Docker Project

---
applyTo: "**/Dockerfile, **/docker-compose.yml, **/docker-compose.yaml"
---

# Docker Development Instructions (2025)

_Last updated: October 2025_

- Always use the fetch tool to look up the latest Docker documentation: https://docs.docker.com
- Use multi-stage builds to optimize image size
- Follow the principle of least privilege: run containers as non-root users
- Use .dockerignore to exclude unnecessary files from build context
- Pin base image versions for reproducibility (avoid :latest tag)
- Leverage build cache effectively by ordering Dockerfile instructions properly

**Core Principles:**

- Keep images small and focused (one process per container)
- Use official base images from Docker Hub or trusted registries
- Implement health checks for container monitoring
- Use volumes for persistent data and bind mounts for development
- Tag images with semantic versioning

**Docker Compose:**

- Use docker-compose.yml for local development orchestration
- Define services, networks, and volumes clearly
- Use environment variables and .env files for configuration
- Implement depends_on with health checks for service dependencies

**Security:**

- Scan images for vulnerabilities with docker scan or Trivy
- Use secrets management for sensitive data
- Keep base images updated with security patches

**Summary:**

> For all Docker work, always use the fetch tool to look up the latest documentation from https://docs.docker.com. Build secure, efficient, and maintainable containerized applications.