Using Platform Flag with FROM Command

Query id: b16e8501-ef3c-44e1-a543-a093238099c9
Query name: Using Platform Flag with FROM Command
Platform: Dockerfile
Severity: Info
Category: Best Practices
CWE: 695
URL: Github

Description¶

'FROM' instruction should not use the flag '--platform'
Documentation

Code samples¶

Code samples with security vulnerabilities¶

Positive test num. 1 - dockerfile file

FROM alpine:3.5
RUN apk add --update py2-pip
RUN pip install --upgrade pip
LABEL maintainer="SvenDowideit@home.org.au"
COPY requirements.txt /usr/src/app/
FROM --platform=arm64 baseimage as baseimage-build

Code samples without security vulnerabilities¶

Negative test num. 1 - dockerfile file

FROM alpine:3.5
RUN apk add --update py2-pip
RUN pip install --upgrade pip
LABEL maintainer="SvenDowideit@home.org.au"
COPY requirements.txt /usr/src/app/
FROM baseimage as baseimage-build