Make better check for the latest tag in the dockerfile

Signed-off-by: lachmanfrantisek <[email protected]>

colin/checks/dockerfile/from_tag.py

@@ -1,15 +1,25 @@
-from colin.checks.abstract.dockerfile import InstructionCheck
+from colin.checks.abstract.dockerfile import DockerfileCheck
+from colin.checks.result import CheckResult
+from colin.core.target import ImageName
 
 
-class FromTagCheck(InstructionCheck):
+class FromTagCheck(DockerfileCheck):
 
     def __init__(self):
-        super().__init__(name="is_tag_not_latest",
-                         message="",
-                         description="",
-                         reference_url="https://docs.docker.com/engine/reference/builder/#from",
-                         tags=["from", "dockerfile", "latest"],
-                         instruction="FROM",
-                         value_regex=".*/latest$",
-                         required=False)
-    # TODO: Does not check if there is no tag => use ImageName parsing.
+        super().__init__(name="from_tag_not_latest",
+                         message="In FROM, tag has to be specified and not 'latest'.",
+                         description="Using the 'latest' tag may cause unpredictable builds."
+                                     "It is recommended that a specific tag is used in the FROM.",
+                         reference_url="https://fedoraproject.org/wiki/Container:Guidelines#FROM",
+                         tags=["from", "dockerfile", "baseimage", "latest"])
+
+    def check(self, target):
+        im = ImageName.parse(target.instance.baseimage)
+        passed = im.tag and im.tag != "latest"
+        return CheckResult(ok=passed,
+                           severity=self.severity,
+                           description=self.description,
+                           message=self.message,
+                           reference_url=self.reference_url,
+                           check_name=self.name,
+                           logs=[])