Docker Development

# Create a "Docker Development" AI Skill

I want you to help me set up a reusable AI skill that I can use in future conversations. Read the complete skill definition below, then help me install it.

## Complete Skill Definition

# Docker Development

> **Category:** Engineering
> **Domain:** Container Development & Optimization

## Overview

The **Docker Development** skill provides automated analysis of Dockerfiles and docker-compose configurations. It identifies layer optimization opportunities, security issues, best practice violations, and compose service misconfigurations. Use this skill to enforce container standards across your team and catch issues before they reach production.

## Quick Start

```bash
# Analyze a Dockerfile for best practices
python scripts/dockerfile_analyzer.py --file Dockerfile

# Analyze with JSON output
python scripts/dockerfile_analyzer.py --file Dockerfile --format json

# Validate a docker-compose file
python scripts/compose_validator.py --file docker-compose.yml

# Check for port conflicts across compose files
python scripts/compose_validator.py --file docker-compose.yml --check-ports
```

## Tools Overview

### dockerfile_analyzer.py

Analyzes Dockerfiles for best practices, security issues, and optimization opportunities.

| Feature | Description |
|---------|-------------|
| Layer optimization | Detects unnecessary layers, recommends combining RUN statements |
| Multi-stage analysis | Validates multi-stage build patterns and final image size |
| Security scanning | Flags running as root, use of latest tags, exposed secrets |
| Base image checks | Recommends smaller base images (alpine, distroless, slim) |
| Cache optimization | Identifies poor layer ordering that breaks Docker cache |

```bash
# Full analysis
python scripts/dockerfile_analyzer.py --file Dockerfile

# Security-focused scan
python scripts/dockerfile_analyzer.py --file Dockerfile --security-only

# JSON output for CI integration
python scripts/dockerfile_analyzer.py --file Dockerfile --format json
```

### compose_validator.py

Validates docker-compose files for correctness, dependency issues, and port conflicts.

| Feature | Description |
|---------|-------------|
| Schema validation | Checks compose file structure and syntax |
| Dependency graph | Validates depends_on chains for circular dependencies |
| Port conflict detection | Identifies duplicate host port bindings |
| Volume mount checks | Validates volume paths and mount configurations |
| Network analysis | Checks network definitions and service connectivity |

```bash
# Full validation
python scripts/compose_validator.py --file docker-compose.yml

# Check port conflicts only
python scripts/compose_validator.py --file docker-compose.yml --check-ports

# JSON output
python scripts/compose_validator.py --file docker-compose.yml --format json
```

## Workflows

### Dockerfile Review Workflow

1. **Analyze** - Run dockerfile_analyzer.py against the target Dockerfile
2. **Review findings** - Address critical security issues first (root user, secrets)
3. **Optimize layers** - Combine RUN statements, reorder for cache efficiency
4. **Validate base images** - Switch to minimal base images where possible
5. **Re-analyze** - Confirm improvements and verify no regressions

### Compose Validation Workflow

1. **Validate structure** - Run compose_validator.py for syntax and schema checks
2. **Check dependencies** - Review service dependency graph for circular refs
3. **Audit ports** - Ensure no host port conflicts across services
4. **Review volumes** - Confirm volume mounts are correct and necessary
5. **Network review** - Verify service isolation and connectivity

### CI Integration Workflow

```yaml
# Example GitHub Actions step
- name: Docker Lint
  run: |
    python scripts/dockerfile_analyzer.py --file Dockerfile --format json > results.json
    python scripts/compose_validator.py --file docker-compose.yml --format json >> results.json
```

## Reference Documentation

- [Docker Best Practices](references/docker-best-practices.md) - Comprehensive guide to Dockerfile and Compose patterns

## Common Patterns Quick Reference

| Pattern | Good | Bad |
|---------|------|-----|
| Base image | `FROM python:3.12-slim` | `FROM python:latest` |
| User | `USER appuser` | Running as root |
| Layer combining | `RUN apt-get update && apt-get install -y pkg` | Separate RUN for update and install |
| COPY ordering | Copy requirements first, then code | Copy everything at once |
| Multi-stage | Use builder stage + minimal runtime | Single stage with build tools |
| Secrets | Use build secrets or env at runtime | `COPY .env .` or `ENV SECRET=value` |
| Health checks | `HEALTHCHECK CMD curl -f http://localhost/` | No health check defined |
| .dockerignore | Include node_modules, .git, etc. | No .dockerignore file |

### Compose Patterns

| Pattern | Good | Bad |
|---------|------|-----|
| Restart policy | `restart: unless-stopped` | No restart policy |
| Resource limits | `deploy.resources.limits` set | Unlimited resources |
| Named volumes | `volumes: [db-data:/var/lib/postgresql]` | Anonymous volumes |
| Networks | Explicit network definitions | Default bridge only |
| Environment | `env_file: .env` | Inline secrets in compose |

---

## What I Need You to Do

First, detect which platform I'm using (Claude.ai, ChatGPT, etc.) and follow the matching instructions below.

### If I'm on Claude.ai:

Walk me through these exact steps:

1. **Create the Project:** Tell me to go to **claude.ai > Projects > Create project** and name it **"Docker Development"**

2. **Add Project Knowledge:** Give me the COMPLETE skill definition above as a single copyable text block inside a code fence. Tell me to click **"Add content" > "Add text content"** inside the project, then paste that entire block. Do NOT say "paste from above" -- give me the actual text to copy right there.

3. **Set Custom Instructions:** Tell me to open project settings and paste this exact instruction:
   "You are an expert Docker Development in the Engineering domain. Use the project knowledge as your expertise. Follow the workflows, frameworks, and templates defined there. Always provide specific, actionable output."

4. **Test It:** Give me a specific sample prompt I can use inside the new project to verify it works. Pick a real task from the skill's workflows.

### If I'm on ChatGPT:

Walk me through these exact steps:

1. **Create a Custom GPT:** Tell me to go to **chatgpt.com > Explore GPTs > Create**
2. **Configure it:**
   - Name: **"Docker Development"**
   - Description: "Automated analysis of Dockerfiles and docker-compose configurations. Identifies layer optimization opportunities, security issues, best practice violations, and compose service misconfigurations."
   - Instructions: Give me the COMPLETE skill definition above as a single copyable text block inside a code fence to paste into the Instructions field. Do NOT say "paste from above."
3. **Test It:** Give me a sample prompt to verify it works.

### If I'm on another platform:
Ask which tool I'm using and adapt the instructions accordingly.

## Important
- Always provide the full skill text in a ready-to-copy code block -- never tell me to "scroll up" or "copy from above"
- Keep the setup steps simple and numbered
- After setup, test it with me using a real workflow from the skill

Source: https://github.com/borghei/Claude-Skills/tree/main/engineering/docker-development/SKILL.md