hadolint
Dockerfile linter that helps build best practice Docker images
Hadolint is a sophisticated Dockerfile linter that helps developers build Docker images following best practices. Unlike simple syntax checkers, it parses Dockerfiles into an Abstract Syntax Tree (AST) and applies intelligent rules to identify potential issues, security vulnerabilities, and optimization opportunities. The tool leverages ShellCheck to also lint Bash code within RUN instructions, providing comprehensive analysis of your entire Dockerfile.
The linter is highly configurable, allowing users to ignore specific rules, set custom severity levels, and define trusted registries for base images. It supports multiple output formats including JSON, checkstyle, and various CI/CD platform formats, making it easy to integrate into existing development workflows. Hadolint can be run locally, in CI pipelines, or through Docker containers for consistent linting across different environments.
Hadolint is ideal for DevOps engineers, Docker developers, and teams looking to standardize their container image builds. It's particularly valuable for organizations that want to enforce security policies, reduce image sizes, and maintain consistent Dockerfile quality across projects. The tool's extensive rule set covers everything from security best practices to performance optimizations, helping teams catch issues early in the development process.
Installation
# via Homebrew
brew install hadolint
# via Docker
docker pull hadolint/hadolint
# via Binary
Download prebuilt binaries from the latest release page
