Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We鈥檒l occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add Dockerfile auditing #173

Open
1 task
michaelsaki opened this issue Mar 18, 2024 · 3 comments
Open
1 task

Add Dockerfile auditing #173

michaelsaki opened this issue Mar 18, 2024 · 3 comments
Labels
improvement This issue or pull request will add or improve functionality, maintainability, or ease of use

Comments

@michaelsaki
Copy link
Collaborator

馃挕 Summary

Add Dockerfile auditing to pre-commit linting.

Motivation and context

Currently there are only checks for docker-compose.yml files in the pre-commit linting. There should also be checks for Dockerfiles. Tools such as Hadolint are good for this, but any similar tools that can be ran as a pre-commit hook would suffice.

Acceptance criteria

  • Add Dockerfile auditing to the pre-commit linting.
@michaelsaki michaelsaki added the improvement This issue or pull request will add or improve functionality, maintainability, or ease of use label Mar 18, 2024
@michaelsaki michaelsaki self-assigned this Mar 18, 2024
@michaelsaki
Copy link
Collaborator Author

I am currently working on a custom Hadolint pre-commit hook that we can integrate seamlessly into the linting. I am trying to leverage the Python library setuptools to package this and enable an auto-install Hadolint, in the pre-commit local environment. Ideally this would make it so users don't have to install Hadolint however I am having issues getting it to work on macOS. https://github.com/michaelsaki/pre-commit-hadolint

@michaelsaki michaelsaki added the on hold This pull request is awaiting an action or decision to move forward label Mar 20, 2024
@michaelsaki
Copy link
Collaborator Author

Moving this to "on hold" until this PR gets merged. AleksaC/hadolint-py#6. It will provide the simplest solution for the macOS segfault issue when merged into hadolint-py

@michaelsaki michaelsaki removed their assignment May 2, 2024
@michaelsaki
Copy link
Collaborator Author

There is currently a branch for this issue. I have ran the https://github.com/AleksaC/hadolint-py locally and initial tests look good. There will still need to be tests done to have it tested in GitHub Actions. Also prior to integration of the pre-commit hook any downstream repos that have Dockerfiles will need to be ran against hadolint to check for any pre-existing linting errors.

@michaelsaki michaelsaki removed the on hold This pull request is awaiting an action or decision to move forward label May 2, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
improvement This issue or pull request will add or improve functionality, maintainability, or ease of use
Projects
VM Fusion Collaborators
Status: Todo
Milestone
No milestone
Development

When branches are created from issues, their pull requests are automatically linked.

improvement/add_hadolint_pre-commit_hook cisagov/skeleton-generic
1 participant
@michaelsaki