feat: hadolint 2.8.0

Hadolint 2.8 introduces the `sarif` format, useful for standardized security reporting.
jbergstroem · Nov 5, 2021 · d8223d4 · d8223d4
1 parent feedc6b
commit d8223d4
Show file tree

Hide file tree

Showing 4 changed files with 12 additions and 11 deletions.
diff --git a/HADOLINT_VERSION b/HADOLINT_VERSION
@@ -1 +1 @@
-2.7.0
+2.8.0
diff --git a/README.md b/README.md
@@ -23,14 +23,14 @@ More usage examples [can be found in USAGE.md](USAGE.md).
 
 ## Parameters
 
-| Variable      | Default        | Description                                                                                                        |
-| :------------ | :------------- | :----------------------------------------------------------------------------------------------------------------- |
-| dockerfile    | `./Dockerfile` | Path to Dockerfile(s). Accepts shell expansions (`**/Dockerfile`)                                                  |
-| config_file   |                | Path to optional config (hadolint defaults to read `./hadolint.yml` if it exists)                                  |
-| error_level   | `0`            | Fail CI based on hadolint output (`-1`: never, `0`: error, `1`: warning, `2`: info)                                |
-| annotate      | true           | Annotate code inline in the github PR viewer (`true`/`false`)                                                      |
-| output_format |                | Set output format (choose between `tty`, `json`, `checkstyle`, `codeclimate`, `gitlab_codeclimate` or `sonarqube`) |
-| hadolint_path |                | Absolute path to hadolint binary. If unset, it is assumed to exist in `$PATH`                                      |
+| Variable      | Default        | Description                                                                                                                 |
+| :------------ | :------------- | :-------------------------------------------------------------------------------------------------------------------------- |
+| dockerfile    | `./Dockerfile` | Path to Dockerfile(s). Accepts shell expansions (`**/Dockerfile`)                                                           |
+| config_file   |                | Path to optional config (hadolint defaults to read `./hadolint.yml` if it exists)                                           |
+| error_level   | `0`            | Fail CI based on hadolint output (`-1`: never, `0`: error, `1`: warning, `2`: info)                                         |
+| annotate      | true           | Annotate code inline in the github PR viewer (`true`/`false`)                                                               |
+| output_format |                | Set output format (choose between `tty`, `json`, `checkstyle`, `codeclimate`, `gitlab_codeclimate`, `sonarqube` or `sarif`) |
+| hadolint_path |                | Absolute path to hadolint binary. If unset, it is assumed to exist in `$PATH`                                               |
 
 ## Hadolint version
 

diff --git a/lib/validate.sh b/lib/validate.sh
@@ -12,7 +12,7 @@ function validate_annotate() {
 }
 
 function validate_output_format() {
-  local -a output_formats=(tty json checkstyle codeclimate gitlab_codeclimate sonarqube)
+  local -a output_formats=(tty json checkstyle codeclimate gitlab_codeclimate sonarqube sarif)
   for format in "${output_formats[@]}"; do
     [[ "${format}" == "${1}" ]] && return 0
   done

diff --git a/test/unit.sh b/test/unit.sh
@@ -31,8 +31,9 @@ test_validate_invalid_annotate() {
 
 test_validate_output_format() {
   assert "validate_output_format gitlab_codeclimate"
-  assert "validate_output_format tty"
+  assert "validate_output_format sarif"
   assert "validate_output_format sonarqube"
+  assert_fail "validate_output_format bbs"
 }
 
 test_validate_invalid_output_format() {