Why lint DockerFile in Continuous Integration?

Dockerfile Linter — Inspects the commands mentioned in Dockerfiles to build an optimized docker image.

Photo by Kevin Ku on Unsplash

What is Linter ?

Lint or Linter is a tool that analyses source code to flag programming errors, bugs, stylistic errors, and suspicious constructs.

We often talk about the best practices or syntax to follow while writing source code for the application but we usually skip the code which helps us in generating deployable containers like for docker image we have Dockerfile.

Why we need Linter ?

In the era of Microservices where concept of Continuous Integration has become a necessity so as to keep application code changes in production-quality state.

Continuous Inspection is another important aspect which ensures the quality of software/application by continuously validating all the changes and identifying the risks before moving the change to production.

Irrespective of the development practice being followed it is always important to integrate Continuous Inspection tool to build cycle.

Common Lint Tools

There are multiple continuous inspection tools available which support more than one programming languages and have multiple features like below:

Sonar Qube— Continuous inspection of code quality to perform automatic reviews with static analysis of code to detect bugs, code smells, and security vulnerabilities on 20+ programming languages.

Image copied from — sonarqube.org

Why we need Linter for Docker ?

There are many linters available which inspect code of different programming languages. But how we should make sure that the docker image generated for our application is in optimised form.

That’s why we need some linter which will inspect and apply all the quality checks on the Dockerfile.

Dockerfile — is a text document that contains all the commands a user could call on the command line to assemble a deployable docker image.

Available Docker Linters

There are many open source docker linters available :

• Haskell Linter
• Atom Linter

Here I am using Haskell Docker Linter.

Haskell Docker Linter will inspect the Dockerfile into an AST and performs rules on top of the AST. It additionally is using the famous Shellcheck to lint the Bash code inside RUN instructions.

Integrate Docker Linter — CI pipeline

Here, I have used Declarative Pipeline for Continuous integration(CI).

The below code is adding a stage i.e “Quality gate - Dockerfile” before building docker image. It will then inspect the application Dockerfile and archive the result as a text file.

stages {
....
stage ("Quality Gate") {
    parallel {
       stage ("Dockerfile") {
         agent {
            docker {
               image 'hadolint/hadolint:latest-debian'
            }
         }
         steps {
            sh 'hadolint microservice1/dockerfile | tee -a      ms1_docker_lint.txt'
         }
        post {
          always {
            archiveArtifacts 'ms1_docker_lint.txt'
          }
        }
     }
   }
....
}

Continuous Integration Pipeline

Thanks for reading !

Hope you have enjoyed reading the article.

Hit 👏 button (up to 50 times) . It encourages me to keep writing :)

Also do checkout my articles

Alexa — Deploy my service !!!

Capture IOT sensor’s data — MQTT Protocol + RabbitMQ as MQTT Broker

Why to choose — Google Cloud Run & Google Scheduler for scheduling jobs ? 🤔

Continuous Integration — Github-Jenkins + Telegram integration

You can follow me on LinkedIn , Medium and Github