diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index f80523d..5af4b0d 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -71,11 +71,16 @@ jobs: - name: Run integration test 5 - output format # This step will never fail, but will print out rule violations. + id: hadolint5 uses: ./ with: dockerfile: testdata/warning.Dockerfile config: testdata/hadolint.yaml + - name: Run integration test 6 - verify results output parameter + # This step will never fail, but will print out the results from step5 + run: echo "${{ steps.hadolint5.outputs.results }}" + #- name: Run integration test 6 - output to file # # This step will never fail, but will print out rule violations. # uses: ./ diff --git a/Makefile b/Makefile index 32cdadb..a35729b 100644 --- a/Makefile +++ b/Makefile @@ -1,7 +1,7 @@ IMAGE_NAME:=hadolint-action -lint-dockerfile: ## Runs hadoint against application dockerfile +lint-dockerfile: ## Runs hadolint against application dockerfile @docker run --rm -v "$(PWD):/data" -w "/data" hadolint/hadolint hadolint Dockerfile lint-yaml: ## Lints yaml configurations @@ -12,8 +12,8 @@ build: ## Builds the docker image test: build ## Runs a test in the image @docker run -i --rm \ - -v /var/run/docker.sock:/var/run/docker.sock \ - -v ${PWD}:/test zemanlx/container-structure-test:v1.8.0-alpine \ + -v /var/run/docker.sock:/var/run/docker.sock \ + -v ${PWD}:/test zemanlx/container-structure-test:v1.8.0-alpine \ test \ --image $(IMAGE_NAME) \ --config test/structure-tests.yaml diff --git a/README.md b/README.md index 84b3c0b..e2e6b74 100644 --- a/README.md +++ b/README.md @@ -40,6 +40,33 @@ steps: | `ignore` | Comma separated list of Hadolint rules to ignore. | | | `trusted-registries` | Comma separated list of urls of trusted registries | | +## Output + +The Action will store results in an environment variable that can be used in other steps in a workflow. + +Example to create a comment in a PR: + +``` +- name: Update Pull Request + uses: actions/github-script@v6 + if: github.event_name == 'pull_request' + with: + script: | + const output = ` + #### Hadolint: \`${{ steps.hadolint.outcome }}\` + \`\`\` + ${process.env.HADOLINT_RESULTS} + \`\`\` + `; + + github.rest.issues.createComment({ + issue_number: context.issue.number, + owner: context.repo.owner, + repo: context.repo.repo, + body: output + }) +``` + ## Hadolint Configuration To configure Hadolint (for example ignore rules), you can create an `.hadolint.yaml` file in the root of your repository. Please check the Hadolint [documentation](https://github.com/hadolint/hadolint#configure). diff --git a/hadolint.sh b/hadolint.sh index f0fd926..cb8503a 100755 --- a/hadolint.sh +++ b/hadolint.sh @@ -23,27 +23,31 @@ if [ -z "$HADOLINT_TRUSTED_REGISTRIES" ]; then unset HADOLINT_TRUSTED_REGISTRIES; fi -OUTPUT= -if [ -n "$HADOLINT_OUTPUT" ]; then - if [ -f "$HADOLINT_OUTPUT" ]; then - HADOLINT_OUTPUT="$TMP_FOLDER/$HADOLINT_OUTPUT" - fi - OUTPUT=" | tee $HADOLINT_OUTPUT" -fi - -FAILED=0 if [ "$HADOLINT_RECURSIVE" = "true" ]; then shopt -s globstar filename="${!#}" flags="${@:1:$#-1}" - hadolint $HADOLINT_CONFIG $flags **/$filename $OUTPUT || FAILED=1 + RESULTS=$(hadolint $HADOLINT_CONFIG $flags **/$filename) else # shellcheck disable=SC2086 - hadolint $HADOLINT_CONFIG "$@" $OUTPUT || FAILED=1 + RESULTS=$(hadolint $HADOLINT_CONFIG "$@") +fi +FAILED=$? + +if [ -n "$HADOLINT_OUTPUT" ]; then + if [ -f "$HADOLINT_OUTPUT" ]; then + HADOLINT_OUTPUT="$TMP_FOLDER/$HADOLINT_OUTPUT" + fi + echo "$RESULTS" > $HADOLINT_OUTPUT fi +RESULTS="${RESULTS//$'\\n'/''}" +echo "::set-output name=results::$RESULTS" + +{ echo "HADOLINT_RESULTS<> $GITHUB_ENV + [ -z "$HADOLINT_OUTPUT" ] || echo "Hadolint output saved to: $HADOLINT_OUTPUT" exit $FAILED