mirror of
https://github.com/azaion/autopilot.git
synced 2026-04-22 21:56:35 +00:00
Oleksandr Bezdieniezhnykh
16 lines
776 B
Plaintext
16 lines
776 B
Plaintext
---
|
|
description: "Docker and Docker Compose conventions: multi-stage builds, security, image pinning, health checks"
|
|
globs: ["**/Dockerfile*", "**/docker-compose*", "**/.dockerignore"]
|
|
---
|
|
# Docker
|
|
|
|
- Use multi-stage builds to minimize image size
|
|
- Pin base image versions (never use `:latest` in production)
|
|
- Use `.dockerignore` to exclude build artifacts, `.git`, `node_modules`, etc.
|
|
- Run as non-root user in production containers
|
|
- Use `COPY` over `ADD`; order layers from least to most frequently changed
|
|
- Use health checks in docker-compose and Dockerfiles
|
|
- Use named volumes for persistent data; never store state in container filesystem
|
|
- Centralize environment configuration; use `.env` files only for local dev
|
|
- Keep services focused: one process per container
|