Search notes:

Dockerfile

A Dockerfile contains instructions that specify how to build an image. The image is built with the docker build command.

Format of a Dockefile

A dockerfile contains instructructions with arguments. Typically (but not necessarily), these arguements are written in uppercase letters. 
INSTRUCTION arguments
With the execption of ARG, a Dockefile must begin with a FROM instruction (which specifies the parent image from which a new image is built).
Dockerfiles allow comments: they look similar to those in shell script, Python or PowerShell: they start with a # and continue to the end of the line. However, only white spaces are allowed to the left side of the # symbol.
Parser directives look like a special form of comments: 
# directive=value

Instructions

ADD Add local or remote files and directories.
ARG Use build-time variables.
CMD Specify the default command (or arguments executable defined with ENTRYPOINT) to be executed when the container is run. Compare with RUN
COPY Copy files and directories.
ENTRYPOINT Specify default executable (default seems to be ["/bin/sh", "-c"])
ENV Set environment variables.
EXPOSE Describe which ports your application is listening on. Used in conjunction with the -P option of docker run.
FROM Create a new build stage from a base image.
HEALTHCHECK Check a container's health on startup.
LABEL Add metadata to an image.
MAINTAINER Specify the author of an image. Deprecated in favor of LABEL.
ONBUILD Specify instructions which are triggered then this image is used when building another image.
RUN Execute commands at build time. Compare with CMD
SHELL Set the default shell of an image.
STOPSIGNAL Specify the system call signal for exiting a container.
USER Set user and group ID.
VOLUME Create volume mounts.
WORKDIR Change working directory.

FROM

FROM initializes a new build stage and sets the Base Image for subsequent instruction. 
FROM <image>
# or
FROM <image> AS <name>
# or
FROM <image>[@<digest>] [AS <name>]
Using ARG: 
ARG env=prod
FROM im:${env}
Using --platform: 
FROM --platform=linux/arm64 …
  …
FROM --platform=linux/amd64 …
  …

ARG

ARG defines a variable whose value can be set and used when building the image.
In contrast, ENV variables are used while a container of an image is running (see ARG vs ENV).
with docker build (--build-arg varname=value). 
ARG varname
Predefined ARG variables are: HTTP_PROXY, HTTPS_PROXY, FTP_PROXY and NO_PROXY. These variables are also available in a lowercase version.
Build time variables can be queried with docker history

COPY / ADD

COPY and ADD copy files and directories from outside a container into the container.
Paths are interpreted as relative to the source of the context of the build.
ADD allows the source to be an URL. Also, ADD handles archive files differently 
#    source      destination
#    ----------  -----------
COPY README.txt  /dev
COPY *.cs        /dev/src

#    source      destination
#    ----------  -----------
ADD  README.txt  /dev
ADD  *.cs        /dev/src
Docker on Linux additionally has the --chown parameter to specify a owning user and a group for the copied file: 
ADD --chown=rene:dev *.cs /dev/src

CMD

CMD provides defaults for the resulting container.
At most one CMD instruction is allowed in a Dockerfile.
The specified command is executed as user and group specified with the USER directive.
Compare with ENTRYPOINT and RUN
See also shell form vs exec form

ENV

ENV sets the value of environment variable when a container is running.
In contrast, the value of a variable being set with ARG is available when a container is built (see ARG vs ENV). 
ENV version=4.2

ENTRYPOINT

ENTRYPOINT configures a container that will run as an executable.
Both, CMD and ENTRYPOINT define the commands that will be executed when running a container.
The specified command is executed as user and group specified with the USER directive.

EXPOSE

EXPOSE documents a TCP/IP (default) or UDP port for a container.
When running the container, this or these ports are published with the -P command line option in docker run. 
EXPOSE 80  # TCP/IP 

EXPOSE 80/tcp
EXPOSE 67/udp

LABEL

LABEL adds metadata as a key/value pair to an image.
Such added information can be viewed with docker inspect. 
LABEL version=42.0
LABLE description=Hello world

RUN

Executes a command in the current image and commits the result.
The committed result is used as next «current image» in the next step.
Compare with CMD and ENTRYPOINT. 
# shell form: executed using /bin/sh -c command (Linux) or cmd.exe /s /c command
RUN <command>

# «Other» form:
RUN ["executable", "argument-one", "argument-two", …]
The specified command is executed as user and group specified with the USER directive.

SHELL

SHELL allows to override the default shell (/bin/sh -c, cmd.exe /s /c). 
SHELL ["powershell", "-command"]
RUN powershell-cmdLet

USER

USER controls which user and group will be running the commands that were specified with RUN, CMD and ENTRYPOINT.

WORKDIR

WORKDIR sets the directory for subsequent RUN, CMD, ENTRYPOINT, COPY and ADD commands. 
WORKDIR /dev/src

See also

Simple Dockerfile example

Index