feat: optional slim image variant without docker-buildx#70
Open
Malith-Rukshan wants to merge 2 commits into
Open
feat: optional slim image variant without docker-buildx#70Malith-Rukshan wants to merge 2 commits into
Malith-Rukshan wants to merge 2 commits into
Conversation
The container HEALTHCHECK previously shelled out to wget. Add a small "hawser healthcheck" subcommand that probes /_hawser/health (auto-detecting TLS via TLS_CERT, like the old shell command) and switch the HEALTHCHECK to use it. This removes the wget package from the image. The /_hawser/health HTTP endpoint is unchanged. Also use COPY --chmod instead of a separate RUN chmod for the binary.
Add an INCLUDE_BUILDX build arg to Dockerfile / Dockerfile.dev. With INCLUDE_BUILDX=false the docker-cli-buildx package (~65 MB) is omitted, producing a slim image (~95 MB vs ~165 MB) that can deploy and manage compose stacks but cannot build images on the host (docker compose up --build). GoReleaser now also publishes :<version>-slim / :latest-slim manifests. Dockerfile.dev gains the buildx plugin by default to match Dockerfile.
Malith-Rukshan
force-pushed
the
feat/slim-image-variant
branch
from
c69d2fb to
4f824a6
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What & why
The image is ~165 MB, of which the three Docker CLIs are the bulk:
docker-cli(~40 MB) +docker-compose(~29 MB) +docker-cli-buildx(~65 MB).buildxis only needed when a stack actually builds an image on the host(
docker compose up --build/--no-cache). Plenty of agents only ever deploypre-built images and never need it.
This PR makes the buildx plugin optional via a build arg, so a much smaller
"slim" image can be published alongside the full one.
Changes
Dockerfile/Dockerfile.dev: addARG INCLUDE_BUILDX=true; thedocker-cli-buildxpackage is only added to the apko package list whenINCLUDE_BUILDX=true..goreleaser.yml: also build & publishghcr.io/finsys/hawser:<version>-slimand
:latest-slimmanifests (amd64+arm64built with--build-arg INCLUDE_BUILDX=false).armv7is Alpine-based and never carriedthe buildx plugin, so the existing
armv7image is reused in the slim manifest.Dockerfile.devnow installs the buildx plugin by default too, matching therelease
Dockerfile(it was previously missing it).README.md: short note on the two variants.Image sizes (local build, arm64)
INCLUDE_BUILDX=true, default)INCLUDE_BUILDX=false)Behaviour trade-off
The slim image can deploy, pull, and manage compose stacks (
up,down,pull,ps,logs,restart,stop,start), and all Docker-API proxyfeatures work normally. It cannot build images on the host — i.e. a stack
that has
build:directives (or the Dockhand "Build images" / "No build cache"options) will fail on the slim image. Use the full
:latestimage on hosts thatbuild stacks from source; use
:latest-slimon hosts that only run pre-builtregistry images. Default tags (
:latest,:<version>) are unchanged.Testing
docker build(full) → buildx present, healthcheck reportshealthy.docker build --build-arg INCLUDE_BUILDX=false→docker buildxabsent,docker/docker composework, image ~96 MB.Dockerfile.dev(both variants).linux/amd64, pushed to a private registry, and run against a liveDockhand instance in both Edge and Standard modes — agent connects, metrics
flow, and all non-build compose operations behave identically to the current
image.
Notes for reviewers
no new runtime deps, the slim variant is purely additive (extra tags).
Dockhand when a build is requested (instead of surfacing compose's own
message), happy to add that — let me know.