Skip to content


Switch branches/tags

Asciidoctor Docker Container

The environment

This Docker image provides:

This image uses Alpine Linux 3.15.4 as base image.

Docker Engine 20.10 or later is required (or any container engine supporting Alpine 3.14) to avoid unexpected No such file or directory errors (such as #214 or #215).

How to use it

Just run:

docker run -it -v <your directory>:/documents/ asciidoctor/docker-asciidoctor

or the following for Podman:

podman run -it -v <your directory>:/documents/

Docker/Podman maps your directory with /documents directory in the container.

You might need to add the option :z or :Z like <your directory>:/documents/:z or <your directory>:/documents/:Z if you are using SELinux. See Docker docs or Podman docs.

After you start the container, you can use Asciidoctor commands to convert AsciiDoc files that you created in the directory mentioned above. You can find several examples below.

  • To run Asciidoctor on a basic AsciiDoc file:

    asciidoctor sample.adoc
    asciidoctor-pdf sample.adoc
    asciidoctor-epub3 sample.adoc
  • To run AsciiDoc on an AsciiDoc file that contains diagrams:

    asciidoctor -r asciidoctor-diagram sample-with-diagram.adoc
    asciidoctor-pdf -r asciidoctor-diagram sample-with-diagram.adoc
    asciidoctor-epub3 -r asciidoctor-diagram sample-with-diagram.adoc
  • To run AsciiDoc on an AsciiDoc file that contains latexmath and stem blocks:

    asciidoctor -r asciidoctor-mathematical sample-with-diagram.adoc
    asciidoctor-pdf -r asciidoctor-mathematical sample-with-diagram.adoc
    asciidoctor-epub3 -r asciidoctor-mathematical sample-with-diagram.adoc
  • To use Asciidoctor Confluence:

    asciidoctor-confluence --host HOSTNAME --spaceKey SPACEKEY --title TITLE --username USER --password PASSWORD sample.adoc
  • To use Asciidoctor reveal.js with local downloaded reveal.js:

    asciidoctor-revealjs sample-slides.adoc
    asciidoctor-revealjs -r asciidoctor-diagram sample-slides.adoc
  • To use Asciidoctor reveal.js with online reveal.js:

    asciidoctor-revealjs -a revealjsdir= sample-slides.adoc
    asciidoctor-revealjs -a revealjsdir= -r asciidoctor-diagram sample-slides.adoc
  • To convert files in batch:

    docker run --rm -v $(pwd):/documents/ asciidoctor/docker-asciidoctor asciidoctor-pdf index.adoc


    podman run --rm -v $(pwd):/documents/ asciidoctor-pdf index.adoc

How to contribute / do it yourself?


You need the following tools:

  • A bash compliant command line

  • GNU make

  • Bats installed and in your bash PATH

  • Docker installed and in your path

  • Trivy cli in case you want to scan images for vulnerabilities

How to build and test?

  • Bats is used as a test suite runner. Since the ability to build is one way of testing, it is included.

  • You just have to run the Bats test suite, from the repository root:

    make test

Include test in your build pipeline or test manually

You can use Bats directly to test the image. Optionally, you can specify a custom image name:

# If you want to use a custom name for the image, OPTIONAL
export DOCKER_IMAGE_NAME_TO_TEST=your-image-name
bats tests/*.bats

How to scan for vulnerabilities?

  • Trivy scans a docker image looking for software versions containing known vulnerabilities (CVEs). It’s always a good idea to scan the image to ensure no new issues are introduced.

  • Run the following command to replicate the repo’s CVE Scan pipeline on an image build locally. Note the pipeline runs nightly on the latest release version, so it can display issues solved in main branch.

    trivy image --severity HIGH,CRITICAL asciidoctor:latest


The goal for deploying is to make the Docker image available with the correct Docker tag in Docker Hub.

As a matter of trust and transparency for the end-users, the image is rebuilt by Docker Hub itself by triggering a build. This only works under the hypothesis of a minimalistic variation between the Docker build in the CI, and the Docker build by Docker Hub.

Deploying the image requires setting the following environment variables: DOCKERHUB_SOURCE_TOKEN and DOCKERHUB_TRIGGER_TOKEN. Their values come from a Docker Hub trigger URL:${DOCKERHUB_SOURCE_TOKEN}/trigger/${DOCKERHUB_TRIGGER_TOKEN}/call/.

You might want to set these variables as secret values in your CI to avoid any leaking in the output (as curl output for instance).