Testing the Docker .dockerignore file patterns
Use a script to check the directories and files that will be included in your Docker image fast and easy.
This is a short post about something I wanted to do a long time ago and for which I finally found some time. It was not really a case of TL;DR (Too Long; didn't read), but more something like TLT;DR (Too Little Time; didn't read). As you probably know, the Docker .dockerignore file is used to prevent certain files and directories ending up in your Docker image. The Docker .dockerignore file is used when you build a Docker image and consists of rules matching files and/or directories.
Reasons to do this:
- Reduction of Docker image size
- Faster Docker image builds
- Avoids exposure of secrets
I already had a .dockerignore file but now I was looking for an easy way too check what would go in the Docker image.
Write rules, run script, check files
I found a nice post on the internet and put it into a script. What this does is behaving like when you are building your Docker image but now it uses the busybox image. It outputs the list of directories and files that are included and quits. You can check this files and if your are not satisfied, you edit the .dockerignore file and run the script again.
All credits to the guys on Stackoverflow, see also links below. I named the script 'dockerignore_test.sh':
#!/bin/sh # dockerignore_test.sh # based on BMitch's answer from: # How to test dockerignore file? # https://stackoverflow.com/questions/38946683/how-to-test-dockerignore-file # tested on: ubuntu 18.04 lts (desktop) # with: Docker version 19.03.12, build 48a66213fe # note: will create and delete temporary file "Dockerfile.build-context" # instructions # # 1. put this script in the folder where the image is being built # make it executable using chmod 755 dockerignore_test.sh # # 2. edit this script to change the build-context # for me the build-context is './project' because # my docker-compose.yaml file has lines: # if the build-context is the current directory # then change this to '.' # # web: # image: ... # ... # build: # context: ./project # # 3. edit the .dockerignore file and put it in the build-context directory # # 4. run script # ./dockerignore_test.sh # you should see list of files in build context # these are the files that end up in your image # # 5. (optional) capture the list of files # ./dockerignore_test.sh > images_files_list # # 6. if you see unwanted files, go back to step 3 # cat <<EOF > Dockerfile.build-context FROM busybox COPY . /build-context WORKDIR /build-context CMD find . EOF docker build -f Dockerfile.build-context -t build-context ./project docker run --rm -it build-context rm Dockerfile.build-context
What about the .dockerignore rules?
Many people on the internet complain about the Docker documentation on the .dockerignore file is not really helpful and I also had this problem. In the end I just kept it simple, I excluded some directories and the .pyc files. The directories itself are not removed, only the files and sub-directories in it. The rule for this is:
The double asterisks at the beginning means that the directory can be at every level in the path. The asterisk at the end means it will match everything in the specified directory. My .dockerignore file looks like this:
# ./project/.dockerignore # # ignore directories **/.pytest_cache/* **/alembic/versions/* **/misc/* **/static/* **/tmp/* **/tests_frontend/* # ignore files **/*.pyc
Using the Docker .dockerignore file is essential when building Docker images. The presented script is an easy way to check which files will be included in the Docker image.
Links / credits
Do not ignore .dockerignore (it’s expensive and potentially dangerous)
How to test dockerignore file?
- Migrating from Bootstrap 4 to Bootstrap 5
- Using Python's pyOpenSSL to verify SSL certificates downloaded from a host
- Why your website canonical name must be 'www' (or 'app' or something else)
- Flask's SERVER_NAME, subdomains and 404 errors
- Flask, Celery, Redis and Docker
- Celery, Redis and the (in)famous email task example
- Using UUIDs instead of Integer Autoincrement Primary Keys with SQLAlchemy and MariaDb
- Flask with multiple forms on a page posted using AJAX and returning a rendered form result
- SLQAlchemy dynamic query building and filtering including soft deletes
- SQLAlchemy server-side datetime calculations
- Two Flask apps, frontend and admin, on one domain using DispatcherMiddleware
- OWASP Zed Attack Proxy (ZAP) security testing