apiVersion: tekton.dev/v1beta1
kind: Task
metadata:
  annotations:
    tekton.dev/categories: Code Quality
    tekton.dev/displayName: Hadolint
    tekton.dev/pipelines.minVersion: 0.12.1
    tekton.dev/platforms: linux/amd64
    tekton.dev/tags: 'Kubernetes, Misconfiguration'
  name: hadolint
  labels:
    app.kubernetes.io/version: '0.1'
spec:
  description: >-
    This task makes it possible to use Hadolint within Tekton Pipeline.

    A smarter Dockerfile linter that helps you build best practice Docker
    images. The linter parses the Dockerfile into an AST and performs rules on
    top of the AST
  params:
    - default: ''
      description: ignore rules.
      name: ignore-rules
      type: string
    - default: './Dockerfile'
      description: Dockerfile path.
      name: dockerfile-path
      type: string
    - default: tty
      description: >-
        The output format for the results [tty | json | checkstyle | codeclimate
        | gitlab_codeclimate | codacy] (default tty).
      name: output-format
      type: string
  steps:
    - image: 'ghcr.io/hadolint/hadolint:v2.8.0-debian@sha256:50b0e60aa2b4aba5a26eeb4ad08c96ed7a828fca996632e29114aabea18345f4'
      name: lint-dockerfile
      script: |
        #!/bin/bash
        set -e
        if [ -n "$RULES" ]
        then
          IFS="," read -a RULES <<< "$RULES"
          for rule in ${RULES[@]}; do ignore_rules="--ignore $rule $ignore_rules"; done
          command_to_run="hadolint ${ignore_rules}"
        else
          command_to_run="hadolint"
        fi
        $command_to_run "$DOCKERFILE" -f "$OFORMAT"
      env:
      - name: RULES
        value: "$(params.ignore-rules)"
      - name: DOCKERFILE
        value: "$(params.dockerfile-path)"
      - name: OFORMAT
        value: "$(params.output-format)"
      workingDir: $(workspaces.source.path)
  workspaces:
    - description: A workspace that contains fetched git repo.
      name: source