feat: add hadolint plugin for Containerfile linting

[ianpittwood]

Summary

• Adds a new builtin hadolint plugin to posit-bakery that lints Containerfiles for each image target
• Registers as bakery hadolint run CLI command with filter options and all hadolint configuration properties
• Writes JSON results to results/hadolint/{image_name}/{uid}.json and displays a Rich summary table with detailed issue listings sectioned by image and UID
• Provides HadolintOptions as a ToolOptions subclass for bakery.yaml configuration, surfacing all hadolint YAML config properties except format, verbose, and no-color
• Default failure threshold is error; --verbose is set when bakery is in debug mode; NO_COLOR is inherited from the parent environment

Structure

posit_bakery/plugins/builtin/hadolint/
  __init__.py   # HadolintPlugin (BakeryToolPlugin implementation + CLI)
  options.py    # HadolintOptions (ToolOptions for bakery.yaml config)
  command.py    # HadolintCommand (builds hadolint CLI invocation)
  suite.py      # HadolintSuite (orchestrates execution across targets)
  report.py     # HadolintResult, HadolintReport, HadolintReportCollection
  errors.py     # BakeryHadolintError

Test plan

• 46 new unit tests covering options, command building, report models, suite orchestration
• All 1273 tests pass with no regressions
• Integration test runs hadolint against real Containerfiles
• Manual CLI testing with --failure-threshold error (default, warnings pass) and --failure-threshold warning (warnings fail)
• Verbose mode (-v) correctly passes --verbose to hadolint
• bakery.yaml hadolint options merge correctly with CLI overrides

🤖 Generated with Claude Code

[github-actions]

Test Results

1 328 tests  +51   1 328 ✅ +51   8m 46s ⏱️ +22s
    1 suites ± 0       0 💤 ± 0 
    1 files   ± 0       0 ❌ ± 0 

Results for commit e5a532b. ± Comparison against base commit 291e13d.

♻️ This comment has been updated with latest results.