Open lukewiwa opened 4 years ago
Hi. I didn't knew this was possible. This action simply passes the contents of the "dockerfile" action variable as an argument to the hadolint
command so I guess it should work.
What error do you got?
I'm dealing with the same issue. Hadolint accepts both a glob and a list of filepaths and trying either in a github action end up with an error:
hadolint: ./**/Dockerfile: openBinaryFile: does not exist (No such file or directory)
OR
hadolint: ./a/Dockerfile ./b/Dockerfile ./c/Dockerfile: openBinaryFile: does not exist (No such file or directory)
One workaround I've found is to use the hadolint docker image in a steps.run
like this:
jobs:
lint_dockerfiles:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Lint Dockerfiles
run: docker run --rm -v $(pwd):/repo -i hadolint/hadolint sh -c "cd /repo && hadolint ./**/Dockerfile"
This action just use the hadolint command as entrypoint. It supports a input argument "dockerfile" that is passed as single argument to the command.
While this was meant to be a path to a single Dockerfile, passing a glob should work I guess.
Something like this:
uses: brpaz/hadolint-action@master
with:
dockerfile: "docker/**/*Dockerfile"
Unless the way GitHub parses arguments is doing something that makes it not working.
Anyway, PRs are welcome. I only ever used hadolint with a single line myself
Unless the way GitHub parses arguments is doing something that makes it not working.
That seems the case ;) - like Justinaz already stated, globs are resulting in openBinaryFile: does not exist (No such file or directory)
.
Edit:
I assume this is a limitation of using Docker and pipiing the input. It won't work that way either:
$ docker run --rm -i hadolint/hadolint hadolint - < "./**/Dockerfile"
bash: ./**/Dockerfile: No such file or directory
Honestly for multiple files I just went and did it from scratch using the hadolint container. Here's a github actions yaml snippet:
docker:
runs-on: ubuntu-latest
container: hadolint/hadolint
steps:
- uses: actions/checkout@v2
- name: hadolint
run: hadolint ./**/*Dockerfile
@lukewiwa Do you still use your solution from https://github.com/hadolint/hadolint-action/issues/3#issuecomment-646366920 ? I tried it verbatim with the latest hadolint container and it failed for me:
Starting job container
/usr/bin/docker pull hadolint/hadolint
Using default tag: latest
latest: Pulling from hadolint/hadolint
4fc54f9b225a: Pulling fs layer
4fc54f9b225a: Verifying Checksum
4fc54f9b225a: Download complete
4fc54f9b225a: Pull complete
Digest: sha256:5bd624ce29f153036a3b03083af66f9ac040d2cb0673b2b4785394425e66f10b
Status: Downloaded newer image for hadolint/hadolint:latest
docker.io/hadolint/hadolint:latest
/usr/bin/docker create --name 4949b719bd154b7681ce88e7bd783ca6_hadolinthadolint_39fe7c --label 5588e4 --workdir /__w/docker-images/docker-images --network github_network_33f62ade6b72421bbaf6fabd14b8b2d6 -e "HOME=/github/home" -e GITHUB_ACTIONS=true -e CI=true -v "/var/run/docker.sock":"/var/run/docker.sock" -v "/home/runner/work":"/__w" -v "/home/runner/runners/2.277.1/externals":"/__e":ro -v "/home/runner/work/_temp":"/__w/_temp" -v "/home/runner/work/_actions":"/__w/_actions" -v "/opt/hostedtoolcache":"/__t" -v "/home/runner/work/_temp/_github_home":"/github/home" -v "/home/runner/work/_temp/_github_workflow":"/github/workflow" --entrypoint "tail" hadolint/hadolint "-f" "/dev/null"
58579c5762e83e9ea0a1f98fc6a575bb3a5d474d1b7af65a461b3547940d3513
/usr/bin/docker start 58579c5762e83e9ea0a1f98fc6a575bb3a5d474d1b7af65a461b3547940d3513
Error response from daemon: OCI runtime create failed: container_linux.go:367: starting container process caused: exec: "tail": executable file not found in $PATH: unknown
Error: failed to start containers: 58579c5762e83e9ea0a1f98fc6a575bb3a5d474d1b7af65a461b3547940d3513
Error: Docker start fail with exit code 1
@justinas-marozas Do you still use your solution from https://github.com/hadolint/hadolint-action/issues/3#issuecomment-635424476 ?
It looks like the hadolint container changed, stripping everything but hadolint
executable:
docker run --rm -i -v $(pwd):/repo hadolint/hadolint sh -c "cd /repo && hadolint ./**/Dockerfile"
docker: Error response from daemon: OCI runtime create failed: container_linux.go:367: starting container process caused: exec: "sh": executable file not found in $PATH: unknown.
docker run --rm -i -v $(pwd):/repo hadolint/hadolint bash -c "cd /repo && hadolint ./**/Dockerfile"
docker: Error response from daemon: OCI runtime create failed: container_linux.go:367: starting container process caused: exec: "bash": executable file not found in $PATH: unknown.
It also looks like hadolint
command line changed and it only accepts single file, as this works fine:
docker run --rm -i -v $(pwd):/repo hadolint/hadolint hadolint /repo/Dockerfile
but this does not
docker run --rm -i -v $(pwd):/repo hadolint/hadolint hadolint /repo/**/Dockerfile
hadolint: /repo/**/Dockerfile: openBinaryFile: does not exist (No such file or directory)
I think the action needs to be changed so that it uses debian based image. @mloskot would you like to contribute this feature?
@lorenzo Aha! I confess, as end-user and as I aimed for the container and not installation, I have not read further than just the https://github.com/hadolint/hadolint#how-to-use section Thanks!
@mloskot I confess I got the same error and moved on to using this https://github.com/marketplace/actions/hadolint-github-action
Debian or alpine images are needed to get a shell. https://github.com/hadolint/hadolint/issues/611
Change the tag to get the correct image.
lint:
runs-on: ubuntu-latest
container: hadolint/hadolint:latest-debian
steps:
- uses: actions/checkout@v2
- name: hadolint
run: hadolint ./**/*Dockerfile*
It appears the way you can get it to scan some of the files recursively is with the below configuration in your action. This should be the same as running it with hadolint **/Dockerfile
locally.
lint-docker:
runs-on: ubuntu-latest
env:
HADOLINT_RECURSIVE: "true"
steps:
- uses: actions/checkout@v3
- name: Lint dockerfiles
uses: hadolint/hadolint-action@v2.0.0
with:
dockerfile: "Dockerfile"
@paulbarton90 's solution worked for us
env:
HADOLINT_RECURSIVE: "true"
steps:
- name: Run Hadolint
uses: hadolint/hadolint-action@v2.0.0
with:
recursive: true
Locally I can run something like this
hadolint docker/**/*Dockerfile
to capture all the dockerfiles in a directory but that doesn't seem to work in the pipeline.Any suggestions?