writing-dockerfileslisted

# Writing Dockerfiles Create production-grade Dockerfiles with multi-stage builds, security hardening, and language-specific optimizations. ## When to Use This Skill Invoke when: - "Write a Dockerfile for [Python/Node.js/Go/Rust] application" - "Optimize this Dockerfile to reduce image size" - "Use multi-stage build for..." - "Secure Dockerfile with non-root user" - "Use distroless base image" - "Add BuildKit cache mounts" - "Prevent secrets from leaking in Docker layers" ## Quick Decision Framework Ask three questions to determine the approach: **1. What language?** - Python → See `references/python-dockerfiles.md` - Node.js → See `references/nodejs-dockerfiles.md` - Go → See `references/go-dockerfiles.md` - Rust → See `references/rust-dockerfiles.md` - Java → See `references/java-dockerfiles.md` **2. Is security critical?** - YES → Use distroless runtime images (see `references/security-hardening.md`) - NO → Use slim/alpine base images **3. Is image size critical?** - YES (<50MB) → Multi-stage + distroless + static linking - NO (<500MB) → Multi-stage + slim base images ## Core Concepts ### Multi-Stage Builds Separate build environment from runtime environment to minimize final image size. **Pattern:** ```dockerfile # Stage 1: Build FROM build-image AS builder RUN compile application # Stage 2: Runtime FROM minimal-runtime-image COPY --from=builder /app/binary /app/ CMD ["/app/binary"] ``` **Benefits:** - 80-95% smaller images (excludes build tools) - Improved