Yesterday, I talked about a simple error that was prevented by pinning a specific version of a pecl extension.
If possible, I like to have tooling which watches my back for common mistakes like this. Once I bump into something, if I can implement a rule which prevents me from repeating the issue, I'm all for it!
One such tool is hadolint, which is a linter for Dockerfiles.
It has a very healthy set of rules which are hadolint-specific, and it inherits a bunch from another project called ShellCheck, which lints bash files.
Best of all, you can invoke this tool with a Docker command, not needing to install anything.
For example, here's the command output running it against the Dockerfile in this repo:
❯ docker run --rm -i hadolint/hadolint < docker/app/Dockerfile
-:3 DL3018 warning: Pin versions in apk add. Instead of `apk add <package>` use `apk add <package>=<version>`
-:3 SC2086 info: Double quote to prevent globbing and word splitting.
-:33 DL3018 warning: Pin versions in apk add. Instead of `apk add <package>` use `apk add <package>=<version>`
These are all very reasonable suggestions. And if there's a rule I don't like, I can always exclude it in my configuration.
Unfortunately, there is not yet a check for pecl extensions, but there is an open PR which just hasn't been merged yet, so it could be coming.
Even without that though, this is still a very useful tool to integrate into your project.
Here to help,
Joel
P.S. Would you like someone to help enforce standards and tooling like this on your project? We can help!