fluidasserts.lang.docker module

This module allows to check vulnerabilities in Dockerfiles.

fluidasserts.lang.docker.not_pinned(file_dest, exclude=None)

Check if the Dockerfile uses a FROM:...latest (unpinned) base image.

Parameters
  • file_dest (str) – Path to the Dockerfile to be tested.

  • exclude (typing.Optional[list]) – Paths that contains any string from this list are ignored.

Returns

True if unpinned (bad), False if pinned (good).

Return type

fluidasserts.Result