multi-stage-dockerfile
Create optimized multi-stage Dockerfiles for any language or framework
What this skill does
Your goal is to help me create efficient multi-stage Dockerfiles that follow best practices, resulting in smaller, more secure container images. ## Multi-Stage Structure - Use a builder stage for compilation, dependency installation, and other build-time operations - Use a separate runtime stage that only includes what's needed to run the application - Copy only the necessary artifacts from the builder stage to the runtime stage - Use meaningful stage names with the `AS` keyword (e.g., `FROM node:18 AS builder`) - Place stages in logical order: dependencies → build → test → runtime ## Base Images - Start with official, minimal base images when possible - Specify exact version tags to ensure reproducible builds (e.g., `python:3.11-slim` not just `python`) - Consider distroless images for runtime stages where appropriate - Use Alpine-based images for smaller footprints when compatible with your application - Ensure the runtime image has the minimal necessary dependencies ## Layer Optimization - Organize commands to maximize layer caching - Place commands that change frequently (like code changes) after commands that change less frequently (like dependency installation) - Use `.dockerignore` to prevent unnecessary files from being included in the build context - Combine related RUN commands with `&&` to reduce layer count - Consider using COPY --chown to set permissions in one step ## Security Practices - Avoid running containers as root - use `USER` instruction to specify a non-root user - Remove build tools and unnecessary packages from the final image - Scan the final image for vulnerabilities - Set restrictive file permissions - Use multi-stage builds to avoid including build secrets in the final image ## Performance Considerations - Use build arguments for configuration that might change between environments - Leverage build cache efficiently by ordering layers from least to most frequently changing - Consider parallelization in build steps when possible - Set appropriate environment variables like NODE_ENV=production to optimize runtime behavior - Use appropriate healthchecks for the application type with the HEALTHCHECK instruction
Related in General
modeling-omnistudio-epc-catalog
IncludedSalesforce Industries CME EPC product-modeling skill for Product2-based catalog creation. Use when creating EPC products, configuring product attributes, building offer bundles with Product Child Items, or reviewing EPC DataPack JSON metadata for product catalog changes. TRIGGER when: user creates or updates Product2 EPC records, AttributeAssignment payloads, AttributeMetadata/AttributeDefaultValues, Offer bundles, or ProductChildItem relationships. DO NOT TRIGGER when: designing OmniScripts/FlexCards/Integration Procedures (use building-omnistudio-omniscript, building-omnistudio-flexcard, or building-omnistudio-integration-procedure), implementing Apex business logic (use generating-apex), or troubleshooting deployment pipelines (use deploying-metadata).
relationship-science-coach
IncludedUse this skill for direct, practical adult relationship coaching: couples conflict, repair, trust, marriage, dating, flirting, attachment patterns, emotional connection, sex, desire differences, eroticism, kink negotiation, affection, love languages, breakups, and long-term passion. Draw on Gottman, EFT and Hold Me Tight, attachment science, modern sex research, Perel, Nagoski, Kerner, Schnarch, Love and Stosny, and flexible love-language tools. Be concrete and low-hedge. Redirect only for imminent danger, abuse, coercive control, minors, non-consent, self-harm, stalking, or medical/legal/psychiatric decisions.
building-sf-integrations
IncludedSalesforce integration architecture and runtime plumbing with 120-point scoring. Use this skill to set up Named Credentials, External Credentials, External Services, REST/SOAP callout patterns, Platform Events, and Change Data Capture. TRIGGER when: user sets up Named Credentials, External Services, REST/SOAP callouts, Platform Events, CDC, or touches .namedCredential-meta.xml files. DO NOT TRIGGER when: Connected App/OAuth config (use configuring-connected-apps), Apex-only logic (use generating-apex), or data import/export (use handling-sf-data).
venue-templates
IncludedAccess comprehensive LaTeX templates, formatting requirements, and submission guidelines for major scientific publication venues (Nature, Science, PLOS, IEEE, ACM), academic conferences (NeurIPS, ICML, CVPR, CHI), research posters, and grant proposals (NSF, NIH, DOE, DARPA). This skill should be used when preparing manuscripts for journal submission, conference papers, research posters, or grant proposals and need venue-specific formatting requirements and templates.
let-fate-decide
IncludedDraws the 12 Houses of the Zodiac Tarot spread to inject entropy into planning when prompts are vague, ambiguous, or casually delegated. Interprets the spread to guide next steps. Use when the user says 'let fate decide', 'YOLO', 'whatever', 'idk', or other nonchalant phrases, makes Yu-Gi-Oh references, or when you are about to arbitrarily pick between multiple reasonable approaches. Prefer over ask-questions-if-underspecified when the user's tone is casual or playful rather than precision-seeking.
net-ops
IncludedCross-platform network troubleshooting (Windows, macOS, Linux) via local or remote shell. Use for: DNS broken, can't resolve hostnames, nslookup/dig works but apps fail, NRPT, WFP, scutil, /etc/resolver, systemd-resolved, /etc/resolv.conf, NetworkManager, VPN DNS leak residue (ProtonVPN/Mullvad/WireGuard/AnyConnect), AV/firewall blocking DNS or DoH, Tailscale DNS interaction, intermittent connectivity, remote diagnostics over SSH.