mirror of
https://github.com/nextcloud/all-in-one.git
synced 2024-11-16 03:56:02 +08:00
46 lines
1.4 KiB
YAML
46 lines
1.4 KiB
YAML
name: Docker Lint
|
|
|
|
on:
|
|
pull_request:
|
|
paths:
|
|
- 'Containers/**'
|
|
push:
|
|
branches:
|
|
- main
|
|
paths:
|
|
- 'Containers/**'
|
|
|
|
permissions:
|
|
contents: read
|
|
|
|
concurrency:
|
|
group: docker-lint-${{ github.head_ref || github.run_id }}
|
|
cancel-in-progress: true
|
|
|
|
jobs:
|
|
docker-lint:
|
|
runs-on: ubuntu-latest
|
|
|
|
name: docker-lint
|
|
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Install hadolint
|
|
run: |
|
|
sudo wget https://github.com/hadolint/hadolint/releases/latest/download/hadolint-Linux-x86_64 -O /usr/bin/hadolint
|
|
sudo chmod +x /usr/bin/hadolint
|
|
|
|
- name: run lint
|
|
run: |
|
|
DOCKERFILES="$(find ./Containers -name Dockerfile)"
|
|
mapfile -t DOCKERFILES <<< "$DOCKERFILES"
|
|
for file in "${DOCKERFILES[@]}"; do
|
|
# DL3018 warning: Pin versions in apk add. Instead of `apk add <package>` use `apk add <package>=<version>`
|
|
# DL4006 warning: Set the SHELL option -o pipefail before RUN with a pipe in it. If you are using /bin/sh in an alpine image or if your shell is symlinked to busybox then consider explicitly setting your SHELL to /bin/ash, or disable this check
|
|
hadolint "$file" --ignore DL3018 --ignore DL4006 | tee -a ./hadolint.log
|
|
done
|
|
if grep -q "DL[0-9]\+\|SC[0-9]\+" ./hadolint.log; then
|
|
exit 1
|
|
fi
|