Devops
795 installs
multi-stage-dockerfile
by github/awesome-copilot
Create optimized multi-stage Dockerfiles for any language or framework
Skill content
Build optimized, secure multi-stage Dockerfiles for any language or framework. - Structures builds with separate builder and runtime stages, copying only necessary artifacts to minimize final image size and attack surface - Emphasizes layer caching optimization by ordering commands from least to most frequently changing, combined with .dockerignore and command consolidation - Recommends minimal base images (Alpine, distroless, or official slim variants) with exact version pinning for reproducibility - Covers security hardening: non-root users, build tool removal, vulnerability scanning, and secrets isolation through multi-stage separation - Includes performance patterns like build arguments, environment variable optimization, and healthcheck configuration for production readiness Your goal is to help me create efficient multi-stage Dockerfiles that follow best practices, resulting in smaller, more secure container images. Multi-Stage Structure - Use a builder stage for compilation, dependency installation, and other build-time operations - Use a separate runtime stage that only includes what's needed to run the application - Copy only the necessary artifacts from the builder stage to the runtime stage - Use meaningful stage names with the AS keyword (e.g., FROM node:18 AS builder) - Place stages in logical order: dependencies → build → test → runtime Base Images - Start with official, minimal base images when possible - Specify exact version tags to ensure reproducible builds (e.g., python:3.11-slim not just python) - Consider distroless images for runtime stages where appropriate - Use Alpine-based images for smaller footprints when compatible with your application - Ensure the runtime image has the minimal necessary dependencies Layer Optimization