How I reduced the size of my very first published docker image by 40% - A lesson in dockerizing shell scripts

[utterances-bot]

How I reduced the size of my very first published docker image by 40% - A lesson in dockerizing shell scripts

My learnings from publishing my first ever Dockerfile for ugit (a shell script based tool to undo git command) and writing the most optimized dockerfile for it.

https://bhupesh.me/publishing-my-first-ever-dockerfile-optimization-ugit/

[rhdsmnd]

This was a nice article, but there were multiple errors running the final example. From the ugit repo I ran the following

docker build -t ugit . docker run --rm -it -v $(pwd):/app ugit

The first error I resolved by adding RUN git config --global --add safe.directory /app before the final CMD line in the Dockerfile. The second error which I don't have time to look into seems to be from missing sudo: docker: Error response from daemon: failed to create task for container: failed to create shim task: OCI runtime create failed: runc create failed: unable to start container process: exec: "sudo /bin/bash": stat sudo /bin/bash: no such file or directory: unknown.

[Bhupesh-V]

This was a nice article, but there were multiple errors running the final example. From the ugit repo I ran the following

docker build -t ugit . docker run --rm -it -v $(pwd):/app ugit

The first error I resolved by adding RUN git config --global --add safe.directory /app before the final CMD line in the Dockerfile. The second error which I don't have time to look into seems to be from missing sudo: docker: Error response from daemon: failed to create task for container: failed to create shim task: OCI runtime create failed: runc create failed: unable to start container process: exec: "sudo /bin/bash": stat sudo /bin/bash: no such file or directory: unknown.

Hey, thanks for the feedback & reaching out

1. For the first error, I encountered the same issue on my Linux machine. I wasn't able to fix it via with the approach you mentioned. Sharing file permissions with the container using id worked.

   docker run --rm -it -u $(id -u):$(id -g) -v $PWD:/app

2. As for the sudo error, are you running the docker container with sudo i.e like sudo docker run --rm -it -v $(pwd):/app ugit?

[zodman]

nixpkg, instead of docker ?

[Bhupesh-V]

nixpkg, instead of docker ?

Hey thanks for pointing out nix, to be honest I haven't tried it yet. Maybe a story for another day?

In any case, any tips for me if I do end up diving into it?

[joshmcorreia]

Wow, what a fantastic write-up. I'll definitely try these techniques in the future - thanks for the ideas!

[loskutov]

Does your script actually require GNU coreutils? Perhaps busybox could be just enough.

[Bhupesh-V]

Does your script actually require GNU coreutils? Perhaps busybox could be just enough.

Agreed, although I did have to rely on nl utility that ships with coreutils, the busybox version is missing a flag that I use with the GNU one. -n to be specific

[eth-p]

Interesting write-up!

If you're looking to reduce size even further for a cost in legibility of ugit (or if you're fine shimming the tput executable with a bash script), you could drop the dependency on tput entirely.

In my experience, it is extremely unlikely that users will be using a terminal emulator that isn't capable of interpreting ANSI Select Graphic Rendition escape sequences. These are the same sequences emitted by tput to set colours for the xterm terminal type, and they're pretty easy to create using the bash printf builtin:

printf "\x1B[31m"  # Foreground red
printf "\x1B[39m"  # Foreground default
printf "\x1B[m"    # Reset all SGR attributes

You can even use 256-color and 24-bit color, too.

If you need to query the terminal width, that might be a little bit harder. Bash scripts, themselves, can't use the TIOCGWINSZ ioctl to ask the kernel for the window size of the terminal. Instead, you should stty size and parse the width out of that, or use more ANSI escape sequences to move the cursor to the very bottom right of the screen and ask the terminal to report its cursor position with the Device Status Report sequence.

[Bhupesh-V]

If you're looking to reduce size even further for a cost in legibility of ugit (or if you're fine shimming the tput executable with a bash script), you could drop the dependency on tput entirely.

Hey @eth-p This is really helpful.

• tput is something I could get rid of, but I have been holding off to do that since it might require some testing on my ground. Moreover, I didn't want to make any major changes in the script itself while writing the Dockerfile. Definitely an item for the future, I guess. :)
• As for querying terminal width, I think that part is probably handled by fzf if I am correct. But wasn't aware about the size arg on stty. Thanks for sharing!

[kcq]

Creator of DockerSlim (aka SlimToolkit, aka MinToolkit) here :-) Yes, it takes a bit of extra effort to slim non-server applications because you need to specify extra parameters. What's the slim command line you used? It'll be cool to create a slim image with DS too in addition to doing it manually.

[Bhupesh-V]

Creator of DockerSlim (aka SlimToolkit, aka MinToolkit) here :-) Yes, it takes a bit of extra effort to slim non-server applications because you need to specify extra parameters. What's the slim command line you used? It'll be cool to create a slim image with DS too in addition to doing it manually.

Hey Kyle, thanks for commenting here! (big fan :)

If I remember correctly, I used SlimToolkit (the new thing), I guess the squash step as a post slim item could be a nice addition.

[kcq]

If I remember correctly, I used SlimToolkit (the new thing), I guess the squash step as a post slim item could be a nice addition.

You always get the squash behavior where you get one layer in the output image.

[kcq]

Let me do a bit of research with the image... and I'll probably have a number of follow up questions there.

Also curious if you would be up for doing a youtube stream minifying your image and discussing what's going on there.

[Bhupesh-V]

Let me do a bit of research with the image... and I'll probably have a number of follow up questions there.

Cool, please feel free to continue in this thread.

Also curious if you would be up for doing a youtube stream minifying your image and discussing what's going on there.

That sounds like a plan, will have to set up my gear, would you like to join that stream?