ccfg-docker

Scaffold Dockerfiles, Docker Compose configuration, or .dockerignore for projects

Run Docker configuration quality gate suite (Dockerfile lint, compose validation, security checks, .dockerignore verification)

Use this agent for Docker Compose v2+ service architecture, networking configuration, volume management, healthcheck setup, profile-based service grouping, dependency ordering, environment variable management, and multi-container application design. Invoke for designing multi-service applications, configuring service dependencies with health conditions, setting up named networks for service isolation, managing persistent volumes, implementing development override patterns, or troubleshooting compose startup issues. Examples: designing a web app + database + cache compose stack, configuring depends_on with service_healthy conditions, setting up development vs production compose profiles, implementing sidecar patterns, or managing secrets through environment files.

Use this agent for container security hardening, non-root user configuration, minimal base image selection, secret management in Docker builds, read-only rootfilesystem configuration, Linux capability management, image vulnerability scanning, and supply chain security. Invoke for hardening existing Dockerfiles, implementing least-privilege containers, configuring security contexts in Compose, auditing Docker configurations for CVEs, setting up image signing and verification, or implementing defense-in-depth for containerized applications. Examples: adding non-root USER to a Dockerfile, configuring read-only rootfs with tmpfs exceptions, dropping all Linux capabilities and adding back minimally, setting up BuildKit secret mounts, or scanning images with Trivy/Grype.

Use this agent for Dockerfile authoring, multi-stage build design, BuildKit syntax and features, layer caching optimization, image size reduction, base image selection, HEALTHCHECK configuration, and Dockerfile best practices. Invoke for writing production-ready Dockerfiles, optimizing existing Dockerfiles for size and speed, configuring BuildKit cache mounts, choosing between alpine/slim/distroless bases, debugging build failures, or migrating to multi-stage builds. Examples: writing a Node.js multi-stage Dockerfile, adding BuildKit cache mounts for pip/npm, converting a single-stage to multi-stage, optimizing a Go Dockerfile for minimal image size, or fixing layer caching inefficiency.

This skill should be used when designing Docker Compose services, configuring networking, managing volumes, or setting up multi-container applications.

This skill should be used when working with Docker, writing Dockerfiles, configuring Docker Compose, building container images, or reviewing Docker configuration.

This skill should be used when optimizing Docker image size, improving build performance, implementing caching strategies, or hardening container security.