bisco/azionelab
1
0
Fork 0
generated from bisco/codex-bootstrap
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
a5189669f60e30f8592f33f08221fbf169a86d6f
azionelab/.codex/profiles/docker.md
bisco 05b06d409f Initial commit
2026-04-28 10:28:32 +02:00

1.2 KiB
Raw Blame History

Docker profile

Enable this profile for repositories containing Dockerfiles, Compose files, container entrypoints, reverse proxy configuration, or containerized deployment logic.

Rules

Codex MUST:

  • avoid latest tags;
  • prefer pinned or explicit versions;
  • keep images small and reproducible;
  • avoid privileged containers unless explicitly justified in an ADR;
  • avoid unnecessary published ports;
  • use least-privilege users where practical;
  • avoid storing secrets in images or Compose files;
  • use healthchecks when useful and practical;
  • document exposed ports, volumes, networks, and runtime assumptions;
  • keep entrypoints simple and explicit.

Project mode behavior

If .codex/project.md sets project_mode: work, Codex SHOULD prefer Red Hat UBI minimal images when possible and reasonable.

If .codex/project.md sets project_mode: personal, Codex may use the most appropriate base image for the project, but it MUST still avoid latest tags and unsafe defaults.

Validation examples

Use project-specific Docker-based commands, for example:

docker compose config

docker compose build

docker compose run --rm app pytest
Reference in New Issue View Git Blame Copy Permalink