Having separate images for the assembly and the finished application is good practice - this means that your final application image is clean and has a minimal set of functions, just what you need to run the application. This results in a reduction in the image (more importantly) of the smaller attack surface. A good entry here is the Docker Builder template .
Alternatively, the advantage of having a single image containing your application and assembly tools is that you reduce your management overhead during development - you do not need to bundle assemblies together or manage multiple versions of multiple images. But the cost of having a more bloated final app with great potential for exploits might not be worth it.