-
Notifications
You must be signed in to change notification settings - Fork 399
/
Copy pathDockerfile.rb
376 lines (286 loc) · 14.8 KB
/
Dockerfile.rb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
cheatsheet do
title 'Dockerfile'
docset_file_name 'Dockerfile'
keyword 'dockerfile'
source_url 'http://cheat.kapeli.com'
introduction "
[Reference](https://docs.docker.com/engine/reference/builder/)
\\-
[Best Practices](https://docs.docker.com/engine/userguide/eng-image/dockerfile_best-practices/)
"
category do
id 'Instructions'
entry do
name 'FROM'
notes "
Usage:
* `FROM <image>`
* `FROM <image>:<tag>`
* `FROM <image>@<digest>`
Information:
* `FROM` must be the first non-comment instruction in the Dockerfile.
* `FROM` can appear multiple times within a single Dockerfile in order to create multiple images. Simply make a note of the last image ID output by the commit before each new `FROM` command.
* The `tag` or `digest` values are optional. If you omit either of them, the builder assumes a `latest` by default. The builder returns an error if it cannot match the `tag` value.
[Reference](https://docs.docker.com/engine/reference/builder/#from)
\\-
[Best Practices](https://docs.docker.com/engine/userguide/eng-image/dockerfile_best-practices/#from)
"
end
entry do
name 'MAINTAINER'
notes "
Usage:
* `MAINTAINER <name>`
The `MAINTAINER` instruction allows you to set the Author field of the generated images.
[Reference](https://docs.docker.com/engine/reference/builder/#maintainer)
"
end
entry do
name 'RUN'
notes "
Usage:
* `RUN <command>` (shell form, the command is run in a shell, which by default is `/bin/sh -c` on Linux or `cmd /S /C` on Windows)
* `RUN [\"<executable>\", \"<param1>\", \"<param2>\"]` (exec form)
Information:
* The exec form makes it possible to avoid shell string munging, and to `RUN` commands using a base image that does not contain the specified shell executable.
* The default shell for the shell form can be changed using the `SHELL` command.
* Normal shell processing does not occur when using the exec form. For example, `RUN [\"echo\", \"$HOME\"]` will not do variable substitution on `$HOME`.
[Reference](https://docs.docker.com/engine/reference/builder/#run)
\\-
[Best Practices](https://docs.docker.com/engine/userguide/eng-image/dockerfile_best-practices/#run)
"
end
entry do
name 'CMD'
notes "
Usage:
* `CMD [\"<executable>\",\"<param1>\",\"<param2>\"]` (exec form, this is the preferred form)
* `CMD [\"<param1>\",\"<param2>\"]` (as default parameters to ENTRYPOINT)
* `CMD <command> <param1> <param2>` (shell form)
Information:
* The main purpose of a `CMD` is to provide defaults for an executing container. These defaults can include an executable, or they can omit the executable, in which case you must specify an `ENTRYPOINT` instruction as well.
* There can only be one `CMD` instruction in a Dockerfile. If you list more than one `CMD` then only the last `CMD` will take effect.
* If `CMD` is used to provide default arguments for the `ENTRYPOINT` instruction, both the `CMD` and `ENTRYPOINT` instructions should be specified with the JSON array format.
* If the user specifies arguments to `docker run` then they will override the default specified in `CMD`.
* Normal shell processing does not occur when using the exec form. For example, `CMD [\"echo\", \"$HOME\"]` will not do variable substitution on `$HOME`.
[Reference](https://docs.docker.com/engine/reference/builder/#cmd)
\\-
[Best Practices](https://docs.docker.com/engine/userguide/eng-image/dockerfile_best-practices/#cmd)
"
end
entry do
name 'LABEL'
notes "
Usage:
* `LABEL <key>=<value> [<key>=<value> ...]`
Information:
* The `LABEL` instruction adds metadata to an image.
* To include spaces within a `LABEL` value, use quotes and backslashes as you would in command-line parsing.
* Labels are additive including `LABEL`s in `FROM` images.
* If Docker encounters a label/key that already exists, the new value overrides any previous labels with identical keys.
* To view an image’s labels, use the `docker inspect` command. They will be under the `\"Labels\"` JSON attribute.
[Reference](https://docs.docker.com/engine/reference/builder/#label)
\\-
[Best Practices](https://docs.docker.com/engine/userguide/eng-image/dockerfile_best-practices/#label)
"
end
entry do
name 'EXPOSE'
notes "
Usage:
* `EXPOSE <port> [<port> ...]`
Information:
* Informs Docker that the container listens on the specified network port(s) at runtime.
* `EXPOSE` does not make the ports of the container accessible to the host.
[Reference](https://docs.docker.com/engine/reference/builder/#expose)
\\-
[Best Practices](https://docs.docker.com/engine/userguide/eng-image/dockerfile_best-practices/#expose)
"
end
entry do
name 'ENV'
notes "
Usage:
* `ENV <key> <value>`
* `ENV <key>=<value> [<key>=<value> ...]`
Information:
* The `ENV` instruction sets the environment variable `<key>` to the value `<value>`.
* The value will be in the environment of all “descendant” Dockerfile commands and can be replaced inline as well.
* The environment variables set using `ENV` will persist when a container is run from the resulting image.
* The first form will set a single variable to a value with the entire string after the first space being treated as the `<value>` - including characters such as spaces and quotes.
[Reference](https://docs.docker.com/engine/reference/builder/#env)
\\-
[Best Practices](https://docs.docker.com/engine/userguide/eng-image/dockerfile_best-practices/#env)
"
end
entry do
name 'ADD'
notes "
Usage:
* `ADD <src> [<src> ...] <dest>`
* `ADD [\"<src>\", ... \"<dest>\"]` (this form is required for paths containing whitespace)
Information:
* Copies new files, directories, or remote file URLs from `<src>` and adds them to the filesystem of the image at the path `<dest>`.
* `<src>` may contain wildcards and matching will be done using Go’s filepath.Match rules.
* If `<src>` is a file or directory, then they must be relative to the source directory that is being built (the context of the build).
* `<dest>` is an absolute path, or a path relative to `WORKDIR`.
* If `<dest>` doesn’t exist, it is created along with all missing directories in its path.
[Reference](https://docs.docker.com/engine/reference/builder/#add)
\\-
[Best Practices](https://docs.docker.com/engine/userguide/eng-image/dockerfile_best-practices/#add-or-copy)
"
end
entry do
name 'COPY'
notes "
Usage:
* `COPY <src> [<src> ...] <dest>`
* `COPY [\"<src>\", ... \"<dest>\"]` (this form is required for paths containing whitespace)
Information:
* Copies new files or directories from `<src>` and adds them to the filesystem of the image at the path `<dest>`.
* `<src>` may contain wildcards and matching will be done using Go’s filepath.Match rules.
* `<src>` must be relative to the source directory that is being built (the context of the build).
* `<dest>` is an absolute path, or a path relative to `WORKDIR`.
* If `<dest>` doesn’t exist, it is created along with all missing directories in its path.
[Reference](https://docs.docker.com/engine/reference/builder/#copy)
\\-
[Best Practices](https://docs.docker.com/engine/userguide/eng-image/dockerfile_best-practices/#add-or-copy)
"
end
entry do
name 'ENTRYPOINT'
notes "
Usage:
* `ENTRYPOINT [\"<executable>\", \"<param1>\", \"<param2>\"]` (exec form, preferred)
* `ENTRYPOINT <command> <param1> <param2>` (shell form)
Information:
* Allows you to configure a container that will run as an executable.
* Command line arguments to `docker run <image>` will be appended after all elements in an exec form `ENTRYPOINT` and will override all elements specified using `CMD`.
* The shell form prevents any `CMD` or run command line arguments from being used, but the `ENTRYPOINT` will start via the shell. This means the executable will not be PID 1 nor will it receive UNIX signals. Prepend `exec` to get around this drawback.
* Only the last `ENTRYPOINT` instruction in the Dockerfile will have an effect.
[Reference](https://docs.docker.com/engine/reference/builder/#entrypoint)
\\-
[Best Practices](https://docs.docker.com/engine/userguide/eng-image/dockerfile_best-practices/#entrypoint)
"
end
entry do
name 'VOLUME'
notes "
Usage:
* `VOLUME [\"<path>\", ...]`
* `VOLUME <path> [<path> ...]`
Creates a mount point with the specified name and marks it as holding externally mounted volumes from native host or other containers.
[Reference](https://docs.docker.com/engine/reference/builder/#volume)
\\-
[Best Practices](https://docs.docker.com/engine/userguide/eng-image/dockerfile_best-practices/#volume)
"
end
entry do
name 'USER'
notes "
Usage:
* `USER <username | UID>`
The `USER` instruction sets the user name or UID to use when running the image and for any `RUN`, `CMD` and `ENTRYPOINT` instructions that follow it in the Dockerfile.
[Reference](https://docs.docker.com/engine/reference/builder/#user)
\\-
[Best Practices](https://docs.docker.com/engine/userguide/eng-image/dockerfile_best-practices/#user)
"
end
entry do
name 'WORKDIR'
notes "
Usage:
* `WORKDIR </path/to/workdir>`
Information:
* Sets the working directory for any `RUN`, `CMD`, `ENTRYPOINT`, `COPY`, and `ADD` instructions that follow it.
* It can be used multiple times in the one Dockerfile. If a relative path is provided, it will be relative to the path of the previous `WORKDIR` instruction.
[Reference](https://docs.docker.com/engine/reference/builder/#workdir)
\\-
[Best Practices](https://docs.docker.com/engine/userguide/eng-image/dockerfile_best-practices/#workdir)
"
end
entry do
name 'ARG'
notes "
Usage:
* `ARG <name>[=<default value>]`
Information:
* Defines a variable that users can pass at build-time to the builder with the `docker build` command using the `--build-arg <varname>=<value>` flag.
* Multiple variables may be defined by specifying `ARG` multiple times.
* It is not recommended to use build-time variables for passing secrets like github keys, user credentials, etc. Build-time variable values are visible to any user of the image with the docker history command.
* Environment variables defined using the `ENV` instruction always override an `ARG` instruction of the same name.
* Docker has a set of predefined `ARG` variables that you can use without a corresponding ARG instruction in the Dockerfile.
* `HTTP_PROXY` and `http_proxy`
* `HTTPS_PROXY` and `https_proxy`
* `FTP_PROXY` and `ftp_proxy`
* `NO_PROXY` and `no_proxy`
[Reference](https://docs.docker.com/engine/reference/builder/#arg)
"
end
entry do
name 'ONBUILD'
notes "
Usage:
* `ONBUILD <Dockerfile INSTRUCTION>`
Information:
* Adds to the image a trigger instruction to be executed at a later time, when the image is used as the base for another build. The trigger will be executed in the context of the downstream build, as if it had been inserted immediately after the `FROM` instruction in the downstream Dockerfile.
* Any build instruction can be registered as a trigger.
* Triggers are inherited by the \"child\" build only. In other words, they are not inherited by \"grand-children\" builds.
* The `ONBUILD` instruction may not trigger `FROM`, `MAINTAINER`, or `ONBUILD` instructions.
[Reference](https://docs.docker.com/engine/reference/builder/#onbuild)
\\-
[Best Practices](https://docs.docker.com/engine/userguide/eng-image/dockerfile_best-practices/#onbuild)
"
end
entry do
name 'STOPSIGNAL'
notes "
Usage:
* `STOPSIGNAL <signal>`
The `STOPSIGNAL` instruction sets the system call signal that will be sent to the container to exit. This signal can be a valid unsigned number that matches a position in the kernel’s syscall table, for instance `9`, or a signal name in the format SIGNAME, for instance `SIGKILL`.
[Reference](https://docs.docker.com/engine/reference/builder/#stopsignal)
"
end
entry do
name 'HEALTHCHECK'
notes "
Usage:
* `HEALTHCHECK [<options>] CMD <command>` (check container health by running a command inside the container)
* `HEALTHCHECK NONE` (disable any healthcheck inherited from the base image)
Information:
* Tells Docker how to test a container to check that it is still working
* Whenever a health check passes, it becomes `healthy`. After a certain number of consecutive failures, it becomes `unhealthy`.
* The `<options>` that can appear are...
* `--interval=<duration>` (default: 30s)
* `--timeout=<duration>` (default: 30s)
* `--retries=<number>` (default: 3)
* The health check will first run `interval` seconds after the container is started, and then again `interval` seconds after each previous check completes. If a single run of the check takes longer than `timeout` seconds then the check is considered to have failed. It takes `retries` consecutive failures of the health check for the container to be considered `unhealthy`.
* There can only be one `HEALTHCHECK` instruction in a Dockerfile. If you list more than one then only the last `HEALTHCHECK` will take effect.
* `<command>` can be either a shell command or an exec JSON array.
* The command's exit status indicates the health status of the container.
* `0`: success - the container is healthy and ready for use
* `1`: unhealthy - the container is not working correctly
* `2`: reserved - do not use this exit code
* The first 4096 bytes of stdout and stderr from the `<command>` are stored and can be queried with `docker inspect`.
* When the health status of a container changes, a `health_status` event is generated with the new status.
[Reference](https://docs.docker.com/engine/reference/builder/#healthcheck)
"
end
entry do
name 'SHELL'
notes "
Usage:
* `SHELL [\"<executable>\", \"<param1>\", \"<param2>\"]`
Information:
* Allows the default shell used for the shell form of commands to be overridden.
* Each `SHELL` instruction overrides all previous `SHELL` instructions, and affects all subsequent instructions.
* Allows an alternate shell be used such as `zsh`, `csh`, `tcsh`, `powershell`, and others.
[Reference](https://docs.docker.com/engine/reference/builder/#shell)
"
end
end
notes "
* Based on the information from [Dockerfile reference](https://docs.docker.com/engine/reference/builder/) and [Docker file best practices](https://docs.docker.com/engine/userguide/eng-image/dockerfile_best-practices/).
* Converted by [halprin](https://github.com/halprin).
"
end