Skip to content

fix: add .env and .git exclusions to dockerignore template#361

Merged
notgitika merged 1 commit intomainfrom
fix/dockerignore-security-exclusions
Feb 20, 2026
Merged

fix: add .env and .git exclusions to dockerignore template#361
notgitika merged 1 commit intomainfrom
fix/dockerignore-security-exclusions

Conversation

@tejaskash
Copy link
Contributor

@tejaskash tejaskash commented Feb 20, 2026

Summary

  • Fixes CONT-04 (P1): The dockerignore template was missing exclusions for sensitive files, creating a security trap for every generated container project.
  • Adds .env and .env.* exclusions to prevent credentials/API keys from being baked into Docker images.
  • Adds .git/ exclusion to prevent git history (which may contain accidentally committed secrets) from being included.
  • Only affects newly scaffolded container projects; existing user projects are not impacted.

Test plan

  • Snapshot tests pass (72/72)
  • Scaffold a new container-type agent project and verify the generated .dockerignore includes the new exclusions
  • Create a .env file in the project, run docker build, and confirm it is not present in the image

@tejaskash
fix: add .env and .git exclusions to dockerignore template
ae9404d 
Without these exclusions, docker build silently includes .env files
(which typically contain credentials/API keys) and .git/ history in
the container image. If pushed to a registry, secrets are exposed.
@tejaskash tejaskash requested a review from a team February 20, 2026 16:06
@github-actions github-actions bot added the size/xs PR size: XS label Feb 20, 2026
@github-actions
Copy link
Contributor

github-actions bot commented Feb 20, 2026

Coverage Report

Status Category Percentage Covered / Total
🔵 Lines 43.54% 2884 / 6623
🔵 Statements 43.15% 3040 / 7045
🔵 Functions 45.68% 609 / 1333
🔵 Branches 48.48% 1893 / 3904
Generated in workflow #468 for commit ae9404d by the Vitest Coverage Report Action

@notgitika notgitika merged commit df4eebc into main Feb 20, 2026
16 of 18 checks passed
@notgitika notgitika deleted the fix/dockerignore-security-exclusions branch February 20, 2026 16:16
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@notgitika notgitika notgitika approved these changes

Assignees

No one assigned

Labels

size/xs PR size: XS

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@tejaskash @notgitika