search

akuity / kargo-render

Tool and library for managing rendered, environment-specific branches
Apache License 2.0
42 stars 17 forks source link

feat: harden image using apko and wolfi #297

Closed krancour closed 2 months ago

krancour commented 2 months ago

This PR uses apko and wolfi to build a base image with fewer unnecessary packages.

Kargo Render gets layered on top of that.

The very few code changes were aimed at eliminating Kargo Render's need for a shell in order to function correctly. Ensuring a shell is not among the image's packages hardens the image further.

@hiddeco @alexmt @34fathombelow wondering if you mind taking a look at this.

netlify[bot] commented 2 months ago

Deploy Preview for docs-kargo-render-akuity-io canceled.

Name Link
Latest commit 2335bebe47254497fa5ba29831f30340423f05aa
Latest deploy log https://app.netlify.com/sites/docs-kargo-render-akuity-io/deploys/66b0971d5d589f00086e1b92
codecov[bot] commented 2 months ago

Codecov Report

Attention: Patch coverage is 60.00000% with 8 lines in your changes missing coverage. Please review.

Project coverage is 29.58%. Comparing base (7c83687) to head (2335beb).

Files Patch % Lines
cmd/credential-helper/main.go 0.00% 6 Missing :warning:
pkg/git/git.go 85.71% 1 Missing and 1 partial :warning:
Additional details and impacted files ```diff @@ Coverage Diff @@ ## main #297 +/- ## ========================================== + Coverage 27.75% 29.58% +1.82% ========================================== Files 22 23 +1 Lines 2133 1724 -409 ========================================== - Hits 592 510 -82 + Misses 1461 1137 -324 + Partials 80 77 -3 ```

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.

krancour commented 2 months ago

Great work!

You, too, @hiddeco. I liked your Makefile improvements.