aweiteka · September 23, 2014 01:48
diff --git a/dockerfile_rules.yaml b/dockerfile_rules.yaml
 general:
  ref_url_base: https://docs.docker.com/reference/builder/
  valid_instructions:
  - FROM
  - MAINTAINER
  - RUN
  - CMD
  - EXPOSE
  - ENV
  - ADD
  - COPY
  - ENTRYPOINT
  - VOLUME
  - USER
  - WORKDIR
  - ONBUILD
  instruction_regex: r'(\w+)\s(.+$)'

 line_rules:
  from_latest:
    regex: 
    level: info
    message: base image uses 'latest' tag
    description: using the 'latest' tag may cause unpredictable builds. It is recommended that a specific tag is used in the FROM line.
    reference_url: DOCS_URL + "#from"
  no_tag:
    regex: r':'
    level: warn
    message: No tag is used
    description: lorem ipsum tar
    reference_url: DOCS_URL + "#from"
  no_maintainer:
    regex: 
    level: info
    message: Maintainer is not defined
    description: The MAINTAINER line is useful for identifying the author in the form of MAINTAINER Joe Smith <[email protected]>
    reference_url: DOCS_URL + "#maintainer"
  yum_clean_all:
    regex: r'yum clean all'
    info: warn
    message: yum clean all is not used
    description: the yum cache will remain in this layer making the layer unnecessarily large
    reference_url: None
  install_ssh:
    regex: r'ssh'
    level: warn
    message: installing SSH in a container is not recommended
    description: Do you really need SSH in this image?
    reference_url: https://github.com/jpetazzo/nsenter

 global_rules:
  no_expose:
    regex: r'EXPOSE'
    level: info
    message: There is no 'EXPOSE' instruction
    description: Without exposed ports how will the service of the container be accessed?
    reference_url: None
  no_entry_cmd:
    regex: r'ENTRYPOINT|CMD'
    level: info
    message: There is no 'ENTRYPOINT' or 'CMD' instruction
    description: None
    reference_url: None
  user:
    regex: r'USER'
    level: warn
    message: No 'USER' instruction
    description: The process(es) within the container may run as root and RUN instructions my be run as root
    reference_url: None
	general:
	ref_url_base: https://docs.docker.com/reference/builder/
	valid_instructions:
	- FROM
	- MAINTAINER
	- RUN
	- CMD
	- EXPOSE
	- ENV
	- ADD
	- COPY
	- ENTRYPOINT
	- VOLUME
	- USER
	- WORKDIR
	- ONBUILD
	instruction_regex: r'(\w+)\s(.+$)'

	line_rules:
	from_latest:
	regex:
	level: info
	message: base image uses 'latest' tag
	description: using the 'latest' tag may cause unpredictable builds. It is recommended that a specific tag is used in the FROM line.
	reference_url: DOCS_URL + "#from"
	no_tag:
	regex: r':'
	level: warn
	message: No tag is used
	description: lorem ipsum tar
	reference_url: DOCS_URL + "#from"
	no_maintainer:
	regex:
	level: info
	message: Maintainer is not defined
	description: The MAINTAINER line is useful for identifying the author in the form of MAINTAINER Joe Smith <[email protected]>
	reference_url: DOCS_URL + "#maintainer"
	yum_clean_all:
	regex: r'yum clean all'
	info: warn
	message: yum clean all is not used
	description: the yum cache will remain in this layer making the layer unnecessarily large
	reference_url: None
	install_ssh:
	regex: r'ssh'
	level: warn
	message: installing SSH in a container is not recommended
	description: Do you really need SSH in this image?
	reference_url: https://github.com/jpetazzo/nsenter

	global_rules:
	no_expose:
	regex: r'EXPOSE'
	level: info
	message: There is no 'EXPOSE' instruction
	description: Without exposed ports how will the service of the container be accessed?
	reference_url: None
	no_entry_cmd:
	regex: r'ENTRYPOINT\|CMD'
	level: info
	message: There is no 'ENTRYPOINT' or 'CMD' instruction
	description: None
	reference_url: None
	user:
	regex: r'USER'
	level: warn
	message: No 'USER' instruction
	description: The process(es) within the container may run as root and RUN instructions my be run as root
	reference_url: None