Validate Docker configurations against best practices
Validates Docker configurations against production best practices and reports specific issues.
/plugin marketplace add adelabdelgawad/full-stack/plugin install docker-stack@full-stackIMPORTANT: When this command is invoked, you MUST actually READ and CHECK the files. Do NOT just describe what to check - PERFORM THE CHECKS.
Use Glob to find all Docker-related files:
docker/docker-compose.prod.yml
docker/nginx/nginx.conf
docker/nginx/Dockerfile
docker/env/.env.example.*
docker/monitoring/**/*
{backend}/Dockerfile
{frontend}/Dockerfile
.dockerignore
For each file, report:
READ the file and check each service for:
# Each service MUST have:
healthcheck:
test: ["CMD", ...]
interval: ...
timeout: ...
Report:
# Each service MUST have:
deploy:
resources:
limits:
cpus: ...
memory: ...
Report:
# Services should use:
depends_on:
database:
condition: service_healthy
Report:
READ docker/nginx/nginx.conf and check:
| Check | Pattern to Find | Status |
|---|---|---|
| Upstream block | upstream backend_servers | ✅/❌ |
| Health endpoint | location /health | ✅/❌ |
| Rate limiting | limit_req_zone | ✅/❌ |
| Security headers | add_header X-Frame-Options | ✅/❌ |
| Gzip enabled | gzip on | ✅/❌ |
| Proxy headers | proxy_set_header X-Real-IP | ✅/❌ |
For each Dockerfile, check:
| Check | How to Verify | Status |
|---|---|---|
| Multi-stage | Has multiple FROM statements | ✅/❌ |
| Non-root user | Has USER instruction (not root) | ✅/❌ |
| Health check | Has HEALTHCHECK instruction | ✅/⚠️ |
| .dockerignore | File exists in same directory | ✅/❌ |
For each .env.example.* file:
| Check | How to Verify | Status |
|---|---|---|
| No real secrets | Values contain CHANGE_ME or placeholder | ✅/❌ |
| Has comments | Has documentation comments | ✅/⚠️ |
| Required vars | Has DB_, REDIS_, JWT_* as needed | ✅/⚠️ |
FORMAT YOUR OUTPUT EXACTLY LIKE THIS:
╔══════════════════════════════════════════════════════════════╗
║ DOCKER CONFIGURATION VALIDATION REPORT ║
╚══════════════════════════════════════════════════════════════╝
📁 FILE EXISTENCE CHECK
────────────────────────
✅ docker/docker-compose.prod.yml
✅ docker/nginx/nginx.conf
✅ docker/nginx/Dockerfile
❌ docker/env/.env.example.grafana (MISSING)
✅ src/backend/Dockerfile
❌ src/frontend/Dockerfile (MISSING)
📋 DOCKER-COMPOSE.PROD.YML
────────────────────────
Service: nginx
✅ Health check configured
✅ Resource limits set
✅ Network assigned
Service: backend-1
✅ Health check configured
✅ Resource limits set
✅ Depends on database (condition: service_healthy)
Service: redis
✅ Health check configured
⚠️ Missing resource limits
🔧 NGINX.CONF
────────────────────────
✅ Upstream backend_servers defined
✅ Rate limiting configured (limit_req_zone)
✅ Security headers present (X-Frame-Options, X-Content-Type-Options)
✅ Gzip compression enabled
✅ Proxy headers configured
🐳 DOCKERFILES
────────────────────────
Backend (src/backend/Dockerfile):
✅ Multi-stage build
✅ Non-root user (appuser)
✅ HEALTHCHECK instruction
✅ .dockerignore present
Frontend (src/frontend/Dockerfile):
❌ FILE NOT FOUND
📊 SUMMARY
────────────────────────
Passed: 15
Warnings: 2
Failed: 3
🔧 REQUIRED FIXES
────────────────────────
1. Create docker/env/.env.example.grafana
2. Create src/frontend/Dockerfile
3. Add resource limits to 'redis' service
⚠️ RECOMMENDATIONS
────────────────────────
1. Consider adding HEALTHCHECK to frontend Dockerfile
This command MUST:
DO NOT just list what should be checked. ACTUALLY READ AND CHECK THE FILES.