Do not use no-install-recommends

This product is not supported for your selected Datadog site. ().
이 페이지는 아직 영어로 제공되지 않습니다. 번역 작업 중입니다.
현재 번역 프로젝트에 대한 질문이나 피드백이 있으신 경우 언제든지 연락주시기 바랍니다.

Metadata

ID: docker-best-practices/apt-get-no-install-recommends

Language: Docker

Severity: Warning

Category: Best Practices

Description

This rule enforces the use of the --no-install-recommends option when installing packages with apt-get in Dockerfiles. The --no-install-recommends flag ensures that only essential packages are installed, avoiding unnecessary recommended packages that can bloat the image size.

To comply with this rule, always include --no-install-recommends in your apt-get install commands, for example: apt-get install -y --no-install-recommends gcc.

Non-Compliant Code Examples

RUN apt-get install -y gcc
RUN DEBIAN_FRONTEND=noninteractive apt-get update && apt-get install git
RUN DEBIAN_FRONTEND=noninteractive apt-get update && apt-get install git

Compliant Code Examples

RUN apt-get install -y --no-install-recommends gcc
RUN DEBIAN_FRONTEND=noninteractive apt-get update && apt-get install --no-install-recommends git
RUN DEBIAN_FRONTEND=noninteractive apt-get update && apt-get install --no-install-recommends git
https://static.datadoghq.com/static/images/logos/github_avatar.svg https://static.datadoghq.com/static/images/logos/vscode_avatar.svg jetbrains

원활한 통합. Datadog Code Security를 경험해 보세요

Datadog Code Security