Skip to content

dubo-dubon-duponey/docker-base

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

187 Commits

.github

.github

 
 

context

context

 
 

cue.mod/pkg/duponey.cloud

cue.mod/pkg/duponey.cloud

 
 

hack

hack

 
 

.editorconfig

.editorconfig

 
 

.gitignore

.gitignore

 
 

Dockerfile.auditor

Dockerfile.auditor

 
 

Dockerfile.builder

Dockerfile.builder

 
 

Dockerfile.downloader

Dockerfile.downloader

 
 

Dockerfile.runtime

Dockerfile.runtime

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

Repository files navigation

Base images

Provides base images (builder, auditor, golang, node, runtime) used by all our images.

Currently, on linux amd64, arm64:

  • docker.io/dubodubonduponey/base:runtime-latest and docker.io/dubodubonduponey/base:runtime-$SUITE-$DATE
    • based on our debootstrapped version of Debian Bookworm (currently DATE=2024-03-01)
    • labels
    • ca-certificates copied over
    • ONBUILD instructions to copy over runtime folders
    • user creation
    • entrypoint definition
  • docker.io/dubodubonduponey/base:builder-latest and docker.io/dubodubonduponey/base:builder-$SUITE-$DATE
    • based on our debootstrapped version of Debian Bookworm (currently DATE=2024-03-01)
    • golang, python, and essential cross compilation dev & build tools
  • docker.io/dubodubonduponey/base:node-latest and docker.io/dubodubonduponey/base:node-$SUITE-$DATE
    • +nodejs +yarnpkg
  • docker.io/dubodubonduponey/base:golang-latest and docker.io/dubodubonduponey/base:golang-$SUITE-$DATE
    • just golang and git
  • docker.io/dubodubonduponey/base:auditor-latest and docker.io/dubodubonduponey/base:auditor-$SUITE-$DATE
    • test and security hardening tools

TL;DR

Point to your buildkit host or use the helper to start one

export BUILDKIT_HOST=$(./hack/helpers/start-buildkit.sh 2>/dev/null)
# Build the overlay
./hack/build.sh overlay

# Download golang, node, yarn (once)
./hack/build.sh downloader

# Build and push the builders and runtime images
./hack/build.sh builder
./hack/build.sh node
./hack/build.sh golang
./hack/build.sh runtime
./hack/build.sh auditor

Note that the above will by default try to push to docker.io/dubodubonduponey/base. Edit recipe.cue, or better, use an env.cue file (see advanced for that) to control the push destination.

Configuration

You can control additional aspects of the build passing arguments:

# Control base image, target platforms, and cache
./hack/build.sh runtime \
  --inject platforms="linux/arm64" \
  --inject registry="private.registry/yourname"

Notes

The downloader image will FAIL building if it detects a new patch release for golang, node or yarn.

In that case, it will display updated versions (and sha) to copy over in the dockerfile.

Alternatively, you can pass FAIL_WHEN_OUTDATED= as a build arg to build with outdated versions (see the recipe file).

Caveats

Qemu as usual is a problem - see specifically moby/qemu#9

About

"Base" runtime and builder image for all our images (amd64, arm64)

hub.docker.com/r/dubodubonduponey/base/

Topics

nodejs python docker golang yarn debian docker-container docker-image amd64 arm64 bookworm

Resources

Readme

License

MIT license
Activity

Stars

3 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Sponsor this project

 
Learn more about GitHub Sponsors

Packages

No packages published

Languages