Task 02 — Context Leak

How to evaluate

csot submit ./solutions -w week-02 -t 02

Submit as: 02/.dockerignore A previous intern shipped a 900 MB image with secrets baked in: the Dockerfile does COPY . . and the build context contains .env (cloud keys), a .pem key, node_modules/, and __pycache__/.

Write a .dockerignore so the image keeps the app but excludes the junk and secrets. You cannot change the Dockerfile.

What the grader checks

It builds the fixture with your .dockerignore, then inspects the image:

• app.py and requirements.txt are still present (3 pts)
• .env is gone (3 pts)
• node_modules/, __pycache__/, and *.pem are gone (4 pts)

Points: 10