Ensure hardcoded version in gem install

When you don't specify a version, it tries to find the combination of gem versions that will make the whole project compatible, make all the gems within a project compatible with one another, because each gem has its own dependencies with maybe specific versions.

Risk Level: medium
Platform: Docker
Spectral Rule ID: DOCKR017

REMEDIATION

Add hardcoded version for gem install command.

FROM alpine:3.5
RUN apk add --update py2-pip
- RUN gem install bundler
+ RUN gem install bundler:2.0.2

- RUN gem install grpc
+ RUN gem install grpc -v ${GRPC_RUBY_VERSION}
#  OR
- RUN gem install grpc grpc-tools
+ RUN gem install grpc:${GRPC_VERSION} grpc-tools:${GRPC_VERSION}

Read more: