Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Distrolessイメージへの乗り換え #2151

Merged
merged 3 commits into from
Dec 12, 2023
Merged

Distrolessイメージへの乗り換え #2151

merged 3 commits into from
Dec 12, 2023

Conversation

logica0419
Copy link
Member

@logica0419 logica0419 commented Dec 11, 2023
edited

alpineで出てくるvulnerabilityに辟易することがあるので、よりvulnerabilityを孕む可能性の低いdistrolessに乗り換えようと決意した

  • 外部にHTTPS接続するのでopensslまでは必須だった -> baseバージョンを採用
  • debianベースになるので、builderイメージもgolangのdebian系統に切り替え
  • Distrolessイメージへの乗り換え #1673 で一度頓挫したが、 Imagemagickを抹殺 #2143 によってImagemagickが消え去ったので再挑戦
  • 以前はnonrootへの置き換えもやろうとしたが、マウントディレクトリがあるため権限が変更されると事故の可能性があるということで今回はやってない

@logica0419 logica0419 merged commit 7f3fd00 into master Dec 12, 2023
4 checks passed
@logica0419 logica0419 deleted the distroless branch December 12, 2023 14:17
@logica0419
Copy link
Member Author

m011で検証し、動作に問題が無いか確かめる

@logica0419
Copy link
Member Author

ビルド時間は2:34 -> 2:44で、ほぼ変化なし
image
image

@logica0419
Copy link
Member Author

イメージのリサイズを中心に、いくつかの機能が問題なく動くことを確認した

@logica0419
Copy link
Member Author 

41d1fd6680b7   ghcr.io/traptitech/traq:master                   "./traQ serve"           6 hours ago     Up 6 hours (healthy)            3000/tcp, 127.0.0.1:3008->80/tcp                           traq-dev-backend

Healthy ヨシ!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
1 participant
@logica0419