Create Dockerfile #14
Conversation
![demoargon[bot]](https://avatars.githubusercontent.com/u/74548729?s=60&v=4){kind=small}
| @@ -0,0 +1,25 @@ | |||
| FROM node:12 | |||
There was a problem hiding this comment.
Finding of type dockerfiles detected.
Missing User Instruction
A user should be specified in the dockerfile, otherwise the image will run as root
| RUN apk add --update curl | ||
|
|
||
| COPY requirements.txt /opt/dvga/ | ||
| RUN pip install -r requirements.txt |
There was a problem hiding this comment.
Finding of type dockerfiles detected.
Pip install Keeping Cached Packages
When installing packages with pip, the '--no-cache-dir' flag should be set to make Docker images smaller
| ARG TARGET_FOLDER=/opt/dvga | ||
| WORKDIR $TARGET_FOLDER/ | ||
|
|
||
| RUN apk add --update curl |
There was a problem hiding this comment.
Finding of type dockerfiles detected.
Unpinned Package Version in Apk Add
Package version pinning reduces the range of versions that can be installed, reducing the chances of failure due to unanticipated changes
| RUN apk add --update curl | ||
|
|
||
| COPY requirements.txt /opt/dvga/ | ||
| RUN pip install -r requirements.txt |
There was a problem hiding this comment.
Finding of type dockerfiles detected.
Unpinned Package Version in Pip Install
Package version pinning reduces the range of versions that can be installed, reducing the chances of failure due to unanticipated changes
| ARG TARGET_FOLDER=/opt/dvga | ||
| WORKDIR $TARGET_FOLDER/ | ||
|
|
||
| RUN apk add --update curl |
There was a problem hiding this comment.
Finding of type dockerfiles detected.
Update Instruction Alone
Instruction 'RUN update' should always be followed by ' install' in the same RUN statement
| ADD core /opt/dvga/core | ||
| ADD db /opt/dvga/db | ||
| ADD static /opt/dvga/static | ||
| ADD templates /opt/dvga/templates |
There was a problem hiding this comment.
Finding of type dockerfiles detected.
Add Instead of Copy
Should use COPY instead of ADD unless, running a tar file
| @@ -0,0 +1,25 @@ | |||
| FROM node:12 | |||
There was a problem hiding this comment.
Finding of type dockerfiles detected.
Healthcheck Instruction Missing
Ensure that HEALTHCHECK is being used. The HEALTHCHECK instruction tells Docker how to test a container to check that it is still working
| COPY requirements.txt /opt/dvga/ | ||
| RUN pip install -r requirements.txt | ||
|
|
||
| ADD core /opt/dvga/core |
There was a problem hiding this comment.
Finding of type dockerfiles detected.
Multiple RUN, ADD, COPY, Instructions Listed
Multiple commands (RUN, Copy, And) should be grouped in order to reduce the number of layers.
| ADD static /opt/dvga/static | ||
| ADD templates /opt/dvga/templates | ||
|
|
||
| COPY app.py /opt/dvga |
There was a problem hiding this comment.
Finding of type dockerfiles detected.
Multiple RUN, ADD, COPY, Instructions Listed
Multiple commands (RUN, Copy, And) should be grouped in order to reduce the number of layers.
| ARG TARGET_FOLDER=/opt/dvga | ||
| WORKDIR $TARGET_FOLDER/ | ||
|
|
||
| RUN apk add --update curl |
There was a problem hiding this comment.
Finding of type dockerfiles detected.
Apk Add Using Local Cache Path
When installing packages, use the '--no-cache' switch to avoid the need to use '--update' and remove '/var/cache/apk/*'
No description provided.