From fc14b21b3bd15d1f0eb931da9ca2810591abe3ae Mon Sep 17 00:00:00 2001 From: Thomas Schaffter Date: Tue, 17 Sep 2024 20:47:36 +0000 Subject: [PATCH 1/4] update comment in hadolint config --- .hadolint.yaml | 4 ++-- tools/devcontainers/sage/.devcontainer/Dockerfile | 1 - 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/.hadolint.yaml b/.hadolint.yaml index 818a2fbec0..db374abb08 100644 --- a/.hadolint.yaml +++ b/.hadolint.yaml @@ -1,9 +1,9 @@ ignored: - # Pin versions in apt-get install. + # Pin versions in `apt-get install`. # Reason: Identifying the versions of apt packages is not trivial. The versions available would # also differ for different base images. This decision should be re-evaluated periodically. - DL3008 - # Pin versions in apt get install. + # Pin versions in `apk add`. # Reason: Identifying the versions of apk packages is not trivial. The versions available would # also differ for different base images. This decision should be re-evaluated periodically. - DL3018 diff --git a/tools/devcontainers/sage/.devcontainer/Dockerfile b/tools/devcontainers/sage/.devcontainer/Dockerfile index ed6f31aa57..4f28f194a9 100644 --- a/tools/devcontainers/sage/.devcontainer/Dockerfile +++ b/tools/devcontainers/sage/.devcontainer/Dockerfile @@ -43,7 +43,6 @@ ENV DEVCONTAINER_VERSION=${devcontainerVersion} \ LC_ALL=en_US.UTF-8 # Install system packages -# hadolint ignore=DL3008 RUN apt-get update -qq -y && export DEBIAN_FRONTEND=noninteractive \ && apt-get install --no-install-recommends -qq -y \ ca-certificates curl git bash-completion gnupg2 lsb-release ssh sudo \ From 9e571638f7c03a2b0acc1af67f6ced1bd186a919 Mon Sep 17 00:00:00 2001 From: Thomas Schaffter Date: Tue, 17 Sep 2024 20:52:34 +0000 Subject: [PATCH 2/4] lint staged Dockerfiles with Hadolint --- lint-staged.config.js | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/lint-staged.config.js b/lint-staged.config.js index de697c88d8..5c36631184 100644 --- a/lint-staged.config.js +++ b/lint-staged.config.js @@ -19,4 +19,9 @@ module.exports = { // Lint the projects affected by the staged files `nx affected --target=lint --files=${filenames.join(',')}`, ], + + '**/*[dD]ockerfile*': (filenames) => [ + // Lint Dockerfiles with Hadolint + `hadolint ${filenames.join(' ')}`, + ], }; From e3fea9ce0ac4d257c2e3cd5f4d253858f217107d Mon Sep 17 00:00:00 2001 From: Thomas Schaffter Date: Tue, 17 Sep 2024 20:53:04 +0000 Subject: [PATCH 3/4] test new config --- tools/devcontainers/sage/.devcontainer/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/devcontainers/sage/.devcontainer/Dockerfile b/tools/devcontainers/sage/.devcontainer/Dockerfile index 4f28f194a9..4330d0b8f7 100644 --- a/tools/devcontainers/sage/.devcontainer/Dockerfile +++ b/tools/devcontainers/sage/.devcontainer/Dockerfile @@ -107,7 +107,7 @@ RUN curl -fsSL "https://github.com/aquasecurity/trivy/releases/download/v${trivy # Install act RUN curl -fsSL "https://raw.githubusercontent.com/nektos/act/v${actVersion}/install.sh" | bash - -# Install AWS CLI +# Install AWS CLI2 RUN curl -fsSL https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip -o awscliv2.zip \ && unzip awscliv2.zip \ && ./aws/install \ From 0d954937ca0c93da484983db6ac896b6388ecedd Mon Sep 17 00:00:00 2001 From: Thomas Schaffter Date: Tue, 17 Sep 2024 20:53:33 +0000 Subject: [PATCH 4/4] undo previous change --- tools/devcontainers/sage/.devcontainer/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/devcontainers/sage/.devcontainer/Dockerfile b/tools/devcontainers/sage/.devcontainer/Dockerfile index 4330d0b8f7..4f28f194a9 100644 --- a/tools/devcontainers/sage/.devcontainer/Dockerfile +++ b/tools/devcontainers/sage/.devcontainer/Dockerfile @@ -107,7 +107,7 @@ RUN curl -fsSL "https://github.com/aquasecurity/trivy/releases/download/v${trivy # Install act RUN curl -fsSL "https://raw.githubusercontent.com/nektos/act/v${actVersion}/install.sh" | bash - -# Install AWS CLI2 +# Install AWS CLI RUN curl -fsSL https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip -o awscliv2.zip \ && unzip awscliv2.zip \ && ./aws/install \