Docker APT is used
Description
This rule detects whether the `apt`` (Advanced Package Tool) command is used within Dockerfile RUN instructions. We recommend that you do not run the `apt`` command within Dockerfiles, due to potential instability and security vulnerabilities.
Code Example
dockerfile
# Bad example
RUN apt update && apt install -y nginx
# Good example
RUN apt-get update && apt-get install -y nginxRemediation
Docker
Replace `apt`` with `apt-get`` for package management within Dockerfile RUN commands.
In the example below, `apt` is replaced with `apt-get` to ensures a more reliable and secure package installation process.
Rule Details
| Field | Value |
|---|---|
| ID | IAC-0842 |
| Severity | LOW |
| IaC Type | dockerfile |
| Frameworks | Docker |
| Checkov ID | CKV_DOCKER_9 |