Skip to content

Commit

Permalink
Merge pull request hadolint#74 from ViacheslavKudinov/master
Browse files Browse the repository at this point in the history 
Fix of ShellCheck. Doc update. Int testing updates. Added ShellCheck job.
  • Loading branch information
@lorenzo
lorenzo authored Feb 9, 2023
2 parents 5d0317e + 218bc41 commit d292784
Show file tree
Hide file tree
Showing 3 changed files with 61 additions and 22 deletions.
38 changes: 33 additions & 5 deletions .github/workflows/ci.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,11 @@ on:
env:
TEST_IMAGE_NAME: hadolint-action:${{github.sha}}

permissions:
contents: write
issues: write # Used by Release step to update "The automated release is failing" issue
pull-requests: write # Used by ShellCheck Action to add comments on PR

jobs:
lint:
name: Lint
Expand All @@ -18,10 +23,21 @@ jobs:
- name: Run hadolint
run: hadolint Dockerfile

shellcheck:
name: ShellCheck
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@v3
- name: Run ShellCheck
uses: reviewdog/[email protected]
with:
reporter: github-pr-review
fail_on_error: true

build-test:
name: Build and Test
runs-on: ubuntu-20.04
needs: ["lint"]
needs: [ "lint", "shellcheck" ]
steps:
- uses: actions/checkout@v3
- name: Build Docker image
Expand Down Expand Up @@ -69,8 +85,9 @@ jobs:
failure-threshold: error
format: json

- name: Run integration test 5 - output format
# This step will never fail, but will print out rule violations.
- name: Run integration test 5 - config file
# This step will never fail, but will print out rule violations
# because in config is set the error failure threshold.
id: hadolint5
uses: ./
with:
Expand All @@ -79,9 +96,20 @@ jobs:

- name: Run integration test 6 - verify results output parameter
# This step will never fail, but will print out the results from step5
run: echo "${{ steps.hadolint5.outputs.results }}"
env:
results: ${{ steps.hadolint5.outputs.results }}
run: echo "$results"

- name: Run integration test 7 - set recursive
# This step will never fail, but will print out rule violations
# for all the Dockerfiles in repository.
uses: ./
with:
dockerfile: "*Dockerfile"
failure-threshold: error
recursive: true

#- name: Run integration test 6 - output to file
#- name: Run integration test 8 - output to file
# # This step will never fail, but will print out rule violations.
# uses: ./
# with:
Expand Down
8 changes: 4 additions & 4 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,10 +28,10 @@ steps:
| `dockerfile` | The path to the Dockerfile to be tested | `./Dockerfile` |
| `recursive` | Search for specified dockerfile </br> recursively, from the project root | `false` |
| `config` | Custom path to a Hadolint config file | `./.hadolint.yaml` |
| `output-file` | A sub-path where to save the </br> output as a file to | |
| `no-color` | Don't create colored output (`true`/`false`) | |
| `no-fail` | Never fail the action (`true`/`false`) | |
| `verbose` | Output more information (`true`/`false`) | |
| `output-file` | A sub-path where to save the </br> output as a file to | `/dev/stdout` |
| `no-color` | Don't create colored output (`true`/`false`) | `false` |
| `no-fail` | Never fail the action (`true`/`false`) | `false` |
| `verbose` | Output more information (`true`/`false`) | `false` |
| `format` | The output format. One of [`tty` \| `json` \| </br> `checkstyle` \| `codeclimate` \| </br> `gitlab_codeclimate` \| `codacy` \| `sarif`] | `tty` |
| `failure-threshold` | Rule severity threshold for pipeline </br> failure. One of [`error` \| `warning` \| </br> `info` \| `style` \| `ignore`] | `info` |
| `override-error` | Comma separated list of rules to treat with `error` severity | |
Expand Down
37 changes: 24 additions & 13 deletions hadolint.sh
View file
Original file line number Diff line number Diff line change
@@ -1,15 +1,18 @@
#!/bin/bash

# The problem-matcher definition must be present in the repository
# checkout (outside the Docker container running hadolint). We copy
# problem-matcher.json to the home folder.
cp /problem-matcher.json "$HOME/"

PROBLEM_MATCHER_FILE="/problem-matcher.json"
if [ -f "$PROBLEM_MATCHER_FILE" ]; then
cp "$PROBLEM_MATCHER_FILE" "$HOME/"
fi
# After the run has finished we remove the problem-matcher.json from
# the repository so we don't leave the checkout dirty. We also remove
# the matcher so it won't take effect in later steps.
# shellcheck disable=SC2317
cleanup() {
echo "::remove-matcher owner=brpaz/hadolint-action::"
echo "::remove-matcher owner=brpaz/hadolint-action::"
}
trap cleanup EXIT

Expand All @@ -20,36 +23,44 @@ if [ -n "$HADOLINT_CONFIG" ]; then
fi

if [ -z "$HADOLINT_TRUSTED_REGISTRIES" ]; then
unset HADOLINT_TRUSTED_REGISTRIES;
unset HADOLINT_TRUSTED_REGISTRIES
fi

COMMAND="hadolint $HADOLINT_CONFIG"

if [ "$HADOLINT_RECURSIVE" = "true" ]; then
shopt -s globstar

filename="${!#}"
flags="${@:1:$#-1}"
flags="${*:1:$#-1}"

RESULTS=$(hadolint $HADOLINT_CONFIG $flags **/$filename)
RESULTS=$(eval "$COMMAND $flags" -- **/"$filename")
else
# shellcheck disable=SC2086
RESULTS=$(hadolint $HADOLINT_CONFIG "$@")
flags=$*
RESULTS=$(eval "$COMMAND" "$flags")
fi
FAILED=$?

if [ -n "$HADOLINT_OUTPUT" ]; then
if [ -f "$HADOLINT_OUTPUT" ]; then
HADOLINT_OUTPUT="$TMP_FOLDER/$HADOLINT_OUTPUT"
fi
echo "$RESULTS" > $HADOLINT_OUTPUT
echo "$RESULTS" >"$HADOLINT_OUTPUT"
fi

RESULTS="${RESULTS//$'\\n'/''}"

echo "results<<EOF" >> $GITHUB_OUTPUT
echo "${RESULTS}" >> $GITHUB_OUTPUT
echo "EOF" >> $GITHUB_OUTPUT
{
echo "results<<EOF"
echo "$RESULTS"
echo "EOF"
} >>"$GITHUB_OUTPUT"

{ echo "HADOLINT_RESULTS<<EOF"; echo "$RESULTS"; echo "EOF"; } >> $GITHUB_ENV
{
echo "HADOLINT_RESULTS<<EOF"
echo "$RESULTS"
echo "EOF"
} >>"$GITHUB_ENV"

[ -z "$HADOLINT_OUTPUT" ] || echo "Hadolint output saved to: $HADOLINT_OUTPUT"

Expand Down

0 comments on commit d292784

Please sign in to comment.