Categories
Configuration-as-code
Latest version
v0.3.0
Updated on
Mar 21, 2023
Issues
85
Sample configuration
version = 1
[[analyzers]]
name = "docker"
[analyzers.meta]
dockerfile_paths = [
"dev.dockerfile",
"prod.dockerfile"
]
trusted_registries = [
"my-registry.com",
"docker.io"
]
Stats
Anti-pattern
17
Bug risk
56
Performance
9
Security
2
Style
1
User should not be root when the Dockerfile completes DOK-DL3002
Security
Switching to the root USER opens up certain security risks if an attacker gets access to the container. In order to mitigate this, switch back to a non privileged user after running the commands you need as root.
Delete the apt-get lists after installing anything DOK-DL3009
Performance
Cleaning up the apt cache and removing /var/lib/apt/lists helps keep the image size down. Since the RUN statement starts with apt-get update, the package cache will always be refreshed prior to apt-get install.
Declare and assign separately to avoid masking of return values DOK-SC2155
Bug risk