Consensus was to add hadolint, but we probably have tuning to do. Our current Dockerfile produces these errors:
Dockerfile:13 DL3005 Do not use apt-get upgrade or dist-upgrade
Dockerfile:13 DL3008 Pin versions in apt get install. Instead of `apt-get install <package>` use `apt-get install <package>=<version>`
Dockerfile:13 DL3009 Delete the apt-get lists after installing something
Do we want to follow the guidance, or ignore these?
- DL3005 - best practice, per Docker
- DL3008 - another best practice from Docker
- DL3009 - ibid
Consensus was to add hadolint, but we probably have tuning to do. Our current
Dockerfileproduces these errors:Do we want to follow the guidance, or ignore these?