Fix Dockerfile casing warnings and add automated validation

.github/workflows/dockerfile-validation.yml

@@ -0,0 +1,40 @@
+name: Dockerfile Validation
+
+on:
+  push:
+    branches: [ main ]
+    paths:
+      - 'Dockerfile'
+      - '.github/workflows/dockerfile-validation.yml'
+  pull_request:
+    branches: [ main ]
+    paths:
+      - 'Dockerfile'
+      - '.github/workflows/dockerfile-validation.yml'
+
+jobs:
+  validate-dockerfile:
+    runs-on: ubuntu-latest
+
+    steps:
+    - name: Checkout code
+      uses: actions/checkout@v4
+
+    - name: Set up Docker Buildx
+      uses: docker/setup-buildx-action@v3
+
+    - name: Lint Dockerfile
+      uses: hadolint/hadolint-action@v3.1.0
+      with:
+        dockerfile: Dockerfile
+        failure-threshold: warning
+
+    - name: Build Docker image
+      uses: docker/build-push-action@v5
+      with:
+        context: .
+        file: ./Dockerfile
+        push: false
+        tags: test-build:latest
+        cache-from: type=gha
+        cache-to: type=gha,mode=max

.hadolint.yaml

@@ -0,0 +1,28 @@
+# Hadolint configuration for Dockerfile linting
+# See: https://github.com/hadolint/hadolint
+
+# Rules to ignore
+ignored:
+  # DL3008: Pin versions in apt get install
+  - DL3008
+  # DL3009: Delete the apt-get lists after installing something
+  - DL3009
+  # DL3015: Avoid additional packages by specifying `--no-install-recommends`
+  - DL3015
+
+# Rules to treat as warnings instead of errors
+warning:
+  # DL3018: Pin versions in apk add
+  - DL3018
+
+# Trusted registries for base images
+trustedRegistries:
+  - docker.io
+  - ghcr.io 
+
+# Override specific rules
+override:
+  error: []
+  warning: []
+  info: []
+  style: []

Dockerfile

@@ -1,20 +1,21 @@
-FROM ghcr.io/okteto/okteto:master as okteto
+FROM ghcr.io/okteto/okteto:master AS okteto
 
-FROM golang:1.24 as message-builder
+FROM golang:1.24 AS message-builder
 RUN curl -L https://github.com/jqlang/jq/releases/download/jq-1.7.1/jq-linux64 > /usr/bin/jq && \
     chmod +x /usr/bin/jq
 
+WORKDIR /app
 COPY go.mod .
 COPY message.go .
 RUN go build -o /message .
 
 
 FROM ruby:3-slim-buster
 
-RUN gem install octokit faraday-retry
+RUN gem install octokit:10.0.0 faraday-retry:2.3.2
 
 COPY notify-pr.sh /notify-pr.sh
-RUN chmod +x notify-pr.sh
+RUN chmod +x /notify-pr.sh
 COPY --from=message-builder /usr/bin/jq /usr/bin/jq
 COPY entrypoint.sh /entrypoint.sh
 COPY --from=message-builder /message /message

README.md

@@ -113,3 +113,22 @@ jobs:
         name: dev-previews
         timeout: 15m
 ```
+
+## Development
+
+### Dockerfile Validation
+
+This repository includes automated validation for the Dockerfile to ensure it always builds successfully:
+
+- **GitHub Action**: The `.github/workflows/dockerfile-validation.yml` workflow automatically runs on every push and pull request that modifies the Dockerfile
+- **Local Validation**: Use the `validate-dockerfile.sh` script to test the Dockerfile locally before pushing:
+  ```bash
+  ./validate-dockerfile.sh
+  ```
+
+The validation includes:
+- Dockerfile linting with [hadolint](https://github.com/hadolint/hadolint)
+- Building the Docker image
+- Testing that the container runs successfully
+- Verifying that required binaries are present
+- Checking that the entrypoint is executable

validate-dockerfile.sh

@@ -0,0 +1,66 @@
+#!/bin/bash
+
+# Script to validate Dockerfile locally
+# This script can be run locally to test the Dockerfile before pushing
+
+set -e
+
+echo "🔍 Validating Dockerfile..."
+
+# Check if Docker is available
+if ! command -v docker &> /dev/null; then
+    echo "❌ Docker is not installed or not in PATH"
+    exit 1
+fi
+
+# Check if Dockerfile exists
+if [ ! -f "Dockerfile" ]; then
+    echo "❌ Dockerfile not found in current directory"
+    exit 1
+fi
+
+echo "✅ Docker is available"
+echo "✅ Dockerfile found"
+
+# Build the Docker image
+echo "🏗️  Building Docker image..."
+if docker build -t dockerfile-test:latest .; then
+    echo "✅ Docker image built successfully"
+else
+    echo "❌ Docker build failed"
+    exit 1
+fi
+
+# Test basic functionality
+echo "🧪 Testing Docker image..."
+
+# Test that the image runs
+if docker run --rm dockerfile-test:latest /bin/sh -c "echo 'Container started successfully'"; then
+    echo "✅ Container runs successfully"
+else
+    echo "❌ Container failed to run"
+    exit 1
+fi
+
+# Test that required binaries are present
+echo "🔍 Checking required binaries..."
+if docker run --rm dockerfile-test:latest /bin/sh -c "which okteto && which jq && which ruby"; then
+    echo "✅ All required binaries are present"
+else
+    echo "❌ Some required binaries are missing"
+    exit 1
+fi
+
+# Test that entrypoint is executable
+if docker run --rm dockerfile-test:latest /bin/sh -c "test -x /entrypoint.sh"; then
+    echo "✅ Entrypoint is executable"
+else
+    echo "❌ Entrypoint is not executable"
+    exit 1
+fi
+
+# Clean up
+echo "🧹 Cleaning up..."
+docker rmi dockerfile-test:latest
+
+echo "🎉 All tests passed! Dockerfile is valid."