docker: add slim image

2020-11-12 22:40:53 +01:00 · 2020-11-12 22:40:53 +01:00 · fbd9919afa
commit fbd9919afa
parent eec8bc73f4
6 changed files with 76 additions and 16 deletions
--- a/.github/workflows/docker.yml
+++ b/.github/workflows/docker.yml
@ -40,7 +40,8 @@ jobs:
        id: info
        run: |
          VERSION=noop
-          DOCKERFILE=Dockerfile
+          DOCKERFILE_SLIM=Dockerfile
+          DOCKERFILE=Dockerfile.full
          MINOR=""
          MAJOR=""
          if [ "${{ github.event_name }}" = "schedule" ]; then
@ -59,27 +60,40 @@ jobs:
            MINOR=${VERSION%.*}
            MAJOR=${MINOR%.*}
          fi
+          VERSION_SLIM="${VERSION}-slim"
          if [[ $DOCKER_PKG == alpine ]]; then
            VERSION="${VERSION}-alpine"
-            DOCKERFILE=Dockerfile.alpine
+            VERSION_SLIM="${VERSION}-slim"
+            DOCKERFILE_SLIM=Dockerfile.alpine
+            DOCKERFILE=Dockerfile.full.alpine
          fi
          TAGS="${DOCKER_IMAGE}:${VERSION}"
+          TAGS_SLIM="${DOCKER_IMAGE}:${VERSION_SLIM}"
+          BASE_IMAGE="${TAGS_SLIM}"
          if [[ $GITHUB_REF == refs/tags/* ]]; then
            if [[ $DOCKER_PKG == debian ]]; then
              if [[ -n $MAJOR && -n $MINOR ]]; then
                TAGS="$TAGS,${DOCKER_IMAGE}:${MINOR},${DOCKER_IMAGE}:${MAJOR}"
+                TAGS_SLIM="$TAGS_SLIM,${DOCKER_IMAGE}:${MINOR}-slim,${DOCKER_IMAGE}:${MAJOR}-slim"
              fi
              TAGS="$TAGS,${DOCKER_IMAGE}:latest"
+              TAGS_SLIM="$TAGS_SLIM,${DOCKER_IMAGE}:slim"
            else
              if [[ -n $MAJOR && -n $MINOR ]]; then
                TAGS="$TAGS,${DOCKER_IMAGE}:${MINOR}-alpine,${DOCKER_IMAGE}:${MAJOR}-alpine"
+                TAGS_SLIM="$TAGS_SLIM,${DOCKER_IMAGE}:${MINOR}-alpine-slim,${DOCKER_IMAGE}:${MAJOR}-alpine-slim"
              fi
              TAGS="$TAGS,${DOCKER_IMAGE}:alpine"
+              TAGS_SLIM="$TAGS_SLIM,${DOCKER_IMAGE}:alpine-slim"
            fi
          fi
          echo ::set-output name=dockerfile::${DOCKERFILE}
+          echo ::set-output name=dockerfile-slim::${DOCKERFILE_SLIM}
          echo ::set-output name=version::${VERSION}
+          echo ::set-output name=version-slim::${VERSION_SLIM}
          echo ::set-output name=tags::${TAGS}
+          echo ::set-output name=tags-slim::${TAGS_SLIM}
+          echo ::set-output name=base-image::${BASE_IMAGE}
          echo ::set-output name=created::$(date -u +'%Y-%m-%dT%H:%M:%SZ')
          echo ::set-output name=sha::${GITHUB_SHA::8}
        env:
@ -89,8 +103,11 @@ jobs:
      - name: Set up QEMU
        uses: docker/setup-qemu-action@v1

-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v1
+      - uses: docker/setup-buildx-action@v1
+        id: builder-slim
+
+      - uses: docker/setup-buildx-action@v1
+        id: builder-full

      - name: Login to Docker Hub
        uses: docker/login-action@v1
@ -107,13 +124,14 @@ jobs:
          password: ${{ secrets.CR_PAT }}
        if: ${{ github.event_name != 'pull_request' && matrix.docker_image == 'ghcr.io/drakkan/sftpgo' }}

-      - name: Build and push
+      - name: Build and push slim
        uses: docker/build-push-action@v2
        with:
-          file: ./${{ steps.info.outputs.dockerfile }}
+          builder: ${{ steps.builder-slim.outputs.name }}
+          file: ./${{ steps.info.outputs.dockerfile-slim }}
          platforms: linux/amd64,linux/arm64,linux/ppc64le
          push: ${{ github.event_name != 'pull_request' }}
-          tags: ${{ steps.info.outputs.tags }}
+          tags: ${{ steps.info.outputs.tags-slim }}
          build-args: |
            COMMIT_SHA=${{ steps.info.outputs.sha }}
          labels: |
@ -121,7 +139,29 @@ jobs:
            org.opencontainers.image.description=Fully featured and highly configurable SFTP server with optional FTP/S and WebDAV support
            org.opencontainers.image.url=${{ fromJson(steps.repo.outputs.result).html_url }}
            org.opencontainers.image.documentation=${{ fromJson(steps.repo.outputs.result).html_url }}/blob/${{ github.sha }}/docker/README.md
-            org.opencontainers.image.source=${{ fromJson(steps.repo.outputs.result).clone_url }}
+            org.opencontainers.image.source=${{ fromJson(steps.repo.outputs.result).html_url }}
+            org.opencontainers.image.version=${{ steps.info.outputs.version }}
+            org.opencontainers.image.created=${{ steps.info.outputs.created }}
+            org.opencontainers.image.revision=${{ github.sha }}
+            org.opencontainers.image.licenses=${{ fromJson(steps.repo.outputs.result).license.spdx_id }}
+
+      - name: Build and push full
+        uses: docker/build-push-action@v2
+        with:
+          builder: ${{ steps.builder-full.outputs.name }}
+          file: ./${{ steps.info.outputs.dockerfile }}
+          platforms: linux/amd64,linux/arm64,linux/ppc64le
+          push: ${{ github.event_name != 'pull_request' }}
+          tags: ${{ steps.info.outputs.tags }}
+          build-args: |
+            COMMIT_SHA=${{ steps.info.outputs.sha }}
+            BASE_IMAGE=${{ steps.info.outputs.base-image }}
+          labels: |
+            org.opencontainers.image.title=SFTPGo
+            org.opencontainers.image.description=Fully featured and highly configurable SFTP server with optional FTP/S and WebDAV support
+            org.opencontainers.image.url=${{ fromJson(steps.repo.outputs.result).html_url }}
+            org.opencontainers.image.documentation=${{ fromJson(steps.repo.outputs.result).html_url }}/blob/${{ github.sha }}/docker/README.md
+            org.opencontainers.image.source=${{ fromJson(steps.repo.outputs.result).html_url }}
            org.opencontainers.image.version=${{ steps.info.outputs.version }}
            org.opencontainers.image.created=${{ steps.info.outputs.created }}
            org.opencontainers.image.revision=${{ github.sha }}
--- a/3
+++ b/3
@ -34,9 +34,6 @@ RUN groupadd --system -g 1000 sftpgo && \
    --home-dir /var/lib/sftpgo --shell /usr/sbin/nologin \
    --comment "SFTPGo user" --uid 1000 sftpgo

-# Install some optional packages used by SFTPGo features
-RUN apt-get update && apt-get install --no-install-recommends -y git rsync && rm -rf /var/lib/apt/lists/*
-
 COPY --from=builder /workspace/sftpgo.json /etc/sftpgo/sftpgo.json
 COPY --from=builder /workspace/templates /usr/share/sftpgo/templates
 COPY --from=builder /workspace/static /usr/share/sftpgo/static
--- a/Dockerfile.alpine
+++ b/Dockerfile.alpine
@ -39,9 +39,6 @@ RUN mkdir -p /etc/sftpgo /var/lib/sftpgo /usr/share/sftpgo /srv/sftpgo
 RUN addgroup -g 1000 -S sftpgo && \
    adduser -u 1000 -h /var/lib/sftpgo -s /sbin/nologin -G sftpgo -S -D -H -g "SFTPGo user" sftpgo

-# Install some optional packages used by SFTPGo features
-RUN apk add --update --no-cache rsync git
-
 COPY --from=builder /workspace/sftpgo.json /etc/sftpgo/sftpgo.json
 COPY --from=builder /workspace/templates /usr/share/sftpgo/templates
 COPY --from=builder /workspace/static /usr/share/sftpgo/static
--- a/Dockerfile.full
+++ b/Dockerfile.full
@ -0,0 +1,10 @@
+ARG BASE_IMAGE
+
+FROM ${BASE_IMAGE}
+
+USER root
+
+# Install some optional packages used by SFTPGo features
+RUN apt-get update && apt-get install --no-install-recommends -y git rsync && rm -rf /var/lib/apt/lists/*
+
+USER 1000:1000
--- a/Dockerfile.full.alpine
+++ b/Dockerfile.full.alpine
@ -0,0 +1,10 @@
+ARG BASE_IMAGE
+
+FROM ${BASE_IMAGE}
+
+USER root
+
+# Install some optional packages used by SFTPGo features
+RUN apk add --update --no-cache rsync git
+
+USER 1000:1000
--- a/docker/README.md
+++ b/docker/README.md
@ -6,8 +6,10 @@ SFTPGo provides an official Docker image, it is available on both [Docker Hub](h

 - [v1.2.0, v1.2, v1, latest](https://github.com/drakkan/sftpgo/blob/v1.2.0/Dockerfile)
 - [v1.2.0-alpine, v1.2-alpine, v1-alpine, alpine](https://github.com/drakkan/sftpgo/blob/v1.2.0/Dockerfile.alpine)
- [edge](../Dockerfile)
- [edge-alpine](../Dockerfile.alpine)
+- [edge](../Dockerfile.full)
+- [edge-alpine](../Dockerfile.full.alpine)
+- [edge-slim](../Dockerfile)
+- [edge-alpine-slim](../Dockerfile.alpine)

 ## How to use the SFTPGo image

@ -121,6 +123,10 @@ This image is based on the popular [Alpine Linux project](https://alpinelinux.or

 This variant is highly recommended when final image size being as small as possible is desired. The main caveat to note is that it does use [musl libc](https://musl.libc.org/) instead of [glibc and friends](https://www.etalabs.net/compare_libcs.html), so certain software might run into issues depending on the depth of their libc requirements. However, most software doesn't have an issue with this, so this variant is usually a very safe choice. See [this Hacker News comment thread](https://news.ycombinator.com/item?id=10782897) for more discussion of the issues that might arise and some pro/con comparisons of using Alpine-based images.

+### `sftpgo:<suite>-slim`
+
+These tags provide a slimmer image that does not include the optional `git` and `rsync` dependencies.
+
 ## Helm Chart

 An helm chart is [available](https://artifacthub.io/packages/helm/sagikazarmark/sftpgo). You can find the source code [here](https://github.com/sagikazarmark/helm-charts/tree/master/charts/sftpgo).