You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This is a feature request to add a hadolint rule, so we can restrict building an image or throw the error while linting an image. This rule will basically check whether in the image user has configure the non-root user or not. As we know, when we build the image and not creating a non-root user then by default image will inherit the root user from base image which is not good from a security point of view. So we should add a rule to restrict the image building if user does not create a non-root user in the image.
This is a feature request to add a hadolint rule, so we can restrict building an image or throw the error while linting an image. This rule will basically check whether in the image user has configure the non-root user or not. As we know, when we build the image and not creating a non-root user then by default image will inherit the root user from base image which is not good from a security point of view. So we should add a rule to restrict the image building if user does not create a non-root user in the image.
https://docs.docker.com/develop/develop-images/instructions/#user
Expected behavior
Throw the error if user do not configure the non-root user in the Dockerfile.
Actual behavior
There is no such rule. If user is not creating a non-root user in Dockerfile, still hadolint pass the check.
Steps to reproduce the behavior
hadolint Dockerfile
The text was updated successfully, but these errors were encountered: