Replaced Dockle with hadolint (#325)

* Replaced Dockle with hadolint

* updated cypress version

---------

Co-authored-by: Mathis Marcotte <mathis.marcotte@statcan.gc.ca>

.github/workflows/publish.yml

@@ -16,6 +16,7 @@ env:
   DEV_REGISTRY_NAME: k8scc01covidacrdev
   TRIVY_VERSION: "v0.43.1"
   SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
+  HADOLINT_VERSION: "2.12.0"
 
 jobs:
   build:
@@ -63,6 +64,11 @@ jobs:
         username: ${{ secrets.DEV_REGISTRY_USERNAME }}
         password: ${{ secrets.DEV_REGISTRY_PASSWORD }}
 
+    - name: Run Hadolint
+      run:  |
+        sudo curl -L https://github.com/hadolint/hadolint/releases/download/v${{ env.HADOLINT_VERSION }}/hadolint-Linux-x86_64 --output hadolint
+        sudo chmod +x hadolint
+        ./hadolint ./Dockerfile --no-fail
     
     - name: Build image locally
       run: |
@@ -74,16 +80,6 @@ jobs:
       run: |
         curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin ${{ env.TRIVY_VERSION }}
         trivy image localhost:5000/jupyter-apis:${{ github.sha }} --exit-code 1 --timeout=20m --security-checks vuln --severity CRITICAL
-  
-    # Run Dockle
-    - name: Run dockle
-      uses: goodwithtech/dockle-action@main
-      with:
-        image: localhost:5000/jupyter-apis:${{ github.sha }}
-        format: 'list'
-        exit-code: '0'
-        exit-level: 'fatal'
-        ignore: 'DKL-DI-0006'
 
     # Container build and push to a Azure Container registry (ACR)
     - name: Push to ACR if necessary

frontend/jupyter/package.json

@@ -70,7 +70,7 @@
     "@types/node": "^12.20.15",
     "@typescript-eslint/eslint-plugin": "4.28.2",
     "@typescript-eslint/parser": "4.28.2",
-    "cypress": "^13.2.0",
+    "cypress": "^13.8.1",
     "eslint": "^7.26.0",
     "eslint-plugin-import": "latest",
     "eslint-plugin-jsdoc": "^34.0.0",