.github/workflows/ci.yml

@@ -3,49 +3,27 @@ on:
   push:
     branches:
       - master
-
   pull_request:
 
 env:
   TEST_IMAGE_NAME: hadolint-action:${{github.sha}}
 
-permissions:
-  contents: write
-  issues: write  # Used by Release step to update "The automated release is failing" issue
-  pull-requests: write  # Used by ShellCheck Action to add comments on PR
-
 jobs:
   lint:
     name: Lint
-    runs-on: ubuntu-24.04
-    container: pipelinecomponents/hadolint:0.27.2
+    runs-on: ubuntu-20.04
+    container: pipelinecomponents/hadolint:0.10.1
     steps:
-      - uses: actions/checkout@v5
-
+      - uses: actions/checkout@v3
       - name: Run hadolint
         run: hadolint Dockerfile
 
-  shellcheck:
-    name: ShellCheck
-    runs-on: ubuntu-24.04
-    steps:
-      - uses: actions/checkout@v5
-
-      - name: Run ShellCheck
-        uses: reviewdog/action-shellcheck@v1.31.0
-        with:
-          reporter: github-pr-review
-          fail_on_error: true
-
   build-test:
     name: Build and Test
-    runs-on: ubuntu-24.04
-    needs:
-      - lint
-      - shellcheck
+    runs-on: ubuntu-20.04
+    needs: ["lint"]
     steps:
-      - uses: actions/checkout@v5
-
+      - uses: actions/checkout@v3
       - name: Build Docker image
         run: docker build -t $TEST_IMAGE_NAME .
 
@@ -56,11 +34,10 @@ jobs:
 
   integration-tests:
     name: Integration Tests
-    runs-on: ubuntu-24.04
-    needs:
-      - build-test
+    runs-on: ubuntu-20.04
+    needs: build-test
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v3
 
       - name: Run integration test 1
         uses: ./
@@ -92,9 +69,8 @@ jobs:
           failure-threshold: error
           format: json
 
-      - name: Run integration test 5 - config file
-        # This step will never fail, but will print out rule violations
-        # because in config is set the error failure threshold.
+      - name: Run integration test 5 - output format
+        # This step will never fail, but will print out rule violations.
         id: hadolint5
         uses: ./
         with:
@@ -103,20 +79,9 @@ jobs:
 
       - name: Run integration test 6 - verify results output parameter
         # This step will never fail, but will print out the results from step5
-        env:
-          results: ${{ steps.hadolint5.outputs.results }}
-        run: echo "$results"
+        run: echo "${{ steps.hadolint5.outputs.results }}"
 
-      - name: Run integration test 7 - set recursive
-        # This step will never fail, but will print out rule violations
-        # for all the Dockerfiles in repository.
-        uses: ./
-        with:
-          dockerfile: "*Dockerfile"
-          failure-threshold: error
-          recursive: true
-
-      #- name: Run integration test 8 - output to file
+      #- name: Run integration test 6 - output to file
       #  # This step will never fail, but will print out rule violations.
       #  uses: ./
       #  with:
@@ -127,13 +92,11 @@ jobs:
   release:
     if: github.event_name == 'push' && github.ref == 'refs/heads/master'
     name: Release
-    runs-on: ubuntu-24.04
-    needs:
-      - integration-tests
+    runs-on: ubuntu-20.04
+    needs: integration-tests
     steps:
-      - uses: actions/checkout@v5
-
-      - uses: cycjimmy/semantic-release-action@v5
+      - uses: actions/checkout@v2
+      - uses: cycjimmy/semantic-release-action@v2
         with:
           extra_plugins: |
             @semantic-release/git

Dockerfile

@@ -1,4 +1,4 @@
-FROM ghcr.io/hadolint/hadolint:v2.14.0-debian
+FROM ghcr.io/hadolint/hadolint:v2.12.0-debian
 
 COPY LICENSE README.md problem-matcher.json /
 COPY hadolint.sh /usr/local/bin/hadolint.sh

README.md

@@ -6,8 +6,7 @@
 [![License](https://img.shields.io/badge/License-MIT-yellow.svg?style=for-the-badge)](LICENSE)
 [![Commitizen friendly](https://img.shields.io/badge/commitizen-friendly-brightgreen.svg?style=for-the-badge)](http://commitizen.github.io/cz-cli/)
 [![semantic-release](https://img.shields.io/badge/%20%20%F0%9F%93%A6%F0%9F%9A%80-semantic--release-e10079.svg?style=for-the-badge)](https://github.com/semantic-release/semantic-release?style=for-the-badge)
-[![GitHub Workflow Status](https://img.shields.io/github/actions/workflow/status/hadolint/hadolint-action/ci.yml?branch=master&style=for-the-badge)](https://github.com/hadolint/hadolint-action/action)
-
+[![GitHub Workflow Status](https://img.shields.io/github/workflow/status/hadolint/hadolint-action/CI?style=for-the-badge)](https://github.com/hadolint/hadolint-action/action)
 
 ## Usage
 
@@ -15,8 +14,8 @@ Add the following step to your workflow configuration:
 
 ```yml
 steps:
-  - uses: actions/checkout@v3
-  - uses: hadolint/hadolint-action@v3.1.0
+  - uses: actions/checkout@v2 
+  - uses: hadolint/hadolint-action@v2.1.0
     with:
       dockerfile: Dockerfile
 ```
@@ -28,10 +27,10 @@ steps:
 | `dockerfile`         | The path to the Dockerfile to be tested                                                                                                 | `./Dockerfile`     |
 | `recursive`          | Search for specified dockerfile </br> recursively, from the project root                                                                | `false`            |
 | `config`             | Custom path to a Hadolint config file                                                                                                   | `./.hadolint.yaml` |
-| `output-file`        | A sub-path where to save the </br> output as a file to                                                                                  | `/dev/stdout`      |
-| `no-color`           | Don't create colored output (`true`/`false`)                                                                                            | `false`            |
-| `no-fail`            | Never fail the action (`true`/`false`)                                                                                                  | `false`            |
-| `verbose`            | Output more information (`true`/`false`)                                                                                                | `false`            |
+| `output-file`        | A sub-path where to save the </br> output as a file to                                                                                  |                    |
+| `no-color`           | Don't create colored output (`true`/`false`)                                                                                            |                    |
+| `no-fail`            | Never fail the action (`true`/`false`)                                                                                                  |                    |
+| `verbose`            | Output more information (`true`/`false`)                                                                                                |                    |
 | `format`             | The output format. One of [`tty` \| `json` \| </br> `checkstyle` \| `codeclimate` \| </br> `gitlab_codeclimate` \| `codacy` \| `sarif`] | `tty`              |
 | `failure-threshold`  | Rule severity threshold for pipeline </br> failure. One of [`error` \| `warning` \| </br>  `info` \| `style` \| `ignore`]               | `info`             |
 | `override-error`     | Comma separated list of rules to treat with `error` severity                                                                            |                    |

action.yml

@@ -18,7 +18,7 @@ inputs:
   output-file:
     required: false
     description: 'The path where to save the linting results to'
-    default: "/dev/stdout"
+    default:
 
   # standart hadolint options:
   no-color:

hadolint.sh

@@ -1,18 +1,15 @@
 #!/bin/bash
+
 # The problem-matcher definition must be present in the repository
 # checkout (outside the Docker container running hadolint). We copy
 # problem-matcher.json to the home folder.
+cp /problem-matcher.json "$HOME/"
 
-PROBLEM_MATCHER_FILE="/problem-matcher.json"
-if [ -f "$PROBLEM_MATCHER_FILE" ]; then
-  cp "$PROBLEM_MATCHER_FILE" "$HOME/"
-fi
 # After the run has finished we remove the problem-matcher.json from
 # the repository so we don't leave the checkout dirty. We also remove
 # the matcher so it won't take effect in later steps.
-# shellcheck disable=SC2317
 cleanup() {
-  echo "::remove-matcher owner=brpaz/hadolint-action::"
+    echo "::remove-matcher owner=brpaz/hadolint-action::"
 }
 trap cleanup EXIT
 
@@ -23,21 +20,19 @@ if [ -n "$HADOLINT_CONFIG" ]; then
 fi
 
 if [ -z "$HADOLINT_TRUSTED_REGISTRIES" ]; then
-  unset HADOLINT_TRUSTED_REGISTRIES
+  unset HADOLINT_TRUSTED_REGISTRIES;
 fi
 
-COMMAND="hadolint $HADOLINT_CONFIG"
-
 if [ "$HADOLINT_RECURSIVE" = "true" ]; then
   shopt -s globstar
 
   filename="${!#}"
-  flags="${*:1:$#-1}"
+  flags="${@:1:$#-1}"
 
-  RESULTS=$(eval "$COMMAND $flags" -- **/"$filename")
+  RESULTS=$(hadolint $HADOLINT_CONFIG $flags **/$filename)
 else
-  flags=$*
-  RESULTS=$(eval "$COMMAND" "$flags")
+  # shellcheck disable=SC2086
+  RESULTS=$(hadolint $HADOLINT_CONFIG "$@")
 fi
 FAILED=$?
 
@@ -45,22 +40,16 @@ if [ -n "$HADOLINT_OUTPUT" ]; then
   if [ -f "$HADOLINT_OUTPUT" ]; then
     HADOLINT_OUTPUT="$TMP_FOLDER/$HADOLINT_OUTPUT"
   fi
-  echo "$RESULTS" >"$HADOLINT_OUTPUT"
+  echo "$RESULTS" > $HADOLINT_OUTPUT
 fi
 
 RESULTS="${RESULTS//$'\\n'/''}"
 
-{
-  echo "results<<EOF"
-  echo "$RESULTS"
-  echo "EOF"
-} >>"$GITHUB_OUTPUT"
+echo "results<<EOF" >> $GITHUB_OUTPUT
+echo "${RESULTS}" >> $GITHUB_OUTPUT
+echo "EOF" >> $GITHUB_OUTPUT
 
-{
-  echo "HADOLINT_RESULTS<<EOF"
-  echo "$RESULTS"
-  echo "EOF"
-} >>"$GITHUB_ENV"
+{ echo "HADOLINT_RESULTS<<EOF"; echo "$RESULTS"; echo "EOF"; } >> $GITHUB_ENV
 
 [ -z "$HADOLINT_OUTPUT" ] || echo "Hadolint output saved to: $HADOLINT_OUTPUT"