Question - Dockerfile best practice

Given a Dockerfile, analyse it and update it based on security best practices.

Solution

### Solution

Docker and container security docs (can't be used in exam)

Docker best practices by Google
Docker tips & tricks for smaller image size by learnk8s.io

1 - Open Dockerfile and fix security issues

vi ~/Dockerfile

FROM ubuntu:latest

ENV CI=true

RUN apt get update
RUN apt get install -y wget
RUN apt get install -y curl

USER root

WORKDIR /code
COPY package.json package-lock.json /code/
RUN npm ci
COPY src /code/src

CMD [ "npm", "start" ]

2 - Update Dockerfile with best practices

vi ~/Dockerfile

FROM ubuntu:20:04 ## updated image to a specific version

ENV CI=true

RUN apt-get update && apt-get install -y wget curl ## lighter image due to docker caching, prevents outdated version of installed packages

USER user ## no privileged user being used

WORKDIR /code
COPY package.json package-lock.json /code/
RUN npm ci
COPY src /code/src

CMD [ "npm", "start" ]

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Q14-Dockerfile-best-practice.md

Q14-Dockerfile-best-practice.md

Question - Dockerfile best practice

Docker and container security docs (can't be used in exam)

1 - Open Dockerfile and fix security issues

2 - Update Dockerfile with best practices

Files

Q14-Dockerfile-best-practice.md

Latest commit

History

Q14-Dockerfile-best-practice.md

File metadata and controls

Question - Dockerfile best practice

Docker and container security docs (can't be used in exam)

1 - Open Dockerfile and fix security issues

2 - Update Dockerfile with best practices