Public | Automated Build

Last pushed: a month ago
Short Description
A simple Dockerfile linter, meant to help people make better Docker images.
Full Description

whale-linter






whale-linter is a cross-platform Dockerfile linter.

Installation

Tested on

  • Python 3.2, 3.4, 3.5
  • Debian wheezy, jessie, stretch

Docker : The cool way :)

Note : You should use a specific tag (like jeromepin/whale-linter:0.0.7) instead of (implicit) latest

docker run -it --rm -v /path/to/Dockerfile:/Dockerfile jeromepin/whale-linter

PyPI : The easy way

pip install whale-linter

and to upgrade :

pip install --upgrade whale-linter

Usage

usage: whale-linter [-h] [-i RULE] [-v] DOCKERFILE

A simple non professional Dockerfile linter

positional arguments:
  DOCKERFILE            The Dockerfile to lint

optional arguments:
  -h, --help            Show this help message and exit
  -i, --ignore RULE     Rule to ignore
  -v, --version         Print version

Rules

Here is the list of all rules checked by whale-linter.

Do not hesitate to create a new issue if you have an idea for a new/incomplete rule.

Rules are ordered as follows :

  • WL1xxx : Critical errors

  • WL2xxx : Bad practices

  • WL3xxx : Enhancements

Rule Corresponding message (as template given in config.json)
WL1000 '{token}' is mandatory
WL1001 '{token}' must be present only once
WL2000 A tag should be specified for the '{image}' image
WL2001 Using the 'latest' tag isn't wise, as it won't always be a reference to the same version
WL2002 Use 'WORKDIR' to change directory
WL2003 Some shell commands like '{command}' are pointless in containers
WL2004 'WORKDIR' path should be absolute
WL2005 'EXPOSE' port ({port}) must be in 1-65535 range
WL2006 Prefer 'COPY' over 'ADD' for adding files and directories to a container. 'ADD' sounds to much magic
WL2007 Be careful changing to root user
WL2008 Avoid running 'apt-get upgrade' in container. Move to a newer image instead
WL2009 Missing '--no-install-recommends' in your '{command}' command
WL2010 Missing '-y' in your '{command}' command
WL2011 Avoid running 'apt-get dist-upgrade' in container. Move to a newer image instead
WL2012 There is two consecutive 'RUN'. Consider chaining them with '\' and '&&'
WL3000 Consider removing APT cache : 'rm -rf /var/lib/apt/lists/*'
WL3001 Using '{token}' is recommended
WL3002 Consider sorting APT packages for better reading
WL3003 A version should be specified for the package '{package}' in order to improve immutability

Author

Jerome Pin (@jerome_pin) <jerome@jeromepin.fr>

Licence

MIT. See LICENCE file.

Docker Pull Command
Owner
jeromepin
Source Repository