Complete dockerfile toolkit with generation and validation capabilities
74
92%
Does it follow best practices?
Impact
—
No eval scenarios have been run
Risky
Do not use without reviewing
You are given the following Dockerfile:
FROM ubuntu
RUN apt-get update
RUN apt-get install -y curl git wget
RUN apt-get install -y python3
COPY . /app
WORKDIR /app
RUN pip3 install -r requirements.txt
CMD python3 app.pyPerform Stage 1 (Hadolint Syntax Validation) on this Dockerfile.
Run hadolint rules mentally and identify all violations. For each violation, report:
Order findings by severity (errors before warnings before info/style). Do not modify the Dockerfile — only report findings.
FROM ubuntu (no tag) as a violation of DL3006 (always tag the version of an image explicitly) at line 1rm -rf /var/lib/apt/lists/* in the same RUN layer, violating DL3009 or DL3027FROM ubuntu (no tag) as a violation of DL3006 (always tag the version of an image explicitly) at line 1rm -rf /var/lib/apt/lists/* in the same RUN layer (DL3009 or DL3027)FROM ubuntu is not reported