This repository was archived by the owner on Oct 6, 2023. It is now read-only.
File tree Expand file tree Collapse file tree 1 file changed +44
-0
lines changed Expand file tree Collapse file tree 1 file changed +44
-0
lines changed Original file line number Diff line number Diff line change 1+ # This workflow uses actions that are not certified by GitHub.
2+ # They are provided by a third-party and are governed by
3+ # separate terms of service, privacy policy, and support
4+ # documentation.
5+ # hadoint is a Dockerfile linter written in Haskell
6+ # that helps you build best practice Docker images.
7+ # More details at https://github.com/hadolint/hadolint
8+
9+ name : Hadolint
10+
11+ on :
12+ push :
13+ pull_request :
14+ schedule :
15+ - cron : ' 43 23 * * 5'
16+
17+ permissions :
18+ contents : read
19+
20+ jobs :
21+ hadolint :
22+ name : Run hadolint scanning
23+ runs-on : ubuntu-latest
24+ permissions :
25+ contents : read # for actions/checkout to fetch code
26+ security-events : write # for github/codeql-action/upload-sarif to upload SARIF results
27+ actions : read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
28+ steps :
29+ - name : Checkout code
30+ uses : actions/checkout@v3
31+
32+ - name : Run hadolint
33+ uses : hadolint/hadolint-action@f988afea3da57ee48710a9795b6bb677cc901183
34+ with :
35+ dockerfile : ./Dockerfile
36+ format : sarif
37+ output-file : hadolint-results.sarif
38+ no-fail : true
39+
40+ - name : Upload analysis results to GitHub
41+ uses : github/codeql-action/upload-sarif@v2
42+ with :
43+ sarif_file : hadolint-results.sarif
44+ wait-for-processing : true
You can’t perform that action at this time.
0 commit comments