-
Notifications
You must be signed in to change notification settings - Fork 4
/
.hadolint.yaml
60 lines (50 loc) · 2.49 KB
/
.hadolint.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
---
ignored:
# Warning: Use WORKDIR to switch to a directory.
# https://github.com/hadolint/hadolint/wiki/DL3003
# Reason: We use WORKDIR where appropriate and `cd` otherwise to condense RUN blocks, this warning is annoying
- DL3003
# Warning: Always tag the version of an image explicitly.
# https://github.com/hadolint/hadolint/wiki/DL3006
# Reason: We use buildx which handles the build graph, no explicit image tags necessary
- DL3006
# Warning: Pin versions in pip.
# https://github.com/hadolint/hadolint/wiki/DL3006
# Reason: So far we haven't pinned versions. If we decide to, we should do that as a separate piece of work.
- DL3013
# Warning: Use the -y switch to avoid manual input dnf install -y <package>
# https://github.com/hadolint/hadolint/wiki/DL3038
# Reason: We set `assumeyes=True` in dnf.conf in our base image
- DL3038
# Warning: Specify version with dnf install -y <package>-<version>
# https://github.com/hadolint/hadolint/wiki/DL3041
# Reason: It's good advice, but we're not set up to pin versions just yet
- DL3041
# Warning: Set the SHELL option -o pipefail before RUN with a pipe in it
# https://github.com/hadolint/hadolint/wiki/DL4006
# Reason: We inherit the SHELL from our base image and that sets it
- DL4006
# Not following: File not included in mock.
# https://www.shellcheck.net/wiki/SC1091
# Reason: I've yet to see this being useful, where this happens we usually have no way to actually provide the file
- SC1091
# Expressions don't expand in single quotes, use double quotes for that.
# https://www.shellcheck.net/wiki/SC2016
# Reason: Ignoring because envsubst requires environment variable names
# as parameter. These environment variables must not be expanded, e.g.:
# envsubst '${PRODUCT}:${HBASE_OPERATOR_TOOLS}' < /stackable/bin/hbck2.env
- SC2016
# Use cd ... || exit in case cd fails.
# https://github.com/koalaman/shellcheck/wiki/SC2164
# Reason: Ignoring because we inherit SHELL from the base image which contains "-e" for bash
- SC2164
# In POSIX sh, [[ ]] is undefined.
# https://www.shellcheck.net/wiki/SC3010
# Reason: Ignoring because we inherit SHELL from the base image which
# sets the default shell to Bash where [[ ]] is defined.
- SC3010
# In POSIX sh, string replacement is undefined.
# https://www.shellcheck.net/wiki/SC3060
# Reason: Ignoring because we inherit SHELL from the base image which
# sets the default shell to Bash where string replacement is supported.
- SC3060