dockle icon indicating copy to clipboard operation
dockle copied to clipboard

Published 20 hours ago verified publisher icon goodwithtech

Allow ADD with getting files from a URL

Open inductor opened this issue 5 years ago • 4 comments

Description

FATAL	- CIS-DI-0009: Use COPY instead of ADD in Dockerfile
	* Use COPY : ADD https://github.com/jwilder/docker-gen/releases/download/0.7.4/docker-gen-linux-amd64-0.7.4.tar.gz /tmp/
	* Use COPY : ADD https://github.com/just-containers/s6-overlay/releases/download/v1.22.1.0/s6-overlay-amd64.tar.gz /tmp/
	* Use COPY : ADD https://raw.githubusercontent.com/diafygi/acme-tiny/5350420d35177eda733d85096433a24e55f8d00e/acme_tiny.py /bin/acme_tiny

This case ADD must be used.

What did you expect to happen?

What happened instead?

Output of run with -debug:

(paste your output here)

Output of dockle -v:

(paste your output here)

Additional details (base image name, container registry info...):

inductor avatar Jun 26 '19 23:06 inductor

OK, I will check target file format when check ADD.

tomoyamachi avatar Jun 26 '19 23:06 tomoyamachi

It may take a while. Please use -i CIS-DI-0009 flag so far.

tomoyamachi avatar Jun 27 '19 15:06 tomoyamachi

It is possible to detect ADD with URL if using buildkit.

tomoyamachi avatar Sep 09 '21 23:09 tomoyamachi

It is possible to detect ADD with URL if using buildkit.

Can you elaborate? I'm getting this fatal despite using buildkit. Are there any extra configuration needed?

olafurnielsen avatar May 22 '23 10:05 olafurnielsen