├── .github ├── renovate.json └── workflows │ ├── depup.yml │ ├── release.yml │ ├── reviewdog.yml │ ├── test.yml │ └── yamllint.yml ├── LICENSE ├── README.md ├── action.yml ├── examples ├── example-github-pr-check.png └── example-github-pr-review.png ├── script.sh ├── testdata ├── Dockerfile ├── Dockerfile.dockerignore └── sub-dir │ └── Dockerfile └── to-rdjson.jq /.github/renovate.json: -------------------------------------------------------------------------------- 1 | { 2 | "extends": [ 3 | "config:base" 4 | ], 5 | "labels": [ 6 | "bump:patch" 7 | ] 8 | } 9 | -------------------------------------------------------------------------------- /.github/workflows/depup.yml: -------------------------------------------------------------------------------- 1 | name: depup 2 | on: 3 | schedule: 4 | - cron: '14 14 * * *' # Runs at 14:14 UTC every day 5 | repository_dispatch: 6 | types: [depup] 7 | workflow_dispatch: 8 | 9 | jobs: 10 | reviewdog: 11 | runs-on: ubuntu-latest 12 | steps: 13 | - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 14 | - uses: haya14busa/action-depup@94a1aaf4e4923064019214b48a43276218af7ad5 # v1.6.4 15 | id: depup 16 | with: 17 | file: action.yml 18 | version_name: REVIEWDOG_VERSION 19 | repo: reviewdog/reviewdog 20 | 21 | - name: Create Pull Request to update reviewdog 22 | uses: peter-evans/create-pull-request@271a8d0340265f705b14b6d32b9829c1cb33d45e # v7.0.8 23 | with: 24 | token: ${{ secrets.GITHUB_TOKEN }} 25 | title: "chore(deps): update reviewdog to ${{ steps.depup.outputs.latest }}" 26 | commit-message: "chore(deps): update reviewdog to ${{ steps.depup.outputs.latest }}" 27 | body: | 28 | Update reviewdog to [v${{ steps.depup.outputs.latest }}](https://github.com/reviewdog/reviewdog/releases/tag/v${{ steps.depup.outputs.latest }}) 29 | Compare [v${{ steps.depup.outputs.current }}...v${{ steps.depup.outputs.latest }}](https://github.com/reviewdog/reviewdog/compare/v${{ steps.depup.outputs.current }}...v${{ steps.depup.outputs.latest }}) 30 | 31 | This PR is auto generated by [depup workflow](https://github.com/${{ github.repository }}/actions?query=workflow%3Adepup). 32 | branch: depup/reviewdog 33 | base: master 34 | labels: "bump:minor" 35 | 36 | hadolint: 37 | runs-on: ubuntu-latest 38 | steps: 39 | - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 40 | - uses: haya14busa/action-depup@94a1aaf4e4923064019214b48a43276218af7ad5 # v1.6.4 41 | id: depup 42 | with: 43 | file: action.yml 44 | version_name: HADOLINT_VERSION 45 | repo: hadolint/hadolint 46 | 47 | - name: Create Pull Request to update hadolint 48 | uses: peter-evans/create-pull-request@271a8d0340265f705b14b6d32b9829c1cb33d45e # v7.0.8 49 | with: 50 | token: ${{ secrets.GITHUB_TOKEN }} 51 | title: "chore(deps): update hadolint to ${{ steps.depup.outputs.latest }}" 52 | commit-message: "chore(deps): update hadolint to ${{ steps.depup.outputs.latest }}" 53 | body: | 54 | Update hadolint to [v${{ steps.depup.outputs.latest }}](https://github.com/hadolint/hadolint/releases/tag/v${{ steps.depup.outputs.latest }}) 55 | Compare [v${{ steps.depup.outputs.current }}...v${{ steps.depup.outputs.latest }}](https://github.com/hadolint/hadolint/compare/v${{ steps.depup.outputs.current }}...v${{ steps.depup.outputs.latest }}) 56 | 57 | This PR is auto generated by [depup workflow](https://github.com/${{ github.repository }}/actions?query=workflow%3Adepup). 58 | branch: depup/hadolint 59 | base: master 60 | labels: "bump:minor" 61 | -------------------------------------------------------------------------------- /.github/workflows/release.yml: -------------------------------------------------------------------------------- 1 | name: release 2 | on: 3 | push: 4 | branches: 5 | - master 6 | tags: 7 | - 'v*.*.*' 8 | pull_request: 9 | types: 10 | - labeled 11 | 12 | jobs: 13 | release: 14 | if: github.event.action != 'labeled' 15 | runs-on: ubuntu-latest 16 | steps: 17 | - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 18 | 19 | # Bump version on merging Pull Requests with specific labels. 20 | # (bump:major,bump:minor,bump:patch) 21 | - id: bumpr 22 | if: "!startsWith(github.ref, 'refs/tags/')" 23 | uses: haya14busa/action-bumpr@78ab5a104d20896c9c9122c64221b3aecf1a8cbb # v1.10.0 24 | 25 | # Update corresponding major and minor tag. 26 | # e.g. Update v1 and v1.2 when releasing v1.2.3 27 | - uses: haya14busa/action-update-semver@fb48464b2438ae82cc78237be61afb4f461265a1 # v1.2.1 28 | if: "!steps.bumpr.outputs.skip" 29 | with: 30 | tag: ${{ steps.bumpr.outputs.next_version }} 31 | 32 | # Get tag name. 33 | - id: tag 34 | uses: haya14busa/action-cond@94f77f7a80cd666cb3155084e428254fea4281fd # v1.2.1 35 | with: 36 | cond: "${{ startsWith(github.ref, 'refs/tags/') }}" 37 | if_true: ${{ github.ref }} 38 | if_false: ${{ steps.bumpr.outputs.next_version }} 39 | 40 | # Create release 41 | - if: "steps.tag.outputs.value != ''" 42 | env: 43 | TAG_NAME: ${{ steps.tag.outputs.value }} 44 | CURRENT: ${{ steps.bumpr.outputs.current_version }} 45 | GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} 46 | run: | 47 | gh release create "${TAG_NAME}" -t "Release ${TAG_NAME/refs\/tags\//}" --generate-notes --notes-start-tag "${CURRENT}" 48 | 49 | release-check: 50 | if: github.event.action == 'labeled' 51 | runs-on: ubuntu-latest 52 | steps: 53 | - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 54 | - name: Post bumpr status comment 55 | uses: haya14busa/action-bumpr@78ab5a104d20896c9c9122c64221b3aecf1a8cbb # v1.10.0 56 | -------------------------------------------------------------------------------- /.github/workflows/reviewdog.yml: -------------------------------------------------------------------------------- 1 | name: reviewdog 2 | on: [pull_request] 3 | jobs: 4 | shellcheck: 5 | name: runner / shellcheck 6 | runs-on: ubuntu-latest 7 | steps: 8 | - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 9 | - name: shellcheck 10 | uses: reviewdog/action-shellcheck@57079a832290a049f49cee90984b072c870fb7d4 # v1.29.3 11 | with: 12 | github_token: ${{ secrets.github_token }} 13 | misspell: 14 | name: runner / misspell 15 | runs-on: ubuntu-latest 16 | steps: 17 | - name: Check out code. 18 | uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 19 | - name: misspell 20 | uses: reviewdog/action-misspell@9daa94af4357dddb6fd3775de806bc0a8e98d3e4 # v1.26.3 21 | with: 22 | github_token: ${{ secrets.github_token }} 23 | locale: "US" 24 | -------------------------------------------------------------------------------- /.github/workflows/test.yml: -------------------------------------------------------------------------------- 1 | name: Test 2 | on: 3 | push: 4 | branches: 5 | - master 6 | pull_request: 7 | 8 | jobs: 9 | test-check: 10 | name: runner / hadolint (github-check) 11 | runs-on: ubuntu-latest 12 | steps: 13 | - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 14 | - uses: ./ 15 | with: 16 | reporter: github-check 17 | level: info 18 | exclude: Dockerfile.dockerignore 19 | 20 | test-pr-review: 21 | if: github.event_name == 'pull_request' 22 | name: runner / hadolint (github-pr-review) 23 | runs-on: ubuntu-latest 24 | steps: 25 | - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 26 | - uses: ./ 27 | with: 28 | reporter: github-pr-review 29 | filter_mode: diff_context 30 | exclude: Dockerfile.dockerignore 31 | -------------------------------------------------------------------------------- /.github/workflows/yamllint.yml: -------------------------------------------------------------------------------- 1 | --- 2 | name: yamllint 3 | on: [pull_request] 4 | 5 | jobs: 6 | yamllint: 7 | name: check / yamllint 8 | runs-on: ubuntu-latest 9 | steps: 10 | - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 11 | - name: yamllint 12 | uses: reviewdog/action-yamllint@f01d8a48fd8d89f89895499fca2cff09f9e9e8c0 # v1.21.0 13 | with: 14 | github_token: ${{ secrets.github_token }} 15 | reporter: github-pr-review 16 | fail_level: any 17 | yamllint_flags: '-d "{extends: default, rules: {truthy: disable}}" .' 18 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2019 Grachev Mikhail 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # GitHub Action: Run hadolint with reviewdog 🐶 2 | 3 | [![](https://img.shields.io/github/license/reviewdog/action-hadolint)](./LICENSE) 4 | [![depup](https://github.com/reviewdog/action-hadolint/workflows/depup/badge.svg)](https://github.com/reviewdog/action-hadolint/actions?query=workflow%3Adepup) 5 | [![release](https://github.com/reviewdog/action-hadolint/workflows/release/badge.svg)](https://github.com/reviewdog/action-hadolint/actions?query=workflow%3Arelease) 6 | [![GitHub release (latest SemVer)](https://img.shields.io/github/v/release/reviewdog/action-hadolint?logo=github&sort=semver)](https://github.com/reviewdog/action-hadolint/releases) 7 | [![action-bumpr supported](https://img.shields.io/badge/bumpr-supported-ff69b4?logo=github&link=https://github.com/haya14busa/action-bumpr)](https://github.com/haya14busa/action-bumpr) 8 | 9 | This action runs [hadolint](https://github.com/hadolint/hadolint) with 10 | [reviewdog](https://github.com/reviewdog/reviewdog) on pull requests to lint Dockerfile 11 | and validate inline bash. 12 | 13 | ## Examples 14 | 15 | ### With `github-pr-check` 16 | 17 | By default, with `reporter: github-pr-check` an annotation is added to the line: 18 | 19 | ![Example comment made by the action, with github-pr-check](./examples/example-github-pr-check.png) 20 | 21 | ### With `github-pr-review` 22 | 23 | With `reporter: github-pr-review` a comment is added to the Pull Request Conversation: 24 | 25 | ![Example comment made by the action, with github-pr-review](examples/example-github-pr-review.png) 26 | 27 | ## Inputs 28 | 29 | ### `github_token` 30 | 31 | Optional. `${{ github.token }}` is used by default. 32 | 33 | ### `hadolint_flags` 34 | 35 | Optional. Pass hadolint flags: 36 | ``` 37 | with: 38 | hadolint_flags: --trusted-registry docker.io 39 | ``` 40 | 41 | ### `hadolint_ignore` 42 | 43 | Optional. Pass hadolint rules to ignore them: 44 | ``` 45 | with: 46 | hadolint_ignore: DL3009 DL3008 47 | ``` 48 | 49 | ### `tool_name` 50 | 51 | Optional. Tool name to use for reviewdog reporter. Useful when running multiple 52 | actions with different config. 53 | 54 | ### `exclude` 55 | 56 | Optional. List of folders and files to exclude from checking. 57 | 58 | Use `/%FOLDER%/*` to exclude whole folder or `%FILENAME%` to exclude certain files. 59 | 60 | Note that you can use wildcard to exclude certain file extensions, like `Dockerfile.*` will exclude `Dockerfile.dev`, but will not exclude `Dockerfile`. 61 | 62 | You can combine those rules as you wish (i.e. exclude certain files from certain folders only): 63 | ```yaml 64 | with: 65 | exclude: | 66 | /vendor/* 67 | Dockerfile.* 68 | ``` 69 | 70 | ### `include` 71 | 72 | Optional. Defaults to `*Dockerfile*`. List of folders and files to use for checking. 73 | 74 | Use `/%FOLDER%/*` to include whole folder or `%FILENAME%` to include certain files. 75 | 76 | Note that you can use wildcard to include certain file extensions, like `Dockerfile.*` will include `Dockerfile.dev`, but will not include `Dockerfile`. 77 | 78 | You can combine those rules as you wish (i.e. exclude certain files from certain folders only): 79 | ```yaml 80 | with: 81 | include: | 82 | subfolder/Dockerfile.* 83 | ``` 84 | 85 | ### `level` 86 | 87 | Optional. Report level for reviewdog [`info`, `warning`, `error`]. 88 | It's same as `-level` flag of reviewdog. 89 | 90 | ### `reporter` 91 | 92 | Optional. Reporter of reviewdog command [`github-pr-check`, `github-pr-review`]. 93 | The default is `github-pr-check`. 94 | 95 | ### `filter_mode` 96 | 97 | Optional. Filtering mode for the reviewdog command [`added`, `diff_context`, `file`, `nofilter`]. 98 | Default is `added`. 99 | 100 | ### `fail_level` 101 | 102 | Optional. If set to `none`, always use exit code 0 for reviewdog. Otherwise, exit code 1 for reviewdog if it finds at least 1 issue with severity greater than or equal to the given level. 103 | Possible values: [`none`, `any`, `info`, `warning`, `error`] 104 | Default is `none`. 105 | 106 | ### `fail_on_error` 107 | 108 | Deprecated, use `fail_level` instead. 109 | Optional. Exit code for reviewdog when errors are found [`true`, `false`] 110 | Default is `false`. 111 | 112 | ### `reviewdog_flags` 113 | 114 | Optional. Additional reviewdog flags. 115 | 116 | ## Example usage 117 | 118 | ```yml 119 | name: reviewdog 120 | on: [pull_request] 121 | jobs: 122 | hadolint: 123 | name: runner / hadolint 124 | runs-on: ubuntu-latest 125 | steps: 126 | - name: Check out code 127 | uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 128 | - name: hadolint 129 | uses: reviewdog/action-hadolint@fc7ee4a9f71e521bc43e370819247b70e5327540 # v1.50.2 130 | with: 131 | reporter: github-pr-review # Default is github-pr-check 132 | ``` 133 | 134 | ## Sponsor 135 | 136 |

137 | 138 | Sponsored by Evrone 140 | 141 |

142 | 143 | ## License 144 | 145 | [MIT](https://choosealicense.com/licenses/mit) 146 | -------------------------------------------------------------------------------- /action.yml: -------------------------------------------------------------------------------- 1 | name: 'Run hadolint with reviewdog' 2 | description: '🐶 Run hadolint with reviewdog on pull requests to lint Dockerfile and validate inline bash.' 3 | author: 'mgrachev (reviewdog)' 4 | inputs: 5 | github_token: 6 | description: 'GITHUB_TOKEN' 7 | default: '${{ github.token }}' 8 | hadolint_flags: 9 | description: 'Hadolint flags. (hadolint )' 10 | default: '' 11 | hadolint_ignore: 12 | description: 'List of ignored rules. (hadolint --ignore RULE1 --ignore RULE2)' 13 | default: '' 14 | tool_name: 15 | description: 'Tool name to use for reviewdog reporter' 16 | default: 'hadolint' 17 | exclude: 18 | description: 'List of files and folders to exclude' 19 | default: '' 20 | include: 21 | description: 'List of files and folders to include' 22 | default: '*Dockerfile*' 23 | level: 24 | description: 'Report level for reviewdog [info,warning,error]' 25 | default: 'error' 26 | reporter: 27 | description: | 28 | Reporter of reviewdog command [github-pr-check,github-pr-review]. 29 | Default is github-pr-check. 30 | default: 'github-pr-check' 31 | filter_mode: 32 | description: | 33 | Filtering mode for the reviewdog command [added,diff_context,file,nofilter]. 34 | Default is added. 35 | default: 'added' 36 | fail_level: 37 | description: | 38 | If set to `none`, always use exit code 0 for reviewdog. Otherwise, exit code 1 for reviewdog if it finds at least 1 issue with severity greater than or equal to the given level. 39 | Possible values: [none,any,info,warning,error] 40 | Default is `none`. 41 | default: 'none' 42 | fail_on_error: 43 | description: | 44 | Deprecated, use `fail_level` instead. 45 | Exit code for reviewdog when errors are found [true,false] 46 | Default is `false`. 47 | deprecationMessage: Deprecated, use `fail_level` instead. 48 | default: 'false' 49 | reviewdog_flags: 50 | description: 'Additional reviewdog flags' 51 | default: '' 52 | runs: 53 | using: 'composite' 54 | steps: 55 | - run: $GITHUB_ACTION_PATH/script.sh 56 | shell: sh 57 | env: 58 | REVIEWDOG_VERSION: v0.20.3 59 | HADOLINT_VERSION: v2.12.0 60 | # INPUT_ is not available in Composite run steps 61 | # https://github.community/t/input-variable-name-is-not-available-in-composite-run-steps/127611 62 | INPUT_GITHUB_TOKEN: ${{ inputs.github_token }} 63 | INPUT_EXCLUDE: ${{ inputs.exclude }} 64 | INPUT_INCLUDE: ${{ inputs.include }} 65 | INPUT_HADOLINT_IGNORE: ${{ inputs.hadolint_ignore }} 66 | INPUT_HADOLINT_FLAGS: ${{ inputs.hadolint_flags }} 67 | INPUT_TOOL_NAME: ${{ inputs.tool_name }} 68 | INPUT_LEVEL: ${{ inputs.level }} 69 | INPUT_REPORTER: ${{ inputs.reporter }} 70 | INPUT_FILTER_MODE: ${{ inputs.filter_mode }} 71 | INPUT_FAIL_LEVEL: ${{ inputs.fail_level }} 72 | INPUT_FAIL_ON_ERROR: ${{ inputs.fail_on_error }} 73 | INPUT_REVIEWDOG_FLAGS: ${{ inputs.reviewdog_flags }} 74 | branding: 75 | icon: 'check-circle' 76 | color: 'blue' 77 | -------------------------------------------------------------------------------- /examples/example-github-pr-check.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/reviewdog/action-hadolint/03ccd6f1e6ee5e25f78395d0cd91884e809673df/examples/example-github-pr-check.png -------------------------------------------------------------------------------- /examples/example-github-pr-review.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/reviewdog/action-hadolint/03ccd6f1e6ee5e25f78395d0cd91884e809673df/examples/example-github-pr-review.png -------------------------------------------------------------------------------- /script.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | # shellcheck disable=SC2086,SC2089,SC2090 4 | 5 | cd "${GITHUB_WORKSPACE}" || exit 6 | 7 | TEMP_PATH="$(mktemp -d)" 8 | PATH="${TEMP_PATH}:$PATH" 9 | 10 | echo '::group::🐶 Installing reviewdog ... https://github.com/reviewdog/reviewdog' 11 | curl -sfL https://raw.githubusercontent.com/reviewdog/reviewdog/fd59714416d6d9a1c0692d872e38e7f8448df4fc/install.sh | sh -s -- -b "${TEMP_PATH}" "${REVIEWDOG_VERSION}" 2>&1 12 | echo '::endgroup::' 13 | 14 | echo '::group:: Installing hadolint ... https://github.com/hadolint/hadolint' 15 | HADOLINT_FILE="hadolint-Linux-x86_64" 16 | 17 | if [ "$RUNNER_ARCH" = "ARM64" ]; then 18 | HADOLINT_FILE="hadolint-Linux-arm64" 19 | fi 20 | 21 | wget -q "https://github.com/hadolint/hadolint/releases/download/$HADOLINT_VERSION/$HADOLINT_FILE" -O $TEMP_PATH/hadolint \ 22 | && chmod +x $TEMP_PATH/hadolint 23 | echo '::endgroup::' 24 | 25 | export REVIEWDOG_GITHUB_API_TOKEN="${INPUT_GITHUB_TOKEN}" 26 | 27 | EXCLUDES="" 28 | for exclude_path in $INPUT_EXCLUDE; do 29 | set -- --exclude="!${exclude_path}" 30 | EXCLUDES="$EXCLUDES $*" 31 | done 32 | 33 | INCLUDES="" 34 | for include_path in $INPUT_INCLUDE; do 35 | set -- --exclude="${include_path}" 36 | INCLUDES="$INCLUDES $*" 37 | done 38 | 39 | IGNORE_LIST="" 40 | for rule in $INPUT_HADOLINT_IGNORE; do 41 | IGNORE_LIST="$IGNORE_LIST --ignore $rule" 42 | done 43 | 44 | INPUT_HADOLINT_FLAGS="$INPUT_HADOLINT_FLAGS $IGNORE_LIST" 45 | 46 | echo '::group:: Running hadolint with reviewdog 🐶 ...' 47 | git ls-files ${INCLUDES} --ignored --cached ${EXCLUDES} \ 48 | | xargs hadolint -f json ${INPUT_HADOLINT_FLAGS} \ 49 | | jq -f "${GITHUB_ACTION_PATH}/to-rdjson.jq" -c \ 50 | | reviewdog -f="rdjson" \ 51 | -name="${INPUT_TOOL_NAME}" \ 52 | -reporter="${INPUT_REPORTER}" \ 53 | -filter-mode="${INPUT_FILTER_MODE}" \ 54 | -fail-level="${INPUT_FAIL_LEVEL}" \ 55 | -fail-on-error="${INPUT_FAIL_ON_ERROR}" \ 56 | -level="${INPUT_LEVEL}" \ 57 | ${INPUT_REVIEWDOG_FLAGS} 58 | EXIT_CODE=$? 59 | echo '::endgroup::' 60 | 61 | exit $EXIT_CODE 62 | -------------------------------------------------------------------------------- /testdata/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM ubuntu 2 | 3 | RUN apt-get install -y jq 4 | 5 | RUN LANGUAGE= nl 6 | RUN cd /tmp && echo "hello!" 7 | -------------------------------------------------------------------------------- /testdata/Dockerfile.dockerignore: -------------------------------------------------------------------------------- 1 | .git 2 | -------------------------------------------------------------------------------- /testdata/sub-dir/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM ubuntu 2 | 3 | RUN cd /tmp && echo "hello!" 4 | -------------------------------------------------------------------------------- /to-rdjson.jq: -------------------------------------------------------------------------------- 1 | # Convert hadolint JSON output to Reviewdog Diagnostic Format (rdjson) 2 | # https://github.com/reviewdog/reviewdog/blob/f577bd4b56e5973796eb375b4205e89bce214bd9/proto/rdf/reviewdog.proto 3 | { 4 | source: { 5 | name: "hadolint", 6 | url: "https://github.com/hadolint/hadolint" 7 | }, 8 | diagnostics: . | map({ 9 | message: .message, 10 | code: { 11 | value: .code, 12 | url: (if .code | startswith("DL") then 13 | "https://github.com/hadolint/hadolint/wiki/\(.code)" 14 | elif .code | startswith("SC") then 15 | "https://github.com/koalaman/shellcheck/wiki/\(.code)" 16 | else 17 | null 18 | end), 19 | } , 20 | location: { 21 | path: .file, 22 | range: { 23 | start: { 24 | line: .line, 25 | column: .column 26 | } 27 | } 28 | }, 29 | severity: ((.level|ascii_upcase|select(match("ERROR|WARNING|INFO")))//null) 30 | }) 31 | } 32 | --------------------------------------------------------------------------------