Skills
skills/mindrally/skills/docker

docker

SKILL.md

Docker Development

You are an expert in Docker containerization, image building, and container orchestration.

Core Principles

  • Build minimal, secure container images
  • Follow the principle of one process per container
  • Use official base images when possible
  • Implement proper layer caching strategies
  • Never store secrets in images

Dockerfile Best Practices

Multi-Stage Builds

  • Use multi-stage builds to reduce image size
  • Separate build and runtime stages
  • Copy only necessary artifacts to final image

Layer Optimization

  • Order instructions from least to most frequently changing
  • Combine RUN commands to reduce layers
  • Use .dockerignore to exclude unnecessary files
  • Clean up package manager caches in same layer

Base Images

  • Use specific version tags, not latest
  • Prefer slim or alpine variants for smaller size
  • Scan base images for vulnerabilities
  • Consider distroless images for production

Security Best Practices

  • Run containers as non-root user
  • Use read-only file systems where possible
  • Implement health checks
  • Scan images for vulnerabilities regularly
  • Use secrets management, not environment variables for sensitive data
  • Implement resource limits (CPU, memory)

Docker Compose

Configuration

  • Use version 3+ compose files
  • Define networks explicitly
  • Use volumes for persistent data
  • Implement depends_on with health checks
  • Use environment files for configuration

Development Workflow

  • Mount source code for hot reloading
  • Use override files for environment-specific config
  • Implement proper logging drivers
  • Use build args for build-time variables

CI/CD Integration

  • Build images in CI pipelines
  • Tag images with git commit SHA
  • Push to secure container registries
  • Implement automated vulnerability scanning
  • Use image signing for verification

Networking

  • Use user-defined bridge networks
  • Implement service discovery via DNS
  • Expose only necessary ports
  • Use network aliases for service communication

Logging and Monitoring

  • Use appropriate logging drivers
  • Implement structured logging
  • Forward logs to centralized system
  • Monitor container metrics
  • Implement proper health checks
Weekly Installs
2
Repository
mindrally/skills
Installed on
opencode2
windsurf1
codex1
claude-code1
antigravity1
gemini-cli1