← 返回命令列表

Linux command

hadolint 命令

文件

复制后可按需替换文件名、目录或参数。

常用示例

Lint a Dockerfile

hadolint [path/to/Dockerfile]

Lint from stdin

cat Dockerfile | hadolint -

Ignore specific rules

hadolint --ignore [DL3008] --ignore [DL3009] [path/to/Dockerfile]

Output as JSON

hadolint --format json [path/to/Dockerfile]

Only allow images from trusted registries

hadolint --trusted-registry [docker.io] [path/to/Dockerfile]

Use a custom config file

hadolint --config [path/to/.hadolint.yaml] [path/to/Dockerfile]

Set failure threshold severity

hadolint --failure-threshold [warning] [path/to/Dockerfile]

说明

Hadolint is a Dockerfile linter that validates best practices and common mistakes. It uses ShellCheck to validate shell commands in RUN instructions. The tool checks for security issues, inefficient layering, and deprecated syntax. It helps create optimized, secure container images.

参数

--ignore _RULE_
Ignore specific rule.
--format _FMT_
Output format: tty, json, checkstyle, codeclimate, gitlab_codeclimate, gnu, codacy, sonarqube, sarif (default: tty).
--trusted-registry _REG_
Trusted container registry. Images from untrusted registries generate warnings.
--config _FILE_
Config file path (default: .hadolint.yaml).
--failure-threshold _SEVERITY_
Exit with failure code only for rules at or above this severity (error, warning, info, style, ignore, none).
--no-color
Disable colored output.
--no-fail
Don't exit with a failure status code.
-t, --strict-labels
Check that labels conform to defined format.
--help
Display help information.

FAQ

What is the hadolint command used for?

Hadolint is a Dockerfile linter that validates best practices and common mistakes. It uses ShellCheck to validate shell commands in RUN instructions. The tool checks for security issues, inefficient layering, and deprecated syntax. It helps create optimized, secure container images.

How do I run a basic hadolint example?

Run `hadolint [path/to/Dockerfile]` in a terminal, then adjust file names, paths, flags, or remote targets for your system.

What does --ignore _RULE_ do in hadolint?

Ignore specific rule.