This issue is dedicated to tracking the development of security policies specifically designed for validating Dockerfiles using Genval. We aim to enhance the security and adherence to best practices when creating Dockerfiles.

Included Policies:

• Enforcing the use of the Chainguard image as the base image.
• Denying the use of root or 0 as the UID and GID.
  Prohibiting the use of sudo in RUN instructions.
• Enforcing cache invalidation for RUN instructions when updating packages or dependencies using apt, apk, yum, etc.
• Promoting the use of COPY over ADD instructions.
• Enforce multistage Dockerfiles.

These policies are a foundational framework for creating secure Dockerfiles that align with industry best practices. However, we recognize that there may be additional policies worth considering. Your input and suggestions are highly encouraged – please share your thoughts and ideas here.