Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

options: disable ignore pragma #748

Merged
merged 1 commit into from Dec 21, 2021
Merged

options: disable ignore pragma #748

merged 1 commit into from Dec 21, 2021

Conversation

m-ildefons
Copy link
Collaborator

  • Add new configuration option allowing to disable inline ignore pragmas
  • Add new rule DL1001 to allow warning on use of an inline ignore pragma

Inline ignore pragmas # hadolint ignore=DLxxxx can cause trouble in
organizations when it is not desirable that individual developers
circumvent centralized CI checks. This configuration options allows
(e.g. in such a CI pipeline) to just ignore the pragma and apply all
rules as usual. The option can be enabled via command line
--disable-ignore-pragma, environment variable
HADOLINT_DISABLE_IGNORE_PRAGMA=1, or config file

disable-ignore-pragma=true

Just to prevent any confusion about the ignored pragma, the rule DL1001
can be used to fail the linting process regardless of how the dockerfile
fares, if desired. By default DL1001 is ignored but can be enabled by
setting its severity to the desired level (e.g. via command line option
--warning=DL1001).

Changes in the test suite:

  • Add tests for disable-ignore-pragma options
  • Add tests for rule DL1001
  • Remove pointless configuration test for content of default
    configuration
  • Change configuration tests to a more compact syntax relying on the
    default instance

By changing the manual construction of configuration values to utilize
the default instance, future changes to the configuration do not
necessitate many error prone changes to the test suite. This imporves
reliability and ease of use of the configuration test suite.

fixes: #747

@m-ildefons
options: disable ignore pragma
22c9d24 
- Add new configuration option allowing to disable inline ignore pragmas
- Add new rule DL1001 to allow warning on use of an inline ignore pragma

Inline ignore pragmas `# hadolint ignore=DLxxxx` can cause trouble in
organizations when it is not desirable that individual developers
circumvent centralized CI checks. This configuration options allows
(e.g. in such a CI pipeline) to just ignore the pragma and apply all
rules as usual. The option can be enabled via command line
`--disable-ignore-pragma`, environment variable
`HADOLINT_DISABLE_IGNORE_PRAGMA=1`, or config file
```yaml
disable-ignore-pragma=true
```

Just to prevent any confusion about the ignored pragma, the rule DL1001
can be used to fail the linting process regardless of how the dockerfile
fares, if desired. By default DL1001 is ignored but can be enabled by
setting its severity to the desired level (e.g. via command line option
`--warning=DL1001`).

Changes in the test suite:

- Add tests for `disable-ignore-pragma` options
- Add tests for rule DL1001
- Remove pointless configuration test for content of default
  configuration
- Change configuration tests to a more compact syntax relying on the
  default instance

By changing the manual construction of configuration values to utilize
the default instance, future changes to the configuration do not
necessitate many error prone changes to the test suite. This imporves
reliability and ease of use of the configuration test suite.

fixes: hadolint#747
@zemanlx
Copy link
Member

zemanlx commented Dec 17, 2021

This sounds like good idea, however I think we should not have it as default as it would change current behaviour and I think it can lead to confusion for many users.

What about having —ignore-pragma so CI admins can enable ignoring them?

@m-ildefons
Copy link
Collaborator Author

Hi @zemanlx ,
The idea comes from #747 , it is not mine. I should have highlighted the behavior better, but what you describe is as far as I can see exactly what this PR implements. I hope this screenshot gives you a better understanding:
screengrab hadolint-disable-pragma

The default behavior for Hadolint has not changed at all. But you can have Hadolint inform you about encountered ignore pragmas, you can also have Hadolint ignore these pragmas, or both. Each configuration with an optional setting.

@zemanlx
Copy link
Member

zemanlx commented Dec 20, 2021

@m-ildefons Oh, I see. I was reading it on my mobile phone and the wrong way (like disable ignoring of pragmas, not disable the ignore type of pragmas). This looks good to me. Sorry for the confusion.

@lorenzo
Copy link
Member

lorenzo commented Dec 20, 2021

@m-ildefons looks great!

@m-ildefons m-ildefons merged commit bf3ae0c into hadolint:master Dec 21, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@lorenzo lorenzo lorenzo approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Create a new flag that not allow the interpretation of "inline ignores"
3 participants
@m-ildefons @zemanlx @lorenzo