feat(docker): add spin cli Dockerfiles; add build/push to release.yml #2700
Conversation
vdice
force-pushed
the
feat/spin-docker-image
branch
from
99e9c26 to
f07cd78
Compare
Yes: |
vdice
force-pushed
the
feat/spin-docker-image
branch
from
f07cd78 to
a1da304
Compare
Signed-off-by: Vaughn Dice <vaughn.dice@fermyon.com>
vdice
force-pushed
the
feat/spin-docker-image
branch
from
a1da304 to
e34325a
Compare
| @@ -380,3 +380,80 @@ jobs: | |||
| repository: fermyon/homebrew-tap | |||
| event-type: spin-release | |||
| client-payload: '{"version": "${{ github.ref_name }}"}' | |||
|
|
|||
| docker: | |||
| runs-on: "ubuntu-20.04" | |||
There was a problem hiding this comment.
I propose relegating to a follow-up; this is the version used elsewhere in the workflow so it might be nice to update all at the same time.
There was a problem hiding this comment.
Yes 👍🏻 that makes sense. Thank you
| matrix: | ||
| config: | ||
| - { dockerfile: "Dockerfile", tag-suffix: "" } | ||
| - { dockerfile: "distroless.Dockerfile", tag-suffix: "-distroless" } |
There was a problem hiding this comment.
Hi @vdice, just a curious question: does distroless means static implicitly?
There was a problem hiding this comment.
@rajatjindal Yes; well both. It uses a distroless base image and includes the static Spin binary. Open to alternative names... what do you think?
There was a problem hiding this comment.
I was wondering if it is worth adding static to the name, if distroless implies static by default, then we can omit it. But otherwise it would be nice to call it out explicitly.
There was a problem hiding this comment.
Indeed, I do think distroless implies static by default.
Adds Dockerfiles/CI for producing images wrapping the spin CLI on releases. These may be generally useful but were recently motivated by utilization in SpinKube. See #2677 for further motivation/discussion.
On a Spin release, the default image, eg
ghcr.io/fermyon/spin:v2.8.0, has a Debian base (currentlybookworm-slim) and includes the standard, dynamically-linked Spin binary, with a few utilities to enable further extension if desired (eg installing plugins). A smaller, distroless image is also produced, egghcr.io/fermyon/spin:v2.8.0-distroless, which bundles a statically-linked Spin binary for purposes when, say, onlyspin up --from ...is needed and further extensibility isn't required.Here I've opted to pull in binaries built in the previous build steps, as opposed to attempting to (re)-run the build in the container itself. This cuts out potential headaches of debugging failed Docker builds and repurposes the same artifacts that are installed/run directly (sans container).
Closes #2677