Docker

This scaffold provides optional Docker support for building and publishing container images. When enabled during initialization, it includes a Dockerfile, an entrypoint script, and GitHub Actions workflows for testing and releasing Docker images.

Dockerfile

The included Dockerfile uses a minimal Alpine Linux base image with Bash installed. It follows OCI image labeling conventions and uses a dedicated entrypoint script.

FROM alpine:3

RUN apk add --no-cache bash

COPY entrypoint.sh /usr/local/bin/entrypoint.sh

ENTRYPOINT ["/usr/local/bin/entrypoint.sh"]

Entrypoint

The entrypoint.sh script enforces strict shell options (set -euo pipefail) and forwards arguments to the container command.

Building and running

# Build the image
docker build -t yournamespace/yourproject .

# Run the container
docker run --rm yournamespace/yourproject

Linting

The Dockerfile is linted using Hadolint, a Dockerfile linter that helps enforce best practices.

# Lint locally
hadolint Dockerfile

Linting also runs automatically in CI via the test-docker.yml workflow.

CI/CD workflows

Testing (`test-docker.yml`)

Runs on pushes to main and pull requests. This workflow:

Lints the Dockerfile with Hadolint
Builds the Docker image using Docker Buildx
Runs the container to verify it starts correctly

Release (`release-docker.yml`)

Runs on tag pushes. This workflow:

Sets up QEMU and Docker Buildx for multi-architecture builds
Authenticates with Docker Hub
Builds and pushes multi-arch images (linux/amd64, linux/arm64)

Docker Hub credentials

The release workflow requires the following repository secrets:

DOCKER_USER — Docker Hub username
DOCKER_PASS — Docker Hub access token

Set these in your repository's Settings > Secrets and variables > Actions.

Dockerfile​

Entrypoint​

Building and running​

Linting​

CI/CD workflows​

Testing (test-docker.yml)​

Release (release-docker.yml)​

Docker Hub credentials​