Skip to content

Multi-Stage Build

Medium — good to knowCI/CD & DevOps

ELI5 — The Vibe Check

Multi-stage builds let you use one Docker image to BUILD your app and a different, tiny image to RUN it. The build stage has compilers, dev tools, the works. The final image? Just your binary and nothing else. It's like building a house with all your tools, then removing the scaffolding before moving in.

Real Talk

Multi-stage Docker builds use multiple FROM statements to create intermediate build stages. Each stage can copy artifacts from previous stages while discarding unnecessary build dependencies. This produces minimal production images without complex build scripts or separate Dockerfiles.

Show Me The Code

# Build stage
FROM node:20 AS builder
WORKDIR /app
COPY package*.json ./
RUN npm ci
COPY . .
RUN npm run build

# Production stage
FROM node:20-slim
WORKDIR /app
COPY --from=builder /app/dist ./dist
COPY --from=builder /app/node_modules ./node_modules
CMD ["node", "dist/index.js"]

When You'll Hear This

"Multi-stage build cut our image from 1.2GB to 150MB." / "The builder stage has all dev deps but the final image only has production code."

Related Terms

Container Scanning

Container Scanning checks your Docker images for known vulnerabilities in OS packages, libraries, and misconfigurations.

intermediateSecurity

Distroless Image

Distroless images are Docker images with NOTHING in them except your app. No shell, no package manager, no ls, no curl — nothing an attacker could use.

advancedCI/CD & DevOps

Docker

Docker is like a lunchbox for your app.

beginnerCI/CD & DevOps
Back to Browse Random Term

Made with passive-aggressive love by manoga.digital. Powered by Claude.