dockerfile.correctness.multiple-entrypoint-instructions.multiple-entrypoint-instructions

semgrep

Author

unknown

Download Count*

LGPL Commons Clause

License

Multiple ENTRYPOINT instructions were found. Only the last one will take effect.

Run Locally

Run in CI

Semgrep CI docs

Defintion

Edit Rule View Source

Open in Playground

rules:
  - id: multiple-entrypoint-instructions
    severity: ERROR
    languages:
      - dockerfile
    patterns:
      - pattern: |
          ENTRYPOINT ...
          ...
          $ENTRYPOINT_INSTR
      - metavariable-pattern:
          metavariable: $ENTRYPOINT_INSTR
          pattern: |
            ENTRYPOINT ...
      - focus-metavariable: $ENTRYPOINT_INSTR
    message: Multiple ENTRYPOINT instructions were found. Only the last one will
      take effect.
    metadata:
      source-rule-url: https://github.com/hadolint/hadolint/wiki/DL4004
      references:
        - https://github.com/hadolint/hadolint/wiki/DL4004
        - https://kapeli.com/cheat_sheets/Dockerfile.docset/Contents/Resources/Documents/index#//dash_ref_Instructions/Entry/ENTRYPOINT/0
      category: correctness
      technology:
        - dockerfile
      license: Commons Clause License Condition v1.0[LGPL-2.1-only]

Examples

multiple-entrypoint-instructions.dockerfile

# cf. https://github.com/hadolint/hadolint/wiki/DL4004

FROM busybox
ENTRYPOINT /bin/true
RUN echo hello
# ruleid: multiple-entrypoint-instructions
ENTRYPOINT /bin/false

Short Link: https://sg.run/JwvQ