Stats
Actions
Tags
'%20stop-opacity%3D'0.16'%2F%3E%3Cstop%20offset%3D'1'%20stop-color%3D'rgb(200%2C90%2C60)'%20stop-opacity%3D'0.03'%2F%3E%3C%2FlinearGradient%3E%3C%2Fdefs%3E%3Crect%20width%3D'320'%20height%3D'200'%20fill%3D'url(%23g)'%2F%3E%3Ccircle%20cx%3D'250'%20cy%3D'56'%20r%3D'92'%20fill%3D'rgb(200%2C90%2C60)'%20fill-opacity%3D'0.06'%2F%3E%3Ccircle%20cx%3D'64'%20cy%3D'172'%20r%3D'58'%20fill%3D'rgb(200%2C90%2C60)'%20fill-opacity%3D'0.05'%2F%3E%3C%2Fsvg%3E)
From docker-development
Builds, tests, and secures Docker containers with best practices for Dockerfiles, compose, multi-stage builds, and CI/CD testing.
How this skill is triggered — by the user, by Claude, or both
Slash command
/docker-development:docker-developmentThis skill is limited to the following tools:
The summary Claude sees in its skill listing — used to decide when to auto-load this skill
Patterns for building, testing, and deploying Docker containers.
Patterns for building, testing, and deploying Docker containers.
FROM node:20-alpine AS builder
WORKDIR /app
COPY package*.json ./
RUN npm ci --only=production
COPY . .
FROM node:20-alpine
RUN addgroup -g 1001 app && adduser -u 1001 -G app -D app
USER app
COPY --from=builder /app .
HEALTHCHECK --interval=30s --timeout=3s --start-period=5s --retries=3 \
CMD wget -qO- http://localhost:3000/health || exit 1
CMD ["node", "server.js"]
FROM golang:1.22-alpine AS builder
WORKDIR /app
COPY go.* ./
RUN go mod download
COPY . .
RUN CGO_ENABLED=0 go build -o /app/server .
FROM gcr.io/distroless/static:nonroot
COPY --from=builder /app/server /server
CMD ["/server"]
RUN apt-get update && \
apt-get install -y --no-install-recommends curl && \
rm -rf /var/lib/apt/lists/*
COPY package*.json ./
RUN npm ci
COPY . .
Manifests before source keeps install layers cached on source-only changes.
RUN --mount=type=secret,id=ssh_key,dst=/root/.ssh/id_rsa git clone [email protected]:org/repo.git
ENV/ARG/COPY secrets persist in docker history. Use --mount=type=secret.
target "app" {
platforms = ["linux/amd64", "linux/arm64"]
cache-from = ["type=gha"]
cache-to = ["type=gha,mode=max"]
}
| Anti-pattern | Fix |
|---|---|
FROM image:latest | Pin version: image:1.2.3-alpine |
No USER directive | adduser + USER appuser |
chmod 777 | Use specific permissions: chmod 550 |
privileged: true in compose | Remove or use specific cap_add |
volumes: [/:/host] | Mount only needed paths |
ports: ["0.0.0.0:3000:3000"] | Bind to 127.0.0.1:3000:3000 |
ENV DB_PASSWORD=secret | Use --mount=type=secret or compose secrets |
docker run --rm --entrypoint php myimage -vdocker run --rm --add-host backend:127.0.0.1 nginx-image nginx -tcp .env.example .env before docker compose config.env.example, README, docs from scannersEACCES on host) -- references/bind-mount-ownership.mdExclude: .git, node_modules/vendor, .env*, *.pem, *.key
depends_on.condition: service_healthy + healthcheck start_periodnetworks.internal: true isolates databases from external accessprofiles: [debug]: services start only with --profile debugreferences/ci-testing.md -- CI testing patterns for Docker imagesreferences/dind-testing-patterns.md -- Docker-in-Docker (DinD) testing patternsreferences/bind-mount-ownership.md -- root-owned bind-mount artifactsnpx claudepluginhub netresearch/claude-code-marketplace --plugin docker-developmentProvides behavioral guidelines to reduce common LLM coding mistakes, focusing on simplicity, surgical changes, assumption surfacing, and verifiable success criteria.
Searches, retrieves, and installs Agent Skills from prompts.chat registry using MCP tools like search_skills and get_skill. Activates for finding skills, browsing catalogs, or extending Claude.