Use .dockerignore to Speed Up Builds and Protect Secrets
Without .dockerignore, you're sending node_modules, .git, and maybe even .env secrets into your image.
What
The .dockerignore file works like .gitignore but for Docker builds. It tells Docker which files to exclude from the build context β the set of files sent to the Docker daemon. Without it, EVERYTHING in your project directory gets sent, even files you never use in the image.
Why It Matters
A large build context slows down every build because Docker has to send all those files to the daemon. Worse, files like .env, .git, and credentials can accidentally end up in your image layers β even if you don't COPY them, they're in the build context and could leak through multi-stage mistakes.
Example
# .dockerignore
node_modules
.git
.gitignore
.env
.env.*
*.md
README.md
dist
.next
coverage
.vscode
.idea
*.log
docker-compose*.yml
Dockerfile*
.DS_StoreCommon Mistake
Not having a .dockerignore at all. This sends node_modules (often 500MB+) to the Docker daemon on every build, even though you're installing fresh inside the container. It also risks leaking secrets from .env files.
Quick Fix
Create a .dockerignore in your project root. At minimum, add node_modules, .git, .env, and any build output directories. This immediately speeds up builds and reduces the risk of secret leakage.
Key Takeaways
- 1No .dockerignore = sending EVERYTHING to Docker
- 2node_modules alone can be 500MB+
- 3.env files could leak into your image
- 4Add .dockerignore to your project root
- 5Exclude: node_modules, .git, .env, build output
Was this tip helpful?
Help us improve the DevOpsPath daily collection