-
Notifications
You must be signed in to change notification settings - Fork 210
38 lines (33 loc) · 1.24 KB
/
hadolint.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
# This workflow will install Python dependencies, run tests and lint with a single version of Python
# For more information see: https://help.github.com/actions/language-and-framework-guides/using-python-with-github-actions
name: Hadolint Security Scan
on:
pull_request:
branches: [ develop ]
types: [opened, synchronize, reopened, ready_for_review]
permissions:
contents: read
jobs:
build:
if: github.event.pull_request.draft == false
runs-on: ubuntu-latest
timeout-minutes: 15
steps:
- uses: actions/checkout@v3
- name: Set up Python 3
uses: actions/setup-python@v3
with:
python-version: "3.9"
- name: Install dependencies
run: |
python -m pip install --upgrade pip
pip install .
- name: Hadolint Dockerfile Scan
run: |
docker run -v ${PWD}/openfl-docker:/openfl-docker --rm -i hadolint/hadolint hadolint -t error /openfl-docker/Dockerfile.base
docker run -v ${PWD}/openfl-docker:/openfl-docker --rm -i hadolint/hadolint hadolint -t error -f json /openfl-docker/Dockerfile.base > hadolint_output.json
- name: Upload Hadolint JSON Report
uses: actions/upload-artifact@v3
with:
name: hadolint-report
path: hadolint_output.json