Fixing Dockerfile Smells: An Empirical Study (ICSME 2022)

Giovanni Rosa
Giovanni RosaPhD Student in Software Engineering at University of Molise
Fixing Dockerfile Smells: An Empirical Study Giovanni Rosa, Simone Scalabrino and Rocco Oliveto University of Molise, Italy ICSME ’22 Registered Reports - Oct 6th 2022 Limassol, Cyprus
Containerization, how it works? Build Ship Run Software containers
Containers in production environments 2020 2023 2025 85% of organizations will adopt containers
Why Docker? #1 Most-Wanted and #1 Most Loved tool
Docker in a nutshell Dockerfile Image Container Registry “hub” push pull run build base image
Docker in a nutshell Dockerfile Image Container Registry “hub” push pull run build base image
Docker in a nutshell Dockerfile Image Container Registry “hub” push pull run build base image
Docker in a nutshell Dockerfile Image Container Registry “hub” push pull run build base image
Docker in a nutshell Dockerfile Image Container Registry “hub” push pull run build base image
How to measure Dockerfile quality? I’M FLAWLESS!
Haskell Dockerfile Linter How to measure Dockerfile quality?
Dockerfile smells Smells in Dockerfiles
Smells can negatively affect Docker images Image size Build reliability Security vulnerabilities
84% of 70000 Dockerfiles contain smells 2017 Cito et. al
“Version pinning smell is the biggest quality issue […] there is a declining trend of Dockerfile smells” Eng et. al 2021
It is not clear what smells are relevant and need to be fixed
Lack of advanced supporting tools for developers It is not clear what smells are relevant and need to be fixed
Empirical Study
Smell survivability Empirical Study
Smell survivability Fix recommendations Empirical Study
How do developers fix Dockerfile smells? RQ 1
RQ1 9.4M unique Dockerfiles from 2013 to 2020 Dockerfile snapshots over time
Smell survivability RQ1 Extraction of smell-fixing commits Dockerfile snapshots over time
RQ1 Extraction of smell-fixing commits Dockerfile snapshots over time Manual validation (1000 commits)
Manual validation smelly not smelly smelly not smelly
Extraction of smell-fixing commits Dockerfile snapshots over time Manual validation (1000 commits) Smell survivability RQ1
Which Dockerfile smells are developers willing to address? RQ 2
Eng et. al 2021 8+ smells RQ2 11.5M commits Most frequent and fixed smells
hadolint wiki RQ2 Most frequent and fixed smells Rule-based Refactoring tool
RQ2 Most frequent and fixed smells Rule-based Refactoring tool Refactoring recommendations Responses from developers
Not Accepted Accepted Pending Response status RQ2 Most frequent and fixed smells Rule-based Refactoring tool Refactoring recommendations Responses from developers Evaluation
Giovanni Rosa University of Molise, Italy giovanni.rosa@unimol.it Summary
1 of 32

Fixing Dockerfile Smells: An Empirical Study (ICSME 2022)

Download to read offline
Software

Background. Containerization technologies are widely adopted in the DevOps workflow. The most commonly used one is Docker, which requires developers to define a specification file (Dockerfile) to build the image used for creating containers. There are several best practice rules for writing Dockerfiles, but the developers do not always follow them. Violations of such practices, known as Dockerfile smells, can negatively impact the reliability and the performance of Docker images. Previous studies showed that Dockerfile smells are widely diffused, and there is a lack of automatic tools that support developers in fixing them. However, it is still unclear what Dockerfile smells get fixed by developers and to what extent developers would be willing to fix smells in the first place. Objective. The aim of our exploratory study is twofold. First, we want to understand what Dockerfiles smells receive more attention from developers, i.e., are fixed more frequently in the history of open-source projects. Second, we want to check if developers are willing to accept changes aimed at fixing Dockerfile smells (e.g., generated by an automated tool), to understand if they care about them. Method. In the first part of the study, we will evaluate the survivability of Dockerfile smells on a state-of-the-art dataset composed of 9.4M unique Dockerfiles. We rely on a state-of-the-art tool (hadolint) for detecting which Dockerfile smells disappear during the evolution of Dockerfiles, and we will manually analyze a large sample of such cases to understand if developers fixed them and if they were aware of the smell. In the second part, we will detect smelly Dockerfiles on a set of GitHub projects, and we will use a rule-based tool to automatically fix them. Finally, we will open pull requests proposing the modifications to developers, and we will quantitatively and qualitatively evaluate their outcomes. Giovanni Rosa, Simone Scalabrino, and Rocco Oliveto (University of Molise) https://arxiv.org/abs/2208.09097

Giovanni Rosa
Giovanni RosaPhD Student in Software Engineering at University of Molise

Recommended

Automatically Generating Dockerfiles via Deep Learning: Challenges and Promises by
Automatically Generating Dockerfiles via Deep Learning: Challenges and PromisesAutomatically Generating Dockerfiles via Deep Learning: Challenges and Promises
Automatically Generating Dockerfiles via Deep Learning: Challenges and PromisesGiovanni Rosa
68 views53 slides
DevOps, por onde começar by
DevOps, por onde começarDevOps, por onde começar
DevOps, por onde começarAdriano Tavares
965 views38 slides
Docker, LinuX Container by
Docker, LinuX ContainerDocker, LinuX Container
Docker, LinuX ContainerAraf Karsh Hamid
5.6K views71 slides
Docker: From Zero to Hero by
Docker: From Zero to HeroDocker: From Zero to Hero
Docker: From Zero to Herofazalraja
1.9K views21 slides
Docker Tutorial For Beginners | What Is Docker And How It Works? | Docker Tut... by
Docker Tutorial For Beginners | What Is Docker And How It Works? | Docker Tut...Docker Tutorial For Beginners | What Is Docker And How It Works? | Docker Tut...
Docker Tutorial For Beginners | What Is Docker And How It Works? | Docker Tut...Simplilearn
1.1K views104 slides
DevOpsDays Taipei 2019 - Mastering IaC the DevOps Way by
DevOpsDays Taipei 2019 - Mastering IaC the DevOps WayDevOpsDays Taipei 2019 - Mastering IaC the DevOps Way
DevOpsDays Taipei 2019 - Mastering IaC the DevOps Waysmalltown
1.9K views63 slides

More Related Content

What's hot

Continuous Integration/Deployment with Gitlab CI by
Continuous Integration/Deployment with Gitlab CIContinuous Integration/Deployment with Gitlab CI
Continuous Integration/Deployment with Gitlab CIDavid Hahn
5.9K views27 slides
Introduction to Docker - VIT Campus by
Introduction to Docker - VIT CampusIntroduction to Docker - VIT Campus
Introduction to Docker - VIT CampusAjeet Singh Raina
2.1K views91 slides
What Is A Docker Container? | Docker Container Tutorial For Beginners| Docker... by
What Is A Docker Container? | Docker Container Tutorial For Beginners| Docker...What Is A Docker Container? | Docker Container Tutorial For Beginners| Docker...
What Is A Docker Container? | Docker Container Tutorial For Beginners| Docker...Simplilearn
5.2K views61 slides
Midi technique - présentation docker by
Midi technique - présentation dockerMidi technique - présentation docker
Midi technique - présentation dockerOlivier Eeckhoutte
2.4K views43 slides
GitOps 101 Presentation.pdf by
GitOps 101 Presentation.pdfGitOps 101 Presentation.pdf
GitOps 101 Presentation.pdfssuser31375f
415 views63 slides
Docker Commands With Examples | Docker Tutorial | DevOps Tutorial | Docker Tr... by
Docker Commands With Examples | Docker Tutorial | DevOps Tutorial | Docker Tr...Docker Commands With Examples | Docker Tutorial | DevOps Tutorial | Docker Tr...
Docker Commands With Examples | Docker Tutorial | DevOps Tutorial | Docker Tr...Edureka!
1.2K views24 slides

What's hot(20)

Continuous Integration/Deployment with Gitlab CI by David Hahn
Continuous Integration/Deployment with Gitlab CIContinuous Integration/Deployment with Gitlab CI
Continuous Integration/Deployment with Gitlab CI
David Hahn5.9K views
Introduction to Docker - VIT Campus by Ajeet Singh Raina
Introduction to Docker - VIT CampusIntroduction to Docker - VIT Campus
Introduction to Docker - VIT Campus
Ajeet Singh Raina2.1K views
What Is A Docker Container? | Docker Container Tutorial For Beginners| Docker... by Simplilearn
What Is A Docker Container? | Docker Container Tutorial For Beginners| Docker...What Is A Docker Container? | Docker Container Tutorial For Beginners| Docker...
What Is A Docker Container? | Docker Container Tutorial For Beginners| Docker...
Simplilearn5.2K views
Midi technique - présentation docker by Olivier Eeckhoutte
Midi technique - présentation dockerMidi technique - présentation docker
Midi technique - présentation docker
Olivier Eeckhoutte2.4K views
GitOps 101 Presentation.pdf by ssuser31375f
GitOps 101 Presentation.pdfGitOps 101 Presentation.pdf
GitOps 101 Presentation.pdf
ssuser31375f415 views
Docker Commands With Examples | Docker Tutorial | DevOps Tutorial | Docker Tr... by Edureka!
Docker Commands With Examples | Docker Tutorial | DevOps Tutorial | Docker Tr...Docker Commands With Examples | Docker Tutorial | DevOps Tutorial | Docker Tr...
Docker Commands With Examples | Docker Tutorial | DevOps Tutorial | Docker Tr...
Edureka!1.2K views
Docker 101: Introduction to Docker by Docker, Inc.
Docker 101: Introduction to DockerDocker 101: Introduction to Docker
Docker 101: Introduction to Docker
Docker, Inc.71.1K views
Docker Basics by DuckDuckGo
Docker BasicsDocker Basics
Docker Basics
DuckDuckGo1.1K views
Dockers and containers basics by Sourabh Saxena
Dockers and containers basicsDockers and containers basics
Dockers and containers basics
Sourabh Saxena2.4K views
Docker by A.K.M. Ahsrafuzzaman
DockerDocker
Docker
A.K.M. Ahsrafuzzaman1K views
Gitlab CI/CD by JEMLI Fathi
Gitlab CI/CDGitlab CI/CD
Gitlab CI/CD
JEMLI Fathi1.1K views
Dev ops != Dev+Ops by Shalu Ahuja
Dev ops != Dev+OpsDev ops != Dev+Ops
Dev ops != Dev+Ops
Shalu Ahuja1.7K views
Kubernetes Introduction by Eric Gustafson
Kubernetes IntroductionKubernetes Introduction
Kubernetes Introduction
Eric Gustafson1.9K views
DevOps without DevOps Tools by Jagatveer Singh
DevOps without DevOps ToolsDevOps without DevOps Tools
DevOps without DevOps Tools
Jagatveer Singh290 views
Introduction to docker by Instruqt
Introduction to dockerIntroduction to docker
Introduction to docker
Instruqt657 views
Docker Introduction by Peng Xiao
Docker IntroductionDocker Introduction
Docker Introduction
Peng Xiao1.5K views
Docker Introduction by Robert Reiz
Docker IntroductionDocker Introduction
Docker Introduction
Robert Reiz28.4K views
Docker intro by Oleg Z
Docker introDocker intro
Docker intro
Oleg Z490 views
DevJam 2019 - Introduction to Kubernetes by Ronny Trommer
DevJam 2019 - Introduction to KubernetesDevJam 2019 - Introduction to Kubernetes
DevJam 2019 - Introduction to Kubernetes
Ronny Trommer2.2K views
Docker introduction (1) by Gourav Varma
Docker introduction (1)Docker introduction (1)
Docker introduction (1)
Gourav Varma351 views

Similar to Fixing Dockerfile Smells: An Empirical Study (ICSME 2022)

StackEngine Problem Space Demo by
StackEngine Problem Space DemoStackEngine Problem Space Demo
StackEngine Problem Space DemoBoyd Hemphill
4.9K views100 slides
StackEngine Demo - Boston by
StackEngine Demo - BostonStackEngine Demo - Boston
StackEngine Demo - BostonBoyd Hemphill
3.5K views152 slides
Docker Enables DevOps - Boston by
Docker Enables DevOps - BostonDocker Enables DevOps - Boston
Docker Enables DevOps - BostonBoyd Hemphill
6.2K views163 slides
Common primitives in Docker environments by
Common primitives in Docker environmentsCommon primitives in Docker environments
Common primitives in Docker environmentsalexandru giurgiu
1K views58 slides
Docker_Interview_Questions__Answers.pdf by
Docker_Interview_Questions__Answers.pdfDocker_Interview_Questions__Answers.pdf
Docker_Interview_Questions__Answers.pdfRifqiMultazamOfficia
6 views21 slides
Getting started with docker by
Getting started with dockerGetting started with docker
Getting started with dockerSaim Safder
114 views56 slides

Similar to Fixing Dockerfile Smells: An Empirical Study (ICSME 2022)(20)

StackEngine Problem Space Demo by Boyd Hemphill
StackEngine Problem Space DemoStackEngine Problem Space Demo
StackEngine Problem Space Demo
Boyd Hemphill4.9K views
StackEngine Demo - Boston by Boyd Hemphill
StackEngine Demo - BostonStackEngine Demo - Boston
StackEngine Demo - Boston
Boyd Hemphill3.5K views
Docker Enables DevOps - Boston by Boyd Hemphill
Docker Enables DevOps - BostonDocker Enables DevOps - Boston
Docker Enables DevOps - Boston
Boyd Hemphill6.2K views
Common primitives in Docker environments by alexandru giurgiu
Common primitives in Docker environmentsCommon primitives in Docker environments
Common primitives in Docker environments
alexandru giurgiu1K views
Docker_Interview_Questions__Answers.pdf by RifqiMultazamOfficia
Docker_Interview_Questions__Answers.pdfDocker_Interview_Questions__Answers.pdf
Docker_Interview_Questions__Answers.pdf
RifqiMultazamOfficia6 views
Getting started with docker by Saim Safder
Getting started with dockerGetting started with docker
Getting started with docker
Saim Safder114 views
Docker by Knoldus Inc.
DockerDocker
Docker
Knoldus Inc.111 views
DockerCon SF 2015: Keynote Day 1 by Docker, Inc.
DockerCon SF 2015: Keynote Day 1DockerCon SF 2015: Keynote Day 1
DockerCon SF 2015: Keynote Day 1
Docker, Inc.19K views
Using Docker and Elastic Beanstalk in Production by Ryan Marr
Using Docker and Elastic Beanstalk in ProductionUsing Docker and Elastic Beanstalk in Production
Using Docker and Elastic Beanstalk in Production
Ryan Marr276 views
StackEngine Problem Space Demo by Boyd Hemphill
StackEngine Problem Space DemoStackEngine Problem Space Demo
StackEngine Problem Space Demo
Boyd Hemphill643 views
Docker talk unicom DevOps summit London by Pini Reznik
Docker talk unicom DevOps summit LondonDocker talk unicom DevOps summit London
Docker talk unicom DevOps summit London
Pini Reznik927 views
Ignite 2016 - Docker Overview by Taylor Brown
Ignite 2016 - Docker OverviewIgnite 2016 - Docker Overview
Ignite 2016 - Docker Overview
Taylor Brown112 views
Boycott Docker by Paolo Tonin
Boycott DockerBoycott Docker
Boycott Docker
Paolo Tonin633 views
Docker, Cloud Foundry, Bosh & Bluemix by IBM
Docker, Cloud Foundry, Bosh & BluemixDocker, Cloud Foundry, Bosh & Bluemix
Docker, Cloud Foundry, Bosh & Bluemix
IBM3.4K views
Dockerizing development workflow by Orest Ivasiv
Dockerizing development workflowDockerizing development workflow
Dockerizing development workflow
Orest Ivasiv871 views
Docker: do's and don'ts by Paolo Tonin
Docker: do's and don'tsDocker: do's and don'ts
Docker: do's and don'ts
Paolo Tonin505 views
How to Dockerize Angular, Vue and React Web Apps by Belatrix Software
How to Dockerize Angular, Vue and React Web AppsHow to Dockerize Angular, Vue and React Web Apps
How to Dockerize Angular, Vue and React Web Apps
Belatrix Software 113 views
Introduction to docker and oci by Romain Schlick
Introduction to docker and ociIntroduction to docker and oci
Introduction to docker and oci
Romain Schlick296 views
Docker - A Container Full of Chocolatey by Chocolatey Software
Docker - A Container Full of ChocolateyDocker - A Container Full of Chocolatey
Docker - A Container Full of Chocolatey
Chocolatey Software75 views
DockerCon EU 2015: Day 1 General Session by Docker, Inc.
DockerCon EU 2015: Day 1 General SessionDockerCon EU 2015: Day 1 General Session
DockerCon EU 2015: Day 1 General Session
Docker, Inc.37.7K views

Recently uploaded

Winter '24 Release Chat.pdf by
Winter '24 Release Chat.pdfWinter '24 Release Chat.pdf
Winter '24 Release Chat.pdfmelbourneauuser
9 views20 slides
DSD-INT 2023 Delft3D FM Suite 2024.01 1D2D - Beta testing programme - Geertsema by
DSD-INT 2023 Delft3D FM Suite 2024.01 1D2D - Beta testing programme - GeertsemaDSD-INT 2023 Delft3D FM Suite 2024.01 1D2D - Beta testing programme - Geertsema
DSD-INT 2023 Delft3D FM Suite 2024.01 1D2D - Beta testing programme - GeertsemaDeltares
17 views13 slides
Elevate your SAP landscape's efficiency and performance with HCL Workload Aut... by
Elevate your SAP landscape's efficiency and performance with HCL Workload Aut...Elevate your SAP landscape's efficiency and performance with HCL Workload Aut...
Elevate your SAP landscape's efficiency and performance with HCL Workload Aut...HCLSoftware
6 views2 slides
LAVADORA ROLO.docx by
LAVADORA ROLO.docxLAVADORA ROLO.docx
LAVADORA ROLO.docxSamuelRamirez83524
7 views1 slide
Software evolution understanding: Automatic extraction of software identifier... by
Software evolution understanding: Automatic extraction of software identifier...Software evolution understanding: Automatic extraction of software identifier...
Software evolution understanding: Automatic extraction of software identifier...Ra'Fat Al-Msie'deen
7 views33 slides
Fleet Management Software in India by
Fleet Management Software in India Fleet Management Software in India
Fleet Management Software in India Fleetable
11 views1 slide

Recently uploaded(20)

Winter '24 Release Chat.pdf by melbourneauuser
Winter '24 Release Chat.pdfWinter '24 Release Chat.pdf
Winter '24 Release Chat.pdf
melbourneauuser9 views
DSD-INT 2023 Delft3D FM Suite 2024.01 1D2D - Beta testing programme - Geertsema by Deltares
DSD-INT 2023 Delft3D FM Suite 2024.01 1D2D - Beta testing programme - GeertsemaDSD-INT 2023 Delft3D FM Suite 2024.01 1D2D - Beta testing programme - Geertsema
DSD-INT 2023 Delft3D FM Suite 2024.01 1D2D - Beta testing programme - Geertsema
Deltares17 views
Elevate your SAP landscape's efficiency and performance with HCL Workload Aut... by HCLSoftware
Elevate your SAP landscape's efficiency and performance with HCL Workload Aut...Elevate your SAP landscape's efficiency and performance with HCL Workload Aut...
Elevate your SAP landscape's efficiency and performance with HCL Workload Aut...
HCLSoftware6 views
LAVADORA ROLO.docx by SamuelRamirez83524
LAVADORA ROLO.docxLAVADORA ROLO.docx
LAVADORA ROLO.docx
SamuelRamirez835247 views
Software evolution understanding: Automatic extraction of software identifier... by Ra'Fat Al-Msie'deen
Software evolution understanding: Automatic extraction of software identifier...Software evolution understanding: Automatic extraction of software identifier...
Software evolution understanding: Automatic extraction of software identifier...
Ra'Fat Al-Msie'deen7 views
Fleet Management Software in India by Fleetable
Fleet Management Software in India Fleet Management Software in India
Fleet Management Software in India
Fleetable11 views
WebAssembly by Jens Siebert
WebAssemblyWebAssembly
WebAssembly
Jens Siebert35 views
SAP FOR CONTRACT MANUFACTURING.pdf by Virendra Rai, PMP
SAP FOR CONTRACT MANUFACTURING.pdfSAP FOR CONTRACT MANUFACTURING.pdf
SAP FOR CONTRACT MANUFACTURING.pdf
Virendra Rai, PMP11 views
DSD-INT 2023 Thermobaricity in 3D DCSM-FM - taking pressure into account in t... by Deltares
DSD-INT 2023 Thermobaricity in 3D DCSM-FM - taking pressure into account in t...DSD-INT 2023 Thermobaricity in 3D DCSM-FM - taking pressure into account in t...
DSD-INT 2023 Thermobaricity in 3D DCSM-FM - taking pressure into account in t...
Deltares9 views
Keep by Geniusee
KeepKeep
Keep
Geniusee75 views
What Can Employee Monitoring Software Do?​ by wAnywhere
What Can Employee Monitoring Software Do?​What Can Employee Monitoring Software Do?​
What Can Employee Monitoring Software Do?​
wAnywhere21 views
DSD-INT 2023 Simulation of Coastal Hydrodynamics and Water Quality in Hong Ko... by Deltares
DSD-INT 2023 Simulation of Coastal Hydrodynamics and Water Quality in Hong Ko...DSD-INT 2023 Simulation of Coastal Hydrodynamics and Water Quality in Hong Ko...
DSD-INT 2023 Simulation of Coastal Hydrodynamics and Water Quality in Hong Ko...
Deltares12 views
MariaDB stored procedures and why they should be improved by Federico Razzoli
MariaDB stored procedures and why they should be improvedMariaDB stored procedures and why they should be improved
MariaDB stored procedures and why they should be improved
Federico Razzoli8 views
DSD-INT 2023 European Digital Twin Ocean and Delft3D FM - Dols by Deltares
DSD-INT 2023 European Digital Twin Ocean and Delft3D FM - DolsDSD-INT 2023 European Digital Twin Ocean and Delft3D FM - Dols
DSD-INT 2023 European Digital Twin Ocean and Delft3D FM - Dols
Deltares7 views
.NET Developer Conference 2023 - .NET Microservices mit Dapr – zu viel Abstra... by Marc Müller
.NET Developer Conference 2023 - .NET Microservices mit Dapr – zu viel Abstra....NET Developer Conference 2023 - .NET Microservices mit Dapr – zu viel Abstra...
.NET Developer Conference 2023 - .NET Microservices mit Dapr – zu viel Abstra...
Marc Müller38 views
DSD-INT 2023 Next-Generation Flood Inundation Mapping for Taiwan - Delft3D FM... by Deltares
DSD-INT 2023 Next-Generation Flood Inundation Mapping for Taiwan - Delft3D FM...DSD-INT 2023 Next-Generation Flood Inundation Mapping for Taiwan - Delft3D FM...
DSD-INT 2023 Next-Generation Flood Inundation Mapping for Taiwan - Delft3D FM...
Deltares7 views
A first look at MariaDB 11.x features and ideas on how to use them by Federico Razzoli
A first look at MariaDB 11.x features and ideas on how to use themA first look at MariaDB 11.x features and ideas on how to use them
A first look at MariaDB 11.x features and ideas on how to use them
Federico Razzoli45 views
El Arte de lo Possible by Neo4j
El Arte de lo PossibleEl Arte de lo Possible
El Arte de lo Possible
Neo4j39 views
Advanced API Mocking Techniques by Dimpy Adhikary
Advanced API Mocking TechniquesAdvanced API Mocking Techniques
Advanced API Mocking Techniques
Dimpy Adhikary19 views
DSD-INT 2023 Modelling litter in the Yarra and Maribyrnong Rivers (Australia)... by Deltares
DSD-INT 2023 Modelling litter in the Yarra and Maribyrnong Rivers (Australia)...DSD-INT 2023 Modelling litter in the Yarra and Maribyrnong Rivers (Australia)...
DSD-INT 2023 Modelling litter in the Yarra and Maribyrnong Rivers (Australia)...
Deltares9 views

Fixing Dockerfile Smells: An Empirical Study (ICSME 2022)