Menu
Reviews Dockerfiles for best practices, security issues, and image size optimizations including multi-stage builds and layer caching. Use when working with Docker, containers, or deployment.
| name | docker-optimizer |
| description | Reviews Dockerfiles for best practices, security issues, and image size optimizations including multi-stage builds and layer caching. Use when working with Docker, containers, or deployment. |
| allowed-tools | Read, Grep, Glob, Write, Edit |
Analyzes and optimizes Dockerfiles for performance, security, and best practices.
Search for: Dockerfile, Dockerfile.*, *.dockerfile
Use specific base image versions:
# Bad
FROM node:latest
# Good
FROM node:18-alpine
Minimize layers:
# Bad
RUN apt-get update
RUN apt-get install -y curl
RUN apt-get install -y git
# Good
RUN apt-get update && \
apt-get install -y curl git && \
rm -rf /var/lib/apt/lists/*
Order instructions by change frequency:
# Dependencies change less than code
COPY package*.json ./
RUN npm install
COPY . .
Use .dockerignore:
node_modules
.git
.env
*.md
Reduce final image size:
# Build stage
FROM node:18 AS build
WORKDIR /app
COPY package*.json ./
RUN npm install
COPY . .
RUN npm run build
# Production stage
FROM node:18-alpine
WORKDIR /app
COPY --from=build /app/dist ./dist
COPY --from=build /app/node_modules ./node_modules
CMD ["node", "dist/index.js"]
Don't run as root:
RUN addgroup -S appgroup && adduser -S appuser -G appgroup
USER appuser
No secrets in image:
# Bad: Hardcoded secret
ENV API_KEY=secret123
# Good: Use build args or runtime env
ARG BUILD_ENV
ENV NODE_ENV=${BUILD_ENV}
Scan for vulnerabilities:
docker scan image:tag
trivy image image:tag
Use Alpine images:
node:18-alpine vs node:18 (900MB → 170MB)python:3.11-alpine vs python:3.11 (900MB → 50MB)Remove unnecessary files:
RUN npm install --production && \
npm cache clean --force
Use specific COPY:
# Bad: Copies everything
COPY . .
# Good: Copy only what's needed
COPY package*.json ./
COPY src ./src
Layer caching optimization:
# Install dependencies first (cached if package.json unchanged)
COPY package*.json ./
RUN npm install
# Copy source (changes more frequently)
COPY . .
RUN npm run build
HEALTHCHECK --interval=30s --timeout=3s --start-period=5s --retries=3 \
CMD node healthcheck.js
Provide improved version with:
Efficient build:
# Use BuildKit
DOCKER_BUILDKIT=1 docker build -t app:latest .
# Build with cache from registry
docker build --cache-from myregistry/app:latest -t app:latest .
latest)templates/Dockerfile.optimized: Optimized multi-stage Dockerfile exampletemplates/.dockerignore: Common .dockerignore patternsProfessional frontend standards for building, scaffolding, extending, or reviewing any UI or frontend project — new or existing — even when standards aren't explicitly asked for. Keeps generated code consistent, reusable, secure, and production-quality. Framework-agnostic: React, Vue, Angular, Svelte, plain JS.
发布本地生成的 HTML、Markdown、TXT、PDF、Word 或 PPTX 到 ShareOne 平台,生成公网分享短链接;或者当用户提供 ShareOne 链接并要求下载文件、修改文件、拉取/处理评论时使用此技能。当用户要求“发布”、“分享”、“生成链接”、“上线”,或者“下载这个链接的文件”、“修改这个 ShareOne 链接的内容”、“拉取这个链接的评论”时,必须使用此技能。
Generate AI chat completions using GPT-4o through the verging.ai proxy API with streaming (SSE) and non-streaming response support.
Convert text to speech audio using OpenAI TTS-1-HD through the verging.ai proxy API. Supports multiple voices, playback speed control, and various audio output formats.
Generate AI images using DALL-E 3 or gpt-image-1 through the verging.ai proxy API. Supports standard and HD quality, multiple images per request, and returns CDN-hosted image URLs.
Analyze images using GPT-4o Vision through the verging.ai proxy API, supporting both image URL (JSON) and file upload (multipart) modes.