8 Building images automatically with Dockerfiles
This chapter covers
- Automated packaging with Dockerfile
- Metadata instructions
- File system instructions
- Build arguments
- Multi-stage builds
- Packaging for multiprocess and durable containers
- Trusted base images
- Working with users
- Reducing the image attack surface
A Dockerfile is a text file that contains instructions for building an image. The Docker image builder executes the Dockerfile from top to bottom and the instructions can configure or change anything about an image. Building images from Dockerfiles makes tasks like adding files to a container from your computer simple one-line instructions. Dockerfiles are the most common way to describe how to build a Docker image. This section covers the basics of working with Dockerfile builds and the best reasons to use them, a lean overview of the instructions, and how to add future build behavior. We’ll get started with a familiar example that shows how you can automate the process of building images with code instead of creating them manually. Once an image’s build is defined in code, it is simple to track changes in version control, share with team members, optimize, and secure.
8.1 Packaging Git with a Dockerfile
Let’s start by revisiting the Git example image we built by hand in Chapter 7. You should recognize many of the details and advantages of working with a Dockerfile as we translate the image build process from manual operations to code.