Safe Haskell | None |
---|---|
Language | Haskell2010 |
- data Metadata = Metadata {}
- data RuleCheck = RuleCheck {
- metadata :: Metadata
- filename :: Filename
- linenumber :: Linenumber
- success :: Bool
- link :: Metadata -> String
- type Rule = Dockerfile -> [RuleCheck]
- mapInstructions :: Metadata -> (state -> Linenumber -> Instruction -> (state, Bool)) -> state -> Rule
- instructionRule :: String -> Severity -> String -> (Instruction -> Bool) -> Rule
- instructionRuleLine :: String -> Severity -> String -> (Linenumber -> Instruction -> Bool) -> Rule
- instructionRuleState :: String -> Severity -> String -> (state -> Linenumber -> Instruction -> (state, Bool)) -> state -> Rule
- dockerfileRule :: String -> Severity -> String -> ([Instruction] -> Bool) -> Rule
- analyze :: [Rule] -> Dockerfile -> [RuleCheck]
- ignored :: Dockerfile -> [(Linenumber, [String])]
- rules :: [Rule]
- commentMetadata :: Comment -> Metadata
- shellcheckBash :: Dockerfile -> [RuleCheck]
- bashCommands :: [String] -> [[String]]
- allFromImages :: Dockerfile -> [(Linenumber, BaseImage)]
- allAliasedImages :: Dockerfile -> [(Linenumber, ImageAlias)]
- allImageNames :: Dockerfile -> [(Linenumber, String)]
- previouslyDefinedAliases :: Linenumber -> Dockerfile -> [String]
- aliasMustBe :: (String -> Bool) -> Instruction -> Bool
- fromName :: BaseImage -> String
- fromAlias :: BaseImage -> Maybe ImageAlias
- absoluteWorkdir :: Rule
- hasNoMaintainer :: Rule
- usingProgram :: String -> [String] -> Bool
- multipleCmds :: Rule
- multipleEntrypoints :: Rule
- wgetOrCurl :: Rule
- invalidCmd :: Rule
- noRootUser :: Rule
- noCd :: Rule
- noSudo :: Rule
- noAptGetUpgrade :: Rule
- noUntagged :: Dockerfile -> [RuleCheck]
- noLatestTag :: Rule
- aptGetVersionPinned :: Rule
- aptGetPackages :: [String] -> [String]
- aptGetCleanup :: Dockerfile -> [RuleCheck]
- dropOptionsWithArg :: [String] -> [String] -> [String]
- noApkUpgrade :: Rule
- isApkAdd :: [String] -> Bool
- apkAddVersionPinned :: Rule
- apkAddPackages :: [String] -> [String]
- apkAddNoCache :: Rule
- useAdd :: Rule
- invalidPort :: Rule
- pipVersionPinned :: Rule
- npmVersionPinned :: Rule
- isAptGetInstall :: [[Char]] -> Bool
- aptGetYes :: Rule
- aptGetNoRecommends :: Rule
- isArchive :: String -> Bool
- isUrl :: String -> Bool
- copyInsteadAdd :: Rule
- copyEndingSlash :: Rule
- copyFromExists :: Dockerfile -> [RuleCheck]
- copyFromAnother :: Rule
- fromAliasUnique :: Dockerfile -> [RuleCheck]
- useShell :: Rule
Documentation
RuleCheck | |
|
type Rule = Dockerfile -> [RuleCheck] Source #
mapInstructions :: Metadata -> (state -> Linenumber -> Instruction -> (state, Bool)) -> state -> Rule Source #
instructionRule :: String -> Severity -> String -> (Instruction -> Bool) -> Rule Source #
instructionRuleLine :: String -> Severity -> String -> (Linenumber -> Instruction -> Bool) -> Rule Source #
instructionRuleState :: String -> Severity -> String -> (state -> Linenumber -> Instruction -> (state, Bool)) -> state -> Rule Source #
ignored :: Dockerfile -> [(Linenumber, [String])] Source #
commentMetadata :: Comment -> Metadata Source #
shellcheckBash :: Dockerfile -> [RuleCheck] Source #
bashCommands :: [String] -> [[String]] Source #
allFromImages :: Dockerfile -> [(Linenumber, BaseImage)] Source #
allAliasedImages :: Dockerfile -> [(Linenumber, ImageAlias)] Source #
allImageNames :: Dockerfile -> [(Linenumber, String)] Source #
previouslyDefinedAliases :: Linenumber -> Dockerfile -> [String] Source #
Returns a list of all image aliases in FROM instructions that are defined before the given line number.
aliasMustBe :: (String -> Bool) -> Instruction -> Bool Source #
Returns the result of running the check function on the image alias name, if the passed instruction is a FROM instruction with a stage alias. Otherwise, returns True.
multipleCmds :: Rule Source #
wgetOrCurl :: Rule Source #
invalidCmd :: Rule Source #
noRootUser :: Rule Source #
noUntagged :: Dockerfile -> [RuleCheck] Source #
noLatestTag :: Rule Source #
aptGetPackages :: [String] -> [String] Source #
aptGetCleanup :: Dockerfile -> [RuleCheck] Source #
noApkUpgrade :: Rule Source #
apkAddPackages :: [String] -> [String] Source #
apkAddNoCache :: Rule Source #
invalidPort :: Rule Source #
npmVersionPinned :: Rule Source #
Rule for pinning NPM packages to version, tag, or commit
supported formats by Hadolint
npm install (with no args, in package dir)
npm install [@scope/]name
npm install [@scope/]nametag
npm install [<
scope>/]name@version
npm install git[+http|+https]:/git-hostgit-user/repo-name[semver:semver]
npm install git+ssh:/git-host:git-userrepo-name[semver:semver]
isAptGetInstall :: [[Char]] -> Bool Source #
copyFromExists :: Dockerfile -> [RuleCheck] Source #
fromAliasUnique :: Dockerfile -> [RuleCheck] Source #