Explicitly drop apt-get clean and use dist-clean

The former is a no-op in the base images (45491f2c5c/scripts/debuerreotype-minimizing-config (L87-L109)), and `apt-get dist-clean` is a safer/better version of the `rm -rf /var/lib/apt/lists/*` that keeps the cryptographic bits that help prevent downgrade attacks.
2025-11-20 01:40:21 -05:00 · 2025-11-11 21:46:34 -08:00
parent 8394e7094a
commit 665cc44094
1 changed files with 1 additions and 2 deletions
--- a/Dockerfile.integration
+++ b/Dockerfile.integration
@@ -8,8 +8,7 @@ ENV GOPATH /go
 WORKDIR /go/src/headscale

 RUN apt-get --update install --no-install-recommends --yes less jq sqlite3 dnsutils \
-  && rm -rf /var/lib/apt/lists/* \
-  && apt-get clean
+  && apt-get dist-clean
 RUN mkdir -p /var/run/headscale

 # Install delve debugger