Add Alpine-based container image variants#5051
Conversation
🎉 Snyk checks have passed. No issues have been found so far.✅ security/snyk check is complete. No issues have been found. (View Details) |
The new variants will be published *in addition* to the existing variant. Given enough positive user feedback, we may deprecate the Debian-based variants. Until then, Alpine variants are to be considered experimental. Note that DT v5 has already switched to exclusively Alpine base images: DependencyTrack/hyades-apiserver#1206 New image variants are distinguished by a `-alpine` suffix in the tag, e.g.: * dependencytrack/apiserver:latest-alpine * dependencytrack/apiserver:4.14.0-alpine * dependencytrack/apiserver:snapshot-alpine The new images further use `jdeps` and `jlink` to create a minimal JRE, with only those Java modules DT needs. As a result, `-alpine` images are about 200MB smaller than their Debian counterparts. Signed-off-by: nscuro <[email protected]>
There was a problem hiding this comment.
Pull Request Overview
Adds experimental Alpine-based container image variants that use jdeps/jlink to produce a minimal JRE and are ~200 MB smaller than the Debian images.
- Introduces
Dockerfile.alpinefor building Alpine-based images. - Updates the existing Debian
Dockerfileheader and argument placement. - Extends the CI workflow to build, tag, and push
-alpinevariants.
Reviewed Changes
Copilot reviewed 3 out of 5 changed files in this pull request and generated 2 comments.
| File | Description |
|---|---|
| src/main/docker/Dockerfile.alpine | New multi-stage Alpine Dockerfile for minimal JRE. |
| src/main/docker/Dockerfile | Added header/license block and reorganized ARG/FROM. |
| .github/workflows/_meta-build.yaml | Added tags and build step for Alpine image variants. |
Files not reviewed (2)
- .idea/runConfigurations/Build_API_Server_Image__Alpine_.xml: Language not supported
- .idea/runConfigurations/Build_Bundled_Image__Alpine_.xml: Language not supported
Comments suppressed due to low confidence (2)
.github/workflows/_meta-build.yaml:141
- Add
if: ${{ inputs.publish-container }}to this step to mirror the Debian build and avoid unnecessary builds when images aren’t being published.
- name: Build Alpine multi-arch Container Image
.github/workflows/_meta-build.yaml:112
- [nitpick] Using
tags-alpineas an output name with a hyphen can be error-prone in GitHub Actions. Consider renaming totags_alpinefor consistency and safer referencing.
TAGS_ALPINE=""
Coverage summary from CodacySee diff coverage on Codacy
Coverage variation details
Coverage variation is the difference between the coverage for the head and common ancestor commits of the pull request branch: Diff coverage details
Diff coverage is the percentage of lines that are covered by tests out of the coverable lines that the pull request added or modified: See your quality gate settings Change summary preferencesFootnotes
|
Description
Adds Alpine-based container image variants.
The new variants will be published in addition to the existing variant. Given enough positive user feedback, we may deprecate the Debian-based variants. Until then, Alpine variants are to be considered experimental.
Note that DT v5 has already switched to exclusively Alpine base images: DependencyTrack/hyades-apiserver#1206
New image variants are distinguished by a
-alpinesuffix in the tag, e.g.:dependencytrack/apiserver:latest-alpinedependencytrack/apiserver:4.14.0-alpinedependencytrack/apiserver:snapshot-alpineThe new images further use
jdepsandjlinkto create a minimal JRE, with only those Java modules DT needs.As a result,
-alpineimages are about 200MB smaller than their Debian counterparts.Addressed Issue
N/A
Additional Details
N/A
Checklist
This PR fixes a defect, and I have provided tests to verify that the fix is effectiveThis PR introduces changes to the database model, and I have added corresponding update logicThis PR introduces new or alters existing behavior, and I have updated the documentation accordingly