create-dockerfile
About
This Claude Skill generates production-ready Dockerfiles for Node.js, Python, Go, Rust, and Java applications. It handles core concerns like base images, dependencies, permissions, and entrypoint configuration. Use it when starting containerization for a project or preparing an app for cloud deployment where no Dockerfile exists.
Quick Install
Claude Code
Recommendednpx skills add pjt222/agent-almanac -a claude-code/plugin add https://github.com/pjt222/agent-almanacgit clone https://github.com/pjt222/agent-almanac.git ~/.claude/skills/create-dockerfileCopy and paste this command in Claude Code to install this skill
Documentation
Create Dockerfile
Prod-ready Dockerfile for general-purpose apps.
Use When
- Containerize Node/Python/Go/Rust/Java app
- Consistent build/runtime env
- Cloud deploy / Docker Compose prep
- No existing Dockerfile
In
- Required: Lang + entry (
npm start,python app.py) - Required: Dep manifest (package.json, requirements.txt, go.mod, Cargo.toml, pom.xml)
- Optional: Target env (dev/prod)
- Optional: Exposed ports
Do
Step 1: Base Image
| Lang | Dev Img | Prod Img | Size |
|---|---|---|---|
| Node.js | node:22-bookworm | node:22-bookworm-slim | ~200MB |
| Python | python:3.12-bookworm | python:3.12-slim-bookworm | ~150MB |
| Go | golang:1.23-bookworm | gcr.io/distroless/static | ~2MB |
| Rust | rust:1.82-bookworm | debian:bookworm-slim | ~80MB |
| Java | eclipse-temurin:21-jdk | eclipse-temurin:21-jre | ~200MB |
Got: Slim/distroless for prod.
Step 2: Write Dockerfile (per lang)
Node.js
FROM node:22-bookworm-slim
RUN groupadd -r appuser && useradd -r -g appuser -m appuser
WORKDIR /app
COPY package.json package-lock.json ./
RUN npm ci --omit=dev
COPY . .
USER appuser
EXPOSE 3000
CMD ["node", "src/index.js"]
Python
FROM python:3.12-slim-bookworm
RUN groupadd -r appuser && useradd -r -g appuser -m appuser
WORKDIR /app
COPY requirements.txt .
RUN pip install --no-cache-dir -r requirements.txt
COPY . .
USER appuser
EXPOSE 8000
CMD ["python", "app.py"]
Go
FROM golang:1.23-bookworm AS builder
WORKDIR /src
COPY go.mod go.sum ./
RUN go mod download
COPY . .
RUN CGO_ENABLED=0 go build -o /app/server ./cmd/server
FROM gcr.io/distroless/static
COPY --from=builder /app/server /server
EXPOSE 8080
ENTRYPOINT ["/server"]
Rust
FROM rust:1.82-bookworm AS builder
WORKDIR /src
COPY Cargo.toml Cargo.lock ./
RUN mkdir src && echo "fn main() {}" > src/main.rs && cargo build --release && rm -rf src
COPY . .
RUN touch src/main.rs && cargo build --release
FROM debian:bookworm-slim
RUN apt-get update && apt-get install -y ca-certificates && rm -rf /var/lib/apt/lists/*
COPY --from=builder /src/target/release/myapp /usr/local/bin/myapp
EXPOSE 8080
ENTRYPOINT ["myapp"]
Java (Maven)
FROM eclipse-temurin:21-jdk AS builder
WORKDIR /src
COPY pom.xml .
RUN mvn dependency:go-offline -B
COPY src ./src
RUN mvn package -DskipTests
FROM eclipse-temurin:21-jre
COPY --from=builder /src/target/*.jar /app/app.jar
EXPOSE 8080
ENTRYPOINT ["java", "-jar", "/app/app.jar"]
Got: docker build -t myapp . → no err.
If err: Check base img avail + dep install cmds.
Step 3: ENTRYPOINT vs CMD
| Directive | Purpose | Override |
|---|---|---|
ENTRYPOINT | Fixed exec | --entrypoint |
CMD | Default args | Trailing args |
| Both | ENTRYPOINT + def args via CMD | Args override CMD only |
ENTRYPOINT → compiled single-purpose. CMD → interpreted (want docker run myapp bash).
Step 4: .dockerignore
.git
.gitignore
node_modules
__pycache__
*.pyc
target/
.env
.env.*
*.md
!README.md
.vscode
.idea
Dockerfile
docker-compose*.yml
Got: Build ctx no dev artifacts.
Step 5: Non-Root User
Always non-root prod:
RUN groupadd -r appuser && useradd -r -g appuser -m appuser
USER appuser
Distroless:
FROM gcr.io/distroless/static:nonroot
USER nonroot
Step 6: Build + Verify
docker build -t myapp:latest .
docker run --rm myapp:latest
docker image inspect myapp:latest --format '{{.Size}}'
Got: Container starts, port responds, non-root.
If err: docker logs. Check WORKDIR, COPY paths, ports.
Check
-
docker buildno err - Container starts + responds
-
.dockerignoreexcludes junk - App non-root
- Deps copied before src (cache)
- No secrets /
.envin img
Traps
- COPY before dep install: Invalidates cache on code change. Manifest first.
- Root user: Def Docker = root. Add non-root prod.
- No .dockerignore:
node_modules/.gitin ctx → waste. latesttag: Pin ver (node:22.11.0) → repro.- No
--no-cache-dir: pip caches → img bloat. - ADD vs COPY:
COPYunless URL / tar (ADDauto-extracts).
→
create-r-dockerfile— R-specific via rockercreate-multistage-dockerfile— multi-stage min prod imgsoptimize-docker-build-cache— cache strategiessetup-compose-stack— orchestrate w/ other svcs
GitHub Repository
Related Skills
content-collections
MetaThis skill provides a production-tested setup for Content Collections, a TypeScript-first tool that transforms Markdown/MDX files into type-safe data collections with Zod validation. Use it when building blogs, documentation sites, or content-heavy Vite + React applications to ensure type safety and automatic content validation. It covers everything from Vite plugin configuration and MDX compilation to deployment optimization and schema validation.
polymarket
MetaThis skill enables developers to build applications with the Polymarket prediction markets platform, including API integration for trading and market data. It also provides real-time data streaming via WebSocket to monitor live trades and market activity. Use it for implementing trading strategies or creating tools that process live market updates.
creating-opencode-plugins
MetaThis skill helps developers create OpenCode plugins that hook into 25+ event types like commands, files, and LSP operations. It provides the plugin structure, event API specifications, and implementation patterns for JavaScript/TypeScript modules. Use it when you need to intercept, monitor, or extend the OpenCode AI assistant's lifecycle with custom event-driven logic.
sglang
MetaSGLang is a high-performance LLM serving framework that specializes in fast, structured generation for JSON, regex, and agentic workflows using its RadixAttention prefix caching. It delivers significantly faster inference, especially for tasks with repeated prefixes, making it ideal for complex, structured outputs and multi-turn conversations. Choose SGLang over alternatives like vLLM when you need constrained decoding or are building applications with extensive prefix sharing.