From 24a9510a7bc7114fdbe8b8b0d8c4793b4944a9f6 Mon Sep 17 00:00:00 2001
From: georg <georg@riseup.net>
Date: Sun, 19 Jan 2020 14:03:11 +0000
Subject: [PATCH] hadolint: ignore DL3005: apt-get {dist-upgrade,upgrade}

According to the docs, this is frowned upon, as upgrading essential
packages might fail inside an unprivileged container.

That's a non-issue in our cases, as we're using privileged containers.

Further, we want to achieve the best of both worlds: we want to leverage
a build cache, to reduce build times, but, at the same time, we want to
pull in upgraded packages, in case the packages in question are already
installed.

This change should help with exposing errors like the one reported in
jvoisin/mat2#136 earlier in the future.
---
 .hadolint.yaml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/.hadolint.yaml b/.hadolint.yaml
index 68a1cc3..885c13e 100644
--- a/.hadolint.yaml
+++ b/.hadolint.yaml
@@ -1,5 +1,7 @@
 ignored:
   # For more information, see https://github.com/hadolint/hadolint/wiki/$RULE
+  # Do not use apt-get upgrade or dist-upgrade
+  - DL3005
   # Pin versions in apt-get install
   - DL3006
   # Always tag the version of an image explicitly
-- 
GitLab