Question 1

How to ignore a rule in Hadolint?

Accepted Answer

Use inline pragmas like `# hadolint ignore=DL3006` above the line, or configure global ignores in a YAML file. This allows selective suppression for specific code sections without disabling rules entirely.

Question 2

Hadolint vs dockerfilelint: which is better?

Accepted Answer

Hadolint offers deeper AST-based analysis and ShellCheck integration, making it more comprehensive for enforcing best practices. Dockerfilelint is simpler and faster for basic checks, but Hadolint is preferred for rigorous CI/CD pipelines with security focus.

Question 3

How to run Hadolint in a Docker container?

Accepted Answer

Pipe your Dockerfile to `docker run --rm -i hadolint/hadolint`, which avoids local installation. You can also mount custom config files using `-v` for personalized rule sets in CI environments.

Question 4

Can Hadolint check Docker image labels?

Accepted Answer

Yes, Hadolint validates labels against schemas like semantic versioning or RFC3339 timestamps using the `--require-label` flag or config file options. It supports strict mode to warn on extra labels.

Question 5

What does DL3006 error mean in Hadolint?

Accepted Answer

DL3006 warns against using unversioned image tags (e.g., `FROM ubuntu` instead of `FROM ubuntu:20.04`). It recommends explicit version pinning to avoid unpredictable updates and improve reproducibility.

Question 6

How to integrate Hadolint with GitHub Actions?

Accepted Answer

Use the official Hadolint GitHub Action or run it as a shell command in your workflow, outputting results in formats like JSON or checkstyle for reporting. The README lists CI integrations with examples.

Haskell Dockerfile Linter

What is Haskell Dockerfile Linter?

Overview

Use Cases

Best For

Related Projects

Found a gem we're missing?

Not Ideal For

Pros & Cons

Pros

Cons

Frequently Asked Questions