-
Notifications
You must be signed in to change notification settings - Fork 0
dockerfile style guide
Bibo Hao edited this page Jul 2, 2026
·
1 revision
This document defines the quality standards, coding styles, and build optimizations for all Dockerfiles in the LabNow container ecosystem.
All Dockerfiles must follow a clean, standardized structure:
- Header: Licensing, author, maintainer.
-
Global ARGs: Define
BASE_NAMESPACEandBASE_IMGvariables at the top of the file, before theFROMdeclaration:ARG BASE_NAMESPACE ARG BASE_IMG="base" FROM ${BASE_NAMESPACE:+$BASE_NAMESPACE/}${BASE_IMG}
-
Labels: Add descriptive labels (
LABEL maintainer="postmaster@labnow.ai"). -
Environment Variables: Use
ENVdeclarations grouped together. -
SHELL Configuration: Override default
/bin/shto enforce Bash login shell behavior:SHELL ["/bin/bash", "--login", "-o", "pipefail", "-c"]
-
Command Layers: Put complex shell operations under a unified
RUNblock using&& \. - WORKDIR: Set appropriate workspace context.
-
Instruction Casing: Instruction names (
FROM,RUN,ENV,ARG,SHELL,COPY,WORKDIR) must be capitalized. -
Multiline Chains: Chain shell commands using
&& \and align them vertically for readability. -
Self-contained execution: Group logic that installs libraries, compiles source, and configures environments into a single
RUNinstruction.
To keep final images lightweight:
-
No Residual Cache: Package installation caches (such as apt, pip, npm, conda) must be purged in the same
RUNlayer they are created in. Suffix every majorRUNblock withinstall__clean. -
Temporary Dev Header Purging: If compilation requires development libraries (e.g.
*-dev,ninja-build), uninstall them in the same layer after compiling binary targets. -
No NVIDIA Wheel Bloat: For GPU-enabled images, strip redundant python cuda-wheels (
nvidia-*) using pip and utilize lightweight C++ runtime packages instead. -
Permission Rectification: Set correct permissions at the end of the build block:
&& fix_permission 0 /opt
-
No Hardcoded Package Names: Do not list package names directly in the
RUNcommand block (e.g., avoidapt-get install -y git curl). Write them to dedicated external text files (e.g.,install_list_base.apt,install_list_PY_nlp.pip) and ingest them usinginstall_aptorinstall_pip. -
In-File Comments: Package index files should document why each dependency is installed using comment blocks (preceded by
%):python-docx % For parsing Word documentation files rpy2 % Integration between Python and R -
Loop-Based Customization: Enable optional profile installations by looping over arguments:
for profile in $(echo $ARG_PROFILE_JAVA | tr "," "\n") ; do ( setup_java_${profile} ) ; done