DEV Community

Docker - Dev, Debug, Deploy

eranelbaz on December 21, 2019

Why As a developer who works on couple of projects, I wanted to find a way that - My setup time will be as fast as possible It would b...

Read full post

Patryk • Dec 21 '19 • Edited

Thanks for sharing. A few (opinionated) things come to mind.

Always use git (or at least another CVS). Docker does not replace git.
Save your Dockerfiles, and docker-compose*.ymls inside your git repo.
Do use docker-compose. It makes everything easier. Seriously.
Why give everyone access to a shared container? Then if they make changes and push, you have no idea who to blame. Just let your team clone the repo, run docker-compose -f docker-compose.dev.yml up (or similar), and let them work on their own machines. The whole point of using git is so multiple people can work on their own copies at the same time.
Never run as root if not necessary, including inside containers. Docker has never cared much for security, and one of the things I do most often is override the USER inside my Dockerfiles.
Use ssh keys rather than a shared password, if you're going to be sharing an account. You should always use keys even if you don't share it, IMAO.

eranelbaz • Dec 21 '19

Hey!
I did not mean to replace git, as I said i'm using it to version control my code, not my environment

I know about docker-compose and ssh keys but I want to write this blog post for the average user, so I left it behind

And about using root I agree when it comes to "real" servers, when we talk about dockers you can in a single command restore it and so nothing bad can happen

Comment marked as low quality/non-constructive by the community. View Code of Conduct

sg • Dec 22 '19

I agree you should never blog how to do something insecurely by default just because it's easier. That's why the state of security is the way it is, and why all PHP coders suck.

Dor Shinar • Dec 22 '19

All PHP codes suck? That's quite harsh. Most of the internet is written in PHP (including most of what Facebook makes). I think that's an offensive generalization. As eranelbaz said, he only uses it for local development. I think that as long as your shared environments (staging, production etc.) Are properly secured, setting up local unsecured docker is pretty much like running a local instance of your application with root. No harm, as no one has access to it but you.

iBNu Maksum • Dec 22 '19

Most of non PHP coders said PHP Coders are suck, because most of the job ask for PHP.

What's the most secure programming language?

It's all depend on Developer, not the programming language

eliaweiss • Dec 22 '19

I was using vagrant for a few years, for local dev, then I move to docker a couple of years ago, now I prefer to develop on a remote vps with vs code remote dev plug in.
As long as I good internet (which is not always the case for a digital nomad like me) I found it to be my preferred method of dev