feat(docker): add curl and jq binaries #798
Conversation
|
🔎 A preview has been automatically published:
This preview will be deleted once this PR is closed. |
| @@ -28,9 +28,11 @@ LABEL version="<%= version %>" \ | |||
| VOLUME ["/actions"] | |||
| WORKDIR /actions | |||
|
|
|||
| COPY --from=build /tmp/fakeroot/ / | |||
| RUN mkdir -p /etc/ssl/certs | |||
| COPY --from=build /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ca-certificates.crt | |||
There was a problem hiding this comment.
question: I don't understand this one: I read that we copy a file at the same place, does this make sens?
There was a problem hiding this comment.
Inside the base image, busybox:glibc there is not cert or packet manager. So we copy the certs from the build image with the --from
| ## The loader search ld-linux-x86-64.so.2 in /lib64 but the folder does not exist | ||
| RUN ln -s lib lib64 | ||
| COPY --from=build /tmp/fakeroot/ / | ||
| COPY --from=ghcr.io/tarampampam/curl:8.6.0 /bin/curl /usr/bin/curl |
There was a problem hiding this comment.
question: why not use apt-get instead?
There was a problem hiding this comment.
And copy it from the build image ?
By the way, I add curl to this image and I can get script or call we hoot inside my CI.
| RUN ln -s lib lib64 | ||
| COPY --from=build /tmp/fakeroot/ / | ||
| COPY --from=ghcr.io/tarampampam/curl:8.6.0 /bin/curl /usr/bin/curl | ||
| COPY --from=ghcr.io/jqlang/jq /jq /usr/bin/jq |
There was a problem hiding this comment.
question: why not use apt-get instead?
| @@ -0,0 +1,38 @@ | |||
| FROM debian AS build | |||
There was a problem hiding this comment.
What is this file for?
There was a problem hiding this comment.
Splitting docker image, that way the final image is smaller and without security risk.
| @@ -28,9 +28,11 @@ LABEL version="<%= version %>" \ | |||
| VOLUME ["/actions"] | |||
| WORKDIR /actions | |||
|
|
|||
| COPY --from=build /tmp/fakeroot/ / | |||
| RUN mkdir -p /etc/ssl/certs | |||
| COPY --from=build /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ca-certificates.crt | |||
There was a problem hiding this comment.
Inside the base image, busybox:glibc there is not cert or packet manager. So we copy the certs from the build image with the --from
| ## The loader search ld-linux-x86-64.so.2 in /lib64 but the folder does not exist | ||
| RUN ln -s lib lib64 | ||
| COPY --from=build /tmp/fakeroot/ / | ||
| COPY --from=ghcr.io/tarampampam/curl:8.6.0 /bin/curl /usr/bin/curl |
There was a problem hiding this comment.
And copy it from the build image ?
By the way, I add curl to this image and I can get script or call we hoot inside my CI.
| @@ -0,0 +1,38 @@ | |||
| FROM debian AS build | |||
There was a problem hiding this comment.
Splitting docker image, that way the final image is smaller and without security risk.
This is the work of @chmuche CleverCloud/clever-tools-dockerhub#6 but applied on the dockertemplate
This is the work of @chmuche
CleverCloud/clever-tools-dockerhub#6
but applied on the docker template