Skip to content

Commit

Permalink
Change base docker image to python3-slim
Browse files Browse the repository at this point in the history
  • Loading branch information
@foadjn
foadjn committed Oct 11, 2024
1 parent 82da899 commit 24e6958
Showing 1 changed file with 4 additions and 8 deletions.
12 changes: 4 additions & 8 deletions Dockerfile
View file
Original file line number Diff line number Diff line change
@@ -1,14 +1,10 @@
FROM python:3-slim AS builder
ADD . /app
FROM python:3.13-slim

Check failure on line 1 in Dockerfile

View check run for this annotation

Wiz Inc. (5a6b51938d) / Wiz IaC Scanner

Missing User Instruction 

Rule ID: c45b6c1e-1581-4876-9a4d-15a028658538
Severity: High
Resource: FROM={{python:3.13-slim}}

A user should be specified in the dockerfile, otherwise the image will run as root
Raw output 
Expected: The 'Dockerfile' should contain the 'USER' instruction
Found: The 'Dockerfile' does not contain any 'USER' instruction

Check notice on line 1 in Dockerfile

View check run for this annotation

Wiz Inc. (5a6b51938d) / Wiz IaC Scanner

Healthcheck Instruction Missing 

Rule ID: 2ac8ed3a-8f27-46b7-8286-659d404ca126
Severity: Low
Resource: FROM={{python:3.13-slim}}

Ensure that HEALTHCHECK is being used. The HEALTHCHECK instruction tells Docker how to test a container to check that it is still working
Raw output 
Expected: Dockerfile should contain instruction 'HEALTHCHECK'
Found: Dockerfile doesn't contain instruction 'HEALTHCHECK'

COPY . /app
WORKDIR /app

# We are installing a dependency here directly into our app source dir
RUN pip install --target=/app -r requirements.txt

# A distroless container image with Python and some basics like SSL certificates
# https://github.com/GoogleContainerTools/distroless
FROM gcr.io/distroless/python3-debian10
COPY --from=builder /app /app
WORKDIR /app
ENV PYTHONPATH /app
CMD ["/app/main.py"]
CMD ["python", "/app/main.py"]

0 comments on commit 24e6958

Please sign in to comment.