Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Some shellcheck fixes and new input to print Hadolint results to console #68

Merged
merged 2 commits into from
Jan 18, 2023
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
18 changes: 17 additions & 1 deletion .github/workflows/ci.yml
Original file line number Diff line number Diff line change
Expand Up @@ -79,7 +79,23 @@ jobs:

- name: Run integration test 6 - verify results output parameter
# This step will never fail, but will print out the results from step5
run: echo "${{ steps.hadolint5.outputs.results }}"
env:
results: ${{ steps.hadolint5.outputs.results }}
run: echo "$results"

- name: Run integration test 7 - set recursive
uses: ./
with:
dockerfile: "*Dockerfile"
failure-threshold: error
recursive: true

- name: Run integration test 8 - print results to console
uses: ./
with:
dockerfile: testdata/warning.Dockerfile
failure-threshold: error
results-to-console: true

#- name: Run integration test 6 - output to file
# # This step will never fail, but will print out rule violations.
Expand Down
1 change: 1 addition & 0 deletions .gitignore
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
.idea
35 changes: 18 additions & 17 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -22,23 +22,24 @@ steps:

## Inputs

| Name | Description | Default |
|----------------------|-----------------------------------------------------------------------------------------------------------------------------------------|--------------------|
| `dockerfile` | The path to the Dockerfile to be tested | `./Dockerfile` |
| `recursive` | Search for specified dockerfile </br> recursively, from the project root | `false` |
| `config` | Custom path to a Hadolint config file | `./.hadolint.yaml` |
| `output-file` | A sub-path where to save the </br> output as a file to | |
| `no-color` | Don't create colored output (`true`/`false`) | |
| `no-fail` | Never fail the action (`true`/`false`) | |
| `verbose` | Output more information (`true`/`false`) | |
| `format` | The output format. One of [`tty` \| `json` \| </br> `checkstyle` \| `codeclimate` \| </br> `gitlab_codeclimate` \| `codacy` \| `sarif`] | `tty` |
| `failure-threshold` | Rule severity threshold for pipeline </br> failure. One of [`error` \| `warning` \| </br> `info` \| `style` \| `ignore`] | `info` |
| `override-error` | Comma separated list of rules to treat with `error` severity | |
| `override-warning` | Comma separated list of rules to treat with `warning` severity | |
| `override-info` | Comma separated list of rules to treat with `info` severity | |
| `override-style` | Comma separated list of rules to treat with `style` severity | |
| `ignore` | Comma separated list of Hadolint rules to ignore. | <none> |
| `trusted-registries` | Comma separated list of urls of trusted registries | |
| Name | Description | Default |
|----------------------|-------------------------------------------------------------------------------------------------------------------------------|--------------------|
| `dockerfile` | The path to the Dockerfile to be tested | `./Dockerfile` |
| `recursive` | Search for specified dockerfile </br> recursively, from the project root | `false` |
| `config` | Custom path to a Hadolint config file | `./.hadolint.yaml` |
| `output-file` | A sub-path where to save the </br> output as a file to | |
| `results-to-console` | The flag to print Hadolint results to console | `false` |
| `no-color` | Don't create colored output (`true`/`false`) | |
| `no-fail` | Never fail the action (`true`/`false`) | |
| `verbose` | Output more information (`true`/`false`) | |
| `format` | The output format. One of [`tty` \ | `json` \| </br> `checkstyle` \| `codeclimate` \| </br> `gitlab_codeclimate` \| `codacy` \| `sarif`] | `tty` |
| `failure-threshold` | Rule severity threshold for pipeline </br> failure. One of [`error` \ | `warning` \| </br> `info` \| `style` \| `ignore`] | `info` |
| `override-error` | Comma separated list of rules to treat with `error` severity | |
| `override-warning` | Comma separated list of rules to treat with `warning` severity | |
| `override-info` | Comma separated list of rules to treat with `info` severity | |
| `override-style` | Comma separated list of rules to treat with `style` severity | |
| `ignore` | Comma separated list of Hadolint rules to ignore. | <none> |
| `trusted-registries` | Comma separated list of urls of trusted registries | |

## Output

Expand Down
6 changes: 5 additions & 1 deletion action.yml
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,10 @@ inputs:
required: false
description: 'The path where to save the linting results to'
default: "/dev/stdout"

results-to-console:
required: false
description: 'The flag to print Hadolint results to console'
default: false
# standart hadolint options:
no-color:
required: false
Expand Down Expand Up @@ -95,6 +98,7 @@ runs:
HADOLINT_CONFIG: ${{ inputs.config }}
HADOLINT_RECURSIVE: ${{ inputs.recursive }}
HADOLINT_OUTPUT: ${{ inputs.output-file }}
HADOLINT_RESULTS_TO_CONSOLE: ${{ inputs.results-to-console }}
branding:
icon: 'layers'
color: 'purple'
25 changes: 16 additions & 9 deletions hadolint.sh
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,10 @@
# The problem-matcher definition must be present in the repository
# checkout (outside the Docker container running hadolint). We copy
# problem-matcher.json to the home folder.
cp /problem-matcher.json "$HOME/"
PROBLEM_MATCHER_FILE="/problem-matcher.json"
if [ -f "$PROBLEM_MATCHER_FILE" ]; then
cp "$PROBLEM_MATCHER_FILE" "$HOME/"
fi

# After the run has finished we remove the problem-matcher.json from
# the repository so we don't leave the checkout dirty. We also remove
Expand All @@ -23,33 +26,37 @@ if [ -z "$HADOLINT_TRUSTED_REGISTRIES" ]; then
unset HADOLINT_TRUSTED_REGISTRIES;
fi

COMMAND="hadolint $HADOLINT_CONFIG"

if [ "$HADOLINT_RECURSIVE" = "true" ]; then
shopt -s globstar

filename="${!#}"
flags="${@:1:$#-1}"

RESULTS=$(hadolint $HADOLINT_CONFIG $flags **/$filename)
RESULTS=$(eval "$COMMAND $flags" -- **/$filename)
else
# shellcheck disable=SC2086
RESULTS=$(hadolint $HADOLINT_CONFIG "$@")

RESULTS=$(eval "$COMMAND" "$@")
fi
FAILED=$?

if [ -n "$HADOLINT_OUTPUT" ]; then
if [ -f "$HADOLINT_OUTPUT" ]; then
HADOLINT_OUTPUT="$TMP_FOLDER/$HADOLINT_OUTPUT"
fi
echo "$RESULTS" > $HADOLINT_OUTPUT
echo "$RESULTS" > "$HADOLINT_OUTPUT"
fi

if [ "$HADOLINT_RESULTS_TO_CONSOLE" = "true" ]; then
echo "$RESULTS"
fi

RESULTS="${RESULTS//$'\\n'/''}"

echo "results<<EOF" >> $GITHUB_OUTPUT
echo "${RESULTS}" >> $GITHUB_OUTPUT
echo "EOF" >> $GITHUB_OUTPUT
{ echo "results<<EOF"; echo "$RESULTS"; echo "EOF"; } >> "$GITHUB_OUTPUT"

{ echo "HADOLINT_RESULTS<<EOF"; echo "$RESULTS"; echo "EOF"; } >> $GITHUB_ENV
{ echo "HADOLINT_RESULTS<<EOF"; echo "$RESULTS"; echo "EOF"; } >> "$GITHUB_ENV"

[ -z "$HADOLINT_OUTPUT" ] || echo "Hadolint output saved to: $HADOLINT_OUTPUT"

Expand Down