Use GitHub Super Linter in Azure Pipelines

Recently, GitHub has released an open-sourced tool called Super Linter (Blog, Repo). It’s basically a swiss army knife of linters for a collection of languages. This is really cool since I can replace many language-specific tests with a single tool. At the time of writing this article, it already supports many popular languages such as Dockerfile, Golang, JavaScript, JSON, Markdown, YAML, Python3, PHP, Terraform, PowerShell, bash, and many more. The full list is documented on the README file on the GitHub repo.

Although the GitHub Super Linter is designed to be used in GitHub Actions, it runs on a container under the hood, and it allows you to run locally using docker. This capability enabled me to use it as part of my Azure DevOps pipeline (or potentially any other CI/CD tools).

It is really easy to incorporate it in your Azure Pipelines. I added it to one of my existing pipelines and replaced a task that runs PSScriptAnalyzer, and it worked the first attempt. Assuming you are using YAML pipeline, here’s the code snippet:

  - job: lint_tests
    displayName: Lint Tests
    pool:
      vmImage: ubuntu-latest
    steps:
    - script: |
        docker pull github/super-linter:latest
        docker run -e RUN_LOCAL=true -v $(System.DefaultWorkingDirectory):/tmp/lint github/super-linter
      displayName: 'Code Scan using GitHub Super-Linter'

the syntax for running the Super Linter container is documented on it’s GitHub repo: https://github.com/github/super-linter/blob/master/docs/run-linter-locally.md. In my example, I’m scanning everything in $(System.DefaultWorkingDirectory) (which means everything in my git repo). You can adjust it according to your requirements.

If any issues are found within your code, the task will fail, for example:

Dockerfile:

image

PowerShell scripts:

image

For most of my pipelines, if there are ARM templates involved, I’m also using ARM TTK to validate them. I hope one day ARM TTK makes it’s way to GitHub Super Linter, but since it’s open sourced, I might try to figure out how to do it myself if I can find spare time.

But for now, I’m pretty happy with the result, it’s so easy to use it in Azure Pipelines, I encourage everyone to give it a try.

P.S. GitHub Super Linter even found some syntax errors from the default README file created by Azure Repo (i.e. trailing spaces at the end of the line, etc.). Make sure you update the default README file in your repo or you’ll definitely going to fail the the tests first time.

2 comments

  1. Hi,
    I have a warning at the end of the run:

    [INFO ] Reports generated in folder /tmp/lint/super-linter.report
    [WARN ] Report output folder (/tmp/lint/super-linter.report) does NOT exist.

    Did you try and get the output file from the tool, to have it published within DevOps?

  2. Hi, Luigi – using the ‘tap’ OUTPUT_FORMAT I was able to publish to the build pipeline, the ‘none’ option did not work for me – it did not produce any results

    – script: |
    mkdir super-linter.report
    docker pull github/super-linter:latest
    docker run -e RUN_LOCAL=true -e DISABLE_ERRORS=true -e OUTPUT_DETAILS=detailed -e OUTPUT_FORMAT=tap -v $(System.DefaultWorkingDirectory):/tmp/lint/ –name my-vol github/super-linter
    docker cp my-vol:/tmp/lint/super-linter.report $(build.artifactstagingdirectory)
    displayName: ‘Code Scan using GitHub Super-Linter’

    # Publish to Azure Pipelines
    – task: PublishBuildArtifacts@1
    displayName: ‘Publish Artifact: deploy’
    inputs:
    PathtoPublish: ‘$(build.artifactstagingdirectory)’
    ArtifactName: deploy
    condition: succeededOrFailed()

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: