Add CI linting and security scan #3
Annotations
10 errors and 2 warnings
|
Run Hadolint with GitHub Action:
1.1.15/Dockerfile#L11
DL3003 warning: Use WORKDIR to switch to a directory
|
|
Run Hadolint with GitHub Action:
1.1.15/Dockerfile#L11
DL3018 warning: Pin versions in apk add. Instead of `apk add <package>` use `apk add <package>=<version>`
|
|
Run Hadolint with GitHub Action:
1.1.15/Dockerfile#L11
DL4006 warning: Set the SHELL option -o pipefail before RUN with a pipe in it. If you are using /bin/sh in an alpine image or if your shell is symlinked to busybox then consider explicitly setting your SHELL to /bin/ash, or disable this check
|
|
Run Hadolint with GitHub Action:
1.1.15/Dockerfile#L11
DL3019 info: Use the `--no-cache` switch to avoid the need to use `--update` and remove `/var/cache/apk/*` when done installing packages
|
|
Run Hadolint with GitHub Action:
1.1.15/Dockerfile#L11
SC2086 info: Double quote to prevent globbing and word splitting.
|
|
Run Hadolint with GitHub Action:
1.1.15/Dockerfile#L11
DL3047 info: Avoid use of wget without progress bar. Use `wget --progress=dot:giga <url>`. Or consider using `-q` or `-nv` (shorthands for `--quiet` or `--no-verbose`).
|
|
Run Hadolint with GitHub Action:
1.1.16/Dockerfile#L11
DL3003 warning: Use WORKDIR to switch to a directory
|
|
Run Hadolint with GitHub Action:
1.1.16/Dockerfile#L11
DL3018 warning: Pin versions in apk add. Instead of `apk add <package>` use `apk add <package>=<version>`
|
|
Run Hadolint with GitHub Action:
1.1.16/Dockerfile#L11
DL4006 warning: Set the SHELL option -o pipefail before RUN with a pipe in it. If you are using /bin/sh in an alpine image or if your shell is symlinked to busybox then consider explicitly setting your SHELL to /bin/ash, or disable this check
|
|
Run Hadolint with GitHub Action:
1.1.16/Dockerfile#L11
DL3019 info: Use the `--no-cache` switch to avoid the need to use `--update` and remove `/var/cache/apk/*` when done installing packages
|
|
Node.js 16 actions are deprecated. Please update the following actions to use Node.js 20: actions/checkout@v3. For more information see: https://github.blog/changelog/2023-09-22-github-actions-transitioning-from-node-16-to-node-20/.
|
|
Run Hadolint with GitHub Action
Unexpected input(s) 'dockerfile_folder', valid inputs are ['entryPoint', 'args', 'dockerfile', 'config', 'recursive', 'output-file', 'no-color', 'no-fail', 'verbose', 'format', 'failure-threshold', 'override-error', 'override-warning', 'override-info', 'override-style', 'ignore', 'trusted-registries']
|
Loading