Docker From alias is not unique for multistage builds

Description

This rule detects whether each FROM instruction in a Dockerfile uses a unique alias when building multistage images. Aliases help to identify stages, making Dockerfiles more readable and maintainable. Enforcing unique aliases ensures clarity, prevents conflicts and avoids any unintentional overwriting of stages.

Code Example

dockerfile

FROM node:14 as builder
...
- FROM node:14 as builder # Duplicate alias
+ FROM node:14 as builder_2 # Unique alias
...

Remediation

Docker

To mitigate this issue, ensure that each `FROM` instruction in your multistage Dockerfile uses a unique alias.

Example:

Rule Details

Field	Value
ID	IAC-0844
Severity	LOW
IaC Type	dockerfile
Frameworks	Docker
Checkov ID	CKV_DOCKER_11

References

Checkov Rule

Overview

SAST (Application Security)

SCA (Dependencies)

Secrets Detection

IaC Security

License Compliance

SAST Rules

IaC Rules

License Rules

Docker From alias is not unique for multistage builds

Description

Code Example

Remediation

Rule Details

References

SAST Rules

IaC Rules

License Rules

Docker From alias is not unique for multistage builds ​

Description ​

Code Example ​

Remediation ​

Rule Details ​

References ​

Docker From alias is not unique for multistage builds

Description

Code Example

Remediation

Rule Details

References