Add pre commit hook for hadolint

Author: ajgon

CHANGELOG.md

@@ -1,5 +1,9 @@
 # Overcommit Changelog
 
+## master
+
+* Add [`hadolint`](https://github.com/lukasmartinelli/hadolint) pre-commit hook
+
 ## 0.39.1
 
 ### Bug Fixes

README.md

@@ -490,6 +490,7 @@ issue](https://github.com/brigade/overcommit/issues/238) for more details.
 * [ForbiddenBranches](lib/overcommit/hook/pre_commit/forbidden_branches.rb)
 * [GoLint](lib/overcommit/hook/pre_commit/go_lint.rb)
 * [GoVet](lib/overcommit/hook/pre_commit/go_vet.rb)
+* [Hadolint](lib/overcommit/hook/pre_commit/hadolint.rb)
 * [HamlLint](lib/overcommit/hook/pre_commit/haml_lint.rb)
 * [HardTabs](lib/overcommit/hook/pre_commit/hard_tabs.rb)
 * [Hlint](lib/overcommit/hook/pre_commit/hlint.rb)

config/default.yml

@@ -283,6 +283,13 @@ PreCommit:
     install_command: 'go get golang.org/x/tools/cmd/vet'
     include: '**/*.go'
 
+  Hadolint:
+    enabled: false
+    description: 'Analyze with hadolint'
+    required_executable: 'hadolint'
+    include:
+      - '**/Dockerfile*'
+
   HamlLint:
     enabled: false
     description: 'Analyze with haml-lint'

lib/overcommit/hook/pre_commit/hadolint.rb

@@ -0,0 +1,25 @@
+module Overcommit::Hook::PreCommit
+  # Runs `hadolint` against any modified Dockefile files.
+  #
+  # @see http://hadolint.lukasmartinelli.ch/
+  class Hadolint < Base
+    def run
+      output = ''
+      success = true
+
+      # hadolint doesn't accept multiple arguments
+      applicable_files.each do |dockerfile|
+        result = execute(command, args: Array(dockerfile))
+        output += result.stdout
+        success &&= result.success?
+      end
+
+      return :pass if success
+
+      extract_messages(
+        output.split("\n"),
+        /^(?<file>[^:]+):(?<line>\d+)/,
+      )
+    end
+  end
+end

spec/overcommit/hook/pre_commit/hadolint_spec.rb

@@ -0,0 +1,73 @@
+require 'spec_helper'
+
+describe Overcommit::Hook::PreCommit::Hadolint do
+  let(:config)  { Overcommit::ConfigurationLoader.default_configuration }
+  let(:context) { double('context') }
+  let(:applicable_files) { %w[Dockerfile Dockerfile.web] }
+  subject { described_class.new(config, context) }
+
+  before do
+    subject.stub(:applicable_files).and_return(applicable_files)
+  end
+
+  around do |example|
+    repo do
+      example.run
+    end
+  end
+
+  before do
+    subject.stub(:execute).with(%w[hadolint], args: Array(applicable_files.first)).
+      and_return(result_dockerfile)
+    subject.stub(:execute).with(%w[hadolint], args: Array(applicable_files.last)).
+      and_return(result_dockerfile_web)
+  end
+
+  context 'and has 2 suggestions' do
+    let(:result_dockerfile) do
+      double(
+        success?: false,
+        stdout: <<-EOF
+Dockerfile:5 DL3015 Avoid additional packages by specifying `--no-install-recommends`
+      EOF
+      )
+    end
+    let(:result_dockerfile_web) do
+      double(
+        success?: false,
+        stdout: <<-EOF
+Dockerfile.web:13 DL3020 Use COPY instead of ADD for files and folders
+      EOF
+      )
+    end
+
+    it { should fail_hook }
+  end
+
+  context 'and has single suggestion for double quote' do
+    let(:result_dockerfile) do
+      double(
+        success?: false,
+        stdout: <<-EOF
+Dockerfile:11 SC2086 Double quote to prevent globbing and word splitting.
+      EOF
+      )
+    end
+    let(:result_dockerfile_web) do
+      double(success?: true, stdout: '')
+    end
+
+    it { should fail_hook }
+  end
+
+  context 'and does not have any suggestion' do
+    let(:result_dockerfile) do
+      double(success?: true, stdout: '')
+    end
+    let(:result_dockerfile_web) do
+      double(success?: true, stdout: '')
+    end
+
+    it { should pass }
+  end
+end