Detect Multiple Instructions


This policy is implemented to ensure that container images are built with minimal cached layers. It specifically focuses on detecting and preventing the use of multiple instructions in a single line within Dockerfiles.

Kyverno policy

Refer to the Nirmata curated policies - detect-multiple-instructions.

Resource example

Below is an example of a Dockerfile enforcing this policy.

FROM ubuntu:latest

# Update the package repository
RUN apt-get update


COPY . /app


# Example: Run a command when the container starts
CMD ["echo", "&& is not present"]