Add -eo pipefail to all RUN commands to fail builds correctly

Signed-off-by: Sherif Abdel-Naby <[email protected]>
sherifabdlnaby · Jan 22, 2022 · eef5858 · eef5858
1 parent 175004a
commit eef5858
Showing 1 changed file with 6 additions and 4 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -21,6 +21,10 @@ ARG XDEBUG_VERSION
 # Maintainer label
 LABEL maintainer="[email protected]"
 
+# Set SHELL flags for RUN commands to allow -e and pipefail
+# Rationale: https://github.com/hadolint/hadolint/wiki/DL4006
+SHELL ["/bin/ash", "-eo", "pipefail", "-c"]
+
 # ------------------------------------- Install Packages Needed Inside Base Image --------------------------------------
 
 RUN IMAGE_DEPS="tini gettext"; \
@@ -50,10 +54,8 @@ RUN apk add --no-cache --virtual .build-deps \
  # - src: https://github.com/docker-library/wordpress/blob/master/latest/php7.4/fpm-alpine/Dockerfile \
  && runDeps="$( \
 		scanelf --needed --nobanner --format '%n#p' --recursive /usr/local/lib/php/extensions \
-			| tr ',' '\n' \
-			| sort -u \
-			| awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \
-	)"; \
+			| tr ',' '\n' | sort -u | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }'  \
+    )"; \
   # Save Runtime Deps in a virtual deps
 	apk add --no-network --virtual .php-extensions-rundeps $runDeps; \
   # Uninstall Everything we Installed (minus the runtime Deps)