Question 1

dockerfilelint vs hadolint which is better?

Accepted Answer

dockerfilelint is Node.js-based with a strong focus on security and best practices, while hadolint is written in Haskell and might offer more comprehensive or customizable rules. Choose dockerfilelint if you prefer its specific checks and Node.js integration; hadolint could be better for advanced or extensible linting needs.

Question 2

how to disable a rule in dockerfilelint?

Accepted Answer

Create a .dockerfilelintrc file in your project root with YAML syntax, e.g., 'rules: uppercase_commands: off'. This allows you to turn off specific rules as documented in the README for tailored linting.

Question 3

why isn't dockerfilelint catching my COPY command issues?

Accepted Answer

The README notes that COPY validation is not fully implemented, with checks like avoiding multiple files per command still pending. For now, rely on manual review or supplement with other tools for comprehensive COPY analysis.

Question 4

can dockerfilelint be used in a CI/CD pipeline?

Accepted Answer

Yes, it supports JSON output via the -j flag, making it easy to integrate into CI/CD systems. You can run it via npm or Docker container, as shown in the documentation, to automate Dockerfile validation.

Question 5

what does the 'apt-get_missing_rm' rule check?

Accepted Answer

It ensures that apt-get install commands are paired with 'rm -rf /var/lib/apt/lists/*' in the same layer to reduce image size, enforcing a key best practice for Dockerfile efficiency.

Question 6

how to run dockerfilelint without installing Node.js?

Accepted Answer

Use the Docker container option: 'docker run -v $(pwd)/Dockerfile:/Dockerfile replicated/dockerfilelint /Dockerfile'. This allows linting in any environment with Docker installed, avoiding Node.js dependencies.

FROM:latest

What is FROM:latest?

Overview

Use Cases

Best For

Related Projects

Found a gem we're missing?

Not Ideal For

Pros & Cons

Pros

Cons

Frequently Asked Questions