Lint Rules

The following Hadolint-compatible rules are implemented: - DL1001 - Avoid inline ignore pragmas - DL3000 - Use absolute WORKDIR - DL3001 - Avoid irrelevant shell commands - DL3002 - Last USER should not be root - DL3003 - Use WORKDIR to switch to a directory - DL3004 - Do not use sudo - DL3006 - Always tag the version of an image explicitly - DL3007 - Avoid latest tag - DL3008 - Pin versions in apt-get install - DL3009 - Delete the APT lists after installing packages - DL3010 - Use ADD for extracting archives into an image - DL3011 - Valid UNIX ports range from 0 to 65535 - DL3012 - Multiple HEALTHCHECK instructions - DL3013 - Pin versions in pip - DL3014 - Use the -y switch for apt-get install - DL3015 - Use --no-install-recommends with apt-get - DL3016 - Pin versions in npm - DL3018 - Pin versions in apk add - DL3019 - Use --no-cache with apk add - DL3020 - Use COPY instead of ADD for files and folders - DL3021 - Ensure destination ends with slash when copying multiple sources - DL3022 - COPY --from should reference a previous FROM alias - DL3023 - COPY --from cannot reference its own stage - DL3024 - FROM aliases must be unique - DL3025 - Use JSON notation for CMD and ENTRYPOINT - DL3026 - Restrict registries used in FROM images - DL3027 - Avoid using apt - DL3028 - Pin gem versions - DL3029 - Do not use --platform flag with FROM - DL3030 - Use -y with yum install - DL3032 - Run yum clean all - DL3033 - Pin versions in yum install - DL3034 - Use non-interactive zypper - DL3035 - Avoid zypper dist-upgrade - DL3036 - Clean zypper cache - DL3037 - Pin versions in zypper install - DL3038 - Use -y with dnf install - DL3040 - dnf clean all missing after dnf command - DL3041 - Avoid dnf upgrade or update in Dockerfiles - DL3042 - Combine consecutive RUN instructions that use the same package manager - DL3043 - Specify OS version tag for base images - DL3044 - Specify version with dnf/microdnf install - DL3045 - COPY --from without digest pinning for external image - DL3046 - Avoid apk upgrade in Dockerfiles - DL3047 - Clean apk cache after installing packages - DL3048 - Invalid Label Key - DL3050 - Superfluous label(s) present - DL3051 - Label value is empty - DL3052 - Label is not a valid URL - DL3053 - Label does not conform to RFC3339 - DL3054 - Label is not a valid SPDX identifier - DL3055 - Stage image is not pinned by digest - DL3056 - Label does not conform to semantic versioning - DL3057 - HEALTHCHECK instruction missing - DL3058 - Label is not a valid email address - DL3059 - Multiple consecutive RUN instructions - DL3060 - yarn cache clean missing after yarn install - DL3061 - Dockerfile must start with FROM or ARG - DL4000 - MAINTAINER is deprecated - DL4001 - Either use Wget or Curl but not both - DL4003 - Multiple CMD instructions - DL4004 - Multiple ENTRYPOINT instructions - DL4005 - Use SHELL to change the default shell - DL4006 - Set the SHELL option -o pipefail before RUN with a pipe in it