The Docker Analyzer analyzes your Dockerfiles and raises issues if they do not follow the best practices and methods to build efficient docker images.
.deepsource.toml
configuration specific to the docker
analyzer. Please make sure to read the general configuration guide first.
name
enabled
meta
dockerfile_paths
Dockerfile
in the repository root, if it exists.Dockerfile
in the repository root by default. If your Dockerfile name or path is different, you must provide the path to the file in the dockerfile_paths
meta field.
If dockerfile_paths
is specified, DeepSource will run analysis on all the files provided, along with the default Dockerfile
file from the repository root, if it exists.
trusted_registries
trusted_registries
, the analyzer will not flag untrusted registries when encountered. However, when trusted_registries
is provided, DeepSource will consider only the specified registries as allowed, and will raise an issue for any other registry that images are pulled from.