Here you can find verbose examples of configuring the action to do what you want.
In many cases, the hadolint "warning" error level can be seen as somewhat verbose.
You can manage this by changing the error level, which tells CI to fail or pass
depending on what output is given by hadolint. Passing -1
will only generate
output but never fail CI which can be useful if you chain actions as dependencies.
name: Lint
on: pull_request
jobs:
hadolint:
runs-on: ubuntu-22.04
name: Hadolint
steps:
- uses: actions/checkout@v4
- uses: jbergstroem/hadolint-gh-action@v1
with:
# ignore warnings (but still fail on errors) from hadolint
error_level: 1
By default, hadolint only looks for a Dockerfile
in the same directory you would
invoke it from - most often the root of your repository.
Depending on what your you case, you can tailor either when the action should run or what files you want to pass to it.
If you want to control when you want hadolint to fire, you can tell github actions when it
should run by using the on
directive; specifically paths
or ignore-paths
.
In this example, the job will only run if there is a change to Dockerfile
in the commits
found in said PR:
name: Lint
on:
pull_request:
paths:
- "./Dockerfile"
jobs:
hadolint:
runs-on: ubuntu-22.04
name: Hadolint
steps:
- uses: actions/checkout@v4
- uses: jbergstroem/hadolint-gh-action@v1
A similar path pattern could be looking for changes in any Dockerfile
:
name: Lint
on:
pull_request:
paths:
- "**/Dockerfile"
# job goes here
As found in the parameters, you can pass multiple files for processing:
name: Lint
on: pull_request
jobs:
hadolint:
runs-on: ubuntu-22.04
name: Hadolint"
steps:
- uses: actions/checkout@v4
- uses: jbergstroem/hadolint-gh-action@v1
with:
dockerfile: "Dockerfile path/to/my/other/Dockerfile"
In certain use-cases – for instance when you have a monorepo with a lot of Dockerfiles; you may only want to pass the files that are changed in the PR. This would make processing faster.
To achieve this, you first need to find what files are changed and extract the relevant files as a separate step in your job. Thankfully, there's already an action for that.
name: Lint
on: pull_request
jobs:
hadolint:
runs-on: ubuntu-22.04
name: Hadolint
steps:
- uses: actions/checkout@v4
- name: Get changed files
id: changed-files
uses: tj-actions/changed-files@v42
with:
# Pass what names/filters you want to catch
files: |
**/Dockerfile
separator: " "
# Only run if expected files are changed and pass these as input
- uses: jbergstroem/hadolint-gh-action@v1
if: steps.changed-files.outputs.any_changed == 'true'
with:
dockerfile: "${{ steps.changed-files.outputs.other_changed_files }}"