pukpuklouis/website-enchun-mgr
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

chore(agent): configure AI agents and tools

Browse Source 
Add configuration for BMad, Claude, OpenCode, and other AI agent tools and workflows.
This commit is contained in:
Louis Chen
2026-02-11 11:51:23 +08:00
parent 9c2181f743
commit ad8e2e313e
977 changed files with 157625 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

196
.opencode/skills/docker-optimizer/SKILL.md Normal file
View File

@@ -0,0 +1,196 @@
---
name: docker-optimizer
description: Reviews Dockerfiles for best practices, security issues, and image size optimizations including multi-stage builds and layer caching. Use when working with Docker, containers, or deployment.
allowed-tools: Read, Grep, Glob, Write, Edit
---
# Docker Optimizer
Analyzes and optimizes Dockerfiles for performance, security, and best practices.
## When to Use
- User working with Docker or containers
- Dockerfile optimization needed
- Container image too large
- User mentions "Docker", "container", "image size", or "deployment"
## Instructions
### 1. Find Dockerfiles
Search for: `Dockerfile`, `Dockerfile.*`, `*.dockerfile`
### 2. Check Best Practices
**Use specific base image versions:**
```dockerfile
# Bad
FROM node:latest
# Good
FROM node:18-alpine
```
**Minimize layers:**
```dockerfile
# Bad
RUN apt-get update
RUN apt-get install -y curl
RUN apt-get install -y git
# Good
RUN apt-get update && \
apt-get install -y curl git && \
rm -rf /var/lib/apt/lists/*
```
**Order instructions by change frequency:**
```dockerfile
# Dependencies change less than code
COPY package*.json ./
RUN npm install
COPY . .
```
**Use .dockerignore:**
```
node_modules
.git
.env
*.md
```
### 3. Multi-Stage Builds
Reduce final image size:
```dockerfile
# Build stage
FROM node:18 AS build
WORKDIR /app
COPY package*.json ./
RUN npm install
COPY . .
RUN npm run build
# Production stage
FROM node:18-alpine
WORKDIR /app
COPY --from=build /app/dist ./dist
COPY --from=build /app/node_modules ./node_modules
CMD ["node", "dist/index.js"]
```
### 4. Security Issues
**Don't run as root:**
```dockerfile
RUN addgroup -S appgroup && adduser -S appuser -G appgroup
USER appuser
```
**No secrets in image:**
```dockerfile
# Bad: Hardcoded secret
ENV API_KEY=secret123
# Good: Use build args or runtime env
ARG BUILD_ENV
ENV NODE_ENV=${BUILD_ENV}
```
**Scan for vulnerabilities:**
```bash
docker scan image:tag
trivy image image:tag
```
### 5. Size Optimization
**Use Alpine images:**
- `node:18-alpine` vs `node:18` (900MB → 170MB)
- `python:3.11-alpine` vs `python:3.11` (900MB → 50MB)
**Remove unnecessary files:**
```dockerfile
RUN npm install --production && \
npm cache clean --force
```
**Use specific COPY:**
```dockerfile
# Bad: Copies everything
COPY . .
# Good: Copy only what's needed
COPY package*.json ./
COPY src ./src
```
### 6. Caching Strategy
Layer caching optimization:
```dockerfile
# Install dependencies first (cached if package.json unchanged)
COPY package*.json ./
RUN npm install
# Copy source (changes more frequently)
COPY . .
RUN npm run build
```
### 7. Health Checks
```dockerfile
HEALTHCHECK --interval=30s --timeout=3s --start-period=5s --retries=3 \
CMD node healthcheck.js
```
### 8. Generate Optimized Dockerfile
Provide improved version with:
- Multi-stage build
- Appropriate base image
- Security improvements
- Layer optimization
- Build caching
- .dockerignore file
### 9. Build Commands
**Efficient build:**
```bash
# Use BuildKit
DOCKER_BUILDKIT=1 docker build -t app:latest .
# Build with cache from registry
docker build --cache-from myregistry/app:latest -t app:latest .
```
### 10. Dockerfile Checklist
- [ ] Specific base image tag (not `latest`)
- [ ] Multi-stage build if applicable
- [ ] Non-root user
- [ ] Minimal layers (combined RUN commands)
- [ ] .dockerignore present
- [ ] No secrets in image
- [ ] Proper layer ordering for caching
- [ ] Alpine or slim variant used
- [ ] Cleanup in same RUN layer
- [ ] HEALTHCHECK defined
## Security Best Practices
- Scan images regularly
- Use official base images
- Keep base images updated
- Minimize attack surface (fewer packages)
- Run as non-root user
- Use read-only filesystem where possible
## Supporting Files
- `templates/Dockerfile.optimized`: Optimized multi-stage Dockerfile example
- `templates/.dockerignore`: Common .dockerignore patterns