feoh
commented
5 months ago Hi there, I'm concerned about the implications here. It's unclear to me how we should go about testing that we don't actually currently depend on behavior imbued by recommended packages this change would block the installation of.
Do you have any suggestions? For an academic environment like ours, the implications in terms of engineer hours for tracking down spurious failures far outweigh the likely security benefits.
I'm closing this for now. Thank you for your suggestion. If you feel this is in error please add comments here or re-open if you feel strongly about it and we can discuss.
Thanks! Chris Patti, MIT OL Devops
Pre-Flight checklist
app.jsonWhat are the relevant tickets?
None
What's this PR do?
Hi! The Dockerfile placed at "Dockerfile" contains the best practice violation DL3015 detected by the hadolint tool.
The smell DL3015 occurs when the apt tool is used to install packages without the "--no-install-recommends" flag. This flag is recommended to be used to avoid installing additional packages not explicitly requested. In this pull request, we propose a fix for that smell generated by our fixing tool. We have verified that the patch is correct before opening the pull request. To fix this smell, specifically, the "--no-install-recommends" flag is added to the apt-get install command.
This change is only aimed at fixing that specific smell. If the fix is not valid or useful, please briefly indicate the reason and suggestions for possible improvements.
Thanks in advance
How should this be manually tested?
Build Dockerfile
Where should the reviewer start?
(Optional)
Any background context you want to provide?
(Optional)
Screenshots (if appropriate)
(Optional)
What GIF best describes this PR or how it makes you feel?
(Optional)