hadolint/DL3006

Always tag the version of an image explicitly.

Property	Value
Severity	Warning
Category	Best Practice
Default	Enabled

Description

You can never rely that the latest tag is a specific version. Always tag the version of an image explicitly to ensure reproducible builds.

Examples

Problematic code

FROM debian

Correct code

FROM debian:jessie

Exception

When the image name refers to a previously defined alias, tagging is not required:

FROM debian:jessie as build
RUN build_script

FROM build as tests
RUN test_script

FROM debian:jessie
COPY --from=build foo .

Reference

hadolint/DL3006

Overview

Security

Correctness

Performance

Style

GPU / CUDA

PHP

PowerShell

Windows

BuildKit Rules

Hadolint Rules

ShellCheck Rules

hadolint/DL3006

Description

Examples

Problematic code

Correct code

Exception

Reference

Overview

Security

Correctness

Performance

Style

GPU / CUDA

PHP

PowerShell

Windows

BuildKit Rules

Hadolint Rules

ShellCheck Rules

​Description

​Examples

​Problematic code

​Correct code

​Exception

​Reference

Description

Examples

Problematic code

Correct code

Exception

Reference