actions/hadolint
actions/hadolint
3
0
Fork 0
mirror of https://github.com/hadolint/hadolint-action.git synced 2025-01-31 03:41:08 +01:00
Code Issues Projects Activity Pipelines

Some shellcheck fixes and new input (#1)

Browse source
This commit is contained in:
Viacheslav Kudinov 2022-11-15 20:14:37 +01:00 committed by GitHub
parent 4b5806eb9c
commit 77e79bb879
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
5 changed files with 57 additions and 27 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

18
.github/workflows/ci.yml vendored
View file

@ -79,7 +79,23 @@ jobs:
- name: Run integration test 6 - verify results output parameter - name: Run integration test 6 - verify results output parameter
# This step will never fail, but will print out the results from step5 # This step will never fail, but will print out the results from step5
run: echo "${{ steps.hadolint5.outputs.results }}" env:
results: ${{ steps.hadolint5.outputs.results }}
run: echo "$results"
- name: Run integration test 7 - set recursive
uses: ./
with:
dockerfile: "*Dockerfile"
failure-threshold: error
recursive: true
- name: Run integration test 8 - print results to console
uses: ./
with:
dockerfile: testdata/warning.Dockerfile
failure-threshold: error
results-to-console: true
#- name: Run integration test 6 - output to file #- name: Run integration test 6 - output to file
# # This step will never fail, but will print out rule violations. # # This step will never fail, but will print out rule violations.

1
.gitignore vendored Normal file
View file

@ -0,0 +1 @@
.idea

35
README.md
View file

@ -22,23 +22,24 @@ steps:
## Inputs ## Inputs
| Name | Description | Default | | Name | Description | Default |
|----------------------|-----------------------------------------------------------------------------------------------------------------------------------------|--------------------| |----------------------|-------------------------------------------------------------------------------------------------------------------------------|--------------------|
| `dockerfile` | The path to the Dockerfile to be tested | `./Dockerfile` | | `dockerfile` | The path to the Dockerfile to be tested | `./Dockerfile` |
| `recursive` | Search for specified dockerfile </br> recursively, from the project root | `false` | | `recursive` | Search for specified dockerfile </br> recursively, from the project root | `false` |
| `config` | Custom path to a Hadolint config file | `./.hadolint.yaml` | | `config` | Custom path to a Hadolint config file | `./.hadolint.yaml` |
| `output-file` | A sub-path where to save the </br> output as a file to | | | `output-file` | A sub-path where to save the </br> output as a file to | |
| `no-color` | Don't create colored output (`true`/`false`) | | | `results-to-console` | The flag to print Hadolint results to console | `false` |
| `no-fail` | Never fail the action (`true`/`false`) | | | `no-color` | Don't create colored output (`true`/`false`) | |
| `verbose` | Output more information (`true`/`false`) | | | `no-fail` | Never fail the action (`true`/`false`) | |
| `format` | The output format. One of [`tty` \| `json` \| </br> `checkstyle` \| `codeclimate` \| </br> `gitlab_codeclimate` \| `codacy` \| `sarif`] | `tty` | | `verbose` | Output more information (`true`/`false`) | |
| `failure-threshold` | Rule severity threshold for pipeline </br> failure. One of [`error` \| `warning` \| </br> `info` \| `style` \| `ignore`] | `info` | | `format` | The output format. One of [`tty` \ | `json` \| </br> `checkstyle` \| `codeclimate` \| </br> `gitlab_codeclimate` \| `codacy` \| `sarif`] | `tty` |
| `override-error` | Comma separated list of rules to treat with `error` severity | | | `failure-threshold` | Rule severity threshold for pipeline </br> failure. One of [`error` \ | `warning` \| </br> `info` \| `style` \| `ignore`] | `info` |
| `override-warning` | Comma separated list of rules to treat with `warning` severity | | | `override-error` | Comma separated list of rules to treat with `error` severity | |
| `override-info` | Comma separated list of rules to treat with `info` severity | | | `override-warning` | Comma separated list of rules to treat with `warning` severity | |
| `override-style` | Comma separated list of rules to treat with `style` severity | | | `override-info` | Comma separated list of rules to treat with `info` severity | |
| `ignore` | Comma separated list of Hadolint rules to ignore. | <none> | | `override-style` | Comma separated list of rules to treat with `style` severity | |
| `trusted-registries` | Comma separated list of urls of trusted registries | | | `ignore` | Comma separated list of Hadolint rules to ignore. | <none> |
| `trusted-registries` | Comma separated list of urls of trusted registries | |
## Output ## Output

5
action.yml
View file

@ -19,6 +19,10 @@ inputs:
required: false required: false
description: 'The path where to save the linting results to' description: 'The path where to save the linting results to'
default: default:
results-to-console:
required: false
description: 'The flag to print Hadolint results to console'
default: false
# standart hadolint options: # standart hadolint options:
no-color: no-color:
@ -95,6 +99,7 @@ runs:
HADOLINT_CONFIG: ${{ inputs.config }} HADOLINT_CONFIG: ${{ inputs.config }}
HADOLINT_RECURSIVE: ${{ inputs.recursive }} HADOLINT_RECURSIVE: ${{ inputs.recursive }}
HADOLINT_OUTPUT: ${{ inputs.output-file }} HADOLINT_OUTPUT: ${{ inputs.output-file }}
HADOLINT_RESULTS_TO_CONSOLE: ${{ inputs.results-to-console }}
branding: branding:
icon: 'layers' icon: 'layers'
color: 'purple' color: 'purple'

25
hadolint.sh
View file

@ -3,7 +3,10 @@
# The problem-matcher definition must be present in the repository # The problem-matcher definition must be present in the repository
# checkout (outside the Docker container running hadolint). We copy # checkout (outside the Docker container running hadolint). We copy
# problem-matcher.json to the home folder. # problem-matcher.json to the home folder.
cp /problem-matcher.json "$HOME/" PROBLEM_MATCHER_FILE="/problem-matcher.json"
if [ -f "$PROBLEM_MATCHER_FILE" ]; then
cp "$PROBLEM_MATCHER_FILE" "$HOME/"
fi
# After the run has finished we remove the problem-matcher.json from # After the run has finished we remove the problem-matcher.json from
# the repository so we don't leave the checkout dirty. We also remove # the repository so we don't leave the checkout dirty. We also remove
@ -23,16 +26,18 @@ if [ -z "$HADOLINT_TRUSTED_REGISTRIES" ]; then
unset HADOLINT_TRUSTED_REGISTRIES; unset HADOLINT_TRUSTED_REGISTRIES;
fi fi
COMMAND="hadolint $HADOLINT_CONFIG"
if [ "$HADOLINT_RECURSIVE" = "true" ]; then if [ "$HADOLINT_RECURSIVE" = "true" ]; then
shopt -s globstar shopt -s globstar
filename="${!#}" filename="${!#}"
flags="${@:1:$#-1}" flags="${@:1:$#-1}"
RESULTS=$(hadolint $HADOLINT_CONFIG $flags **/$filename) RESULTS=$(eval "$COMMAND $flags" -- **/$filename)
else else
# shellcheck disable=SC2086
RESULTS=$(hadolint $HADOLINT_CONFIG "$@") RESULTS=$(eval "$COMMAND" "$@")
fi fi
FAILED=$? FAILED=$?
@ -40,16 +45,18 @@ if [ -n "$HADOLINT_OUTPUT" ]; then
if [ -f "$HADOLINT_OUTPUT" ]; then if [ -f "$HADOLINT_OUTPUT" ]; then
HADOLINT_OUTPUT="$TMP_FOLDER/$HADOLINT_OUTPUT" HADOLINT_OUTPUT="$TMP_FOLDER/$HADOLINT_OUTPUT"
fi fi
echo "$RESULTS" > $HADOLINT_OUTPUT echo "$RESULTS" > "$HADOLINT_OUTPUT"
fi
if [ "$HADOLINT_RESULTS_TO_CONSOLE" = "true" ]; then
echo "$RESULTS"
fi fi
RESULTS="${RESULTS//$'\\n'/''}" RESULTS="${RESULTS//$'\\n'/''}"
echo "results<<EOF" >> $GITHUB_OUTPUT { echo "results<<EOF"; echo "$RESULTS"; echo "EOF"; } >> "$GITHUB_OUTPUT"
echo "${RESULTS}" >> $GITHUB_OUTPUT
echo "EOF" >> $GITHUB_OUTPUT
{ echo "HADOLINT_RESULTS<<EOF"; echo "$RESULTS"; echo "EOF"; } >> $GITHUB_ENV { echo "HADOLINT_RESULTS<<EOF"; echo "$RESULTS"; echo "EOF"; } >> "$GITHUB_ENV"
[ -z "$HADOLINT_OUTPUT" ] || echo "Hadolint output saved to: $HADOLINT_OUTPUT" [ -z "$HADOLINT_OUTPUT" ] || echo "Hadolint output saved to: $HADOLINT_OUTPUT"