Jenkins/Docker: Update hadolint version.

- Ignore hadolint warnings about not pinned version.

Jenkins/Docker: Update hadolint version.
- Ignore hadolint warnings about not pinned version.
b5d07f0f · Jonatan Antoni · e54ebc4f · b5d07f0f · b5d07f0f · b5d07f0f
Commit b5d07f0f authored 3 years ago by Jonatan Antoni
--- a/Jenkinsfile
+++ b/Jenkinsfile
@@ -19,6 +19,7 @@ DOCKERINFO = [
        'label': 'latest'
    ]
 ]
+HADOLINT_VERSION = '2.6.0-alpine'

 dockerinfo = DOCKERINFO['production']

@@ -135,9 +136,7 @@ pipeline {
                    echo "VERSION: '${VERSION}'"
                }

-                dir('docker') {
-                    stash name: 'dockerfile', includes: '**'
-                }
+                stash name: 'dockerfile', includes: 'docker/**'
            }
        }

@@ -206,7 +205,7 @@ echo """Stage schedule:
                            runAsGroup: 1000
                          containers:
                            - name: hadolint
-                              image: mcu--docker.eu-west-1.artifactory.aws.arm.com/hadolint/hadolint:v1.19.0-alpine
+                              image: mcu--docker.eu-west-1.artifactory.aws.arm.com/hadolint/hadolint:${HADOLINT_VERSION}
                              alwaysPullImage: true
                              imagePullPolicy: Always
                              command:
@@ -221,15 +220,13 @@ echo """Stage schedule:
                }
            }
            steps {
-                dir('docker') {
-                    unstash 'dockerfile'
+                unstash 'dockerfile'

-                    sh 'hadolint --format json dockerfile | tee hadolint.log'
+                sh 'hadolint --format json docker/dockerfile* | tee hadolint.log'

-                    recordIssues tools: [hadoLint(id: 'hadolint', pattern: 'hadolint.log')],
-                                 qualityGates: [[threshold: 1, type: 'DELTA', unstable: true]],
-                                 referenceJobName: 'nightly', ignoreQualityGate: true
-                }
+                recordIssues tools: [hadoLint(id: 'hadolint', pattern: 'hadolint.log')],
+                             qualityGates: [[threshold: 1, type: 'DELTA', unstable: true]],
+                             referenceJobName: 'nightly', ignoreQualityGate: true
            }
        }

@@ -265,9 +262,9 @@ echo """Stage schedule:
            steps {
                sh('apk add bash curl git')
                script {
-                    dir('docker') {
-                        unstash 'dockerfile'
+                    unstash 'dockerfile'

+                    dir('docker') {
                        dockerinfo = DOCKERINFO['staging']
                        withCredentials([sshUserPrivateKey(credentialsId: 'grasci_with_pk',
                                keyFileVariable: 'grasciPk',

--- a/docker/dockerfile
+++ b/docker/dockerfile
@@ -10,6 +10,7 @@ RUN useradd -u 1000 -U -m -c Jenkins jenkins

 # install packages from official Ubuntu repo
 ENV DEBIAN_FRONTEND=noninteractive
+# hadolint ignore=DL3008
 RUN apt-get update && \
    apt-get install --no-install-recommends -y \
        bc \
@@ -84,6 +85,7 @@ RUN chmod +x /usr/local/bin/PackChk

 # install Python requirements
 COPY requirements.txt ${INSTALLER_PATH}/
+# hadolint ignore=DL3013
 RUN python3 -m pip install -U --no-cache-dir pip && \
    python3 -m pip install -U --no-cache-dir -r ${INSTALLER_PATH}/requirements.txt


--- a/docker/dockerfile.gnu
+++ b/docker/dockerfile.gnu
@@ -6,6 +6,7 @@ FROM ${DOCKER_REGISTRY}/ubuntu:focal

 # install packages from official Ubuntu repo
 ENV DEBIAN_FRONTEND=noninteractive
+# hadolint ignore=DL3008
 RUN apt-get update && \
    apt-get install --no-install-recommends -y \
        bc \
@@ -48,6 +49,7 @@ WORKDIR /

 # install Python requirements
 COPY requirements.txt ${INSTALLER_PATH}/
+# hadolint ignore=DL3013
 RUN python3 -m pip install -U --no-cache-dir pip && \
    python3 -m pip install -U --no-cache-dir -r ${INSTALLER_PATH}/requirements.txt