FROM alpine:3.8
$ docker run --rm -i hadolint/hadolint < ./Dockerfile
$ echo $?
0
renatomefi
/ Article-dockerfile-linting_fix-alpine-version.md
Last active
September 4, 2018 19:32
renatomefi
/ Article-dockerfile-linting-hadolint-parameters.md
Created
September 4, 2018 19:09
$ docker run --rm -i hadolint/hadolint -c config.yaml < ./Dockerfile
docker: Error response from daemon: OCI runtime create failed: container_linux.go:348: starting container process caused "exec: \"-c\": executable file not found in $PATH": unknown.
renatomefi
/ Article-dockerfile-linting-hadolint-parameters-fix.md
Created
September 4, 2018 19:10
$ docker run --rm -i hadolint/hadolint hadolint -c config.yaml - <./Dockerfile
renatomefi
/ Article-dockerfile-linting-hadolint-ignoring-rules.md
Last active
September 4, 2018 19:17
renatomefi
/ Article-dockerfile-linting-hadolint-multiple-files.md
Created
September 4, 2018 19:22
$ docker run -v $(pwd):/project:ro --workdir=/project --rm -i hadolint/hadolint:latest-debian \
hadolint /project/Dockerfile /project/Dockerfile-something-else
$ echo $?
0
renatomefi
/ Article-dockerfile-linting-hadolint-shellcheck.md
Created
September 4, 2018 19:23
FROM alpine:3.8
RUN my_repo = "http://myrepo.git" && cd /tmp && git clone $my_repo$ docker run -v $(pwd):/project:ro --workdir=/project --rm -i hadolint/hadolint:latest-debian hadolint /project/Dockerfile
/project/Dockerfile:3 SC1068 Don't put spaces around the = in assignments.
/project/Dockerfile:3 DL3003 Use WORKDIR to switch to a directory
renatomefi
/ Article-dockerfile-linting-hadolint-shellcheck-ignore.md
Created
September 4, 2018 19:25
ignored:
- DL3007 # this was here before...
- SC1068
renatomefi
/ Article-dockerfile-linting-alpine-fix.md
Created
September 4, 2018 19:36
FROM alpine:latest
$ docker run --rm -i hadolint/hadolint hadolint -f json - < ./Dockerfile
[{"line":1,"code":"DL3007","message":"Using latest is prone to errors if the image will ever update. Pin the version explicitly to a release tag","column":1,"file":"/dev/stdin","level":"warning"}]
renatomefi
/ docker-compose.yml
Created
September 17, 2018 16:54
A docker-compose file for CoreOS Clair Scanner
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| version: '3.2' | |
| services: | |
| postgres: | |
| container_name: clair_postgres | |
| image: arminc/clair-db:latest | |
| restart: unless-stopped | |
| environment: | |
| POSTGRES_PASSWORD: password | |
| clair: |
renatomefi
/ Article-dockerfile-security-scan-clair-v2.0.0.md
Created
September 17, 2018 18:19
$ clair-scanner --ip 172.17.0.1 quay.io/coreos/clair:v2.0.0
2018/09/17 20:15:31 [INFO] ▶ Start clair-scanner
2018/09/17 20:15:35 [INFO] ▶ Server listening on port 9279
2018/09/17 20:15:35 [INFO] ▶ Analyzing 30784cae2b30e82860239f7de81fc755f69bc58a77d52c2d8318ac1162247f66
2018/09/17 20:15:35 [INFO] ▶ Analyzing 858cb12d7179e8919fe9eb4d9235f3c6c5b42a3a990b4bc4d98b7d065cd6d410
2018/09/17 20:15:35 [INFO] ▶ Analyzing dcb049bb3bf0b86e0066e3aed414200c380d6d5ca00fd583ed958b2ac897596c
2018/09/17 20:15:35 [INFO] ▶ Analyzing 8c676d6c9c7d6b0b5d635bda83b80bea5ee2464ef7c5f22540c541d6345f7713
2018/09/17 20:15:35 [INFO] ▶ Analyzing 97d0cd0812dcf22015d9ffb01bc8d634765aab9774a134daedd75456abc3490a
2018/09/17 20:15:35 [INFO] ▶ Analyzing ea9c1b92c10ef25434adf1a68b87bd82830286fca881dcef5d11df9ce84847b3