DL3038 - Use -y with dnf install

Description

dnf or microdnf install commands should run non-interactively. Missing the -y or --assumeyes flag can halt builds waiting for user input.

Goals

• Guarantee package installations using dnf complete without manual confirmation.
• Prevent stalled builds and ensure reproducible Docker images.

Specification

1. Iterate over every RUN instruction in the Dockerfile.
2. Split the instruction into shell command segments.
3. For each segment:
4. If the first token is dnf or microdnf and any subsequent token is install, groupinstall, or localinstall, verify the presence of one of:
   • -y
   • --assumeyes
   • --assumeyes=<value>
5. If the required flag is missing, emit DL3038 pointing to the line of the RUN instruction with the message: Use the -y switch to avoid manual input dnf install -y <package>.

(c) 2025 Asymmetric Effort, LLC. scaldwell@asymmetric-effort.com