From fbd9919afa0dad7d132565e8ea12d28670cdb9ee Mon Sep 17 00:00:00 2001 From: Nicola Murino Date: Thu, 12 Nov 2020 22:40:53 +0100 Subject: [PATCH] docker: add slim image --- .github/workflows/docker.yml | 56 ++++++++++++++++++++++++++++++------ Dockerfile | 3 -- Dockerfile.alpine | 3 -- Dockerfile.full | 10 +++++++ Dockerfile.full.alpine | 10 +++++++ docker/README.md | 10 +++++-- 6 files changed, 76 insertions(+), 16 deletions(-) create mode 100644 Dockerfile.full create mode 100644 Dockerfile.full.alpine diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index 774c6e12..62133e38 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -40,7 +40,8 @@ jobs: id: info run: | VERSION=noop - DOCKERFILE=Dockerfile + DOCKERFILE_SLIM=Dockerfile + DOCKERFILE=Dockerfile.full MINOR="" MAJOR="" if [ "${{ github.event_name }}" = "schedule" ]; then @@ -59,27 +60,40 @@ jobs: MINOR=${VERSION%.*} MAJOR=${MINOR%.*} fi + VERSION_SLIM="${VERSION}-slim" if [[ $DOCKER_PKG == alpine ]]; then VERSION="${VERSION}-alpine" - DOCKERFILE=Dockerfile.alpine + VERSION_SLIM="${VERSION}-slim" + DOCKERFILE_SLIM=Dockerfile.alpine + DOCKERFILE=Dockerfile.full.alpine fi TAGS="${DOCKER_IMAGE}:${VERSION}" + TAGS_SLIM="${DOCKER_IMAGE}:${VERSION_SLIM}" + BASE_IMAGE="${TAGS_SLIM}" if [[ $GITHUB_REF == refs/tags/* ]]; then if [[ $DOCKER_PKG == debian ]]; then if [[ -n $MAJOR && -n $MINOR ]]; then TAGS="$TAGS,${DOCKER_IMAGE}:${MINOR},${DOCKER_IMAGE}:${MAJOR}" + TAGS_SLIM="$TAGS_SLIM,${DOCKER_IMAGE}:${MINOR}-slim,${DOCKER_IMAGE}:${MAJOR}-slim" fi TAGS="$TAGS,${DOCKER_IMAGE}:latest" + TAGS_SLIM="$TAGS_SLIM,${DOCKER_IMAGE}:slim" else if [[ -n $MAJOR && -n $MINOR ]]; then TAGS="$TAGS,${DOCKER_IMAGE}:${MINOR}-alpine,${DOCKER_IMAGE}:${MAJOR}-alpine" + TAGS_SLIM="$TAGS_SLIM,${DOCKER_IMAGE}:${MINOR}-alpine-slim,${DOCKER_IMAGE}:${MAJOR}-alpine-slim" fi TAGS="$TAGS,${DOCKER_IMAGE}:alpine" + TAGS_SLIM="$TAGS_SLIM,${DOCKER_IMAGE}:alpine-slim" fi fi echo ::set-output name=dockerfile::${DOCKERFILE} + echo ::set-output name=dockerfile-slim::${DOCKERFILE_SLIM} echo ::set-output name=version::${VERSION} + echo ::set-output name=version-slim::${VERSION_SLIM} echo ::set-output name=tags::${TAGS} + echo ::set-output name=tags-slim::${TAGS_SLIM} + echo ::set-output name=base-image::${BASE_IMAGE} echo ::set-output name=created::$(date -u +'%Y-%m-%dT%H:%M:%SZ') echo ::set-output name=sha::${GITHUB_SHA::8} env: @@ -89,8 +103,11 @@ jobs: - name: Set up QEMU uses: docker/setup-qemu-action@v1 - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v1 + - uses: docker/setup-buildx-action@v1 + id: builder-slim + + - uses: docker/setup-buildx-action@v1 + id: builder-full - name: Login to Docker Hub uses: docker/login-action@v1 @@ -107,13 +124,14 @@ jobs: password: ${{ secrets.CR_PAT }} if: ${{ github.event_name != 'pull_request' && matrix.docker_image == 'ghcr.io/drakkan/sftpgo' }} - - name: Build and push + - name: Build and push slim uses: docker/build-push-action@v2 with: - file: ./${{ steps.info.outputs.dockerfile }} + builder: ${{ steps.builder-slim.outputs.name }} + file: ./${{ steps.info.outputs.dockerfile-slim }} platforms: linux/amd64,linux/arm64,linux/ppc64le push: ${{ github.event_name != 'pull_request' }} - tags: ${{ steps.info.outputs.tags }} + tags: ${{ steps.info.outputs.tags-slim }} build-args: | COMMIT_SHA=${{ steps.info.outputs.sha }} labels: | @@ -121,7 +139,29 @@ jobs: org.opencontainers.image.description=Fully featured and highly configurable SFTP server with optional FTP/S and WebDAV support org.opencontainers.image.url=${{ fromJson(steps.repo.outputs.result).html_url }} org.opencontainers.image.documentation=${{ fromJson(steps.repo.outputs.result).html_url }}/blob/${{ github.sha }}/docker/README.md - org.opencontainers.image.source=${{ fromJson(steps.repo.outputs.result).clone_url }} + org.opencontainers.image.source=${{ fromJson(steps.repo.outputs.result).html_url }} + org.opencontainers.image.version=${{ steps.info.outputs.version }} + org.opencontainers.image.created=${{ steps.info.outputs.created }} + org.opencontainers.image.revision=${{ github.sha }} + org.opencontainers.image.licenses=${{ fromJson(steps.repo.outputs.result).license.spdx_id }} + + - name: Build and push full + uses: docker/build-push-action@v2 + with: + builder: ${{ steps.builder-full.outputs.name }} + file: ./${{ steps.info.outputs.dockerfile }} + platforms: linux/amd64,linux/arm64,linux/ppc64le + push: ${{ github.event_name != 'pull_request' }} + tags: ${{ steps.info.outputs.tags }} + build-args: | + COMMIT_SHA=${{ steps.info.outputs.sha }} + BASE_IMAGE=${{ steps.info.outputs.base-image }} + labels: | + org.opencontainers.image.title=SFTPGo + org.opencontainers.image.description=Fully featured and highly configurable SFTP server with optional FTP/S and WebDAV support + org.opencontainers.image.url=${{ fromJson(steps.repo.outputs.result).html_url }} + org.opencontainers.image.documentation=${{ fromJson(steps.repo.outputs.result).html_url }}/blob/${{ github.sha }}/docker/README.md + org.opencontainers.image.source=${{ fromJson(steps.repo.outputs.result).html_url }} org.opencontainers.image.version=${{ steps.info.outputs.version }} org.opencontainers.image.created=${{ steps.info.outputs.created }} org.opencontainers.image.revision=${{ github.sha }} diff --git a/Dockerfile b/Dockerfile index 11fdebd8..349832c0 100644 --- a/Dockerfile +++ b/Dockerfile @@ -34,9 +34,6 @@ RUN groupadd --system -g 1000 sftpgo && \ --home-dir /var/lib/sftpgo --shell /usr/sbin/nologin \ --comment "SFTPGo user" --uid 1000 sftpgo -# Install some optional packages used by SFTPGo features -RUN apt-get update && apt-get install --no-install-recommends -y git rsync && rm -rf /var/lib/apt/lists/* - COPY --from=builder /workspace/sftpgo.json /etc/sftpgo/sftpgo.json COPY --from=builder /workspace/templates /usr/share/sftpgo/templates COPY --from=builder /workspace/static /usr/share/sftpgo/static diff --git a/Dockerfile.alpine b/Dockerfile.alpine index 865056de..fb3c8fce 100644 --- a/Dockerfile.alpine +++ b/Dockerfile.alpine @@ -39,9 +39,6 @@ RUN mkdir -p /etc/sftpgo /var/lib/sftpgo /usr/share/sftpgo /srv/sftpgo RUN addgroup -g 1000 -S sftpgo && \ adduser -u 1000 -h /var/lib/sftpgo -s /sbin/nologin -G sftpgo -S -D -H -g "SFTPGo user" sftpgo -# Install some optional packages used by SFTPGo features -RUN apk add --update --no-cache rsync git - COPY --from=builder /workspace/sftpgo.json /etc/sftpgo/sftpgo.json COPY --from=builder /workspace/templates /usr/share/sftpgo/templates COPY --from=builder /workspace/static /usr/share/sftpgo/static diff --git a/Dockerfile.full b/Dockerfile.full new file mode 100644 index 00000000..f36836d0 --- /dev/null +++ b/Dockerfile.full @@ -0,0 +1,10 @@ +ARG BASE_IMAGE + +FROM ${BASE_IMAGE} + +USER root + +# Install some optional packages used by SFTPGo features +RUN apt-get update && apt-get install --no-install-recommends -y git rsync && rm -rf /var/lib/apt/lists/* + +USER 1000:1000 \ No newline at end of file diff --git a/Dockerfile.full.alpine b/Dockerfile.full.alpine new file mode 100644 index 00000000..ec0b0f0f --- /dev/null +++ b/Dockerfile.full.alpine @@ -0,0 +1,10 @@ +ARG BASE_IMAGE + +FROM ${BASE_IMAGE} + +USER root + +# Install some optional packages used by SFTPGo features +RUN apk add --update --no-cache rsync git + +USER 1000:1000 \ No newline at end of file diff --git a/docker/README.md b/docker/README.md index b855ea06..026bf5d5 100644 --- a/docker/README.md +++ b/docker/README.md @@ -6,8 +6,10 @@ SFTPGo provides an official Docker image, it is available on both [Docker Hub](h - [v1.2.0, v1.2, v1, latest](https://github.com/drakkan/sftpgo/blob/v1.2.0/Dockerfile) - [v1.2.0-alpine, v1.2-alpine, v1-alpine, alpine](https://github.com/drakkan/sftpgo/blob/v1.2.0/Dockerfile.alpine) -- [edge](../Dockerfile) -- [edge-alpine](../Dockerfile.alpine) +- [edge](../Dockerfile.full) +- [edge-alpine](../Dockerfile.full.alpine) +- [edge-slim](../Dockerfile) +- [edge-alpine-slim](../Dockerfile.alpine) ## How to use the SFTPGo image @@ -121,6 +123,10 @@ This image is based on the popular [Alpine Linux project](https://alpinelinux.or This variant is highly recommended when final image size being as small as possible is desired. The main caveat to note is that it does use [musl libc](https://musl.libc.org/) instead of [glibc and friends](https://www.etalabs.net/compare_libcs.html), so certain software might run into issues depending on the depth of their libc requirements. However, most software doesn't have an issue with this, so this variant is usually a very safe choice. See [this Hacker News comment thread](https://news.ycombinator.com/item?id=10782897) for more discussion of the issues that might arise and some pro/con comparisons of using Alpine-based images. +### `sftpgo:-slim` + +These tags provide a slimmer image that does not include the optional `git` and `rsync` dependencies. + ## Helm Chart An helm chart is [available](https://artifacthub.io/packages/helm/sagikazarmark/sftpgo). You can find the source code [here](https://github.com/sagikazarmark/helm-charts/tree/master/charts/sftpgo).