Reduce Image sizes

[schurzi]

We are using these images for CI testing. These tests run very often, so having small images pays in time and also in ressource conservation. We should aim to create images of minimal size.

For refference these are the current sizes:

REPOSITORY                                          TAG         IMAGE ID      CREATED      SIZE
ghcr.io/dev-sec/docker-alpine-ansible               latest      af951ddf1aa1  2 days ago   457 MB
ghcr.io/dev-sec/docker-amazon2023-ansible           latest      de5bdec68d62  2 hours ago  716 MB
ghcr.io/dev-sec/docker-amazon2-ansible              latest      43a257a24b9c  2 days ago   428 MB
ghcr.io/dev-sec/docker-arch-ansible                 latest      b8780266aaff  2 hours ago  1.39 GB
ghcr.io/dev-sec/docker-centos7-ansible              latest      88579c4ee1b4  2 hours ago  967 MB
ghcr.io/dev-sec/docker-centos8-ansible              latest      2153e2f811b8  2 hours ago  965 MB
ghcr.io/dev-sec/docker-centosstream8-ansible        latest      a2ef3f11fc2c  2 hours ago  793 MB
ghcr.io/dev-sec/docker-centosstream9-ansible        latest      e570f1f0e373  2 hours ago  719 MB
ghcr.io/dev-sec/docker-debian10-ansible             latest      06391215a7f5  2 hours ago  1.02 GB
ghcr.io/dev-sec/docker-debian11-ansible             latest      4c1a0819eacd  2 hours ago  887 MB
ghcr.io/dev-sec/docker-debian12-ansible             latest      dde018385671  2 hours ago  1.01 GB
ghcr.io/dev-sec/docker-fedora37-ansible             latest      5b374bd02fc7  2 hours ago  844 MB
ghcr.io/dev-sec/docker-fedora38-ansible             latest      8e1eecc729ca  2 hours ago  853 MB
ghcr.io/dev-sec/docker-opensuse_tumbleweed-ansible  latest      65353cec8d5b  2 hours ago  879 MB
ghcr.io/dev-sec/docker-openwrt-ansible              latest      07b0246ee9eb  2 hours ago  589 MB
ghcr.io/dev-sec/docker-oracle7-ansible              latest      92fd7df2680b  2 days ago   4.22 GB
ghcr.io/dev-sec/docker-rocky8-ansible               latest      ca4dfb3ea864  2 hours ago  786 MB
ghcr.io/dev-sec/docker-rocky9-ansible               latest      e12490568e32  2 hours ago  793 MB
ghcr.io/dev-sec/docker-ubuntu1804-ansible           latest      94011e3af663  2 days ago   281 MB
ghcr.io/dev-sec/docker-ubuntu2004-ansible           latest      c88164cc718f  2 days ago   334 MB
ghcr.io/dev-sec/docker-ubuntu2204-ansible           latest      cdf18b113c33  2 days ago   568 MB

[schurzi]

with #43 the Oracle image is now down to 400MB

REPOSITORY                                    TAG         IMAGE ID      CREATED        SIZE
ghcr.io/dev-sec/docker-oracle7-ansible        latest      130638d1981c  6 minutes ago  400 MB

[szEvEz]

Maybe giving slim a shot could be worth.

REPOSITORY                 TAG               IMAGE ID       CREATED          SIZE
debian-12.slim             latest            6e9b12ae9d90   11 minutes ago   46.8MB
debian-12                  latest            42ad1dc660ef   21 minutes ago   974MB

I've not verified the full functionality of the "slimmed" image just yet, but I'd be eager to try it out in the next couple of days.

There is also some documentation for a Github Actions Integration. What do you think?

[schurzi]

The tool looks very promising. From the documentation I understand that we need to give it some commands to asses what contents of the containers are actually needed. This might be a problem, since we are using the containers to test all our Automation code and thus we would need to run ALL automation code to generate the Images, or am I wrong?

[szEvEz]

we need to give it some commands to asses what contents of the containers are actually needed

I have not looked to deep into it just yet, but I was actually just hoping that it would work "out-of-the-box". The xray command could also be very helpful in reverse engineering what's going to get removed.

I will give it a shot and test it out properly with one image in the next couple of days, also referencing the newly build in one of the automation jobs to see if this would work without major effort.