PATCH 21/52] chore: fix issue with multiline strings in output Looking at [1] this should do some magic, so let's see. [1] https://github.community/t/set-output-truncates-multiline-strings/16852 --- hadolint.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hadolint.sh b/hadolint.sh index c08c64b..56aa1e2 100755 --- a/hadolint.sh +++ b/hadolint.sh @@ -43,7 +43,7 @@ if [ -n "$HADOLINT_OUTPUT" ]; then echo "$RESULTS" > $HADOLINT_OUTPUT fi -RESULTS="${RESULTS//\`/\\\`}" +RESULTS="${RESULTS//$'\\n'/''}" echo "::set-output name=results::$RESULTS" [ -z "$HADOLINT_OUTPUT" ] || echo "Hadolint output saved to: $HADOLINT_OUTPUT" From 652bc66203a03ad8b31557e3e24ae3443232cd34 Mon Sep 17 00:00:00 2001 From: Harm Weites Date: Thu, 31 Mar 2022 12:49:42 +0200 Subject: [PATCH 22/52] chore: also push results to env var --- hadolint.sh | 2 ++ 1 file changed, 2 insertions(+) diff --git a/hadolint.sh b/hadolint.sh index 56aa1e2..cb8503a 100755 --- a/hadolint.sh +++ b/hadolint.sh @@ -46,6 +46,8 @@ fi RESULTS="${RESULTS//$'\\n'/''}" echo "::set-output name=results::$RESULTS" +{ echo "HADOLINT_RESULTS<> $GITHUB_ENV + [ -z "$HADOLINT_OUTPUT" ] || echo "Hadolint output saved to: $HADOLINT_OUTPUT" exit $FAILED From a78be8d38674394a7833bd45b59f37243618d966 Mon Sep 17 00:00:00 2001 From: Harm Weites Date: Thu, 31 Mar 2022 12:52:56 +0200 Subject: [PATCH 23/52] chore: use env var --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 87d9e3b..8cad972 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -90,7 +90,7 @@ jobs: #### Hadolint: \`${{ steps.hadolint.outcome }}\` _output from integration test 5_ \`\`\` - ${{ steps.hadolint5.outputs.results }} + ${process.env.HADOLINT_RESULTS} \`\`\` `; From 724e05f46b0c0a5d951dd0e3605d1abf2fffd069 Mon Sep 17 00:00:00 2001 From: Harm Weites Date: Thu, 31 Mar 2022 12:57:54 +0200 Subject: [PATCH 24/52] chore: typo in step id --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 8cad972..311b9ab 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -87,7 +87,7 @@ jobs: with: script: | const output = ` - #### Hadolint: \`${{ steps.hadolint.outcome }}\` + #### Hadolint: \`${{ steps.hadolint5.outcome }}\` _output from integration test 5_ \`\`\` ${process.env.HADOLINT_RESULTS} From 2faf5c6ef4f398f4c20b20759d5b0acb13fff853 Mon Sep 17 00:00:00 2001 From: Harm Weites Date: Thu, 31 Mar 2022 14:17:52 +0200 Subject: [PATCH 25/52] chore: remove createComment(), depends on githubToken scopes --- .github/workflows/ci.yml | 20 -------------------- 1 file changed, 20 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 311b9ab..5af4b0d 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -81,26 +81,6 @@ jobs: # This step will never fail, but will print out the results from step5 run: echo "${{ steps.hadolint5.outputs.results }}" - - name: Update Pull Request - uses: actions/github-script@v6 - if: github.event_name == 'pull_request' - with: - script: | - const output = ` - #### Hadolint: \`${{ steps.hadolint5.outcome }}\` - _output from integration test 5_ - \`\`\` - ${process.env.HADOLINT_RESULTS} - \`\`\` - `; - - github.rest.issues.createComment({ - issue_number: context.issue.number, - owner: context.repo.owner, - repo: context.repo.repo, - body: output - }) - #- name: Run integration test 6 - output to file # # This step will never fail, but will print out rule violations. # uses: ./ From d73282b64c1cb799e8cb5efd4af9834e0bd0b98e Mon Sep 17 00:00:00 2001 From: Harm Weites Date: Thu, 31 Mar 2022 14:56:53 +0200 Subject: [PATCH 26/52] chore: update readme --- README.md | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) diff --git a/README.md b/README.md index 84b3c0b..4630fdd 100644 --- a/README.md +++ b/README.md @@ -40,6 +40,33 @@ steps: | `ignore` | Comma separated list of Hadolint rules to ignore. | | | `trusted-registries` | Comma separated list of urls of trusted registries | | +## Output + +The Action will store results in an environment variable that can be used in other steps in a workflow. + +Example to create a comment in a PR: + +``` +- name: Update Pull Request + uses: actions/github-script@v6 + if: github.event_name == 'pull_request' + with: + script: | + const output = ` + #### Hadolint: \`${{ steps.hadolint5.outcome }}\` + \`\`\` + ${process.env.HADOLINT_RESULTS} + \`\`\` + `; + + github.rest.issues.createComment({ + issue_number: context.issue.number, + owner: context.repo.owner, + repo: context.repo.repo, + body: output + }) +``` + ## Hadolint Configuration To configure Hadolint (for example ignore rules), you can create an `.hadolint.yaml` file in the root of your repository. Please check the Hadolint [documentation](https://github.com/hadolint/hadolint#configure). From 55991004e8a2f2476dd7c26f265828099644b503 Mon Sep 17 00:00:00 2001 From: Harm Weites Date: Thu, 31 Mar 2022 15:31:54 +0200 Subject: [PATCH 27/52] chore: spotted a little typo in readme --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 4630fdd..e2e6b74 100644 --- a/README.md +++ b/README.md @@ -53,7 +53,7 @@ Example to create a comment in a PR: with: script: | const output = ` - #### Hadolint: \`${{ steps.hadolint5.outcome }}\` + #### Hadolint: \`${{ steps.hadolint.outcome }}\` \`\`\` ${process.env.HADOLINT_RESULTS} \`\`\` From d51839a6b581264c524e3ad9d7377ae4d89ff106 Mon Sep 17 00:00:00 2001 From: Mike Gray Date: Sat, 23 Apr 2022 10:19:23 -0400 Subject: [PATCH 28/52] Update usage example "Example to create a comment in a PR" doesn't work with v2.0.0 --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index e2e6b74..eabcb78 100644 --- a/README.md +++ b/README.md @@ -15,7 +15,7 @@ Add the following step to your workflow configuration: ```yml steps: - uses: actions/checkout@v2 - - uses: hadolint/hadolint-action@v2.0.0 + - uses: hadolint/hadolint-action@v2.1.0 with: dockerfile: Dockerfile ``` From 169ddcf26544b892e9224ce0e8a862ce8aaa2d49 Mon Sep 17 00:00:00 2001 From: offa Date: Fri, 13 May 2022 12:48:12 +0200 Subject: [PATCH 29/52] Update hadolint to 2.10 Use GHCR instead of Dockerhub and a fully qualified FROM --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 57da5f5..791df4c 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM hadolint/hadolint:v2.9.3-debian +FROM ghcr.io/hadolint/hadolint:v2.10.0-debian COPY LICENSE README.md problem-matcher.json / COPY hadolint.sh /usr/local/bin/hadolint.sh From 68a2276a3c904096109c871d80d5131d654ee338 Mon Sep 17 00:00:00 2001 From: mrdoodles <19146299+mrdoodles@users.noreply.github.com> Date: Tue, 8 Nov 2022 21:33:58 +0000 Subject: [PATCH 30/52] fix-github-deprecations --- .github/workflows/ci.yml | 6 +++--- hadolint.sh | 5 ++++- 2 files changed, 7 insertions(+), 4 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 5af4b0d..ab0d9c5 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -14,7 +14,7 @@ jobs: runs-on: ubuntu-20.04 container: pipelinecomponents/hadolint:0.10.1 steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - name: Run hadolint run: hadolint Dockerfile @@ -23,7 +23,7 @@ jobs: runs-on: ubuntu-20.04 needs: ["lint"] steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - name: Build Docker image run: docker build -t $TEST_IMAGE_NAME . @@ -37,7 +37,7 @@ jobs: runs-on: ubuntu-20.04 needs: build-test steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - name: Run integration test 1 uses: ./ diff --git a/hadolint.sh b/hadolint.sh index cb8503a..4231068 100755 --- a/hadolint.sh +++ b/hadolint.sh @@ -44,7 +44,10 @@ if [ -n "$HADOLINT_OUTPUT" ]; then fi RESULTS="${RESULTS//$'\\n'/''}" -echo "::set-output name=results::$RESULTS" + +echo "results<> $GITHUB_OUTPUT +echo "${RESULTS}" >> $GITHUB_OUTPUT +echo "EOF" >> $GITHUB_OUTPUT { echo "HADOLINT_RESULTS<> $GITHUB_ENV From e81a8de9db6e97077ca0483f083522437c894ea6 Mon Sep 17 00:00:00 2001 From: Gonzalo Tixilima Date: Fri, 11 Nov 2022 01:18:35 -0500 Subject: [PATCH 31/52] upgrade hadolint to 2.11 --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 791df4c..4ae99af 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM ghcr.io/hadolint/hadolint:v2.10.0-debian +FROM ghcr.io/hadolint/hadolint:v2.11.0-debian COPY LICENSE README.md problem-matcher.json / COPY hadolint.sh /usr/local/bin/hadolint.sh From 48c412037743cf755041f57f8a9d6d5be0f0eba2 Mon Sep 17 00:00:00 2001 From: Gonzalo Tixilima Date: Fri, 11 Nov 2022 05:52:50 -0500 Subject: [PATCH 32/52] upgrade hadolint to 2.12 --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 4ae99af..102a9b9 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM ghcr.io/hadolint/hadolint:v2.11.0-debian +FROM ghcr.io/hadolint/hadolint:v2.12.0-debian COPY LICENSE README.md problem-matcher.json / COPY hadolint.sh /usr/local/bin/hadolint.sh From 77e79bb879e179a6f5f5a680d99d03589d77cd92 Mon Sep 17 00:00:00 2001 From: Viacheslav Kudinov Date: Tue, 15 Nov 2022 20:14:37 +0100 Subject: [PATCH 33/52] Some shellcheck fixes and new input (#1) --- .github/workflows/ci.yml | 18 +++++++++++++++++- .gitignore | 1 + README.md | 35 ++++++++++++++++++----------------- action.yml | 5 +++++ hadolint.sh | 25 ++++++++++++++++--------- 5 files changed, 57 insertions(+), 27 deletions(-) create mode 100644 .gitignore diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index ab0d9c5..1d3450a 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -79,7 +79,23 @@ jobs: - name: Run integration test 6 - verify results output parameter # This step will never fail, but will print out the results from step5 - run: echo "${{ steps.hadolint5.outputs.results }}" + env: + results: ${{ steps.hadolint5.outputs.results }} + run: echo "$results" + + - name: Run integration test 7 - set recursive + uses: ./ + with: + dockerfile: "*Dockerfile" + failure-threshold: error + recursive: true + + - name: Run integration test 8 - print results to console + uses: ./ + with: + dockerfile: testdata/warning.Dockerfile + failure-threshold: error + results-to-console: true #- name: Run integration test 6 - output to file # # This step will never fail, but will print out rule violations. diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..485dee6 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +.idea diff --git a/README.md b/README.md index eabcb78..cfa8820 100644 --- a/README.md +++ b/README.md @@ -22,23 +22,24 @@ steps: ## Inputs -| Name | Description | Default | -|----------------------|-----------------------------------------------------------------------------------------------------------------------------------------|--------------------| -| `dockerfile` | The path to the Dockerfile to be tested | `./Dockerfile` | -| `recursive` | Search for specified dockerfile
recursively, from the project root | `false` | -| `config` | Custom path to a Hadolint config file | `./.hadolint.yaml` | -| `output-file` | A sub-path where to save the
output as a file to | | -| `no-color` | Don't create colored output (`true`/`false`) | | -| `no-fail` | Never fail the action (`true`/`false`) | | -| `verbose` | Output more information (`true`/`false`) | | -| `format` | The output format. One of [`tty` \| `json` \|
`checkstyle` \| `codeclimate` \|
`gitlab_codeclimate` \| `codacy` \| `sarif`] | `tty` | -| `failure-threshold` | Rule severity threshold for pipeline
failure. One of [`error` \| `warning` \|
`info` \| `style` \| `ignore`] | `info` | -| `override-error` | Comma separated list of rules to treat with `error` severity | | -| `override-warning` | Comma separated list of rules to treat with `warning` severity | | -| `override-info` | Comma separated list of rules to treat with `info` severity | | -| `override-style` | Comma separated list of rules to treat with `style` severity | | -| `ignore` | Comma separated list of Hadolint rules to ignore. | | -| `trusted-registries` | Comma separated list of urls of trusted registries | | +| Name | Description | Default | +|----------------------|-------------------------------------------------------------------------------------------------------------------------------|--------------------| +| `dockerfile` | The path to the Dockerfile to be tested | `./Dockerfile` | +| `recursive` | Search for specified dockerfile
recursively, from the project root | `false` | +| `config` | Custom path to a Hadolint config file | `./.hadolint.yaml` | +| `output-file` | A sub-path where to save the
output as a file to | | +| `results-to-console` | The flag to print Hadolint results to console | `false` | +| `no-color` | Don't create colored output (`true`/`false`) | | +| `no-fail` | Never fail the action (`true`/`false`) | | +| `verbose` | Output more information (`true`/`false`) | | +| `format` | The output format. One of [`tty` \ | `json` \|
`checkstyle` \| `codeclimate` \|
`gitlab_codeclimate` \| `codacy` \| `sarif`] | `tty` | +| `failure-threshold` | Rule severity threshold for pipeline
failure. One of [`error` \ | `warning` \|
`info` \| `style` \| `ignore`] | `info` | +| `override-error` | Comma separated list of rules to treat with `error` severity | | +| `override-warning` | Comma separated list of rules to treat with `warning` severity | | +| `override-info` | Comma separated list of rules to treat with `info` severity | | +| `override-style` | Comma separated list of rules to treat with `style` severity | | +| `ignore` | Comma separated list of Hadolint rules to ignore. | | +| `trusted-registries` | Comma separated list of urls of trusted registries | | ## Output diff --git a/action.yml b/action.yml index 443cf93..e319998 100644 --- a/action.yml +++ b/action.yml @@ -19,6 +19,10 @@ inputs: required: false description: 'The path where to save the linting results to' default: + results-to-console: + required: false + description: 'The flag to print Hadolint results to console' + default: false # standart hadolint options: no-color: @@ -95,6 +99,7 @@ runs: HADOLINT_CONFIG: ${{ inputs.config }} HADOLINT_RECURSIVE: ${{ inputs.recursive }} HADOLINT_OUTPUT: ${{ inputs.output-file }} + HADOLINT_RESULTS_TO_CONSOLE: ${{ inputs.results-to-console }} branding: icon: 'layers' color: 'purple' diff --git a/hadolint.sh b/hadolint.sh index 4231068..af507de 100755 --- a/hadolint.sh +++ b/hadolint.sh @@ -3,7 +3,10 @@ # The problem-matcher definition must be present in the repository # checkout (outside the Docker container running hadolint). We copy # problem-matcher.json to the home folder. -cp /problem-matcher.json "$HOME/" +PROBLEM_MATCHER_FILE="/problem-matcher.json" +if [ -f "$PROBLEM_MATCHER_FILE" ]; then + cp "$PROBLEM_MATCHER_FILE" "$HOME/" +fi # After the run has finished we remove the problem-matcher.json from # the repository so we don't leave the checkout dirty. We also remove @@ -23,16 +26,18 @@ if [ -z "$HADOLINT_TRUSTED_REGISTRIES" ]; then unset HADOLINT_TRUSTED_REGISTRIES; fi +COMMAND="hadolint $HADOLINT_CONFIG" + if [ "$HADOLINT_RECURSIVE" = "true" ]; then shopt -s globstar filename="${!#}" flags="${@:1:$#-1}" - RESULTS=$(hadolint $HADOLINT_CONFIG $flags **/$filename) + RESULTS=$(eval "$COMMAND $flags" -- **/$filename) else - # shellcheck disable=SC2086 - RESULTS=$(hadolint $HADOLINT_CONFIG "$@") + + RESULTS=$(eval "$COMMAND" "$@") fi FAILED=$? @@ -40,16 +45,18 @@ if [ -n "$HADOLINT_OUTPUT" ]; then if [ -f "$HADOLINT_OUTPUT" ]; then HADOLINT_OUTPUT="$TMP_FOLDER/$HADOLINT_OUTPUT" fi - echo "$RESULTS" > $HADOLINT_OUTPUT + echo "$RESULTS" > "$HADOLINT_OUTPUT" +fi + +if [ "$HADOLINT_RESULTS_TO_CONSOLE" = "true" ]; then + echo "$RESULTS" fi RESULTS="${RESULTS//$'\\n'/''}" -echo "results<> $GITHUB_OUTPUT -echo "${RESULTS}" >> $GITHUB_OUTPUT -echo "EOF" >> $GITHUB_OUTPUT +{ echo "results<> "$GITHUB_OUTPUT" -{ echo "HADOLINT_RESULTS<> $GITHUB_ENV +{ echo "HADOLINT_RESULTS<> "$GITHUB_ENV" [ -z "$HADOLINT_OUTPUT" ] || echo "Hadolint output saved to: $HADOLINT_OUTPUT" From 676012c475c665658957b7e3276552fb129bc112 Mon Sep 17 00:00:00 2001 From: Jennifer Cwagenberg Date: Sat, 14 Jan 2023 14:59:41 -0600 Subject: [PATCH 34/52] update example usage in readme --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index eabcb78..939f959 100644 --- a/README.md +++ b/README.md @@ -14,8 +14,8 @@ Add the following step to your workflow configuration: ```yml steps: - - uses: actions/checkout@v2 - - uses: hadolint/hadolint-action@v2.1.0 + - uses: actions/checkout@v3 + - uses: hadolint/hadolint-action@v3.0.0 with: dockerfile: Dockerfile ``` From e88bddc55d1b64a4ddea065683a9a6c0bd078465 Mon Sep 17 00:00:00 2001 From: DracoBlue Date: Tue, 17 Jan 2023 15:05:26 +0100 Subject: [PATCH 35/52] Fix the url to the build badge As suggested in https://github.com/badges/shields/issues/8671 --- README.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index eabcb78..efe3f8f 100644 --- a/README.md +++ b/README.md @@ -6,7 +6,8 @@ [![License](https://img.shields.io/badge/License-MIT-yellow.svg?style=for-the-badge)](LICENSE) [![Commitizen friendly](https://img.shields.io/badge/commitizen-friendly-brightgreen.svg?style=for-the-badge)](http://commitizen.github.io/cz-cli/) [![semantic-release](https://img.shields.io/badge/%20%20%F0%9F%93%A6%F0%9F%9A%80-semantic--release-e10079.svg?style=for-the-badge)](https://github.com/semantic-release/semantic-release?style=for-the-badge) -[![GitHub Workflow Status](https://img.shields.io/github/workflow/status/hadolint/hadolint-action/CI?style=for-the-badge)](https://github.com/hadolint/hadolint-action/action) +[![GitHub Workflow Status](https://img.shields.io/github/actions/workflow/status/hadolint/hadolint-action/ci.yml?branch=master&style=for-the-badge)](https://github.com/hadolint/hadolint-action/action) + ## Usage From 1a139ce6cc2975def9376bf648923108a713042b Mon Sep 17 00:00:00 2001 From: DracoBlue Date: Tue, 17 Jan 2023 15:38:26 +0100 Subject: [PATCH 36/52] Make output-file by default to /dev/stdout To fix https://github.com/hadolint/hadolint-action/issues/60 in hadolint-action>v2.0.0 --- action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/action.yml b/action.yml index 443cf93..e1c9fba 100644 --- a/action.yml +++ b/action.yml @@ -18,7 +18,7 @@ inputs: output-file: required: false description: 'The path where to save the linting results to' - default: + default: "/dev/stdout" # standart hadolint options: no-color: From 54c9adbab1582c2ef04b2016b760714a4bfde3cf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jos=C3=A9=20Lorenzo=20Rodr=C3=ADguez?= Date: Tue, 17 Jan 2023 17:19:55 +0100 Subject: [PATCH 37/52] fix release --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index ab0d9c5..ba3bfb3 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -96,7 +96,7 @@ jobs: needs: integration-tests steps: - uses: actions/checkout@v2 - - uses: cycjimmy/semantic-release-action@v2 + - uses: cycjimmy/semantic-release-action@v3 with: extra_plugins: | @semantic-release/git From a4d0f06c93b55ad8a6f376988283d88cb988178c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jos=C3=A9=20Lorenzo=20Rodr=C3=ADguez?= Date: Wed, 18 Jan 2023 19:22:00 +0100 Subject: [PATCH 38/52] Revert "Some `shellcheck` fixes and new input to print Hadolint results to console" --- .github/workflows/ci.yml | 18 +----------------- .gitignore | 1 - README.md | 35 +++++++++++++++++------------------ action.yml | 6 +----- hadolint.sh | 25 +++++++++---------------- 5 files changed, 28 insertions(+), 57 deletions(-) delete mode 100644 .gitignore diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 277c0d8..ba3bfb3 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -79,23 +79,7 @@ jobs: - name: Run integration test 6 - verify results output parameter # This step will never fail, but will print out the results from step5 - env: - results: ${{ steps.hadolint5.outputs.results }} - run: echo "$results" - - - name: Run integration test 7 - set recursive - uses: ./ - with: - dockerfile: "*Dockerfile" - failure-threshold: error - recursive: true - - - name: Run integration test 8 - print results to console - uses: ./ - with: - dockerfile: testdata/warning.Dockerfile - failure-threshold: error - results-to-console: true + run: echo "${{ steps.hadolint5.outputs.results }}" #- name: Run integration test 6 - output to file # # This step will never fail, but will print out rule violations. diff --git a/.gitignore b/.gitignore deleted file mode 100644 index 485dee6..0000000 --- a/.gitignore +++ /dev/null @@ -1 +0,0 @@ -.idea diff --git a/README.md b/README.md index 7d6fd9a..3e3809e 100644 --- a/README.md +++ b/README.md @@ -23,24 +23,23 @@ steps: ## Inputs -| Name | Description | Default | -|----------------------|-------------------------------------------------------------------------------------------------------------------------------|--------------------| -| `dockerfile` | The path to the Dockerfile to be tested | `./Dockerfile` | -| `recursive` | Search for specified dockerfile
recursively, from the project root | `false` | -| `config` | Custom path to a Hadolint config file | `./.hadolint.yaml` | -| `output-file` | A sub-path where to save the
output as a file to | | -| `results-to-console` | The flag to print Hadolint results to console | `false` | -| `no-color` | Don't create colored output (`true`/`false`) | | -| `no-fail` | Never fail the action (`true`/`false`) | | -| `verbose` | Output more information (`true`/`false`) | | -| `format` | The output format. One of [`tty` \ | `json` \|
`checkstyle` \| `codeclimate` \|
`gitlab_codeclimate` \| `codacy` \| `sarif`] | `tty` | -| `failure-threshold` | Rule severity threshold for pipeline
failure. One of [`error` \ | `warning` \|
`info` \| `style` \| `ignore`] | `info` | -| `override-error` | Comma separated list of rules to treat with `error` severity | | -| `override-warning` | Comma separated list of rules to treat with `warning` severity | | -| `override-info` | Comma separated list of rules to treat with `info` severity | | -| `override-style` | Comma separated list of rules to treat with `style` severity | | -| `ignore` | Comma separated list of Hadolint rules to ignore. | | -| `trusted-registries` | Comma separated list of urls of trusted registries | | +| Name | Description | Default | +|----------------------|-----------------------------------------------------------------------------------------------------------------------------------------|--------------------| +| `dockerfile` | The path to the Dockerfile to be tested | `./Dockerfile` | +| `recursive` | Search for specified dockerfile
recursively, from the project root | `false` | +| `config` | Custom path to a Hadolint config file | `./.hadolint.yaml` | +| `output-file` | A sub-path where to save the
output as a file to | | +| `no-color` | Don't create colored output (`true`/`false`) | | +| `no-fail` | Never fail the action (`true`/`false`) | | +| `verbose` | Output more information (`true`/`false`) | | +| `format` | The output format. One of [`tty` \| `json` \|
`checkstyle` \| `codeclimate` \|
`gitlab_codeclimate` \| `codacy` \| `sarif`] | `tty` | +| `failure-threshold` | Rule severity threshold for pipeline
failure. One of [`error` \| `warning` \|
`info` \| `style` \| `ignore`] | `info` | +| `override-error` | Comma separated list of rules to treat with `error` severity | | +| `override-warning` | Comma separated list of rules to treat with `warning` severity | | +| `override-info` | Comma separated list of rules to treat with `info` severity | | +| `override-style` | Comma separated list of rules to treat with `style` severity | | +| `ignore` | Comma separated list of Hadolint rules to ignore. | | +| `trusted-registries` | Comma separated list of urls of trusted registries | | ## Output diff --git a/action.yml b/action.yml index f0fa9ab..e1c9fba 100644 --- a/action.yml +++ b/action.yml @@ -19,10 +19,7 @@ inputs: required: false description: 'The path where to save the linting results to' default: "/dev/stdout" - results-to-console: - required: false - description: 'The flag to print Hadolint results to console' - default: false + # standart hadolint options: no-color: required: false @@ -98,7 +95,6 @@ runs: HADOLINT_CONFIG: ${{ inputs.config }} HADOLINT_RECURSIVE: ${{ inputs.recursive }} HADOLINT_OUTPUT: ${{ inputs.output-file }} - HADOLINT_RESULTS_TO_CONSOLE: ${{ inputs.results-to-console }} branding: icon: 'layers' color: 'purple' diff --git a/hadolint.sh b/hadolint.sh index af507de..4231068 100755 --- a/hadolint.sh +++ b/hadolint.sh @@ -3,10 +3,7 @@ # The problem-matcher definition must be present in the repository # checkout (outside the Docker container running hadolint). We copy # problem-matcher.json to the home folder. -PROBLEM_MATCHER_FILE="/problem-matcher.json" -if [ -f "$PROBLEM_MATCHER_FILE" ]; then - cp "$PROBLEM_MATCHER_FILE" "$HOME/" -fi +cp /problem-matcher.json "$HOME/" # After the run has finished we remove the problem-matcher.json from # the repository so we don't leave the checkout dirty. We also remove @@ -26,18 +23,16 @@ if [ -z "$HADOLINT_TRUSTED_REGISTRIES" ]; then unset HADOLINT_TRUSTED_REGISTRIES; fi -COMMAND="hadolint $HADOLINT_CONFIG" - if [ "$HADOLINT_RECURSIVE" = "true" ]; then shopt -s globstar filename="${!#}" flags="${@:1:$#-1}" - RESULTS=$(eval "$COMMAND $flags" -- **/$filename) + RESULTS=$(hadolint $HADOLINT_CONFIG $flags **/$filename) else - - RESULTS=$(eval "$COMMAND" "$@") + # shellcheck disable=SC2086 + RESULTS=$(hadolint $HADOLINT_CONFIG "$@") fi FAILED=$? @@ -45,18 +40,16 @@ if [ -n "$HADOLINT_OUTPUT" ]; then if [ -f "$HADOLINT_OUTPUT" ]; then HADOLINT_OUTPUT="$TMP_FOLDER/$HADOLINT_OUTPUT" fi - echo "$RESULTS" > "$HADOLINT_OUTPUT" -fi - -if [ "$HADOLINT_RESULTS_TO_CONSOLE" = "true" ]; then - echo "$RESULTS" + echo "$RESULTS" > $HADOLINT_OUTPUT fi RESULTS="${RESULTS//$'\\n'/''}" -{ echo "results<> "$GITHUB_OUTPUT" +echo "results<> $GITHUB_OUTPUT +echo "${RESULTS}" >> $GITHUB_OUTPUT +echo "EOF" >> $GITHUB_OUTPUT -{ echo "HADOLINT_RESULTS<> "$GITHUB_ENV" +{ echo "HADOLINT_RESULTS<> $GITHUB_ENV [ -z "$HADOLINT_OUTPUT" ] || echo "Hadolint output saved to: $HADOLINT_OUTPUT" From a17195f03eccfa4994f0a3c2b53175d4b70de259 Mon Sep 17 00:00:00 2001 From: Viacheslav Kudinov Date: Thu, 19 Jan 2023 20:09:05 +0100 Subject: [PATCH 39/52] Fix of ShellCheck and doc update. Int testing updates. Added ShellCheck action. (#1) --- .github/workflows/ci.yml | 36 +++++++++++++++++++++++++++++++----- README.md | 8 ++++---- hadolint.sh | 26 +++++++++++++++----------- 3 files changed, 50 insertions(+), 20 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index ba3bfb3..c2f9eb5 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -18,10 +18,24 @@ jobs: - name: Run hadolint run: hadolint Dockerfile + shellcheck: + name: ShellCheck + runs-on: ubuntu-20.04 + permissions: + contents: read + pull-requests: write + steps: + - uses: actions/checkout@v3 + - name: Run ShellCheck + uses: reviewdog/action-shellcheck@v1.16.0 + with: + reporter: github-pr-review + fail_on_error: true + build-test: name: Build and Test runs-on: ubuntu-20.04 - needs: ["lint"] + needs: [ "lint", "shellcheck" ] steps: - uses: actions/checkout@v3 - name: Build Docker image @@ -69,8 +83,9 @@ jobs: failure-threshold: error format: json - - name: Run integration test 5 - output format - # This step will never fail, but will print out rule violations. + - name: Run integration test 5 - config file + # This step will never fail, but will print out rule violations + # because in config is set the error failure threshold. id: hadolint5 uses: ./ with: @@ -79,9 +94,20 @@ jobs: - name: Run integration test 6 - verify results output parameter # This step will never fail, but will print out the results from step5 - run: echo "${{ steps.hadolint5.outputs.results }}" + env: + results: ${{ steps.hadolint5.outputs.results }} + run: echo "$results" - #- name: Run integration test 6 - output to file + - name: Run integration test 7 - set recursive + # This step will never fail, but will print out rule violations + # for all the Dockerfiles in repository. + uses: ./ + with: + dockerfile: "*Dockerfile" + failure-threshold: error + recursive: true + + #- name: Run integration test 8 - output to file # # This step will never fail, but will print out rule violations. # uses: ./ # with: diff --git a/README.md b/README.md index 3e3809e..7dade9b 100644 --- a/README.md +++ b/README.md @@ -28,10 +28,10 @@ steps: | `dockerfile` | The path to the Dockerfile to be tested | `./Dockerfile` | | `recursive` | Search for specified dockerfile
recursively, from the project root | `false` | | `config` | Custom path to a Hadolint config file | `./.hadolint.yaml` | -| `output-file` | A sub-path where to save the
output as a file to | | -| `no-color` | Don't create colored output (`true`/`false`) | | -| `no-fail` | Never fail the action (`true`/`false`) | | -| `verbose` | Output more information (`true`/`false`) | | +| `output-file` | A sub-path where to save the
output as a file to | `/dev/stdout` | +| `no-color` | Don't create colored output (`true`/`false`) | `false` | +| `no-fail` | Never fail the action (`true`/`false`) | `false` | +| `verbose` | Output more information (`true`/`false`) | `false` | | `format` | The output format. One of [`tty` \| `json` \|
`checkstyle` \| `codeclimate` \|
`gitlab_codeclimate` \| `codacy` \| `sarif`] | `tty` | | `failure-threshold` | Rule severity threshold for pipeline
failure. One of [`error` \| `warning` \|
`info` \| `style` \| `ignore`] | `info` | | `override-error` | Comma separated list of rules to treat with `error` severity | | diff --git a/hadolint.sh b/hadolint.sh index 4231068..d0024ff 100755 --- a/hadolint.sh +++ b/hadolint.sh @@ -1,13 +1,16 @@ #!/bin/bash - # The problem-matcher definition must be present in the repository # checkout (outside the Docker container running hadolint). We copy # problem-matcher.json to the home folder. -cp /problem-matcher.json "$HOME/" +PROBLEM_MATCHER_FILE="/problem-matcher.json" +if [ -f "$PROBLEM_MATCHER_FILE" ]; then + cp "$PROBLEM_MATCHER_FILE" "$HOME/" +fi # After the run has finished we remove the problem-matcher.json from # the repository so we don't leave the checkout dirty. We also remove # the matcher so it won't take effect in later steps. +# shellcheck disable=SC2317 cleanup() { echo "::remove-matcher owner=brpaz/hadolint-action::" } @@ -23,16 +26,19 @@ if [ -z "$HADOLINT_TRUSTED_REGISTRIES" ]; then unset HADOLINT_TRUSTED_REGISTRIES; fi +COMMAND="hadolint $HADOLINT_CONFIG" + if [ "$HADOLINT_RECURSIVE" = "true" ]; then shopt -s globstar filename="${!#}" - flags="${@:1:$#-1}" - RESULTS=$(hadolint $HADOLINT_CONFIG $flags **/$filename) + flags="${*:1:$#-1}" + + RESULTS=$(eval "$COMMAND $flags" -- **/"$filename") else - # shellcheck disable=SC2086 - RESULTS=$(hadolint $HADOLINT_CONFIG "$@") + flags=$* + RESULTS=$(eval "$COMMAND" "$flags") fi FAILED=$? @@ -40,16 +46,14 @@ if [ -n "$HADOLINT_OUTPUT" ]; then if [ -f "$HADOLINT_OUTPUT" ]; then HADOLINT_OUTPUT="$TMP_FOLDER/$HADOLINT_OUTPUT" fi - echo "$RESULTS" > $HADOLINT_OUTPUT + echo "$RESULTS" > "$HADOLINT_OUTPUT" fi RESULTS="${RESULTS//$'\\n'/''}" -echo "results<> $GITHUB_OUTPUT -echo "${RESULTS}" >> $GITHUB_OUTPUT -echo "EOF" >> $GITHUB_OUTPUT +{ echo "results<> "$GITHUB_OUTPUT" -{ echo "HADOLINT_RESULTS<> $GITHUB_ENV +{ echo "HADOLINT_RESULTS<> "$GITHUB_ENV" [ -z "$HADOLINT_OUTPUT" ] || echo "Hadolint output saved to: $HADOLINT_OUTPUT" From 726b0bb29856ca7d00bd951f318365100bac8382 Mon Sep 17 00:00:00 2001 From: Viacheslav Kudinov Date: Thu, 19 Jan 2023 20:16:51 +0100 Subject: [PATCH 40/52] Fix of ShellCheck and doc update. Int testing updates. Added ShellCheck action. (#2) --- .github/workflows/ci.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index c2f9eb5..3acd3eb 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -120,6 +120,8 @@ jobs: name: Release runs-on: ubuntu-20.04 needs: integration-tests + permissions: + contents: write steps: - uses: actions/checkout@v2 - uses: cycjimmy/semantic-release-action@v3 From 218bc411d78ba9386a35739e173a7065f400adb8 Mon Sep 17 00:00:00 2001 From: Viacheslav Kudinov Date: Fri, 20 Jan 2023 09:55:56 +0100 Subject: [PATCH 41/52] Fix of ShellCheck and doc update. Int testing updates. Added ShellCheck action. (#3) Co-authored-by: OCP4 migration script --- .github/workflows/ci.yml | 10 +++++----- hadolint.sh | 21 ++++++++++++++------- 2 files changed, 19 insertions(+), 12 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 3acd3eb..54763d8 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -8,6 +8,11 @@ on: env: TEST_IMAGE_NAME: hadolint-action:${{github.sha}} +permissions: + contents: write + issues: write # Used by Release step to update "The automated release is failing" issue + pull-requests: write # Used by ShellCheck Action to add comments on PR + jobs: lint: name: Lint @@ -21,9 +26,6 @@ jobs: shellcheck: name: ShellCheck runs-on: ubuntu-20.04 - permissions: - contents: read - pull-requests: write steps: - uses: actions/checkout@v3 - name: Run ShellCheck @@ -120,8 +122,6 @@ jobs: name: Release runs-on: ubuntu-20.04 needs: integration-tests - permissions: - contents: write steps: - uses: actions/checkout@v2 - uses: cycjimmy/semantic-release-action@v3 diff --git a/hadolint.sh b/hadolint.sh index d0024ff..d28035d 100755 --- a/hadolint.sh +++ b/hadolint.sh @@ -5,14 +5,14 @@ PROBLEM_MATCHER_FILE="/problem-matcher.json" if [ -f "$PROBLEM_MATCHER_FILE" ]; then - cp "$PROBLEM_MATCHER_FILE" "$HOME/" + cp "$PROBLEM_MATCHER_FILE" "$HOME/" fi # After the run has finished we remove the problem-matcher.json from # the repository so we don't leave the checkout dirty. We also remove # the matcher so it won't take effect in later steps. # shellcheck disable=SC2317 cleanup() { - echo "::remove-matcher owner=brpaz/hadolint-action::" + echo "::remove-matcher owner=brpaz/hadolint-action::" } trap cleanup EXIT @@ -23,7 +23,7 @@ if [ -n "$HADOLINT_CONFIG" ]; then fi if [ -z "$HADOLINT_TRUSTED_REGISTRIES" ]; then - unset HADOLINT_TRUSTED_REGISTRIES; + unset HADOLINT_TRUSTED_REGISTRIES fi COMMAND="hadolint $HADOLINT_CONFIG" @@ -32,7 +32,6 @@ if [ "$HADOLINT_RECURSIVE" = "true" ]; then shopt -s globstar filename="${!#}" - flags="${*:1:$#-1}" RESULTS=$(eval "$COMMAND $flags" -- **/"$filename") @@ -46,14 +45,22 @@ if [ -n "$HADOLINT_OUTPUT" ]; then if [ -f "$HADOLINT_OUTPUT" ]; then HADOLINT_OUTPUT="$TMP_FOLDER/$HADOLINT_OUTPUT" fi - echo "$RESULTS" > "$HADOLINT_OUTPUT" + echo "$RESULTS" >"$HADOLINT_OUTPUT" fi RESULTS="${RESULTS//$'\\n'/''}" -{ echo "results<> "$GITHUB_OUTPUT" +{ + echo "results<>"$GITHUB_OUTPUT" -{ echo "HADOLINT_RESULTS<> "$GITHUB_ENV" +{ + echo "HADOLINT_RESULTS<>"$GITHUB_ENV" [ -z "$HADOLINT_OUTPUT" ] || echo "Hadolint output saved to: $HADOLINT_OUTPUT" From 7857e0b9ce8c651778ec7a3ea66f1fe8ebea436b Mon Sep 17 00:00:00 2001 From: DracoBlue Date: Wed, 8 Feb 2023 07:12:24 +0100 Subject: [PATCH 42/52] Example uses 3.1.0, too --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 3e3809e..32e9803 100644 --- a/README.md +++ b/README.md @@ -16,7 +16,7 @@ Add the following step to your workflow configuration: ```yml steps: - uses: actions/checkout@v3 - - uses: hadolint/hadolint-action@v3.0.0 + - uses: hadolint/hadolint-action@v3.1.0 with: dockerfile: Dockerfile ``` From 715c3070466c5927407738bf9293e6b67858045e Mon Sep 17 00:00:00 2001 From: Felipe Santos Date: Sun, 20 Jul 2025 00:26:51 -0300 Subject: [PATCH 43/52] Update hadolint to v2.13.1-beta2 --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 102a9b9..4a5dcf4 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM ghcr.io/hadolint/hadolint:v2.12.0-debian +FROM ghcr.io/hadolint/hadolint:v2.13.1-beta2-debian COPY LICENSE README.md problem-matcher.json / COPY hadolint.sh /usr/local/bin/hadolint.sh From 2f0331e82152a2dd3f73cf3106b0aa5cd71d161a Mon Sep 17 00:00:00 2001 From: Felipe Santos Date: Sun, 20 Jul 2025 00:31:17 -0300 Subject: [PATCH 44/52] Update Dockerfile --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 4a5dcf4..8323dfa 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM ghcr.io/hadolint/hadolint:v2.13.1-beta2-debian +FROM hadolint/hadolint:v2.13.1-beta2-debian COPY LICENSE README.md problem-matcher.json / COPY hadolint.sh /usr/local/bin/hadolint.sh From cc71e1bfd17cf3389c7580e08c43e1bd7defc130 Mon Sep 17 00:00:00 2001 From: Felipe Santos Date: Tue, 2 Sep 2025 14:10:17 -0300 Subject: [PATCH 45/52] Update Dockerfile to use stable hadolint version --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 8323dfa..209d5f7 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM hadolint/hadolint:v2.13.1-beta2-debian +FROM hadolint/hadolint:v2.13.1-debian COPY LICENSE README.md problem-matcher.json / COPY hadolint.sh /usr/local/bin/hadolint.sh From 24598f413ebc646232a0218bac5e314f7a8632ce Mon Sep 17 00:00:00 2001 From: Felipe Santos Date: Tue, 2 Sep 2025 14:10:55 -0300 Subject: [PATCH 46/52] Update base image for Hadolint --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 209d5f7..cbb24e2 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM hadolint/hadolint:v2.13.1-debian +FROM ghcr.io/hadolint/hadolint:v2.13.1-debian COPY LICENSE README.md problem-matcher.json / COPY hadolint.sh /usr/local/bin/hadolint.sh From 8bde06f9ce374f8d841c43a38da556483c397f32 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Moritz=20R=C3=B6hrich?= Date: Wed, 3 Sep 2025 11:45:35 +0200 Subject: [PATCH 47/52] Update CI yml MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Update versions of runner images and action steps Signed-off-by: Moritz Röhrich --- .github/workflows/ci.yml | 44 ++++++++++++++++++++++++---------------- 1 file changed, 26 insertions(+), 18 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 54763d8..6c494c5 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -10,36 +10,41 @@ env: permissions: contents: write - issues: write # Used by Release step to update "The automated release is failing" issue - pull-requests: write # Used by ShellCheck Action to add comments on PR + issues: write # Used by Release step to update "The automated release is failing" issue + pull-requests: write # Used by ShellCheck Action to add comments on PR jobs: lint: name: Lint - runs-on: ubuntu-20.04 - container: pipelinecomponents/hadolint:0.10.1 + runs-on: ubuntu-24.04 + container: pipelinecomponents/hadolint:0.27.2 steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v5 + - name: Run hadolint run: hadolint Dockerfile shellcheck: name: ShellCheck - runs-on: ubuntu-20.04 + runs-on: ubuntu-24.04 steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v5 + - name: Run ShellCheck - uses: reviewdog/action-shellcheck@v1.16.0 + uses: reviewdog/action-shellcheck@v1.31.0 with: reporter: github-pr-review fail_on_error: true build-test: name: Build and Test - runs-on: ubuntu-20.04 - needs: [ "lint", "shellcheck" ] + runs-on: ubuntu-24.04 + needs: + - lint + - shellcheck steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v5 + - name: Build Docker image run: docker build -t $TEST_IMAGE_NAME . @@ -50,10 +55,11 @@ jobs: integration-tests: name: Integration Tests - runs-on: ubuntu-20.04 - needs: build-test + runs-on: ubuntu-24.04 + needs: + - build-test steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v5 - name: Run integration test 1 uses: ./ @@ -120,11 +126,13 @@ jobs: release: if: github.event_name == 'push' && github.ref == 'refs/heads/master' name: Release - runs-on: ubuntu-20.04 - needs: integration-tests + runs-on: ubuntu-24.04 + needs: + - integration-tests steps: - - uses: actions/checkout@v2 - - uses: cycjimmy/semantic-release-action@v3 + - uses: actions/checkout@v5 + + - uses: cycjimmy/semantic-release-action@v5 with: extra_plugins: | @semantic-release/git From 45eb072a0b555fab4dfc5b7f863a41b150431d11 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Moritz=20R=C3=B6hrich?= Date: Wed, 3 Sep 2025 15:22:29 +0200 Subject: [PATCH 48/52] Trigger release workflow on tag MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Moritz Röhrich --- .github/workflows/ci.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 6c494c5..2485573 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -1,8 +1,12 @@ name: "CI" on: push: + tags: + - "v*" + branches: - master + pull_request: env: From 3fc49fb50d59c6ab7917a2e4195dba633e515b29 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Moritz=20R=C3=B6hrich?= Date: Wed, 3 Sep 2025 15:29:46 +0200 Subject: [PATCH 49/52] feat: new minor release MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Moritz Röhrich From 0931ae097296863e5f188b8c6a0c5f9b95f79793 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Moritz=20R=C3=B6hrich?= Date: Mon, 22 Sep 2025 13:33:25 +0200 Subject: [PATCH 50/52] Release v3.3.0 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Moritz Röhrich --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index cbb24e2..93a3909 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM ghcr.io/hadolint/hadolint:v2.13.1-debian +FROM ghcr.io/hadolint/hadolint:v2.14.0-debian COPY LICENSE README.md problem-matcher.json / COPY hadolint.sh /usr/local/bin/hadolint.sh From 2bfd2b95f895100db2ca84c3054a8ce50f1fc611 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Moritz=20R=C3=B6hrich?= Date: Mon, 22 Sep 2025 13:41:56 +0200 Subject: [PATCH 51/52] Don't trigger release workflow on Tag MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Tags are automatically generated and applied by the release action Signed-off-by: Moritz Röhrich --- .github/workflows/ci.yml | 3 --- 1 file changed, 3 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 2485573..3a5f201 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -1,9 +1,6 @@ name: "CI" on: push: - tags: - - "v*" - branches: - master From 2332a7b74a6de0dda2e2221d575162eba76ba5e5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Moritz=20R=C3=B6hrich?= Date: Mon, 22 Sep 2025 13:43:49 +0200 Subject: [PATCH 52/52] feat: trigger release workflow MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Release action only triggers if there is a commit with a keyword in the title since the last release tag was made... Signed-off-by: Moritz Röhrich