Question 1

How to install Hadolint on Linux?

Accepted Answer

You can install Hadolint via Docker by running 'docker pull hadolint/hadolint', or use package managers like brew for OSX or build from source with Haskell and cabal, as detailed in the Install section.

Question 2

Hadolint vs dockerfilelint: which is better?

Accepted Answer

Hadolint uses AST parsing and integrates ShellCheck for deeper analysis, making it more comprehensive for security and best practices, while dockerfilelint is simpler and listed as an alternative in the README.

Question 3

How to ignore rules in Hadolint?

Accepted Answer

You can ignore rules inline with comments like '# hadolint ignore=DL3001' above a line, or globally via configuration files specifying ignored rules, as explained in the Ignoring Rules section.

Question 4

Can Hadolint lint Windows-based Dockerfiles?

Accepted Answer

Yes, but for non-Posix shells like PowerShell, you need to use the 'hadolint shell' pragma to specify the shell, so it can ignore shell-specific rules appropriately, as noted in Non-Posix Shells.

Question 5

How to integrate Hadolint into CI/CD pipelines?

Accepted Answer

Hadolint supports multiple output formats like JSON and checkstyle, and you can run it in a Docker container within workflows, making it easy to add as a CI step, with examples in the Integrations docs.

Question 6

Does Hadolint check for outdated base images?

Accepted Answer

Hadolint warns against using 'latest' tags with rules like DL3007, but it doesn't actively check for image updates or security vulnerabilities beyond trusted registry checks.

hadolint

What is hadolint?

Overview

Use Cases

Best For

Related Projects

Found a gem we're missing?

Not Ideal For

Pros & Cons

Pros

Cons

Frequently Asked Questions