- Home
- Skills
- Rknall
- Claude Skills
- Docker Validation
docker-validation_skill
31
GitHub Stars
4
Bundled Files
2 months ago
Catalog Refreshed
4 months ago
First Indexed
Readme & install
Copy the install command, review bundled files from the catalogue, and read any extended description pulled from the listing source.
Installation
Preview and clipboard use veilstrat where the catalogue uses aiagentskills.
npx veilstrat add skill rknall/claude-skills --skill docker-validation- README.md10.8 KB
- SKILL.md20.3 KB
- tool-installation.md10.2 KB
- validation-checklist.md11.5 KB
Overview
This skill validates Dockerfiles and Docker Compose files against best practices, security standards, and modern Compose syntax. It produces a prioritized report with concrete fixes, and can generate validation scripts and CI checks on request. Use it to make Docker configurations production-ready, secure, and efficient.
How this skill works
I inspect project files to locate Dockerfiles and Compose manifests, run available linters (Hadolint, DCLint) and Docker CLI checks, and perform manual rule-based analysis. The checks cover syntax, multi-stage build correctness, layer optimization, secret exposure, runtime user, Compose version deprecation, and service-level recommendations. Results are classified by severity and delivered as a concise remediation report; optional scripts or CI snippets can be created.
When to use it
- Validate one or more Dockerfiles before a release
- Audit Docker Compose files for modern syntax and security
- Verify correct multi-stage builds and artifact copying
- Find and remove secrets accidentally baked into images
- Prepare Docker configurations for CI/CD and production deployments
Best practices
- Pin base image versions; avoid :latest
- Use multi-stage builds so final image is minimal and free of build tools
- Run processes as a non-root user and specify USER in final stage
- Prefer COPY over ADD, clean package caches, and combine RUN steps
- Remove obsolete Compose version fields and validate with docker compose config
- Manage secrets externally (Compose secrets, environment files, or secret stores)
Example use cases
- Scan a repository to produce a validation report listing critical, high, medium, and low issues
- Convert an existing Dockerfile to a multi-stage build and verify artifact transfers
- Update docker-compose.yml to remove deprecated version field and pin service images
- Create a bash validation script and GitHub Actions job to run checks in CI
- Run a security audit to ensure no secrets, non-root runtime, and recommended base images
FAQ
I can suggest and generate corrected snippets or full updated files; auto-fix scripts are provided on request but manual review is recommended for sensitive changes.
Which tools does this skill use?
Preferred tools are Hadolint for Dockerfiles, DCLint for Compose, docker compose config for syntax, and Trivy/Snyk for image vulnerability scanning; I recommend installing them but can run manual checks if unavailable.