From configure-plugin
Checks and configures Dockerfiles for minimal Alpine/slim base images, non-root users, and multi-stage builds in Node.js, Python, Go, Rust projects.
npx claudepluginhub laurigates/claude-plugins --plugin configure-pluginThis skill is limited to using the following tools:
Check and configure Dockerfile against project standards with emphasis on **minimal images**, **non-root users**, and **multi-stage builds**.
Generates design tokens/docs from CSS/Tailwind/styled-components codebases, audits visual consistency across 10 dimensions, detects AI slop in UI.
Records polished WebM UI demo videos of web apps using Playwright with cursor overlay, natural pacing, and three-phase scripting. Activates for demo, walkthrough, screen recording, or tutorial requests.
Delivers idiomatic Kotlin patterns for null safety, immutability, sealed classes, coroutines, Flows, extensions, DSL builders, and Gradle DSL. Use when writing, reviewing, refactoring, or designing Kotlin code.
Check and configure Dockerfile against project standards with emphasis on minimal images, non-root users, and multi-stage builds.
| Use this skill when... | Use another approach when... |
|---|---|
| Checking Dockerfile compliance with standards | Just viewing Dockerfile (use Read tool) |
| Creating Dockerfile from template | Dockerfile already follows all standards |
| Validating image size, security, multi-stage builds | Need container runtime config (use /configure:container) |
| Setting up minimal Alpine/slim-based images | Project uses specialized base images (custom requirements) |
| Ensuring non-root user configuration | Debugging container issues (check logs, inspect runtime) |
find . -maxdepth 1 \( -name 'Dockerfile' -o -name 'Dockerfile.*' -o -name '*.Dockerfile' \)find . -maxdepth 1 -name \'.dockerignore\'find . -maxdepth 1 \( -name 'package.json' -o -name 'pyproject.toml' -o -name 'Cargo.toml' -o -name 'go.mod' \) -print -quitgrep -hm5 '^FROM' Dockerfile Dockerfile.* *.DockerfileParse from command arguments:
--check-only: Report compliance status without modifications--fix: Apply fixes automatically without prompting--type <type>: Override project type detection (frontend, python, go, rust)Execute this Dockerfile compliance check:
--type override if providedBefore flagging outdated base images, use WebSearch or WebFetch to verify latest versions:
Check the Dockerfile against these standards:
Frontend (Node.js) Standards:
| Check | Standard | Severity |
|---|---|---|
| Build base | node:22-alpine (LTS) | WARN if other |
| Runtime base | nginx:1.27-alpine | WARN if other |
| Multi-stage | Required | FAIL if missing |
| HEALTHCHECK | Required | FAIL if missing |
| Non-root user | Required | FAIL if missing |
| Build caching | --mount=type=cache recommended | INFO |
| OCI Labels | Required for GHCR integration | WARN if missing |
Python Service Standards:
| Check | Standard | Severity |
|---|---|---|
| Base image | python:3.12-slim | WARN if other |
| Multi-stage | Required for production | FAIL if missing |
| HEALTHCHECK | Required | FAIL if missing |
| Non-root user | Required | FAIL if missing |
| OCI Labels | Required for GHCR integration | WARN if missing |
OCI Container Labels:
| Label | Purpose | Severity |
|---|---|---|
org.opencontainers.image.source | Links to repository | WARN if missing |
org.opencontainers.image.description | Package description | WARN if missing |
org.opencontainers.image.licenses | SPDX license identifier | WARN if missing |
org.opencontainers.image.version | Semantic version (via ARG) | INFO if missing |
org.opencontainers.image.revision | Git commit SHA (via ARG) | INFO if missing |
Print a compliance report:
Dockerfile Compliance Report
================================
Project Type: <type> (detected)
Dockerfile: ./Dockerfile (found)
Configuration Checks:
Build base <image> [PASS|WARN]
Runtime base <image> [PASS|WARN]
Multi-stage <N> stages [PASS|FAIL]
HEALTHCHECK <present|missing> [PASS|FAIL]
Non-root user <present|missing> [PASS|FAIL]
Build caching <enabled|missing> [PASS|INFO]
OCI Labels Checks:
image.source <present|missing> [PASS|WARN]
image.description <present|missing> [PASS|WARN]
image.licenses <present|missing> [PASS|WARN]
Recommendations:
<list specific fixes needed>
If --check-only, stop here.
If --fix flag is set or user confirms:
Update .project-standards.yaml:
components:
dockerfile: "2025.1"
FROM node:22-alpine AS build
ARG SENTRY_AUTH_TOKEN
ARG VITE_SENTRY_DSN
WORKDIR /app
COPY package*.json ./
RUN --mount=type=cache,target=/root/.npm npm ci
COPY . .
RUN --mount=type=cache,target=/root/.npm \
--mount=type=cache,target=/app/node_modules/.vite \
npm run build
FROM nginx:1.27-alpine
# OCI labels for GHCR integration
LABEL org.opencontainers.image.source="https://github.com/OWNER/REPO" \
org.opencontainers.image.description="Production frontend application" \
org.opencontainers.image.licenses="MIT" \
org.opencontainers.image.vendor="Your Organization"
# Dynamic labels via build args
ARG VERSION=dev
ARG BUILD_DATE
ARG VCS_REF
LABEL org.opencontainers.image.version="${VERSION}" \
org.opencontainers.image.created="${BUILD_DATE}" \
org.opencontainers.image.revision="${VCS_REF}"
COPY --from=build /app/dist /usr/share/nginx/html
COPY nginx/default.conf.template /etc/nginx/templates/
EXPOSE 80
HEALTHCHECK --interval=30s --timeout=3s --start-period=5s --retries=3 \
CMD wget --no-verbose --tries=1 --spider http://localhost/health || exit 1
FROM python:3.12-slim AS builder
WORKDIR /app
COPY pyproject.toml uv.lock ./
RUN pip install uv && uv sync --frozen --no-dev
FROM python:3.12-slim
# OCI labels for GHCR integration
LABEL org.opencontainers.image.source="https://github.com/OWNER/REPO" \
org.opencontainers.image.description="Production Python API server" \
org.opencontainers.image.licenses="MIT" \
org.opencontainers.image.vendor="Your Organization"
ARG VERSION=dev
ARG BUILD_DATE
ARG VCS_REF
LABEL org.opencontainers.image.version="${VERSION}" \
org.opencontainers.image.created="${BUILD_DATE}" \
org.opencontainers.image.revision="${VCS_REF}"
RUN useradd --create-home appuser
USER appuser
WORKDIR /app
COPY --from=builder /app/.venv /app/.venv
COPY --chown=appuser:appuser . .
ENV PATH="/app/.venv/bin:$PATH"
EXPOSE 8000
HEALTHCHECK --interval=30s --timeout=3s --start-period=10s --retries=3 \
CMD curl -f http://localhost:8000/health || exit 1
CMD ["uvicorn", "app.main:app", "--host", "0.0.0.0", "--port", "8000"]
| Context | Command |
|---|---|
| Check Dockerfile exists | find . -maxdepth 1 \( -name 'Dockerfile' -o -name 'Dockerfile.*' \) 2>/dev/null |
| Validate multi-stage build | grep -c '^FROM' Dockerfile 2>/dev/null |
| Check for non-root user | grep -E '^USER [^root]' Dockerfile 2>/dev/null |
| Check base image | grep '^FROM' Dockerfile | head -1 |
| Quick compliance check | /configure:dockerfile --check-only |
| Auto-fix issues | /configure:dockerfile --fix |
| Flag | Description |
|---|---|
--check-only | Report status without offering fixes |
--fix | Apply fixes automatically |
--type <type> | Override project type (frontend, python) |
/configure:container - Comprehensive container infrastructure/configure:skaffold - Kubernetes development configuration/configure:all - Run all compliance checkscontainer-development skill - Container best practices