Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: Add Dockerfile with wolfi-base as production image #9029 #16481

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

feat: Add Dockerfile with wolfi-base as production image #9029 #16481

wants to merge 1 commit into from

Conversation

amouat
Copy link

@amouat amouat commented Nov 29, 2023

Draft PR with wolfi based Dockerfile following on from #9029 and #12708.

This is not a distroless Dockerfile. The final image includes a package manager and a shell. If a truly distroless image is wanted, I think @tuananh's proposal is the best solution: https://github.com/tuananh/distroless-argocd. That proposal was rejected (understandably) as it makes large changes to both the build system and base images.

This proposal is something of a half-way house. The production image is moved to wolfi-base, which includes a shell and package manager which allows simple installation of the multiple dependencies required by argocd. The final image is 275MB, which is considerably smaller than the current 417MB image (as reported by docker images).

I have not fully tested this image. It builds, but I wanted to get some feedback before going further. Please let me know what you think and if I should continue down this path.

BTW was there ever an attempt to use alpine? I'm assuming there was an issue there to do with musl vs gllibc?

Closes [ISSUE 9029] (actually I'm not sure it does, but it's related).

Checklist:

  • Either (a) I've created an enhancement proposal and discussed it with the community, (b) this is a bug fix, or (c) this does not need to be in the release notes.
  • The title of the PR states what changed and the related issues number (used for the release note).
  • The title of the PR conforms to the Toolchain Guide
  • I've included "Closes [ISSUE #]" or "Fixes [ISSUE #]" in the description to automatically close the associated issue.
  • I've updated both the CLI and UI to expose my feature, or I plan to submit a second PR with them.
  • Does this PR require documentation updates?
  • I've updated documentation as required by this PR.
    Not yet, this needs to be done but wanted to discuss first.
  • Optional. My organization is added to USERS.md.
  • I have signed off all my commits as required by DCO
  • I have written unit and/or e2e tests for my change. PRs without these are unlikely to be merged.
  • My build is green (troubleshooting builds).
  • My new feature complies with the feature status guidelines.
  • I have added a brief description of why this PR is necessary and/or what this PR solves.

@amouat
Dockerfile using wolfi-base as production image.
4fefabf 
Signed-off-by: Adrian Mouat <adrian@chainguard.dev>
@amouat amouat requested a review from a team as a code owner November 29, 2023 12:52
@amouat amouat mentioned this pull request Nov 29, 2023
Open
@amouat amouat mentioned this pull request Dec 12, 2023
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@amouat