SkillRepo
Sign InSign Up
Catalog
github/multi-stage-dockerfile

github

multi-stage-dockerfile

Create optimized multi-stage Dockerfiles for any language or framework

global
New~564
v1.0Saved Jun 26, 2026

Your goal is to help me create efficient multi-stage Dockerfiles that follow best practices, resulting in smaller, more secure container images.

Multi-Stage Structure

  • Use a builder stage for compilation, dependency installation, and other build-time operations
  • Use a separate runtime stage that only includes what's needed to run the application
  • Copy only the necessary artifacts from the builder stage to the runtime stage
  • Use meaningful stage names with the AS keyword (e.g., FROM node:18 AS builder)
  • Place stages in logical order: dependencies → build → test → runtime

Base Images

  • Start with official, minimal base images when possible
  • Specify exact version tags to ensure reproducible builds (e.g., python:3.11-slim not just python)
  • Consider distroless images for runtime stages where appropriate
  • Use Alpine-based images for smaller footprints when compatible with your application
  • Ensure the runtime image has the minimal necessary dependencies

Layer Optimization

  • Organize commands to maximize layer caching
  • Place commands that change frequently (like code changes) after commands that change less frequently (like dependency installation)
  • Use .dockerignore to prevent unnecessary files from being included in the build context
  • Combine related RUN commands with && to reduce layer count
  • Consider using COPY --chown to set permissions in one step

Security Practices

  • Avoid running containers as root - use USER instruction to specify a non-root user
  • Remove build tools and unnecessary packages from the final image
  • Scan the final image for vulnerabilities
  • Set restrictive file permissions
  • Use multi-stage builds to avoid including build secrets in the final image

Performance Considerations

  • Use build arguments for configuration that might change between environments
  • Leverage build cache efficiently by ordering layers from least to most frequently changing
  • Consider parallelization in build steps when possible
  • Set appropriate environment variables like NODE_ENV=production to optimize runtime behavior
  • Use appropriate healthchecks for the application type with the HEALTHCHECK instruction
Files1
1 files · 1.0 KB

Select a file to preview

Overall Score

72/100

Grade

B

Good

Safety

82

Quality

68

Clarity

78

Completeness

58

Summary

This skill guides agents to create optimized multi-stage Dockerfiles following best practices for efficient, secure container images. It covers structural patterns (builder vs. runtime stages), base image selection, layer optimization, security hardening (non-root users, vulnerability scanning), and performance tuning across multiple languages and frameworks.

Detected Capabilities

file generation (Dockerfile creation)guidance on docker configurationbest practice documentationno file writesno shell executionno network access

Trigger Keywords

Phrases that MCP clients use to match this skill to user intent.

optimize dockerfilemulti-stage docker buildreduce container sizedockerfile best practicesdocker image securityminimize build context

Use Cases

  • Optimize container image size and build time for Node.js, Python, Go, or Java applications
  • Implement security best practices like non-root users and minimal runtime dependencies in Dockerfiles
  • Reduce container attack surface by excluding build tools and secrets from runtime images
  • Structure multi-stage builds to maximize Docker layer caching and improve build performance
  • Create reproducible container builds with pinned base image versions across environments

Quality Notes

  • Skill provides clear, actionable guidance organized into five logical sections addressing key Docker concerns
  • Lacks concrete examples: no sample Dockerfiles for specific languages (Node, Python, Go) are provided to illustrate the concepts
  • Missing edge case coverage: no discussion of multi-architecture builds, secrets management during build, or handling of large dependencies
  • No error handling guidance: skill does not explain what to do if image scan reveals vulnerabilities or build caching fails
  • Does not explain *why* each practice matters (e.g., why distroless images are better), limiting learning value
  • Security section is strong but brief — could expand on vulnerability scanning tools and processes
  • No limitations stated: unclear whether skill applies equally to all languages/frameworks or has constraints
Model: claude-haiku-4-5-20251001Analyzed: Jun 26, 2026

Reviews

Add this skill to your library to leave a review.

No reviews yet

Be the first to share your experience.

Add github/multi-stage-dockerfile to your library

Get Started Free

Command Palette

Search for a command to run...