RUN cd …’ to change directory
| Property | |
|---|---|
| Language |  |
| Severity |  |
| Vulnerability Type | omission |
Description#
The Dockerfile uses ‘RUN cd …’ to change directories instead of the recommended ‘WORKDIR’ instruction, making the build process harder to read, maintain, and debug. This practice can lead to unexpected behavior in subsequent instructions since directory changes do not persist across Dockerfile layers.
Impact#
Relying on ‘RUN cd …’ may result in commands executing in unintended directories, increasing the risk of build errors or misconfigurations. This can lead to unreliable container images, which may expose the application to operational issues or inadvertently leak sensitive files if directory context is misunderstood.
Resolution#
Use WORKDIR to change directory