Ensure to hardcoded image version in dockerfile

Using Docker image without a pinned version (include latest) can changed unexpectedly and breaking your application.

Risk Level: medium
Platform: Docker
Spectral Rule ID: DOCKR020

REMEDIATION

Set hardcoded version for image.

- FROM alpine
+ FROM alpine:3.3
RUN apk add --update-cache python
WORKDIR /app
ONBUILD COPY . /app
ONBUILD RUN virtualenv /env && /env/bin/pip install -r /app/requirements.txt
EXPOSE 8080
CMD ["/env/bin/python", "main.py"]

https://docs.docker.com/engine/reference/builder/#from
https://docs.docker.com/develop/dev-best-practices/

Updated over 1 year ago

REMEDIATION

Read more: