diff --git a/frontend/dockerfile/dockerfile_lint_test.go b/frontend/dockerfile/dockerfile_lint_test.go
index e90909784305..e2c3aaf8bed8 100644
--- a/frontend/dockerfile/dockerfile_lint_test.go
+++ b/frontend/dockerfile/dockerfile_lint_test.go
@@ -54,7 +54,7 @@ var lintTests = integration.TestFuncs(
)
func testDefinitionDescription(t *testing.T, sb integration.Sandbox) {
- dockerfile := []byte(`# check=experimental=InvalidDefinitionDescription
+ dockerfile := []byte(`
# foo this is the foo
ARG foo=bar
@@ -74,7 +74,7 @@ COPY Dockerfile .
`)
checkLinterWarnings(t, sb, &lintTestParams{Dockerfile: dockerfile})
- dockerfile = []byte(`# check=experimental=InvalidDefinitionDescription
+ dockerfile = []byte(`
# bar this is the bar
ARG foo=bar
# BasE this is the BasE image
@@ -131,18 +131,6 @@ Dockerfile
FROM scratch
COPY Dockerfile .
ADD Dockerfile /windy
-`)
- checkLinterWarnings(t, sb, &lintTestParams{
- Dockerfile: dockerfile,
- DockerIgnore: dockerignore,
- BuildErrLocation: 3,
- StreamBuildErrRegexp: regexp.MustCompile(`failed to solve: failed to compute cache key: failed to calculate checksum of ref [^\s]+ "/Dockerfile": not found`),
- })
-
- dockerfile = []byte(`# check=experimental=CopyIgnoredFile
-FROM scratch
-COPY Dockerfile .
-ADD Dockerfile /windy
`)
checkLinterWarnings(t, sb, &lintTestParams{
@@ -170,7 +158,7 @@ ADD Dockerfile /windy
},
})
- dockerfile = []byte(`# check=skip=all;experimental=CopyIgnoredFile
+ dockerfile = []byte(`
FROM scratch
COPY Dockerfile .
ADD Dockerfile /windy
@@ -201,6 +189,19 @@ ADD Dockerfile /windy
},
})
+ dockerfile = []byte(`# check=skip=CopyIgnoredFile
+
+FROM scratch
+COPY Dockerfile .
+ADD Dockerfile /windy
+`)
+ checkLinterWarnings(t, sb, &lintTestParams{
+ Dockerfile: dockerfile,
+ DockerIgnore: dockerignore,
+ BuildErrLocation: 3,
+ StreamBuildErrRegexp: regexp.MustCompile(`failed to solve: failed to compute cache key: failed to calculate checksum of ref [^\s]+ "/Dockerfile": not found`),
+ })
+
dockerignore = []byte(`
foobar
`)
@@ -232,7 +233,8 @@ COPY ./Dockerfile .
}
func testSecretsUsedInArgOrEnv(t *testing.T, sb integration.Sandbox) {
- dockerfile := []byte(`
+ dockerfile := []byte(`# check=skip=InvalidDefinitionDescription
+
FROM scratch
ARG SECRET_PASSPHRASE
ENV SUPER_Secret=foo
@@ -260,7 +262,7 @@ ARG alternate_password
Detail: `Do not use ARG or ENV instructions for sensitive data (ARG "SECRET_PASSPHRASE")`,
URL: "https://docs.docker.com/go/dockerfile/rule/secrets-used-in-arg-or-env/",
Level: 1,
- Line: 3,
+ Line: 4,
},
{
RuleName: "SecretsUsedInArgOrEnv",
@@ -268,7 +270,7 @@ ARG alternate_password
Detail: `Do not use ARG or ENV instructions for sensitive data (ENV "SUPER_Secret")`,
URL: "https://docs.docker.com/go/dockerfile/rule/secrets-used-in-arg-or-env/",
Level: 1,
- Line: 4,
+ Line: 5,
},
{
RuleName: "SecretsUsedInArgOrEnv",
@@ -276,7 +278,7 @@ ARG alternate_password
Detail: `Do not use ARG or ENV instructions for sensitive data (ENV "password")`,
URL: "https://docs.docker.com/go/dockerfile/rule/secrets-used-in-arg-or-env/",
Level: 1,
- Line: 5,
+ Line: 6,
},
{
RuleName: "SecretsUsedInArgOrEnv",
@@ -284,7 +286,7 @@ ARG alternate_password
Detail: `Do not use ARG or ENV instructions for sensitive data (ENV "secret")`,
URL: "https://docs.docker.com/go/dockerfile/rule/secrets-used-in-arg-or-env/",
Level: 1,
- Line: 5,
+ Line: 6,
},
{
RuleName: "SecretsUsedInArgOrEnv",
@@ -292,7 +294,7 @@ ARG alternate_password
Detail: `Do not use ARG or ENV instructions for sensitive data (ARG "auth")`,
URL: "https://docs.docker.com/go/dockerfile/rule/secrets-used-in-arg-or-env/",
Level: 1,
- Line: 6,
+ Line: 7,
},
{
RuleName: "SecretsUsedInArgOrEnv",
@@ -300,7 +302,7 @@ ARG alternate_password
Detail: `Do not use ARG or ENV instructions for sensitive data (ARG "super_duper_secret_token")`,
URL: "https://docs.docker.com/go/dockerfile/rule/secrets-used-in-arg-or-env/",
Level: 1,
- Line: 6,
+ Line: 7,
},
{
RuleName: "SecretsUsedInArgOrEnv",
@@ -308,7 +310,7 @@ ARG alternate_password
Detail: `Do not use ARG or ENV instructions for sensitive data (ENV "apikey")`,
URL: "https://docs.docker.com/go/dockerfile/rule/secrets-used-in-arg-or-env/",
Level: 1,
- Line: 7,
+ Line: 8,
},
{
RuleName: "SecretsUsedInArgOrEnv",
@@ -316,7 +318,7 @@ ARG alternate_password
Detail: `Do not use ARG or ENV instructions for sensitive data (ENV "git_key")`,
URL: "https://docs.docker.com/go/dockerfile/rule/secrets-used-in-arg-or-env/",
Level: 1,
- Line: 8,
+ Line: 9,
},
},
})
@@ -1692,8 +1694,9 @@ func checkProgressStream(t *testing.T, sb integration.Sandbox, lintTest *lintTes
} else {
if lintTest.BuildErr != "" {
require.ErrorContains(t, err, lintTest.BuildErr)
- } else if !lintTest.StreamBuildErrRegexp.MatchString(err.Error()) {
- t.Fatalf("error %q does not match %q", err.Error(), lintTest.StreamBuildErrRegexp.String())
+ } else {
+ require.Error(t, err)
+ require.Regexp(t, lintTest.StreamBuildErrRegexp, err)
}
}
diff --git a/frontend/dockerfile/docs/rules/_index.md b/frontend/dockerfile/docs/rules/_index.md
index d1b1f1050d26..ceace92689b6 100644
--- a/frontend/dockerfile/docs/rules/_index.md
+++ b/frontend/dockerfile/docs/rules/_index.md
@@ -100,11 +100,11 @@ To learn more about how to use build checks, see
| FROM --platform flag should not use a constant value |
- | CopyIgnoredFile (experimental) |
+ CopyIgnoredFile |
Attempting to Copy file that is excluded by .dockerignore |
- | InvalidDefinitionDescription (experimental) |
+ InvalidDefinitionDescription |
Comment for build stage or argument should follow the format: `# `. If this is not intended to be a description comment, add an empty line or comment between the instruction and the comment. |
diff --git a/frontend/dockerfile/docs/rules/copy-ignored-file.md b/frontend/dockerfile/docs/rules/copy-ignored-file.md
index 3e8e57e8d4c5..535da0be6375 100644
--- a/frontend/dockerfile/docs/rules/copy-ignored-file.md
+++ b/frontend/dockerfile/docs/rules/copy-ignored-file.md
@@ -6,10 +6,6 @@ aliases:
- /go/dockerfile/rule/copy-ignored-file/
---
-> [!NOTE]
-> This check is experimental and is not enabled by default. To enable it, see
-> [Experimental checks](https://docs.docker.com/go/build-checks-experimental/).
-
## Output
```text
diff --git a/frontend/dockerfile/docs/rules/invalid-definition-description.md b/frontend/dockerfile/docs/rules/invalid-definition-description.md
index 31ca1f7bc726..a3b9542449ac 100644
--- a/frontend/dockerfile/docs/rules/invalid-definition-description.md
+++ b/frontend/dockerfile/docs/rules/invalid-definition-description.md
@@ -6,10 +6,6 @@ aliases:
- /go/dockerfile/rule/invalid-definition-description/
---
-> [!NOTE]
-> This check is experimental and is not enabled by default. To enable it, see
-> [Experimental checks](https://docs.docker.com/go/build-checks-experimental/).
-
## Output
```text
diff --git a/frontend/dockerfile/linter/ruleset.go b/frontend/dockerfile/linter/ruleset.go
index 7a94c76aaa21..c0e7cf60cbe0 100644
--- a/frontend/dockerfile/linter/ruleset.go
+++ b/frontend/dockerfile/linter/ruleset.go
@@ -163,7 +163,6 @@ var (
Format: func(cmd, file string) string {
return fmt.Sprintf("Attempting to %s file %q that is excluded by .dockerignore", cmd, file)
},
- Experimental: true,
}
RuleInvalidDefinitionDescription = LinterRule[func(string, string) string]{
Name: "InvalidDefinitionDescription",
@@ -172,7 +171,6 @@ var (
Format: func(instruction, defName string) string {
return fmt.Sprintf("Comment for %s should follow the format: `# %s `", instruction, defName)
},
- Experimental: true,
}
RuleExposeProtoCasing = LinterRule[func(string) string]{
Name: "ExposeProtoCasing",