Dockerfile Best Practices @ docker/awesome-compose

Directory Structure
Entrypoints
API
CLI
UI
Schemas
Build
Test
Security
Bookmarks

.github
- workflows
  - codeql-analysis.yml
- CODEOWNERS
angular
- angular
- .gitignore
- README.md
- compose.yaml
- output.png
apache-php
- app
  - Dockerfile
  - index.php
- README.md
- compose.yaml
aspnet-mssql
- app
  - aspnetapp
  - aspnetapp.sln
- README.md
- compose.yaml
- output.jpg
django
- app
  - example
  - Dockerfile
  - manage.py
  - requirements.txt
- README.md
- compose.yaml
elasticsearch-logstash-kibana
- logstash
  - pipeline
    - logstash-nginx.config
  - nginx.log
- README.md
- compose.yaml
fastapi
- app
  - __init__.py
  - main.py
- Dockerfile
- README.md
- compose.yaml
- requirements.txt
flask
- app
- README.md
- compose.yaml
flask-redis
- Dockerfile
- README.md
- app.py
- compose.yaml
- requirements.txt
gitea-postgres
- README.md
- compose.yaml
- output.jpg
minecraft
- screenshots
- README.md
- compose.yaml
nextcloud-postgres
- README.md
- compose.yaml
- output.jpg
nextcloud-redis-mariadb
- README.md
- compose.yaml
- output.jpg
nginx-aspnet-mysql
- backend
- db
  - password.txt
- proxy
  - Dockerfile
  - conf
- README.md
- compose.yaml
nginx-flask-mongo
- flask
- nginx
  - nginx.conf
- README.md
- compose.yaml
nginx-flask-mysql
- backend
- db
  - password.txt
- proxy
  - Dockerfile
  - conf
- README.md
- compose.yaml
nginx-golang
- backend
  - Dockerfile
  - go.mod
  - go.sum
  - main.go
- proxy
  - nginx.conf
- README.md
- compose.yaml
nginx-golang-mysql
- backend
  - Dockerfile
  - go.mod
  - go.sum
  - main.go
- db
  - password.txt
- proxy
  - nginx.conf
- README.md
- compose.yaml
nginx-golang-postgres
- backend
  - Dockerfile
  - go.mod
  - go.sum
  - main.go
- db
  - password.txt
- proxy
  - nginx.conf
- README.md
- compose.yaml
nginx-nodejs-redis
- nginx
  - Dockerfile
  - nginx.conf
- web
- README.md
- compose.yaml
nginx-wsgi-flask
- flask
- nginx
- README.md
- compose.yaml
official-documentation-samples
- django
  - images
    - django-it-worked.png
  - README.md
- rails
  - images
    - rails-welcome.png
  - README.md
- wordpress
  - images
    - wordpress-lang.png
    - wordpress-welcome.png
  - README.md
- README.md
pihole-cloudflared-DoH
- .env
- README.md
- compose.yaml
plex
- .env
- README.md
- compose.yaml
portainer
- README.md
- compose.yaml
postgresql-pgadmin
- .env
- README.md
- compose.yaml
prometheus-grafana
- grafana
  - datasource.yml
- prometheus
  - prometheus.yml
- README.md
- compose.yaml
- output.jpg
react-express-mongodb
- backend
  - config
  - db
    - index.js
  - logs
    - .gitkeep
  - models
    - todos
      - todo.js
  - routes
    - index.js
  - utils
    - helpers
      - logger.js
      - responses.js
  - .dockerignore
  - Dockerfile
  - README.md
  - package-lock.json
  - package.json
  - server.js
- frontend
  - public
  - src
    - components
      - AddTodo.js
      - TodoList.js
    - App.js
    - App.scss
    - App.test.js
    - custom.scss
    - index.css
    - index.js
    - logo.svg
    - serviceWorker.js
  - .dockerignore
  - .gitignore
  - Dockerfile
  - README.md
  - package-lock.json
  - package.json
- .gitignore
- README.md
- compose.yaml
- output.png
react-express-mysql
- backend
  - src
  - test
    - sample.js
  - Dockerfile
  - LICENSE
  - README.md
  - healthcheck.js
  - package-lock.json
  - package.json
- db
  - password.txt
- frontend
  - public
  - src
  - .gitignore
  - Dockerfile
  - README.md
  - package-lock.json
  - package.json
- .gitignore
- README.md
- compose.yaml
- output.png
react-java-mysql
- backend
- db
  - password.txt
- frontend
  - public
  - src
  - .dockerignore
  - .gitignore
  - Dockerfile
  - README.md
  - package-lock.json
  - package.json
  - tsconfig.json
- README.md
- compose.yaml
- output.jpg
react-nginx
- .nginx
  - nginx.conf
- public
- src
- .dockerignore
- .gitignore
- Dockerfile
- README.md
- compose.yaml
- output.png
- package-lock.json
- package.json
react-rust-postgres
- backend
- frontend
  - public
  - src
  - .dockerignore
  - .gitignore
  - Dockerfile
  - README.md
  - package-lock.json
  - package.json
- capture.png
- compose.yaml
- readme.md
sparkjava
- sparkjava
  - src
    - main
      - java
        
        App.java
  - Dockerfile
  - pom.xml
- README.md
- compose.yaml
sparkjava-mysql
- backend
  - src
    - main
      - java
        
        App.java
  - Dockerfile
  - pom.xml
- db
  - password.txt
- README.md
- compose.yaml
spring-postgres
- backend
  - src
    - main
      - java
        
        com
        
        company
        
        project
        
        controllers
        
        HomeController.java
        
        entity
        
        Greeting.java
        
        repository
        
        GreetingRepository.java
        
        Application.java
      - resources
        
        templates
        
        home.ftlh
        
        application.properties
        
        data.sql
        
        schema.sql
  - Dockerfile
  - pom.xml
- db
  - password.txt
- README.md
- compose.yaml
traefik-golang
- backend
  - Dockerfile
  - main.go
- README.md
- compose.yaml
vuejs
- vuejs
  - public
    - favicon.ico
    - index.html
  - src
    - assets
      - logo.png
    - components
      - HelloWorld.vue
    - App.vue
    - main.js
  - Dockerfile
  - README.md
  - babel.config.js
  - package.json
  - yarn.lock
- .gitignore
- README.md
- compose.yaml
- output.jpg
wasmedge-kafka-mysql
- db
  - db-password.txt
- etl
  - src
    - main.rs
  - Cargo.toml
  - Dockerfile
- kafka
  - order.json
- README.md
- compose.yml
wasmedge-mysql-nginx
- backend
  - src
    - main.rs
  - Cargo.toml
  - Dockerfile
- db
  - orders.json
  - update_order.json
- frontend
  - js
    - app.js
  - index.html
- README.md
- compose.yml
wireguard
- .env
- README.md
- compose.yaml
wordpress-mysql
- README.md
- compose.yaml
- output.jpg
.gitattributes
CONTRIBUTING.md
LICENSE
MAINTAINERS
README.md
awesome-compose.jpg
icon_wasm.svg
open_in_new.svg

Dockerfile Best Practices

This section outlines best practices for crafting effective and secure Dockerfiles:

1. Selecting the Base Image

Begin with a minimal base image. This reduces the attack surface and minimizes the image size.
Consider official images from Docker Hub or a trusted registry, such as alpine or debian:slim.
Example:
```
FROM alpine:latest
          
```
docs/best-practices/Dockerfile-best-practices.md

2. Managing Dependencies

Use package managers for installing dependencies.
Avoid installing unnecessary packages.

Example:

FROM node:16-alpine
          WORKDIR /app
          COPY package*.json ./
          RUN npm install
          COPY . .

docs/best-practices/Dockerfile-best-practices.md

3. Specifying the Entrypoint

Set the entry point to start the application automatically.
Example: dockerfile FROM nginx:latest COPY ./nginx.conf /etc/nginx/conf.d/default.conf CMD ["nginx", "-g", "daemon off;"]
docs/best-practices/Dockerfile-best-practices.md

4. Leveraging Multi-stage Builds

Use multi-stage builds to separate build-time and runtime dependencies.

Example:

FROM golang:1.17-alpine AS build
          WORKDIR /app
          COPY . .
          RUN go build -o app .
          FROM alpine:latest
          COPY --from=build /app/app /app/
          CMD ["/app/app"]

docs/best-practices/Dockerfile-best-practices.md

5. Minimizing Image Size

Optimize the image size by using slim base images and removing unnecessary files.
docs/best-practices/Dockerfile-best-practices.md

6. Building Secure Dockerfiles

Employ best practices for building secure Dockerfiles to reduce vulnerabilities.
docs/best-practices/Dockerfile-best-practices.md

Dockerfile Best Practices

Explanation

Graph

Symbols

We couldn't identify any entrypoints. If you believe this to be incorrect then please contact support.