Hadolint stands for Haskell Dockerfile Linter and is:
A smarter Dockerfile linter that helps you build best practice Docker images.
FROM debian
RUN export node_version="0.10" \
&& apt-get update && apt-get -y install nodejs="$node_verion"
COPY package.json usr/src/app
RUN cd /usr/src/app \
&& npm install node-static
EXPOSE 80000
CMD "npm start"
$ hadolint Dockerfile
Dockerfile:1 DL3006 Always tag the version of an image explicitly
Dockerfile:2 SC2154 node_verion is referenced but not assigned (did you mean 'node_version'?).
Dockerfile:2 DL3009 Delete the apt-get lists after installing something
Dockerfile:2 DL3015 Avoid additional packages by specifying `--no-install-recommends`
Dockerfile:5 DL3003 Use WORKDIR to switch to a directory
Dockerfile:5 DL3016 Pin versions in npm. Instead of `npm install <package>` use `npm install <package>@<version>`
Dockerfile:8 DL3011 Valid UNIX ports range from 0 to 65535
Dockerfile:9 DL3025 Use arguments JSON notation for CMD and ENTRYPOINT arguments
$ hadolintw Dockerfile
On OS X, the easiest way to install hadolintw is using Homebrew
$ brew tap mperezi/tools
$ brew install hadolint-wrapper
On other platforms, install hadolintw using pip
$ pip install hadolintw
$ hadolintw
Usage: hadolintw [OPTIONS] DOCKERFILE [HADOLINT_ARGS]...
Provides a more clear output for hadolint
Options:
-d, --use-docker use the dockerized version of hadolint
--color [never|auto|always]
--help Show this message and exit.
Set up as a wrapper:
$ alias hadolint=hadolintw
$ hadolint Dockerfile --ignore DL3020
# Please note that all hadolint options must come AFTER the Dockerfile
No problem.
By default the wrapper can detect if the output is being written to a tty or a pipe or a file, enabling or disabling the color codes accordingly (—color auto is the default setting). However you can always turn this feature on or off regardless of the type of output destination:
$ hadolintw --color never Dockerfile
hadolint.yml with some rules defined for our project. Can we still use it with the hadolint wrapper?Sure.
$ hadolintw Dockerfile --config hadolint.yml
$ hadolintw --use-docker Dockerfile
Unable to find image 'hadolint/hadolint:latest' locally
latest: Pulling from hadolint/hadolint
8a8460b25d70: Pulling fs layer
8a8460b25d70: Verifying Checksum
8a8460b25d70: Download complete
8a8460b25d70: Pull complete
Digest: sha256:0cdbd1e0f5fd3135d17617bb510a85c0248eb70b041021fe5431d4d1501d41b9
Status: Downloaded newer image for hadolint/hadolint:latest
...
FAQs
Pretty output for hadolint
We found that hadolintw demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.