Expand description
Rule system framework for hadolint-rs.
Provides the infrastructure for defining and running Dockerfile linting rules. The design matches hadolint’s fold-based architecture:
simple_rule- Stateless rules that check each instruction independentlycustom_rule- Stateful rules that accumulate state across instructionsvery_custom_rule- Rules with custom finalization logiconbuild- Wrapper to also check ONBUILD-wrapped instructions
Modules§
- dl1001
- DL1001: Please refrain from using inline ignore pragmas
- dl3000
- DL3000: Use absolute WORKDIR
- dl3001
- DL3001: Don’t use invalid commands in RUN
- dl3002
- DL3002: Last USER should not be root
- dl3003
- DL3003: Use WORKDIR to switch to a directory
- dl3004
- DL3004: Do not use sudo
- dl3005
- DL3005: Do not use apt-get upgrade or dist-upgrade
- dl3006
- DL3006: Always tag the version of an image explicitly
- dl3007
- DL3007: Using latest is prone to errors
- dl3008
- DL3008: Pin versions in apt-get install
- dl3009
- DL3009: Delete the apt-get lists after installing something
- dl3010
- DL3010: Use ADD for extracting archives into an image
- dl3011
- DL3011: Valid UNIX ports range from 0 to 65535
- dl3012
- DL3012: Multiple HEALTHCHECK instructions
- dl3013
- DL3013: Pin versions in pip install
- dl3014
- DL3014: Use the -y switch to avoid manual input
- dl3015
- DL3015: Avoid additional packages by specifying –no-install-recommends
- dl3016
- DL3016: Pin versions in npm install
- dl3017
- DL3017: Do not use apk upgrade
- dl3018
- DL3018: Pin versions in apk add
- dl3019
- DL3019: Use –no-cache for apk add
- dl3020
- DL3020: Use COPY instead of ADD for files/dirs
- dl3021
- DL3021: Use COPY instead of ADD for non-URL archives
- dl3022
- DL3022: COPY –from should reference a previously defined FROM alias
- dl3023
- DL3023: COPY –from cannot reference its own FROM alias
- dl3024
- DL3024: FROM aliases must be unique
- dl3025
- DL3025: Use arguments JSON notation for CMD and ENTRYPOINT arguments
- dl3026
- DL3026: Use only an allowed registry in the FROM image
- dl3027
- DL3027: Do not use apt as it is meant for interactive use
- dl3028
- DL3028: Pin versions in gem install
- dl3029
- DL3029: Use –platform flag with FROM for cross-architecture builds
- dl3030
- DL3030: Use the –yes switch to avoid prompts for zypper install
- dl3031
- DL3031: Do not use yum update
- dl3032
- DL3032: yum clean all after yum install
- dl3033
- DL3033: Pin versions in yum install
- dl3034
- DL3034: Non-interactive switch missing from zypper command
- dl3035
- DL3035: Do not use zypper update
- dl3036
- DL3036: zypper clean missing after zypper install
- dl3037
- DL3037: Pin versions in zypper install
- dl3038
- DL3038: Use the -y switch to avoid prompts for dnf install
- dl3039
- DL3039: Do not use dnf update
- dl3040
- DL3040: dnf clean all missing after dnf install
- dl3041
- DL3041: Pin versions in dnf install
- dl3042
- DL3042: Avoid use of cache directory with pip
- dl3043
- DL3043: ONBUILD ONBUILD is not allowed
- dl3044
- DL3044: Do not refer to an environment variable within the same ENV statement
- dl3045
- DL3045: COPY to a relative destination without WORKDIR set
- dl3046
- DL3046: useradd without -l flag may result in large layers
- dl3047
- DL3047: wget vs curl consistency
- dl3048
- DL3048: Invalid label key
- dl3049
- DL3049: Label
maintaineris deprecated - dl3050
- DL3050: Superfluous label present
- dl3051
- DL3051: Label
org.opencontainers.image.createdis empty or not a valid date - dl3052
- DL3052: Label
org.opencontainers.image.licensesis not a valid SPDX expression - dl3053
- DL3053: Label
org.opencontainers.image.titleis empty - dl3054
- DL3054: Label
org.opencontainers.image.descriptionis empty - dl3055
- DL3055: Label
org.opencontainers.image.documentationis not a valid URL - dl3056
- DL3056: Label
org.opencontainers.image.sourceis not a valid URL - dl3057
- DL3057: HEALTHCHECK instruction missing
- dl3058
- DL3058: Label
org.opencontainers.image.urlis not a valid URL - dl3059
- DL3059: Multiple consecutive RUN instructions
- dl3060
- DL3060: yarn cache clean missing after yarn install
- dl3061
- DL3061: Invalid image name in FROM
- dl3062
- DL3062: COPY –from should reference a defined stage
- dl4000
- DL4000: MAINTAINER is deprecated
- dl4001
- DL4001: Either use wget or curl, but not both
- dl4003
- DL4003: Multiple CMD instructions
- dl4004
- DL4004: Multiple ENTRYPOINT instructions
- dl4005
- DL4005: Use SHELL to change the default shell
- dl4006
- DL4006: Set the SHELL option -o pipefail before RUN with a pipe in it
Structs§
- Custom
Rule - A stateful rule with custom step function.
- Rule
Data - Custom data storage for stateful rules.
- Rule
State - State for rule execution.
- Simple
Rule - A simple stateless rule.
- Very
Custom Rule - A rule with custom finalization.
Traits§
- Rule
- A rule that can check Dockerfile instructions.
Functions§
- all_
rules - Get all enabled rules.
- custom_
rule - Create a custom stateful rule.
- simple_
rule - Create a simple stateless rule.
- very_
custom_ rule - Create a rule with custom finalization.