replaced dockle with hadolint (#326)

Co-authored-by: Mathis Marcotte <[email protected]>

Author: mathis-marcotte

.github/workflows/publish.yml

@@ -17,6 +17,7 @@ env:
   DEV_REGISTRY_NAME: k8scc01covidacrdev
   TRIVY_VERSION: "v0.43.1"
   SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
+  HADOLINT_VERSION: "2.12.0"
 
 jobs:
   build:
@@ -65,6 +66,11 @@ jobs:
         username: ${{ secrets.DEV_REGISTRY_USERNAME }}
         password: ${{ secrets.DEV_REGISTRY_PASSWORD }}
 
+    - name: Run Hadolint
+      run:  |
+        sudo curl -L https://github.com/hadolint/hadolint/releases/download/v${{ env.HADOLINT_VERSION }}/hadolint-Linux-x86_64 --output hadolint
+        sudo chmod +x hadolint
+        ./hadolint ./Dockerfile --no-fail
     
     - name: Build image locally
       run: |
@@ -76,16 +82,6 @@ jobs:
       run: |
         curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin ${{ env.TRIVY_VERSION }}
         trivy image localhost:5000/jupyter-apis-aaw2:${{ github.sha }} --exit-code 1 --timeout=20m --security-checks vuln --severity CRITICAL
-  
-    # Run Dockle -> Will need to be replace to hadolint but on hold
-    # - name: Run dockle
-    #   uses: goodwithtech/dockle-action@main
-    #   with:
-    #     image: localhost:5000/jupyter-apis-aaw2:${{ github.sha }}
-    #     format: 'list'
-    #     exit-code: '0'
-    #     exit-level: 'fatal'
-    #     ignore: 'DKL-DI-0006'
 
     # Container build and push to a Azure Container registry (ACR)
     - name: Push to ACR if necessary