Practice Code Typing – SkillsTyping

Choose your language:

ℹ️ Select 'Choose Exercise', or randomize 'Next Random Exercise' in selected language.

Choose Exercise:

Ready

Exercise Algorithm Area

Correct typos to continue.

1FROM node:20-alpine
2
3# Create a non-root user and group
4RUN addgroup -S appgroup && adduser -S appuser -G appgroup
5
6WORKDIR /app
7
8# Copy application files
9COPY package*.json ./
10RUN npm ci --only=production
11
12COPY . .
13
14# Change ownership of the application directory to the non-root user
15# This is crucial for the user to be able to write to its own directories if needed
16RUN chown -R appuser:appgroup /app
17
18# Switch to the non-root user
19USER appuser
20
21# Expose the port the app listens on
22EXPOSE 3000
23
24# Command to run the application as the non-root user
25CMD ["node", "server.js"] # Adjust server.js to your entry point

Algorithm description viewbox

Dockerfile Non-Root User Setup for Security

Algorithm description:

This Dockerfile enhances security by ensuring the application runs as a non-root user. It creates a dedicated user and group, sets file ownership for the application directory, and then switches the execution context to this non-root user. Running containers as non-root is a critical security best practice, as it limits the potential damage if the containerized application is compromised.

Algorithm explanation:

Running containers as the root user poses a significant security risk. If an attacker gains control of a process running as root inside a container, they could potentially escalate privileges to the host system. This Dockerfile mitigates this risk by following these steps: 1. It creates a dedicated, unprivileged user (`appuser`) and group (`appgroup`) using `adduser` and `addgroup` (common in Alpine-based images). 2. It copies application code and installs dependencies. 3. It uses `chown` to transfer ownership of the application directory (`/app`) to the newly created user and group. This ensures the non-root user has the necessary permissions to access and modify its own files. 4. The `USER appuser` instruction switches the Docker build context and the runtime user to `appuser`. Any subsequent `RUN`, `CMD`, or `ENTRYPOINT` instructions will execute as this user. This principle of least privilege significantly improves the security posture of the container.

Pseudocode:

Set base image.
Create a new non-root user and group.
Set working directory.
Copy application files and install dependencies.
Change ownership of application files to the new user.
Switch the user context to the non-root user.
Expose application port.
Define the command to run the application as the non-root user.

Library

Playable exercises

Choose Exercise

Filter, sort, and preview algorithm before you choose one to play.

Total 25 published items

Pages 4 pages available

Language

Sort by Direction

Browse published coding scenarios with filters, sorting, and pagination.

Published

Dockerfile DevOps (dockerfile)

Dockerfile: Optimize Multi-Stage Build Layers

Difficulty: writing: 3; length: 1
Popularity: 0
Created: 2026-01-28 14:57 UTC
Published: 2026-01-28 15:17 UTC
Author: Damian

#dockerfile #optimization #multi-stage #layer caching #go

goal: Minimize Docker image size using multi-stage builds. input: Dockerfile content for a Go application. output: A lean Docker image containing only the compiled application.

Canonical Algorithm Text

FROM golang:1.21-alpine AS builder WORKDIR /app COPY go.mod go.sum ./ RUN go mod download COPY *.go . RUN CGO_ENABLED=0 GOOS=linux go build -o /app/my-app FROM alpine:latest COPY --from=builder /app/my-app /app/my-app EXPOSE 8080 CMD ["/app/my-app"]

Description Algorithm

This Dockerfile demonstrates an optimized multi-stage build for a Go application. It first builds the application in a Go-specific image, then copies only the compiled binary into a minimal Alpine Linux image. This signi...

Explanation

The multi-stage build strategy is crucial for reducing Docker image size and improving security. In the first stage ('builder'), we use a Go image to compile the application. This stage includes all necessary build tools. The second stage starts from a minimal Alpine image. We then use `COPY --from=builder` to transfer only the compiled binary from the builder stage to the final image. This ensures that build dependencies are not included in the runtime image. The `CGO_ENABLED=0` flag and `GOOS=linux` ensure a statically linked binary, simplifying deployment. The `go mod download` step is placed before copying source code to leverage Docker's layer caching; if dependencies haven't changed, this layer is reused. The final image is lean and secure, containing only the application and its runtime requirements.

Pseudocode

Stage 1 (Builder): Set working directory to /app Copy go.mod and go.sum Download Go modules Copy application source code Build the Go application into a binary Stage 2 (Final Image): Start from a minimal base image (e.g....

Published

Dockerfile DevOps (dockerfile)

Dockerfile: Efficiently Build a Node.js Application

Difficulty: writing: 2; length: 3
Popularity: 0
Created: 2026-01-28 14:57 UTC
Published: 2026-01-28 15:17 UTC
Author: Damian

#dockerfile #nodejs #optimization #multi-stage #security #npm

goal: Build a Node.js application with optimized performance and security. input: A Dockerfile for a Node.js application. output: A lean, secure Docker image for running the Node.js application.

Canonical Algorithm Text

FROM node:20-alpine AS builder WORKDIR /app # Copy package.json and package-lock.json first to leverage Docker cache COPY package*.json . # Install dependencies RUN npm ci --only=production # Copy the rest of the application code COPY . . # Build the application if necessary (e.g...

Description Algorithm

This Dockerfile is designed for building a Node.js application efficiently. It employs a multi-stage build, first installing dependencies and copying code in a 'builder' stage, then copying only the necessary artifacts t...

Explanation

The multi-stage build pattern is crucial for Node.js applications. The first stage (`builder`) uses `node:20-alpine` to install dependencies using `npm ci --only=production`. Copying `package*.json` before the rest of the code ensures that if only the source code changes, the `npm ci` layer is cached, speeding up subsequent builds. The second stage also uses `node:20-alpine` but is designed to be minimal. A non-root user (`appuser`) and group (`appgroup`) are created and used to run the application, which is a significant security best practice. The `COPY --from=builder` command efficiently transfers only the installed `node_modules` and application code, avoiding build tools. `chown` ensures correct file ownership for the non-root user. The `EXPOSE 3000` instruction declares the port the application listens on. A runtime check for `NODE_ENV` provides a default if it's not explicitly set, guiding the application's behavior.

Pseudocode

Stage 1 (Builder): Set working directory. Copy package.json and package-lock.json. Install production npm dependencies. Copy the rest of the application code. Stage 2 (Production): Start from a lean Node.js Alpine image....

Published

Dockerfile DevOps (dockerfile)

Dockerfile: Basic Nginx Configuration for Static Site

Difficulty: writing: 5; length: 1
Popularity: 0
Created: 2026-01-28 14:57 UTC
Published: 2026-01-28 15:17 UTC
Author: Damian

#dockerfile #nginx #static site #web server #basic

goal: Serve static website content using Nginx. input: A Dockerfile and a directory containing static website files (HTML, CSS, JS). output: A Docker image running Nginx serving the static website.

Canonical Algorithm Text

FROM nginx:alpine # Set the working directory inside the container WORKDIR /usr/share/nginx/html # Remove the default Nginx index.html file RUN rm index.html # Copy your static website files into the Nginx web root # Assumes your static files are in a 'website' directory next to...

Description Algorithm

This Dockerfile sets up a minimal Nginx server to host static website content. It starts from a lightweight Nginx Alpine image, removes the default Nginx welcome page, and then copies your website's HTML, CSS, and JavaSc...

Explanation

This Dockerfile leverages the official Nginx Alpine image, which is optimized for size and includes Nginx pre-configured. The `FROM nginx:alpine` instruction pulls this base image. `WORKDIR /usr/share/nginx/html` sets the default directory for subsequent commands, which is Nginx's default location for serving static files. `RUN rm index.html` removes the placeholder file that comes with the Nginx image. The `COPY website/ .` command copies all files from a local 'website' directory into the container's current working directory (`/usr/share/nginx/html`). `EXPOSE 80` informs Docker that the container listens on port 80 at runtime. The `CMD` instruction is inherited from the base image and is responsible for starting the Nginx server in the foreground, ensuring it runs continuously.

Pseudocode

Start from the Nginx Alpine base image. Set the working directory to the Nginx web root. Remove the default index.html file. Copy all static website files from a local directory into the web root. Expose port 80 for web...

Published

Dockerfile DevOps (dockerfile)

Dockerfile: Securely Manage Secrets with ARG and ENV

Difficulty: writing: 1; length: 3
Popularity: 0
Created: 2026-01-28 14:57 UTC
Published: 2026-01-28 15:17 UTC
Author: Damian

#dockerfile #security #secrets management #arg #env #runtime configuration

goal: Securely manage build-time and runtime secrets in a Dockerfile. input: A Dockerfile template for an application requiring secrets. output: A Docker image built with secure secret handling practices.

Canonical Algorithm Text

FROM ubuntu:22.04 # Runtime arguments for sensitive information ARG API_KEY ARG DATABASE_PASSWORD # Environment variables for runtime configuration ENV APP_ENV=production ENV LOG_LEVEL=info # Check for required build-time arguments RUN if [ -z "$API_KEY" ] || [ -z "$DATABASE_PASS...

Description Algorithm

This Dockerfile outlines a secure method for managing secrets during the build and runtime phases. It utilizes `ARG` to pass sensitive information like API keys and database passwords during the build process, and then s...

Explanation

Managing secrets in Dockerfiles requires careful consideration to avoid exposing sensitive data. The `ARG` instruction allows you to define variables that are passed to the `docker build` command. These variables are available during the build process but are not persisted in the image layers by default. The `ENV` instruction sets environment variables that are available both during the build and at runtime. By using `ARG` for secrets and then potentially setting `ENV` variables from them, we can control their scope. The `RUN` command with the `if` condition checks if the required `ARG` variables (`API_KEY`, `DATABASE_PASSWORD`) have been provided. If not, it prints an error and exits, preventing the creation of an insecure image. For highly sensitive data, it's recommended to use external secret management solutions that integrate with Docker or your orchestration platform, as even `ENV` variables can be inspected in running containers. The installation of dependencies and copying of application code are standard steps, placed after the secret validation to ensure a valid build.

Pseudocode

Define build-time arguments for sensitive secrets (e.g., API_KEY, DB_PASSWORD). Define runtime environment variables for general configuration. Validate that all required build-time arguments are provided. If any require...

Published

Dockerfile DevOps (dockerfile)

Dockerfile: Multi-stage Build for Go Application

Difficulty: writing: 3; length: 1
Popularity: 0
Created: 2026-01-28 14:17 UTC
Published: 2026-01-28 15:17 UTC
Author: Admin

#dockerfile #multi-stage build #go #alpine #optimization

goal: Build a Go application and create a minimal runtime Docker image. input: Go source code and go.mod/go.sum files. output: A small Docker image containing only the compiled Go binary.

Canonical Algorithm Text

FROM golang:1.21-alpine AS builder WORKDIR /app COPY go.mod go.sum ./ RUN go mod download COPY *.go ./ RUN CGO_ENABLED=0 GOOS=linux go build -o /app/my-app . # --- Runtime Stage --- FROM alpine:latest WORKDIR /root/ COPY --from=builder /app/my-app . EXPOSE 8080 CMD ["./my-app"]

Description Algorithm

This Dockerfile utilizes a multi-stage build to create a lean production image for a Go application. The first stage, 'builder', uses a Go development image to compile the application. The second stage starts from a mini...

Explanation

Multi-stage builds are essential for optimizing Docker image size and security. The 'builder' stage contains all the tools needed for compilation (Go compiler, dependencies). By using `CGO_ENABLED=0 GOOS=linux` during the build, we ensure a statically linked binary that doesn't depend on C libraries, making it compatible with minimal base images like Alpine. The second stage (`FROM alpine:latest`) is purely for runtime and only includes the compiled application. This separation prevents build tools and intermediate artifacts from being included in the final image, reducing its attack surface and download time. The `COPY --from=builder` instruction is key to transferring artifacts between stages.

Pseudocode

Define a builder stage using a Go image. Set the working directory. Copy Go module files and download dependencies. Copy application source code. Compile the Go application into a static binary. Define a runtime stage us...

Published

Dockerfile DevOps (dockerfile)

Dockerfile: Python Application with Virtual Environment

Difficulty: writing: 5; length: 2
Popularity: 0
Created: 2026-01-28 14:17 UTC
Published: 2026-01-28 15:17 UTC
Author: Admin

#dockerfile #python #virtual environment #dependencies #flask

goal: Set up a Python application with dependencies managed by a virtual environment. input: Python application code and a `requirements.txt` file. output: A Docker image running the Python application with its dependencies isolated.

Canonical Algorithm Text

FROM python:3.9-slim # Set the working directory WORKDIR /app # Install virtualenv and create a virtual environment RUN pip install virtualenv RUN virtualenv venv # Activate the virtual environment and install dependencies # Note: Activating venv in RUN is tricky; often better to...

Description Algorithm

This Dockerfile sets up a Python application within a Docker container, ensuring its dependencies are isolated using a virtual environment. It starts from a Python base image, creates a virtual environment, installs proj...

Explanation

The strategy here is to leverage Python's `virtualenv` to manage dependencies within the container. First, `virtualenv` is installed globally. Then, a virtual environment named `venv` is created in the application's working directory. Instead of trying to activate the virtual environment within a `RUN` command (which is complex as each `RUN` starts a new shell), we directly call the `pip` and `python` executables located within the `venv/bin/` directory. This ensures that dependencies are installed and the application is run using the isolated environment. `COPY . .` brings the application code into the container. `ENV` variables configure the application's behavior, and `EXPOSE` documents the port. The `CMD` explicitly uses the virtual environment's Python to execute the application script.

Pseudocode

Start with a Python base image. Set the working directory. Install the virtualenv package. Create a virtual environment named 'venv'. Install project dependencies from requirements.txt into the virtual environment. Copy...

Published

Dockerfile DevOps (dockerfile)

Dockerfile: Basic Nginx Web Server Setup

Difficulty: writing: 6; length: 2
Popularity: 0
Created: 2026-01-28 14:17 UTC
Published: 2026-01-28 15:17 UTC
Author: Admin

#dockerfile #nginx #web server #static site #linux

goal: Set up a basic Nginx web server in a Docker container. input: None (uses default HTML). output: A Docker image running Nginx serving a static HTML page.

Canonical Algorithm Text

FROM ubuntu:latest # Install Nginx RUN apt-get update && apt-get install -y nginx # Create a simple HTML file RUN echo "<!DOCTYPE html>\n<html>\n<head>\n<title>Hello from Docker!</title>\n</head>\n<body>\n<h1>Welcome to my Nginx server!</h1>\n<p>This page is served by Nginx insid...

Description Algorithm

This Dockerfile sets up a basic Nginx web server within a Docker container. It installs Nginx, creates a simple default HTML page, configures Nginx to run in the foreground (essential for Docker), and exposes the standar...

Explanation

The process begins by updating the package list and installing Nginx using `apt-get`. The `RUN` command to create `index.html` embeds a basic HTML structure directly into the image. A critical step for Docker is ensuring the service runs in the foreground. By default, Nginx runs as a daemon in the background. The `sed` command modifies the `nginx.conf` file to change `daemon on;` to `daemon off;`, which keeps Nginx running as the main process. The `EXPOSE 80` instruction informs Docker that the container listens on port 80. Finally, the `CMD` instruction specifies the command to execute when the container starts, launching Nginx in the foreground.

Pseudocode

Start with a base Linux image. Update package lists. Install the Nginx web server. Create a default index.html file in the web root directory. Configure Nginx to run in the foreground. Expose port 80 for HTTP traffic. Se...

Published

Dockerfile DevOps (dockerfile)

Dockerfile: Basic Package Installation

Difficulty: writing: 6; length: 1
Popularity: 0
Created: 2026-01-28 14:17 UTC
Published: 2026-01-28 15:17 UTC
Author: Admin

#dockerfile #package management #apt-get #linux #build

goal: Install common command-line utilities in a Docker image. input: A list of package names to install. output: A Docker image with the specified packages installed.

Canonical Algorithm Text

FROM ubuntu:latest RUN apt-get update && apt-get install -y \ curl \ wget \ git \ vim # Clean up apt cache to reduce image size RUN apt-get clean && rm -rf /var/lib/apt/lists/* # Verify installations (optional, for demonstration) RUN curl --version RUN wget --version RUN git --ve...

Description Algorithm

This Dockerfile demonstrates the basic process of installing software packages within a container image. It starts from a base Ubuntu image, updates the package lists, installs several common utilities, and then cleans u...

Explanation

The `RUN` instruction executes commands in a new layer on top of the current image. Combining `apt-get update` and `apt-get install` in a single `RUN` command is a common optimization to ensure the package lists are fresh and to reduce the number of layers. The `-y` flag automatically confirms installations. Cleaning up the apt cache (`apt-get clean` and `rm -rf /var/lib/apt/lists/*`) is crucial for minimizing the final image size. This approach ensures that necessary tools are available for subsequent build steps or for the application running inside the container.

Pseudocode

Start with a base image. Update package lists. Install specified packages non-interactively. Clean up package manager cache and temporary files. Optionally, verify installed package versions.

Language (required)

Paste your code (required)

Max 20,000 characters. (Dangerous HTML/script fragments will be blocked)

Normalized preview:

I agree to Publish this, after admin approval (queued for review). (Not required) I confirm this submission is anonymous and does not contain personal data. I grant SkillsTyping a free, non-exclusive, worldwide, and irrevocable license to store, modify, adapt, and publish this content after review. I understand that publication is not guaranteed, that I retain no ownership or usage claims over published versions, and that no compensation will be provided. See Privacy Policy

Publish details

Shown only if you opt to submit for review. Required when consent is checked.

Title (required with consent)

Short description / summary (required with consent)

Algorithm explanation (required with consent)

Pseudocode (required with consent)