In Dockerfiles, a common use case is downloading remote resources to use during the build. This is often done using third-party tools inside the
image, like wget or curl. However, this practice can lead to inefficient use of Docker’s build cache and unnecessary
complexity. The ADD instruction is a built-in feature of Docker that is specifically designed for this purpose, making it a more
efficient and safer choice.
Using wget or curl commands to retrieve remote content in Dockerfiles instead of the ADD instruction can
lead to several issues, particularly related to the inefficient use of Docker’s build cache.
Docker’s build cache is a powerful feature that can significantly speed up the build process by reusing intermediate layers from previous builds if
no changes were detected. When you use wget, curl, or similar commands, these commands are run during the build process, and
Docker has no way of knowing if the remote content has changed without executing the commands. This makes it impossible to cache the results of these
commands efficiently.
Moreover, installing third-party tools inside the image can introduce unnecessary complexity, dependency on external tools and increase the size of the final image.
In some cases, the ADD instruction is not able to replace the wget or curl command, especially if specific
HTTP parameters are required: method, headers, body, etc.
FROM ubuntu:20.04 RUN wget --header="Authorization: Bearer your_token" --method=POST https://example.com/resource
FROM ubuntu:20.04 RUN wget https://example.com/resource -O /path/to/resource
FROM ubuntu:20.04 RUN curl -o /path/to/resource https://example.com/resource && echo "123456abcdef /path/to/resource" | sha256sum --check
FROM ubuntu:20.04 ADD https://example.com/resource /path/to/resource
FROM ubuntu:20.04 ADD --checksum=sha256:123456abcdef https://example.com/resource /path/to/resource