From db1f19944d0a6a2dc3f645d16442a70ee3d32380 Mon Sep 17 00:00:00 2001 From: Johan Ljunggren Date: Wed, 11 Sep 2024 19:10:43 +0200 Subject: [PATCH] Fix dockerfile lint --- .devcontainer/Dockerfile | 38 +++++++++++----------- .github/workflows/dockerfile-lint.yml | 47 +++++++++++++++++++++++++++ 2 files changed, 66 insertions(+), 19 deletions(-) create mode 100644 .github/workflows/dockerfile-lint.yml diff --git a/.devcontainer/Dockerfile b/.devcontainer/Dockerfile index e87818f..4e708bc 100644 --- a/.devcontainer/Dockerfile +++ b/.devcontainer/Dockerfile @@ -9,19 +9,29 @@ ENV DOTNET_SDK_VERSION=8.0 ENV NODE_VERSION=18 # Install additional OS packages and .NET SDK -RUN apt-get update && apt-get install -y --no-install-recommends \ +# hadolint ignore=DL3008 +RUN wget --progress=dot:giga https://packages.microsoft.com/config/debian/$DEBIAN_VERSION/packages-microsoft-prod.deb -O packages-microsoft-prod.deb \ + && dpkg -i packages-microsoft-prod.deb \ + && rm packages-microsoft-prod.deb \ + && apt-get update \ + && apt-get install -y --no-install-recommends \ + dotnet-sdk-$DOTNET_SDK_VERSION \ git \ apt-transport-https \ curl \ - wget + wget \ + && apt-get clean -y \ + && rm -rf /var/lib/apt/lists/* -RUN wget https://packages.microsoft.com/config/debian/$DEBIAN_VERSION/packages-microsoft-prod.deb -O packages-microsoft-prod.deb \ - && dpkg -i packages-microsoft-prod.deb \ - && rm packages-microsoft-prod.deb \ - && apt-get update \ - && apt-get install -y --no-install-recommends dotnet-sdk-$DOTNET_SDK_VERSION +# Install n package manager and use it to install the latest Node.js and npm +RUN npm install -g n@latest && n $NODE_VERSION \ + && npm install -g npm@latest + +# Switch back to dialog for any ad-hoc use of apt-get +ENV DEBIAN_FRONTEND=dialog -RUN apt-get clean -y && rm -rf /var/lib/apt/lists/* +# Set the default shell to bash +SHELL ["/bin/bash", "-c"] # Switch to the node user USER node @@ -34,14 +44,4 @@ RUN dotnet tool install --global GitVersion.Tool RUN printf "\nalias gitversion=\"dotnet-gitversion\"\n" >> /home/node/.bashrc # Switch back to root user to install global npm packages -USER root - -# Install n package manager and use it to install the latest Node.js and npm -RUN npm install -g n && n $NODE_VERSION \ - && npm install -g npm@latest - -# Switch back to dialog for any ad-hoc use of apt-get -ENV DEBIAN_FRONTEND=dialog - -# Set the default shell to bash -SHELL ["/bin/bash", "-c"] +#USER root diff --git a/.github/workflows/dockerfile-lint.yml b/.github/workflows/dockerfile-lint.yml new file mode 100644 index 0000000..de7ed4e --- /dev/null +++ b/.github/workflows/dockerfile-lint.yml @@ -0,0 +1,47 @@ +name: Lint Dockerfile + +on: + pull_request: + branches: + - main + +jobs: + lint: + runs-on: ubuntu-latest + + # cSpell: ignore hadolint .devcontainer sarif codeql + steps: + - name: Checkout code + uses: actions/checkout@v2 + + - name: Install Hadolint + run: sudo apt-get update && sudo apt-get install -y hadolint + + - name: Create testResults directory + run: mkdir -p testResults + + - name: Lint Dockerfile + run: hadolint .devcontainer/Dockerfile --failure-threshold warning --format sarif > testResults/hadolint-results.sarif + continue-on-error: true + + - name: Check if SARIF file exists + id: check_sarif + run: | + if [ -f testResults/hadolint-results.sarif ]; then + echo "::set-output name=file_exists::true" + else + echo "::set-output name=file_exists::false" + fi + + - name: Upload SARIF file + uses: github/codeql-action/upload-sarif@v2 + if: always() && steps.check_sarif.outputs.file_exists == 'true' + with: + sarif_file: testResults/hadolint-results.sarif + + - name: Upload testResults + uses: actions/upload-artifact@v2 + if: always() && steps.check_sarif.outputs.file_exists == 'true' + with: + name: hadolint-results + path: testResults/hadolint-results.sarif