Adopt hadolint as Dockerfile linter

geoCML · Dec 7, 2024 · 8aa79db · 8aa79db
1 parent caff2d6
commit 8aa79db
Show file tree

Hide file tree

Showing 3 changed files with 44 additions and 30 deletions.
diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
@@ -1,10 +1,6 @@
-# This is a basic workflow to help you get started with Actions
-
 name: CI
 
-# Controls when the workflow will run
 on:
-  # Triggers the workflow on push or pull request events but only for the develop branch
   push:
     branches: [main]
     paths-ignore:
@@ -17,16 +13,26 @@ on:
       - ".gitignore"
       - "LICENSE.md"
       - "README.md"
-
-  # Allows you to run this workflow manually from the Actions tab
   workflow_dispatch:
 
-# A workflow run is made up of one or more jobs that can run sequentially or in parallel
 jobs:
-  # This workflow contains a single job called "build"
+  lint:
+    runs-on: ubuntu-latest
+    strategy:
+      fail-fast: true
+
+    steps:
+      - uses: actions/checkout@v2
+
+      - name: Lint Dockerfiles
+        run: |
+          wget -O hadolint https://github.com/hadolint/hadolint/releases/download/v2.12.0/hadolint-Linux-x86_64
+          mv hadolint /usr/local/bin/hadolint
+          chmod +x /usr/local/bin/hadolint
+          hadolint --config .hadolint.yaml Dockerfiles/*
+
   build:
     if: "!contains(github.event.head_commit.message, 'skip ci')"
-    # The type of runner that the job will run on
     runs-on: ubuntu-latest
     strategy:
       fail-fast: false
@@ -41,9 +47,7 @@ jobs:
     permissions:
       packages: write
 
-    # Steps represent a sequence of tasks that will be executed as part of the job
     steps:
-      # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
       - uses: actions/checkout@v2
 
       - name: Docker meta

diff --git a/Dockerfiles/Dockerfile.drgon-postgres b/Dockerfiles/Dockerfile.drgon-postgres
@@ -3,32 +3,41 @@ USER root
 
 ARG DRGON_POSTGRES_ADMIN_PASSWORD="admin"
 
-RUN apt update
+RUN apt-get update
 
 # Install sudo (required by Ansible)
-RUN apt install -y sudo
+RUN apt-get install -y sudo
 
 # Install Pip and psycopg2 (required by Ansible)
-RUN apt install -y python3-pip && pip install psycopg2-binary
+RUN apt-get install -y python3-pip && \
+    pip install --no-cache-dir psycopg2-binary
 
 # Install PostgreSQL
 ARG DEBIAN_FRONTEND=noninteractive
-RUN apt install -y postgresql
+RUN apt-get install -y postgresql
 
 # Install Ansible
-RUN apt install -y ansible
+RUN apt-get install -y ansible
 
 # Install Ansible dependencies and run through playbook
-COPY ./ansible-playbooks/drgon-postgres-requirements.yaml ./ansible-playbooks/drgon-postgres-playbook.yaml ./
-RUN ansible-galaxy collection install ansible.posix && ansible-galaxy install -r drgon-postgres-requirements.yaml --force && ansible-playbook -i,localhost drgon-postgres-playbook.yaml --tags "all" && rm -f ./*.yaml
+COPY ./ansible-playbooks/drgon-postgres-requirements.yaml ./ansible-playbooks/drgon-postgres-playbook.yaml /
+RUN ansible-galaxy collection install ansible.posix && \
+    ansible-galaxy install -r drgon-postgres-requirements.yaml --force && \
+    ansible-playbook -i,localhost drgon-postgres-playbook.yaml --tags "all" && \
+    rm -f ./*.yaml
 
 # Uninstall Ansible stuff
-RUN rm -rf $HOME/.ansible && apt purge -y ansible*
+RUN rm -rf $HOME/.ansible && \
+    apt-get purge -y ansible*
 
 # Uninstall pip and psycopg2 binary
-RUN pip uninstall -y psycopg2-binary && apt remove -y python3-pip
+RUN pip uninstall -y psycopg2-binary && \
+    apt-get remove -y python3-pip
 
 # Remove install cache
-RUN apt clean autoclean && apt autoremove -y && rm -rf /var/lib/{apt,dpkg,cache,log}/
+RUN apt-get clean autoclean && \
+    apt-get autoremove -y && \
+    rm -rf /var/lib/{apt,dpkg,cache,log}/
 
+USER postgres
 CMD service postgresql start && tail -f /dev/null
diff --git a/Dockerfiles/Dockerfile.drgon-server b/Dockerfiles/Dockerfile.drgon-server
@@ -2,29 +2,30 @@ FROM ubuntu:20.04
 
 ARG DRGON_POSTGRES_ADMIN_PASSWORD="admin"
 ARG DEBIAN_FRONTEND=noninteractive
-RUN apt update
+RUN apt-get update
 
 COPY ./src /drgon
 WORKDIR /drgon
 
 # Install NodeJS
-RUN apt install -y curl
-RUN curl -sL https://deb.nodesource.com/setup_20.x -o nodesource_setup.sh
-RUN bash nodesource_setup.sh
-RUN rm nodesource_setup.sh
-RUN apt install -y nodejs
+RUN apt-get install -y curl && \
+    curl -sL https://deb.nodesource.com/setup_20.x -o nodesource_setup.sh && \
+    bash nodesource_setup.sh && \
+    rm nodesource_setup.sh && \
+    apt-get install -y nodejs
 
 # Install build essentials
-RUN apt install -y build-essential
+RUN apt-get install -y build-essential
 
 # Install npm dependencies
 RUN npm i
 
 # Remove build essentials
-RUN apt remove -y build-essential
+RUN apt-get remove -y build-essential
 
 # Remove install cache
-RUN apt clean autoclean && apt autoremove -y && rm -rf /var/lib/{apt,dpkg,cache,log}/
+RUN apt-get clean autoclean && apt-get autoremove -y && \
+    rm -rf /var/lib/{apt,dpkg,cache,log}/
 
 # Start DRGON server
 CMD npm run start