vsupalov

The Quickest Way to Improve Your Docker Images

This might be the most frequent advice I give to folks: “Have you tried using a Dockerfile linter?”

Apart from learning the basics of Docker, this is the most bang-for-the-buck thing your can do to improve your Docker game and save yourself from a few nasty gotchas.

Maybe “linter” is a bit too specific, it’s really about having an automated way to catch and discover avoidable mistakes.

Cool Tools To Know About

Here’s a list of tools you can use to get started.

hadolint - a Dockerfile linter. It checks the content of your Dockerfile for risky patterns and missing useful parts. You can even give it a try online, without installing anything. Otherwise, check out the GitHub page for more details.

dockle - instead of parsing the Dockerfile, this tool inspects your image directly. It has more of a security focus. It’s on GitHub. There’s a nice comparison to hadolint right at the top of the README.

trivy - even more of a security focus, less specific to Docker. It’s described with ‘A Simple and Comprehensive Vulnerability Scanner for Containers and other Artifacts’. Check it out on GitHub.

Give It A Try

Using a linter to check your Dockerfile, or another automated tool to scan the contents of your Docker image can deliver a lot of value with little effort.

You’ll learn about simple and less obvious things you’ve missed and just one scan might save you from a long and tedious debugging session in the future.

If in doubt, start with hadolint.

Digging Deeper

Apart from automated checks, nothing beats a thorough understanding of Docker images and Docker as a tool. If you haven’t seen it already - check out my free “5 Days To Better Docker Images” email course. Sign up and start learning about building better Docker images right away.

If you’re looking to build a complete understanding of Docker, my new book “Quick High-Level Docker Understanding” could be just the thing you’re looking for.

Level up Your Docker Skills!

Join over 1700 other developers, learning something new about Docker every week.

Enter your email below for a curated tour of my most helpful writing and to get notified about new articles.

    (About the content, privacy, analytics and revocation).

    We won't send you spam. Unsubscribe at any time.