StrixTheKiet Notes

Search

SearchSearch

Dockerfile RUN

Nov 22, 20241 min read

Definition:

  • Execute any commands to create a new layer on top of the current image
  • # Shell form:
RUN [OPTIONS] <command> ...
# Exec form:
RUN [OPTIONS] [ "<command>", ... ]
    • Options:
      • —mount
      • —network
      • —security

  • Shell form is most commonly used, and lets you break up longer instructions into multiple lines, either using newline escapes, or with heredocs:

      ```dockerfile
  RUN <<EOF
  apt-get update
  apt-get install -y curl
  EOF
  ```

Cache invalidation:

  • Invalidate the layer created by RUN instruction so next time it will be ran again

RUN —mount

  • Create filesystem mounts that the build can access. This can be used to:
    • Create bind mount to the host filesystem or other build stages
    • Access build secrets or ssh-agent sockets
    • Use a persistent package management cache to speed up your build
  • RUN --mount=[type=<TYPE>][,option=<value>[,option=<value>]...]

RUN —mount=type=bind

  • This mount type allows binding files or directories to the build container. A bind mount is read-only by default.

RUN —mount=type=cache

  • This mount type allows the build container to cache directories for compilers and package managers.

RUN —mount=type=tmpfs

RUN —mount=type=secret

RUN —mount=type=ssh

RUN —network

  • RUN —network=TYPE

RUN —network=default

RUN —network=none

RUN —network=host

RUN —security:

Graph View

Backlinks