hadolint
hadolint documentation
- Version in Mega-Linter: 2.1.0
- Visit Official Web Site
- See How to configure hadolint rules
- If custom
.hadolint.ymlconfig file is not found, .hadolint.yml will be used
- If custom
- See How to disable hadolint rules in files
- See Index of problems detected by hadolint
Configuration in Mega-Linter
- Enable hadolint by adding
DOCKERFILE_HADOLINTin ENABLE_LINTERS variable - Disable hadolint by adding
DOCKERFILE_HADOLINTin DISABLE_LINTERS variable
| Variable | Description | Default value |
|---|---|---|
| DOCKERFILE_HADOLINT_ARGUMENTS | User custom arguments to add in linter CLI call Ex: -s --foo "bar" |
|
| DOCKERFILE_HADOLINT_FILTER_REGEX_INCLUDE | Custom regex including filter Ex: (src|lib) |
Include every file |
| DOCKERFILE_HADOLINT_FILTER_REGEX_EXCLUDE | Custom regex excluding filter Ex: (test|examples) |
Exclude no file |
| DOCKERFILE_HADOLINT_FILE_EXTENSIONS | Allowed file extensions. "*" matches any extension, "" matches empty extension. Empty list excludes all filesEx: [".py", ""] |
Exclude every file |
| DOCKERFILE_HADOLINT_FILE_NAMES_REGEX | File name regex filters. Regular expression list for filtering files by their base names using regex full match. Empty list includes all files Ex: ["Dockerfile(-.+)?", "Jenkinsfile"] |
["Dockerfile"] |
| DOCKERFILE_HADOLINT_CONFIG_FILE | hadolint configuration file nameUse LINTER_DEFAULT to let the linter find it |
.hadolint.yml |
| DOCKERFILE_HADOLINT_RULES_PATH | Path where to find linter configuration file | Workspace folder, then Mega-Linter default rules |
| DOCKERFILE_HADOLINT_DISABLE_ERRORS | Run linter but consider errors as warnings | false |
| DOCKERFILE_HADOLINT_DISABLE_ERRORS_IF_LESS_THAN | Maximum number of errors allowed | 0 |
IDE Integration
Use hadolint in your favorite IDE to catch errors before Mega-Linter !
| IDE | Extension Name | Install | |
|---|---|---|---|
| Atom | linter-hadolint | Visit Web Site | |
| Visual Studio Code | hadolint |  |
Mega-Linter Flavours
This linter is available in the following flavours
| Flavor | Description | Embedded linters | Info | |
|---|---|---|---|---|
 |
all | Default Mega-Linter Flavor | 84 |   |
| ci_light | Optimized for CI items (Dockerfile, Jenkinsfile, JSON/YAML schemas,XML | 12 |   |
|
| dart | Optimized for DART based projects | 38 |   |
|
| documentation | Mega-Linter for documentation projects | 37 |   |
|
| dotnet | Optimized for C, C++, C# or VB based projects | 43 |   |
|
| go | Optimized for GO based projects | 39 |   |
|
| java | Optimized for JAVA based projects | 38 |   |
|
| javascript | Optimized for JAVASCRIPT or TYPESCRIPT based projects | 46 |   |
|
| php | Optimized for PHP based projects | 41 |   |
|
| python | Optimized for PYTHON based projects | 44 |   |
|
| ruby | Optimized for RUBY based projects | 38 |   |
|
| rust | Optimized for RUST based projects | 38 |   |
|
| salesforce | Optimized for Salesforce based projects | 38 |   |
|
| scala | Optimized for SCALA based projects | 38 |   |
|
| swift | Optimized for SWIFT based projects | 38 |   |
|
| terraform | Optimized for TERRAFORM based projects | 40 |   |
Behind the scenes
How are identified applicable files
- File names (regex):
Dockerfile
Example calls
hadolint Dockerfile
hadolint --config .hadolint.yml Dockerfile
Help content
hadolint - Dockerfile Linter written in Haskell
Usage: hadolint [-v|--version] [--no-fail] [--no-color] [-c|--config FILENAME]
[-f|--format ARG] [DOCKERFILE...] [--error RULECODE]
[--warning RULECODE] [--info RULECODE] [--style RULECODE]
[--ignore RULECODE]
[--trusted-registry REGISTRY (e.g. docker.io)]
[--require-label LABELSCHEMA (e.g. maintainer:text)]
[--strict-labels]
Lint Dockerfile for errors and best practices
Available options:
-h,--help Show this help text
-v,--version Show version
--no-fail Don't exit with a failure status code when any rule
is violated
--no-color Don't colorize output
-c,--config FILENAME Path to the configuration file
-f,--format ARG The output format for the results [tty | json |
checkstyle | codeclimate | gitlab_codeclimate |
codacy] (default: tty)
--error RULECODE Make the rule `RULECODE` have the level `error`
--warning RULECODE Make the rule `RULECODE` have the level `warning`
--info RULECODE Make the rule `RULECODE` have the level `info`
--style RULECODE Make the rule `RULECODE` have the level `style`
--ignore RULECODE A rule to ignore. If present, the ignore list in the
config file is ignored
--trusted-registry REGISTRY (e.g. docker.io)
A docker registry to allow to appear in FROM
instructions
--require-label LABELSCHEMA (e.g. maintainer:text)
The option --require-label=label:format makes
Hadolint check that the label `label` conforms to
format requirement `format`
--strict-labels Do not permit labels other than specified in
`label-schema`
Installation on mega-linter Docker image
- Dockerfile commands :
FROM hadolint/hadolint:latest-alpine as hadolint
COPY --from=hadolint /bin/hadolint /usr/bin/hadolint
Example success log
Results of hadolint linter (version 1.19.0)
See documentation on https://nvuillam.github.io/mega-linter/descriptors/dockerfile_hadolint/
-----------------------------------------------
[SUCCESS] .automation/test/docker/good/Dockerfile
[SUCCESS] .automation/test/docker/good/Dockerfile.dev
Example error log
Results of hadolint linter (version 1.19.0)
See documentation on https://nvuillam.github.io/mega-linter/descriptors/dockerfile_hadolint/
-----------------------------------------------
[ERROR] .automation/test/docker/bad/Dockerfile
.automation/test/docker/bad/Dockerfile:1 DL3007 Using latest is prone to errors if the image will ever update. Pin the version explicitly to a release tag
.automation/test/docker/bad/Dockerfile:8 DL3021 COPY with more than 2 arguments requires the last argument to end with /
.automation/test/docker/bad/Dockerfile:9 DL3004 Do not use sudo as it leads to unpredictable behavior. Use a tool like gosu to enforce root
.automation/test/docker/bad/Dockerfile:11 DL3020 Use COPY instead of ADD for files and folders
.automation/test/docker/bad/Dockerfile:14 DL3025 Use arguments JSON notation for CMD and ENTRYPOINT arguments