Dockerfile Cheat Sheet

Docker•Permalink

High-value Dockerfile instructions, patterns, and build flags for reproducible and efficient image builds.

View

Standard Detailed Compact

Export

Copy the compact sheet, download it, or print it.

Download

`D` dense toggle · `C` copy all

Dockerfile Basics

Core build invocation and essential Dockerfile instructions.

Build from Dockerfile

Build an image from the Dockerfile in the current directory.

↗#

bashANYdockerfilebuild

bash

docker build -t myapp:dev .

By default Docker reads `./Dockerfile` and sends the current directory as build context.

Build with alternate Dockerfile

Build using an alternate Dockerfile path.

↗#

bashANYdockerfilebuild

bash

docker build -f Dockerfile.prod -t myapp:prod .

Common for environment-specific builds.

Use FROM instruction

Set the base image for a Dockerfile stage.

↗#

dockerfileANYdockerfileinstructionbase-image

dockerfile

FROM node:20-alpine

Every stage starts from a `FROM` instruction.

Use WORKDIR instruction

Set the working directory for subsequent instructions.

↗#

dockerfileANYdockerfileinstruction

dockerfile

WORKDIR /app

Avoid repetitive `cd` logic and make paths explicit.

Copy files into image

Copy files from the build context into the image.

↗#

dockerfileANYdockerfileinstructioncopy

dockerfile

COPY package*.json ./

Use `.dockerignore` to keep build contexts lean.

Run build step

Execute a command during image build.

↗#

dockerfileANYdockerfileinstructionbuild

dockerfile

RUN npm ci

Common for dependency installation and image preparation.

Set default command

Set the default command when the container starts.

↗#

dockerfileANYdockerfileinstructionruntime

dockerfile

CMD ["node", "server.js"]

Can be overridden at runtime.

Set entrypoint

Set the container entrypoint executable.

↗#

dockerfileANYdockerfileinstructionruntime

dockerfile

ENTRYPOINT ["/usr/local/bin/app"]

Often paired with `CMD` for default arguments.

Document a listening port

Document the port the application listens on.

↗#

dockerfileANYdockerfileinstructionnetwork

dockerfile

EXPOSE 3000

This does not publish ports by itself.

Set environment variable

Set environment variables in the image.

↗#

dockerfileANYdockerfileinstructionenv

dockerfile

ENV NODE_ENV=production

Values become defaults at runtime unless overridden.

Define build argument

Define a build-time variable.

↗#

dockerfileANYdockerfileinstructionargs

dockerfile

ARG NODE_VERSION=20

Build args are available only during build unless copied into `ENV`.

Set image metadata label

Attach metadata labels to the image.

↗#

dockerfileANYdockerfileinstructionlabels

dockerfile

LABEL org.opencontainers.image.source="https://github.com/acme/myapp"

Useful for provenance, ownership, and automation.

Common Patterns

Repeatable Dockerfile patterns for efficient, secure images.

Use multi-stage build

Build artifacts in one stage and copy only runtime output into the final stage.

↗#

dockerfileANYdockerfilemultistagepatterns

dockerfile

FROM node:20-alpine AS build
WORKDIR /app
COPY package*.json ./
RUN npm ci
COPY . .
RUN npm run build

FROM nginx:alpine
COPY --from=build /app/dist /usr/share/nginx/html

Multi-stage builds keep runtime images smaller and cleaner.

Run as non-root

Switch the runtime user away from root.

↗#

dockerfileANYdockerfilesecuritypatterns

dockerfile

RUN addgroup -S app && adduser -S app -G app
USER app

A common hardening practice for production images.

Add health check

Define a health check command for the container.

↗#

dockerfileANYdockerfilehealthcheckpatterns

dockerfile

HEALTHCHECK --interval=30s --timeout=5s --retries=3 CMD wget -qO- http://localhost:3000/health || exit 1

Useful with orchestrators and compose health status.

Copy with ownership

Copy files with explicit ownership.

↗#

dockerfileANYdockerfilecopypermissions

dockerfile

COPY --chown=node:node . /app

Avoids extra `chown` layers in many images.

Cache dependencies effectively

Copy dependency manifests before application code to maximize layer cache reuse.

↗#

dockerfileANYdockerfilecachepatterns

dockerfile

COPY package*.json ./
RUN npm ci
COPY . .

A classic Dockerfile optimization for JS apps.

Use .dockerignore

Exclude unnecessary files from build context.

↗#

gitignoreANYdockerfiledockerignorepatterns

gitignore

node_modules
dist
.git
.env
coverage

Reducing context size speeds up builds and avoids leaking sensitive files.

Build Flags and Targets

Common build options used with Dockerfiles.

Build a specific stage

Build only up to a named stage.

↗#

bashANYdockerfilebuildmultistage

bash

docker build --target build -t myapp:build .

Useful for debugging or exporting builder-only images.

Pass build args

Pass values for Dockerfile `ARG` instructions.

↗#

bashANYdockerfilebuildargs

bash

docker build --build-arg NODE_VERSION=20 -t myapp:dev .

Great for version pinning and parameterized builds.

Build without cache

Rebuild all steps without using cache.

↗#

bashANYdockerfilebuildcache

bash

docker build --no-cache -t myapp:clean .

Useful when cache corruption or stale dependencies are suspected.

Always pull newer base image

Attempt to pull a newer base image before build.

↗#

bashANYdockerfilebuildbase-image

bash

docker build --pull -t myapp:dev .

Good for CI pipelines that want refreshed base layers.

Build for specific platform

Build for a target platform when supported.

↗#

bashANYdockerfilebuildplatform

bash

docker build --platform linux/amd64 -t myapp:amd64 .

Often used together with Buildx or multi-platform workflows.

Use plain progress output

Render verbose plain-text build output.

↗#

bashANYdockerfilebuilddebugging

bash

docker build --progress=plain -t myapp:dev .

Helpful when debugging failing builds in CI.

More in Docker

Docker Swarm Cheat Sheet

Swarm cluster, node, service, and stack commands for container orchestration on Docker Engine.

Docker Buildx Cheat Sheet

Modern BuildKit and Buildx reference for multi-platform builds, cache, secrets, and remote outputs.

Docker Cheat Sheet

Comprehensive Docker Engine CLI reference for images, containers, networks, volumes, registries, contexts, and cleanup.

Recommended next

Terraform Troubleshooting and Migration Cheat Sheet

TERRAFORM

Commands and patterns for debugging, upgrades, migration, and state repair in Terraform.

Terraform HCP Remote and CI Cheat Sheet

TERRAFORM

Commands and snippets for HCP Terraform remote runs, CLI auth, automation, and CI-friendly usage.

Terraform Language Patterns Cheat Sheet

TERRAFORM

High-value HCL patterns for variables, locals, outputs, loops, conditionals, dynamic blocks, and data shaping.

Terraform Modules and Providers Cheat Sheet

TERRAFORM

Commands and snippets for modules, providers, version constraints, registry access, and dependency management.

Terraform Workspaces and State Cheat Sheet

TERRAFORM

Manage Terraform CLI workspaces, local and remote state, imports, and state surgery commands.

Terraform CLI Cheat Sheet

TERRAFORM

Core Terraform CLI commands for init, plan, apply, state, output, variables, workspaces, and automation.

Browse all sheets →