docker-development
Docker and Docker Compose standards for PHP, Python, JavaScript, and API services. Use when containerizing development environments, production images, CI builds, PHP-FPM/Nginx stacks, Python sidecars, Node/JS services, or multi-service SaaS deployments.
Best use case
docker-development is best used when you need a repeatable AI agent workflow instead of a one-off prompt.
Docker and Docker Compose standards for PHP, Python, JavaScript, and API services. Use when containerizing development environments, production images, CI builds, PHP-FPM/Nginx stacks, Python sidecars, Node/JS services, or multi-service SaaS deployments.
Teams using docker-development should expect a more consistent output, faster repeated execution, less prompt rewriting.
When to use this skill
- You want a reusable workflow that can be run more than once with consistent structure.
When not to use this skill
- You only need a quick one-off answer and do not need a reusable workflow.
- You cannot install or maintain the underlying files, dependencies, or repository context.
Installation
Claude Code / Cursor / Codex
Manual Installation
- Download SKILL.md from GitHub
- Place it in
.claude/skills/docker-development/SKILL.mdinside your project - Restart your AI agent — it will auto-discover the skill
How docker-development Compares
| Feature / Agent | docker-development | Standard Approach |
|---|---|---|
| Platform Support | Not specified | Limited / Varies |
| Context Awareness | High | Baseline |
| Installation Complexity | Unknown | N/A |
Frequently Asked Questions
What does this skill do?
Docker and Docker Compose standards for PHP, Python, JavaScript, and API services. Use when containerizing development environments, production images, CI builds, PHP-FPM/Nginx stacks, Python sidecars, Node/JS services, or multi-service SaaS deployments.
Where can I find the source code?
You can find the source code on GitHub using the link provided at the top of the page.
Related Guides
SKILL.md Source
# Docker Development Acknowledgement: Shared by Peter Bamuhigire, techguypeter.com, +256 784 464178. <!-- dual-compat-start --> ## Use When - Containerizing PHP, Python, Node.js, JavaScript build, API, worker, queue, database, cache, or reverse-proxy services. - Creating or reviewing `Dockerfile`, `compose.yml`, CI build, registry, or runtime deployment patterns. - A project needs repeatable development environments, environment parity, production images, or service orchestration. ## Do Not Use When - The task only needs application code and has no container, runtime, deployment, or environment concern. - Kubernetes-specific cluster design is the main task; use Kubernetes skills after this container baseline is correct. ## Required Inputs - Application stack, local development needs, production runtime, ports, volumes, secrets/config, persistence services, and target OS. - Existing `Dockerfile`, Compose files, CI scripts, and deployment constraints when available. ## Workflow 1. Identify runtime roles: web, app/FPM, worker, scheduler, database, cache, queue, reverse proxy, asset build, or test runner. 2. Choose separate development and production image strategies. 3. Build minimal, reproducible images with pinned base versions and deterministic dependency installation. 4. Use Docker Compose for local multi-service orchestration, networking, volumes, health checks, and developer commands. 5. Keep secrets and environment-specific config outside images. 6. Add CI image build, scan, tag, push, and promotion rules. 7. Verify startup, health checks, logs, permissions, volume behavior, and graceful shutdown. ## Quality Standards - Images are reproducible, minimal, patched, scanned, and tagged with immutable release identifiers. - Development Compose is ergonomic without leaking dev-only tools into production images. - PHP, Python, and Node dependencies are installed deterministically from lockfiles. - Runtime config comes from environment/secrets, not baked source edits. - Containers expose health checks, structured logs, and graceful stop behavior. - Volumes are explicit and do not hide built artifacts unexpectedly. ## Anti-Patterns - One container running web server, database, queue worker, and scheduler because it is convenient. - Using `latest` tags in production. - Copying `.env`, secrets, test data, or host-specific paths into images. - Installing debug tooling in production images. - Rebuilding separate artifacts per environment instead of promoting one tested image. - Assuming Windows file permissions and Linux container permissions behave the same. ## Outputs - Dockerfile/Compose guidance, container architecture notes, review findings, CI image-build plan, or runtime checklist. ## References - `references/php-python-js-container-delivery.md` - `references/source-register.md` <!-- dual-compat-end --> ## Pair With - `php-modern-standards` for PHP app/FPM/Composer rules. - `python-modern-standards` for Python services, workers, and dependency locking. - `javascript-modern`, `nodejs-development`, or TypeScript skills for Node/runtime asset builds. - `api-design-first` for API contract/runtime responsibilities. - `deployment-release-engineering` for build-once promotion, rollout, and rollback.
Related Skills
ai-assisted-development
Orchestrate AI coding agents, human reviewers, CI, and delivery workflows for professional software work. Use when coordinating AI-assisted planning, implementation, code review, modernization, documentation, or multi-agent development.
kmp-development
Kotlin Multiplatform shared module development standards for sharing business logic across Android and iOS while keeping native UI. Covers project structure (shared/composeApp/iosApp), source sets, targets, expect/actual, DI (Koin)...
nodejs-development
Production Node.js development — async patterns, streams, design patterns, HTTP APIs, testing, scaling, and deployment. Synthesised from Node.js Design Patterns (Casciaro & Mammino 3rd ed.), Node.js Recipes (Gackenheimer), Fullstack Node.js (Murray), and Node.js Fundamentals. Use when building scalable servers, REST APIs, CLI tools, real-time systems, or fullstack JavaScript applications.
ios-development
iOS development standards for AI agent implementation. Swift-first, SwiftUI, MVVM + Clean Architecture, async/await, comprehensive security, testing, and performance patterns. Use when building or reviewing iOS applications, generating Swift...
react-development
Comprehensive React patterns and best practices: functional components, all hooks (useState, useEffect, useCallback, useMemo, useRef, useContext, useReducer), custom hooks, state management (local/Context/external), performance optimisation...
avalonia-desktop-development
Building cross-platform .NET desktop apps with Avalonia UI (Windows/macOS/Linux). Use when working with Avalonia, AXAML/XAML UI, MVVM in Avalonia (CommunityToolkit.Mvvm or ReactiveUI), compiled bindings (x:DataType), styling/control themes/Fluent theming, data binding, DataTemplates and virtualization for large lists, asset/PNG image bundling (avares://), localization, accessibility, hosting a WebView (WebView2/WKWebView) in Avalonia, headless testing, or packaging an Avalonia app for Windows and macOS.
android-development
Android development standards for AI agent implementation. Kotlin-first, Jetpack Compose UI, MVVM + Clean Architecture, Hilt DI, comprehensive security, testing, and performance patterns. Use when building or reviewing Android applications...
web-app-security-audit
Use when auditing a PHP/JavaScript/HTML web application for security vulnerabilities. Covers configuration, authentication, authorization, input validation, XSS, API security, HTTP headers, and dependency scanning. Produces a severity-rated audit...
vibe-security-skill
Use when designing or reviewing security for a web application, API, or multi-tenant SaaS — produces threat model, abuse case list, auth/authz matrix, and secret handling plan; covers OWASP Top 10 2025 and the AI-code-generation blind spots. Neighbours — api-design-first owns auth model fields, deployment-release-engineering owns secret rotation choreography, ai-security and llm-security own model-specific threats.
network-security
Use when designing, hardening, or auditing network-layer security for self-managed Debian/Ubuntu SaaS infrastructure — firewalls (nftables/UFW), WAF (ModSecurity + OWASP CRS), VPN (WireGuard, OpenVPN, IPsec), TLS/PKI ops, IDS/IPS (Suricata, Fail2ban), zero-trust, SSH hardening, DDoS mitigation, DNS security. Complements web-app-security-audit (app layer) and cicd-devsecops (secrets/CI).
linux-security-hardening
Use when hardening a Debian/Ubuntu server — user/group/sudo hardening, file permission audits, PAM password policy + MFA, AppArmor mandatory access control, auditd system call logging, kernel sysctl hardening, file integrity monitoring (AIDE), rootkit detection (rkhunter/chkrootkit), unattended security patching, GRUB + UEFI + LUKS boot security, and CIS benchmark compliance.
dpia-generator
Generate a Data Protection Impact Assessment (DPIA), Uganda DPPA 2019-compliant. Use when producing or reviewing a data protection impact assessment, a privacy impact assessment, when uganda-dppa-compliance flags [DPIA-REQUIRED], or when processing large-scale or sensitive personal data for a new feature.