generic.dockerfile.best-practice.remove-package-cache.remove-package-cache
returntocorpAuthor
3,970
Download Count*
License
The package cache was not deleted after running 'apt-get update', which increases the size of the image. Remove the package cache by appending '&& apt-get clean' at the end of apt-get command chain.
Run Locally
Run in CI
Defintion
rules:
- id: remove-package-cache
patterns:
- pattern: RUN apt-get update
- pattern-not-inside: RUN apt-get update ... && apt-get clean
- pattern-not-inside: RUN apt-get update ... &&\ apt-get clean
message: The package cache was not deleted after running 'apt-get update', which
increases the size of the image. Remove the package cache by appending '&&
apt-get clean' at the end of apt-get command chain.
severity: WARNING
languages:
- generic
metadata:
source-rule-url: https://github.com/hadolint/hadolint/wiki/DL3009
references:
- https://github.com/hadolint/hadolint/wiki/DL3009
category: best-practice
technology:
- dockerfile
license: Commons Clause License Condition v1.0[LGPL-2.1-only]
paths:
include:
- "*dockerfile*"
- "*Dockerfile*"
Examples
remove-package-cache.dockerfile
FROM busybox
# ruleid: remove-package-cache
RUN apt-get update && apt-get install --no-install-recommends -y python
# ruleid: remove-package-cache
RUN apt-get update && apt-get install --no-install-recommends -y python \
&& rm -rf /var/lib/apt/lists/*
# ok: remove-package-cache
RUN apt-get update && apt-get install --no-install-recommends -y python \
&& apt-get clean
# ok: remove-package-cache
RUN apt-get update && apt-get install --no-install-recommends -y python \
&& apt-get clean \
&& rm -rf /var/lib/apt/lists/*
# ok: remove-package-cache
RUN apt-get update &&\
apt-get install --no-install-recommends -y \
build-essential \
libxml2-dev \
libxmlsec1-dev \
libxmlsec1-openssl \
libyaml-dev \
pkg-config &&\
apt-get clean &&\
rm -rf /var/lib/apt/lists/*
Short Link: https://sg.run/YvqQ