A Woodpecker plugin for hadolint. Also usable with Gitlab, Github or locally, see examples for usage.
- preconfigure hadolint parameters
- searches for Dockerfiles recursive
- runnable with local docker daemon
Woodpecker:
steps:
hadolint:
image: kokuwaio/hadolint
depends_on: []
settings:
strict-labels: true
format: json
when:
event: pull_request
path: "**/Dockerfile"Gitlab:
hadolint:
stage: lint
needs: []
image: kokuwaio/hadolint
variables:
PLUGIN_STRICT_LABELS: true
PLUGIN_FORMAT: json
rules:
- if: $CI_PIPELINE_SOURCE == "merge_request_event"
changes: ["**/Dockerfile"]CLI:
docker run --rm --volume=$(pwd):$(pwd):ro --workdir=$(pwd) kokuwaio/hadolint --strict-labels --format=json| Settings Name | Environment | Default | Description |
|---|---|---|---|
no-fail |
PLUGIN_NO_FAIL | none |
Don't exit with a failure status code when any rule is violated |
no-color |
PLUGIN_NO_COLOR | none |
Don't colorize output |
strict-labels |
PLUGIN_STRICT_LABELS | none |
Do not permit labels other than specified in label-schema |
disable-ignore-pragma |
PLUGIN_DISABLE_IGNORE_PRAGMA | none |
Disable inline ignore pragmas # hadolint ignore=DLxxxx |
failure-threshold |
PLUGIN_FAILURE_THRESHOLD | style |
Exit with failure code only when rules with a severity equal to or above THRESHOLD are violated. Accepted values: error, warning, info, style, ignore, none |
format |
PLUGIN_FORMAT | tty |
The output format for the results: tty, json, checkstyle, codeclimate, gitlab_codeclimate, gnu, codacy, sonarqube, sarif |
verbose |
PLUGIN_VERBOSE | false |
Enables verbose logging of hadolint's output to stderr |
| Image | Comment | amd64 | arm64 | Un-/Compressed Size |
|---|---|---|---|---|
| kokuwaio/hadolint | Woodpecker plugin | ✅ | ✅ | 16.916 MB / 8.573 MB |
| koalaman/hadolint | not a Woodpecker plugin, official | ✅ | ✅ | 2.427 MB / 2.375 MB |
| pipelinecomponents/hadolint | not a Woodpecker plugin | ✅ | ✅ | 10.263 MB / 5.899 MB |
Remarks:
- Size measured with amd64 architecture
- Uncompressed: size on your disk
- Compressed: transferred from registry to disk, important for CI runners/agents that di not cache images
- Data collected: 01.02.2025