github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/rules/docker/README.md

github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/rules/docker/README.md (about)

     1  The Dockerfile rego policies can find the following issues:
     2  
     3  1. Last USER in the file should not be root (but there needs to be at least one USER statement)
     4  2. Tag the version of the FROM image explicitly (unless its scratch)
     5  3. Avoid using "latest" in the FROM statement
     6  4. Delete the apt-get lists after installing 
     7  
     8  Reference: https://github.com/hadolint/hadolint