Update "Changing Default Shell Using SHELL Command" query for Docker, query and reasoning are in conflict
malte-laukoetter opened this issue · 1 comments
Platform
Docker
Query
8a301064-c291-4b20-adcb-403fe7fd95fd
Description
The query currently checks that the SHELL
instruction is not used at all in a Dockerfile. Instead, it suggests changing the shell within every RUN
instruction. This conflicts with the Dockerfile reference that is mentioned as the reasoning. Here it is instead suggested that the shell is changed using the SHELL
instruction (https://docs.docker.com/engine/reference/builder/#shell) and not in the RUN
instructions. When using a command to change the shell (eg. RUN powershell -command
) this leads to inefficiencies. The JSON syntax for the RUN
instruction could be used to stop this. But the Dockerfile reference instead proposes to use the SHELL
instruction as then the RUN
instructions are simpler to read. I was not able to find any reasoning for why the SHELL
instruction should be avoided.
I would therefore suggest either removing this query, changing it to check that the shell is not changed using the RUN
instruction or updating the reasoning if there is one.
Hello Lergin, thank you once again for being so attentive! I have refactored the query in question in this PR, thank you for your time!