Over a million developers have joined DZone.
{{announcement.body}}
{{announcement.title}}

"Dockerfiles Considered Harmful"

DZone's Guide to

"Dockerfiles Considered Harmful"

Why Dockerfiles should be avoided, especially in testing, for the good of your operations team.

· DevOps Zone ·
Free Resource

Learn how integrating security into DevOps to deliver "DevSecOps" requires changing mindsets, processes and technology.

I found an interesting piece on the Wercker blog from Andy Smith, called "Dockerfiles Considered Harmful." I've been trying to learn more about Docker lately, and I thought this would be an interesting read for you all.

One interesting point I learned about Dockerfiles is that Dockerfiles was created at a time where there weren't many tools designed to work with Docker, but there are still plenty of people testing their code in Dockerfiles. This is a bad idea. 

Instead, Andy suggests using a Bash script instead, which would be more predictable and useful to most developers. 

Andy also goes more in-depth about layers, the registry, and several alternatives to using Dockerfiles, including avoiding registry use, using only one layer, restructuring your deployment lifecycle, and using tools designed for build/test/deploy.

You can read the article in full here. What do you think about it?

Learn how enterprises are using tools to automate security in their DevOps toolchain with these DevSecOps Reference Architectures.

Topics:
devops ,docker ,testing

Opinions expressed by DZone contributors are their own.

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}