beenull/sftpgo-mirror
1
0
Fork 0
mirror of https://github.com/drakkan/sftpgo.git synced 2024-11-25 00:50:31 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

distroless image: minor changes

Browse source
This commit is contained in:
Nicola Murino 2021-09-07 19:52:28 +02:00
parent c106498dd8
commit 90f64c9f63
No known key found for this signature in database
GPG key ID: 2F1FB59433D5A8CB
3 changed files with 27 additions and 24 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

30
.github/workflows/docker.yml vendored
View file

@ -21,10 +21,13 @@ jobs:
docker_pkg: docker_pkg:
- debian - debian
- alpine - alpine
- distroless
optional_deps: optional_deps:
- true - true
- false - false
include:
- os: ubuntu-latest
docker_pkg: distroless
optional_deps: false
steps: steps:
- name: Checkout - name: Checkout
uses: actions/checkout@v2 uses: actions/checkout@v2
@ -65,9 +68,9 @@ jobs:
VERSION="${VERSION}-alpine" VERSION="${VERSION}-alpine"
VERSION_SLIM="${VERSION}-slim" VERSION_SLIM="${VERSION}-slim"
DOCKERFILE=Dockerfile.alpine DOCKERFILE=Dockerfile.alpine
fi elif [[ $DOCKER_PKG == distroless ]]; then
if [[ $DOCKER_PKG == distroless ]]; then VERSION="${VERSION}-distroless"
VERSION_SLIM="${VERSION}-distroless-slim" VERSION_SLIM="${VERSION}-slim"
DOCKERFILE=Dockerfile.distroless DOCKERFILE=Dockerfile.distroless
fi fi
DOCKER_IMAGES=("drakkan/sftpgo" "ghcr.io/drakkan/sftpgo") DOCKER_IMAGES=("drakkan/sftpgo" "ghcr.io/drakkan/sftpgo")
@ -89,9 +92,11 @@ jobs:
TAGS_SLIM="${TAGS_SLIM},${DOCKER_IMAGE}:slim" TAGS_SLIM="${TAGS_SLIM},${DOCKER_IMAGE}:slim"
elif [[ $DOCKER_PKG == distroless ]]; then elif [[ $DOCKER_PKG == distroless ]]; then
if [[ -n $MAJOR && -n $MINOR ]]; then if [[ -n $MAJOR && -n $MINOR ]]; then
TAGS="${TAGS},${DOCKER_IMAGE}:${MINOR}-distroless,${DOCKER_IMAGE}:${MAJOR}-distroless"
TAGS_SLIM="${TAGS_SLIM},${DOCKER_IMAGE}:${MINOR}-distroless-slim,${DOCKER_IMAGE}:${MAJOR}-distroless-slim" TAGS_SLIM="${TAGS_SLIM},${DOCKER_IMAGE}:${MINOR}-distroless-slim,${DOCKER_IMAGE}:${MAJOR}-distroless-slim"
fi fi
TAGS_SLIM="${TAGS_SLIM},${DOCKER_IMAGE}:slim" TAGS="${TAGS},${DOCKER_IMAGE}:distroless"
TAGS_SLIM="${TAGS_SLIM},${DOCKER_IMAGE}:distroless-slim"
else else
if [[ -n $MAJOR && -n $MINOR ]]; then if [[ -n $MAJOR && -n $MINOR ]]; then
TAGS="${TAGS},${DOCKER_IMAGE}:${MINOR}-alpine,${DOCKER_IMAGE}:${MAJOR}-alpine" TAGS="${TAGS},${DOCKER_IMAGE}:${MINOR}-alpine,${DOCKER_IMAGE}:${MAJOR}-alpine"
@ -104,14 +109,9 @@ jobs:
done done
if [[ $OPTIONAL_DEPS == true ]]; then if [[ $OPTIONAL_DEPS == true ]]; then
if [[ $DOCKER_PKG != distroless ]]; then echo ::set-output name=version::${VERSION}
echo ::set-output name=version::${VERSION} echo ::set-output name=tags::${TAGS}
echo ::set-output name=tags::${TAGS} echo ::set-output name=full::true
echo ::set-output name=full::true
else
# skip for distroless no slim
echo ::set-output name=skip_build_and_push_step::true
fi
else else
echo ::set-output name=version::${VERSION_SLIM} echo ::set-output name=version::${VERSION_SLIM}
echo ::set-output name=tags::${TAGS_SLIM} echo ::set-output name=tags::${TAGS_SLIM}
@ -167,6 +167,4 @@ jobs:
org.opencontainers.image.version=${{ steps.info.outputs.version }} org.opencontainers.image.version=${{ steps.info.outputs.version }}
org.opencontainers.image.created=${{ steps.info.outputs.created }} org.opencontainers.image.created=${{ steps.info.outputs.created }}
org.opencontainers.image.revision=${{ github.sha }} org.opencontainers.image.revision=${{ github.sha }}
org.opencontainers.image.licenses=${{ fromJson(steps.repo.outputs.result).license.spdx_id }} org.opencontainers.image.licenses=${{ fromJson(steps.repo.outputs.result).license.spdx_id }}
# skip for distroless no slim
if: ${{ steps.info.outputs.skip_build_and_push_step != 'true' }}

8
Dockerfile.distroless
View file

@ -13,8 +13,8 @@ RUN go mod download
ARG COMMIT_SHA ARG COMMIT_SHA
# This ARG allows to disable some optional features and it might be useful if you build the image yourself. # This ARG allows to disable some optional features and it might be useful if you build the image yourself.
# For example you can disable S3 and GCS support like this: # For this variant we disable SQLite support since it requires CGO and so a C runtime which is not installed
# --build-arg FEATURES=nos3,nogcs # in distroless/static-* images
ARG FEATURES=nosqlite ARG FEATURES=nosqlite
COPY . . COPY . .
@ -48,6 +48,10 @@ ENV SFTPGO_LOG_FILE_PATH=""
# templates and static paths are inside the container # templates and static paths are inside the container
ENV SFTPGO_HTTPD__TEMPLATES_PATH=/usr/share/sftpgo/templates ENV SFTPGO_HTTPD__TEMPLATES_PATH=/usr/share/sftpgo/templates
ENV SFTPGO_HTTPD__STATIC_FILES_PATH=/usr/share/sftpgo/static ENV SFTPGO_HTTPD__STATIC_FILES_PATH=/usr/share/sftpgo/static
# These env vars are required to avoid the following error when calling user.Current():
# unable to get the current user: user: Current requires cgo or $USER set in environment
ENV USER=sftpgo
ENV HOME=/var/lib/sftpgo
WORKDIR /var/lib/sftpgo WORKDIR /var/lib/sftpgo
USER 1000:1000 USER 1000:1000

13
docker/README.md
View file

@ -88,7 +88,7 @@ The logs are available through Docker's container log:
docker logs some-sftpgo docker logs some-sftpgo
``` ```
**Note:** [distroless](../Dockerfile.distroless) image contains only application and its runtime dependencies. Shell access is not available on this image. **Note:** [distroless](../Dockerfile.distroless) image contains only a statically linked sftpgo binary and its minimal runtime dependencies. Shell is not available on this image.
### Where to Store Data ### Where to Store Data
@ -169,11 +169,11 @@ RUN chown -R 1100:1100 /etc/sftpgo && chown 1100:1100 /var/lib/sftpgo /srv/sftpg
USER 1100:1100 USER 1100:1100
``` ```
**Note:** the above Dockerfile will not work for [distroless](../Dockerfile.distroless) image since the `chown` command is not available there. **Note:** the above Dockerfile will not work if you use the [distroless](../Dockerfile.distroless) image as base since the `chown` command is not available there.
## Image Variants ## Image Variants
The `sftpgo` images comes in many flavors, each designed for a specific use case. The `edge` and `edge-alpine`tags are updated after each new commit. The `sftpgo` images comes in many flavors, each designed for a specific use case. The `edge`, `edge-slim`, `edge-alpine`, `edge-alpine-slim` and `edge-distroless-slim` tags are updated after each new commit.
### `sftpgo:<version>` ### `sftpgo:<version>`
@ -189,9 +189,10 @@ This variant is highly recommended when final image size being as small as possi
This image is based on the popular [Distroless project](https://github.com/GoogleContainerTools/distroless). We use the latest Debian based distroless image as base. This image is based on the popular [Distroless project](https://github.com/GoogleContainerTools/distroless). We use the latest Debian based distroless image as base.
Distroless image contains only application and its runtime dependencies and so it doesn't allow shell access (no shell is installed). Distroless variant contains only a statically linked sftpgo binary and its minimal runtime dependencies and so it doesn't allow shell access (no shell is installed).
SQLite support is disabled since it requires CGO and so a C runtime. We use a statically linked SFTPGo binary here. SQLite support is disabled since it requires CGO and so a C runtime which is not installed.
The default data-provider is `bolt`, all the supported data providers expect `sqlite` work. The default data provider is `bolt`, all the supported data providers expect `sqlite` work.
We only provide the slim variant and so the optional `git` and `rsync` dependencies are not available.
### `sftpgo:<suite>-slim` ### `sftpgo:<suite>-slim`