Slim(toolkit): Don't change anything in your container image and minify it by up to 30x (and for compiled languages even more) making it secure too! (free and open source)
Apache License 2.0
19.54k
stars
734
forks
source link
The image generated using docker run cannot be run #696
cmd=build info=exec message='changing continue-after from probe to nothing because http-probe is disabled'
cmd=build info=exec message='changing continue-after to enter'
cmd=build state=started
cmd=build info=params target.image='registry.gxp2.com/develop/psm-web:test' continue.mode='enter' rt.as.user='true' keep.perms='true' tags='registry.gxp2.com/develop/psm-web:latest' image-build-engine='internal' target.type='image'
cmd=build state=image.inspection.start
cmd=build info=image id='sha256:8bad9d040423e47e8d0f89e7fccb084f10894264034ed11b20da3eb1246baa32' size.bytes='934182730' size.human='934 MB'
cmd=build info=image.stack index='0' name='registry.gxp2.com/devops/dotnet/aspnet:3.1-fonts' id='sha256:d74bf1883bf1869149e99d9fbc517b963a93c3d1f0c599cf5e7334524951bd4a'
cmd=build info=image.stack index='1' name='registry.gxp2.com/develop/psm-web:test' id='sha256:8bad9d040423e47e8d0f89e7fccb084f10894264034ed11b20da3eb1246baa32'
cmd=build info=image.exposed_ports list='80'
cmd=build state=image.inspection.done
cmd=build state=container.inspection.start
cmd=build info=container id='7ecff5ffb86fd978bcda3d09e73a35440eb6361a0d92f599f4037c197af3551b' status='created' name='slimk_1_20240703091326'
cmd=build info=container status='running' name='slimk_1_20240703091326' id='7ecff5ffb86fd978bcda3d09e73a35440eb6361a0d92f599f4037c197af3551b'
cmd=build info=container message='obtained IP address' ip='172.17.0.3'
cmd=build info=cmd.startmonitor status='sent'
cmd=build info=event.startmonitor.done status='received'
cmd=build info=container name='slimk_1_20240703091326' id='7ecff5ffb86fd978bcda3d09e73a35440eb6361a0d92f599f4037c197af3551b' target.port.list='32872' target.port.info='80/tcp => 0.0.0.0:32872' message='YOU CAN USE THESE PORTS TO INTERACT WITH THE CONTAINER'
cmd=build info=continue.after mode='enter' message='provide the expected input to allow the container inspector to continue its execution'
cmd=build prompt='USER INPUT REQUIRED, PRESS <ENTER> WHEN YOU ARE DONE USING THE CONTAINER'
cmd=build state=container.inspection.finishing
cmd=build state=container.inspection.artifact.processing
cmd=build state=container.inspection.done
cmd=build state=building message="building optimized image" engine=internal
cmd=build state=completed
cmd=build info=results status='MINIFIED' by='4.66X' size.original='934 MB' size.optimized='200 MB'
cmd=build info=results image.digest='sha256:d493d2b671659bc3a297d615c8155c26bab0b5f2a700137a53ccaaf5f3248b8c' has.data='true' image-build-engine='internal' image.name='registry.gxp2.com/develop/psm-web:latest' image.size='200 MB' image.id='sha256:968989b32bbac6ceb05ccb04396871e67c8f957a78ae688f0fa5cef7b729724b'
cmd=build info=results artifacts.location='/bin/.slim-state/images/8bad9d040423e47e8d0f89e7fccb084f10894264034ed11b20da3eb1246baa32/artifacts'
cmd=build info=results artifacts.report='creport.json'
cmd=build info=results artifacts.dockerfile.reversed='Dockerfile.reversed'
cmd=build info=results artifacts.seccomp='registry.gxp2.com-develop-psm-web-seccomp.json'
cmd=build info=results artifacts.apparmor='registry.gxp2.com-develop-psm-web-apparmor-profile'
cmd=build state=done
cmd=build info=commands message='use the xray command to learn more about the optimize image'
cmd=build info=report file='slim.report.json'
app='slim' message='GitHub Discussions' info='https://github.com/slimtoolkit/slim/discussions'
app='slim' message='Join the CNCF Slack channel to ask questions or to share your feedback' info='https://cloud-native.slack.com/archives/C059QP1RH1S'
app='slim' message='Join the Discord server to ask questions or to share your feedback' info='https://discord.gg/9tDyxYS'
app='slim' message='Join the Gitter channel to ask questions or to share your feedback' info='https://gitter.im/docker-slim/community'
Actual Behavior
cmd=build info=exec message='changing continue-after from probe to nothing because http-probe is disabled'
cmd=build info=exec message='changing continue-after to enter'
cmd=build state=started
cmd=build info=params tags='registry.gxp2.com/develop/psm-web:latest' image-build-engine='internal' target.type='image' target.image='registry.gxp2.com/develop/psm-web:test' continue.mode='enter' rt.as.user='true' keep.perms='true'
cmd=build state=image.inspection.start
cmd=build info=image id='sha256:8bad9d040423e47e8d0f89e7fccb084f10894264034ed11b20da3eb1246baa32' size.bytes='934182730' size.human='934 MB'
cmd=build info=image.stack index='0' name='registry.gxp2.com/devops/dotnet/aspnet:3.1-fonts' id='sha256:d74bf1883bf1869149e99d9fbc517b963a93c3d1f0c599cf5e7334524951bd4a'
cmd=build info=image.stack index='1' name='registry.gxp2.com/develop/psm-web:test' id='sha256:8bad9d040423e47e8d0f89e7fccb084f10894264034ed11b20da3eb1246baa32'
cmd=build info=image.exposed_ports list='80'
cmd=build state=image.inspection.done
cmd=build state=container.inspection.start
cmd=build info=container status='created' name='slimk_1_20240703091305' id='136572074f623fa83728848c0989f03c19c3066a0550eec4cb13b5247741da36'
cmd=build info=container id='136572074f623fa83728848c0989f03c19c3066a0550eec4cb13b5247741da36' status='running' name='slimk_1_20240703091305'
cmd=build info=container message='obtained IP address' ip='172.17.0.3'
cmd=build info=cmd.startmonitor status='sent'
cmd=build info=event.startmonitor.done status='received'
cmd=build info=container name='slimk_1_20240703091305' id='136572074f623fa83728848c0989f03c19c3066a0550eec4cb13b5247741da36' target.port.list='32869' target.port.info='80/tcp => 0.0.0.0:32869' message='YOU CAN USE THESE PORTS TO INTERACT WITH THE CONTAINER'
cmd=build info=continue.after mode='enter' message='provide the expected input to allow the container inspector to continue its execution'
cmd=build prompt='USER INPUT REQUIRED, PRESS <ENTER> WHEN YOU ARE DONE USING THE CONTAINER'
cmd=build state=container.inspection.finishing
cmd=build state=container.inspection.artifact.processing
cmd=build state=container.inspection.done
cmd=build state=building message="building optimized image" engine=internal
cmd=build state=completed
cmd=build info=results size.optimized='9.3 MB' status='MINIFIED' by='100.40X' size.original='934 MB'
cmd=build info=results image-build-engine='internal' image.name='registry.gxp2.com/develop/psm-web:latest' image.size='9.3 MB' image.id='sha256:bcafb869a026b7f7e359b53d9161a01a653aa89be5ea5801233481dc2bc815ff' image.digest='sha256:02fbb6378fc25e132c9672d25a3bc336ce45aa472dcdbc95414a048081f48328' has.data='true'
cmd=build info=results artifacts.location='/bin/.slim-state/images/8bad9d040423e47e8d0f89e7fccb084f10894264034ed11b20da3eb1246baa32/artifacts'
cmd=build info=results artifacts.report='creport.json'
cmd=build info=results artifacts.dockerfile.reversed='Dockerfile.reversed'
cmd=build info=results artifacts.seccomp='registry.gxp2.com-develop-psm-web-seccomp.json'
cmd=build info=results artifacts.apparmor='registry.gxp2.com-develop-psm-web-apparmor-profile'
cmd=build state=done
cmd=build info=commands message='use the xray command to learn more about the optimize image'
cmd=build info=report file='slim.report.json'
app='slim' message='GitHub Discussions' info='https://github.com/slimtoolkit/slim/discussions'
app='slim' message='Join the CNCF Slack channel to ask questions or to share your feedback' info='https://cloud-native.slack.com/archives/C059QP1RH1S'
app='slim' message='Join the Discord server to ask questions or to share your feedback' info='https://discord.gg/9tDyxYS'
app='slim' message='Join the Gitter channel to ask questions or to share your feedback' info='https://gitter.im/docker-slim/community'
Steps to Reproduce the Problem
I'm looking to integrate this step into a CI CD and currently have issues testing it manually on the host.
I used the following command to shrink the image, and I found that without -it, the generated image was only 9.3mb, which is obviously not runnable.(The original image is 900mb+, and after correct reduction, it is 200mb)
I have tried the --sensor-ipc-mode flag. When given the value direct it works and generates a 9.3mb image. When given the value proxy it keeps getting stuck at cmd=build info=container message='obtained IP address' ip='172.17.0.3'
So, please tell me, how can I adjust the shell command so that it can be executed once and exit automatically? Thank you very much
shell:
docker run -it --rm --privileged \ #<== The -it parameter of this command line
-v /var/run/docker.sock:/var/run/docker.sock \
-v $(pwd):/src \
dslim/slim \
build --http-probe-off --include-shell --include-path='/app/wwwroot' --target registry.gxp2.com/develop/psm-web:test --tag registry.gxp2.com/develop/psm-web:latest
Expected Behavior
Actual Behavior
Steps to Reproduce the Problem
I'm looking to integrate this step into a CI CD and currently have issues testing it manually on the host.
I used the following command to shrink the image, and I found that without
-it
, the generated image was only9.3mb
, which is obviously not runnable.(The original image is 900mb+, and after correct reduction, it is 200mb)I have tried the
--sensor-ipc-mode
flag. When given the valuedirect
it works and generates a 9.3mb image. When given the valueproxy
it keeps getting stuck atcmd=build info=container message='obtained IP address' ip='172.17.0.3'
So, please tell me, how can I adjust the shell command so that it can be executed once and exit automatically? Thank you very much
shell:
Specifications