Stats
Actions
Tags
From idea-to-code
Provides guidelines for ordering Dockerfile instructions from most stable (FROM, system deps) to least stable (code copy, build) to optimize layer caching. Use when creating or modifying Dockerfiles.
How this skill is triggered — by the user, by Claude, or both
Slash command
/idea-to-code:dockerfile-guidelinesThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
When creating or modifying Dockerfiles for this project, follow these guidelines:
When creating or modifying Dockerfiles for this project, follow these guidelines:
Dockerfile instructions should be ordered from most stable (least likely to change) to least stable (most likely to change). This maximizes Docker layer caching efficiency, resulting in faster builds.
FROM) - Changes rarelyRUN apt-get, RUN apk add) - Changes infrequentlyENV) - Changes occasionallyWORKDIR) - Changes rarelyCOPY package.json, COPY requirements.txt) - Changes when dependencies changeRUN npm install, RUN pip install) - Changes when dependencies changeCOPY . .) - Changes frequently during developmentRUN npm run build) - Changes when code changesEXPOSE, CMD, ENTRYPOINT) - Changes occasionally# 1. Base image (most stable)
FROM node:20-alpine
# 2. System dependencies
RUN apk add --no-cache tini
# 3. Environment variables
ENV NODE_ENV=production
# 4. Working directory
WORKDIR /app
# 5. Copy dependency manifests first
COPY package.json package-lock.json ./
# 6. Install dependencies (cached unless manifests change)
RUN npm ci --only=production
# 7. Copy application code (least stable - changes often)
COPY . .
# 8. Build step
RUN npm run build
# 9. Runtime configuration
EXPOSE 3000
CMD ["/sbin/tini", "--", "node", "dist/index.js"]
# Base image (most stable)
FROM eclipse-temurin:17-jre
WORKDIR /app
# Install system tools (stable - rarely changes)
RUN apt-get update && apt-get install -y curl ca-certificates wget && \
wget -O step-cli.tar.gz https://dl.smallstep.com/gh-release/cli/gh-release-header/v0.27.4/step_linux_0.27.4_$(dpkg --print-architecture).tar.gz && \
tar -xzf step-cli.tar.gz && \
mv step_0.27.4/bin/step /usr/local/bin/step && \
rm -rf step-cli.tar.gz step_0.27.4 && \
apt-get clean && rm -rf /var/lib/apt/lists/*
EXPOSE 8443
# Copy entrypoint script (changes occasionally)
COPY entrypoint.sh /app/entrypoint.sh
RUN chmod +x /app/entrypoint.sh
# Copy application JAR (changes frequently)
COPY build/libs/app.jar /app/app.jar
ENTRYPOINT ["/app/entrypoint.sh"]
Docker builds images in layers. When a layer changes, all subsequent layers must be rebuilt. By placing stable instructions first:
npx claudepluginhub humansintheloop-dev/humansintheloop-dev-workflow-and-tools --plugin idea-to-codeDockerfile best practices, layer optimization, multi-stage builds, security, and image size reduction.
Generate production-ready Dockerfiles or validate existing ones against security and performance best practices including multi-stage builds, non-root users, health checks, layer caching, and .dockerignore.
Generates optimized multi-stage Dockerfiles, .dockerignore, for Node.js, Python, Go, Java apps with security hardening, layer caching, validation, and error fixes.