28 lines | 853 Bytes
Raw

docker

Dockerfile authoring rules distilled from Docker's official best practices.

npx rulepack add docker

What it covers

  • Multi-stage builds — separate build env from a lean runtime image
  • Minimal, pinned (version + digest) official base images
  • Cache-friendly instruction ordering (least → most frequently changing)
  • Layer hygiene: combine RUN commands, clean up in the same layer, sort args
  • apt-get done right (update + install in one RUN, prune lists)
  • COPY over ADD; exec-form CMD/ENTRYPOINT; absolute WORKDIR
  • Security: run as non-root USER, never bake secrets (RUN --mount=type=secret)
  • .dockerignore, one concern per container, ephemeral/stateless design

Source

Distilled from Docker's official documentation: https://docs.docker.com/build/building/best-practices/

License

MIT