Do not use no-install-recommends

This product is not supported for your selected Datadog site. ().
このページは日本語には対応しておりません。随時翻訳に取り組んでいます。
翻訳に関してご質問やご意見ございましたら、お気軽にご連絡ください

Metadata

ID: docker-best-practices/apt-get-no-install-recommends

Language: Docker

Severity: Warning

Category: Best Practices

Description

This rule enforces the use of the --no-install-recommends option when installing packages with apt-get in Dockerfiles. The --no-install-recommends flag ensures that only essential packages are installed, avoiding unnecessary recommended packages that can bloat the image size.

To comply with this rule, always include --no-install-recommends in your apt-get install commands, for example: apt-get install -y --no-install-recommends gcc.

Non-Compliant Code Examples

RUN apt-get install -y gcc
RUN DEBIAN_FRONTEND=noninteractive apt-get update && apt-get install git
RUN DEBIAN_FRONTEND=noninteractive apt-get update && apt-get install git

Compliant Code Examples

RUN apt-get install -y --no-install-recommends gcc
RUN DEBIAN_FRONTEND=noninteractive apt-get update && apt-get install --no-install-recommends git
RUN DEBIAN_FRONTEND=noninteractive apt-get update && apt-get install --no-install-recommends git
https://static.datadoghq.com/static/images/logos/github_avatar.svg https://static.datadoghq.com/static/images/logos/vscode_avatar.svg jetbrains

シームレスな統合。 Datadog Code Security をお試しください

Datadog Code Security