Lint the homebrew/brew Dockerfile with `hadolint`

- I suggested this for the contents of [Linuxbrew/docker](https://github.com/Linuxbrew/docker) in https://github.com/Linuxbrew/docker/issues/75. People agreed, and Shaun asked me to do the same here. - This adds a step to CI to lint the Dockerfile, via [hadolint](https://github.com/hadolint/hadolint), on Ubuntu. - The linting errors it surfaced on this Dockerfile were: ``` Dockerfile:4 DL3008 Pin versions in apt get install. Instead of `apt-get install <package>` use `apt-get install <package>=<version>` Dockerfile:30 DL3020 Use COPY instead of ADD for files and folders Dockerfile:32 DL3003 Use WORKDIR to switch to a directory ``` - [DL3008](https://github.com/hadolint/hadolint/wiki/DL3008) - pinning versions in `apt-get install` - is at odds with what we recommend in the normal Homebrew on Linux dependency install instructions. We don't want the dependency management of having to check each of these Dockerfiles periodically for the latest version numbers of packages and have to update them. So I've disabled this lint. - [DL3003](https://github.com/hadolint/hadolint/wiki/DL3003) - use WORKDIR to `cd` - is disabled in this case due to [review comments](https://github.com/Homebrew/brew/pull/7433/files#r415098255).

Lint the homebrew/brew Dockerfile with `hadolint`
9baebbe3 · Issy Long · bfa175d1 · 9baebbe3 · 9baebbe3
Unverified Commit 9baebbe3 authored 4 years ago by Issy Long
--- a/.github/workflows/tests.yml
+++ b/.github/workflows/tests.yml
@@ -161,6 +161,12 @@ jobs:
        brew install vale
        vale docs/

+    - name: Lint Dockerfile
+      if: matrix.os == 'ubuntu-latest'
+      run: |
+        brew install hadolint
+        hadolint Dockerfile
+
    - name: Build Docker image
      if: matrix.os == 'ubuntu-latest'
      run: |

--- a/Dockerfile
+++ b/Dockerfile
 FROM ubuntu:xenial
 LABEL maintainer="Shaun Jackman <sjackman@gmail.com>"

+# hadolint ignore=DL3008
 RUN apt-get update \
 	&& apt-get install -y --no-install-recommends software-properties-common \
 	&& add-apt-repository -y ppa:git-core/ppa \
@@ -27,10 +28,12 @@ RUN apt-get update \
 RUN localedef -i en_US -f UTF-8 en_US.UTF-8 \
 	&& useradd -m -s /bin/bash linuxbrew \
 	&& echo 'linuxbrew ALL=(ALL) NOPASSWD:ALL' >>/etc/sudoers
-ADD . /home/linuxbrew/.linuxbrew/Homebrew
+COPY . /home/linuxbrew/.linuxbrew/Homebrew
 ARG FORCE_REBUILD
+
+# hadolint ignore=DL3003
 RUN cd /home/linuxbrew/.linuxbrew \
-	&& mkdir -p bin etc include lib opt sbin share var/homebrew/linked Cellar \
+  && mkdir -p bin etc include lib opt sbin share var/homebrew/linked Cellar \
 	&& ln -s ../Homebrew/bin/brew /home/linuxbrew/.linuxbrew/bin/ \
 	&& cd /home/linuxbrew/.linuxbrew/Homebrew \
 	&& git remote set-url origin https://github.com/Homebrew/brew