From f776e050d743121932f58ecb4cff31e667d2101d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Rados=C5=82aw=20Piliszek?= <rpiliszek@7bulls.com>
Date: Mon, 27 May 2024 11:33:04 +0200
Subject: [PATCH] [hadolint] Exclude certain version-pinning rules

as they are not actually best practices.

Change-Id: I82a39152e7cf2936d05266b92f875e674cea8aae
---
 roles/hadolint/tasks/main.yaml | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/roles/hadolint/tasks/main.yaml b/roles/hadolint/tasks/main.yaml
index 6fadf8c..fc53ef9 100644
--- a/roles/hadolint/tasks/main.yaml
+++ b/roles/hadolint/tasks/main.yaml
@@ -1,6 +1,14 @@
 - name: Lint Dockerfile with Hadolint
+  # NOTE(rpiliszek): We are excluding rules that force version pinning in distribution package managers.
+  # These rules actually do *not* follow the best practices of Dockerfile writing.
   ansible.builtin.command: >-
-    hadolint {{ item }}
+    hadolint
+    --ignore DL3008
+    --ignore DL3018
+    --ignore DL3033
+    --ignore DL3037
+    --ignore DL3041
+    {{ item }}
   args:
     chdir: "{{ zuul_work_dir }}"
   changed_when: false