https://pulumi.com logo
Join Slack
Powered by
hi all! I've been working on reducing the size of ...
# general
b
hi all! I've been working on reducing the size of our Docker image and breaking them into language specific images. The github repo is here: https://github.com/jaxxstorm/pulumi-docker and they're on the Docker hub here: https://hub.docker.com/repository/docker/jaxxstorm/pulumi This isn't yet officially support by Pulumi, and you should not use these for anything production related just yet! - the idea is to start gathering feedback for how we might implement this down the line. I'd love people to give these a try where possible and send me feedback. There is an issue open here where this is being discussed https://github.com/pulumi/pulumi/issues/3789#
l
Ooo you've fixed the run-as-root problem, I can update my own Dockerfile to stop fixing that 🙂 Are your Dockerfiles in a public repo anywhere?
🤦 I see them now...
b
🙂
@little-cartoon-10569 pulumi actually still runs as root in those images, but I intend to fix that very shortly - thanks for the reminder
l
The debian-slim image seems to come with user 1000 already, though the pulumi/pulumi image doesn't? Updating my Dockerfile accordingly..
b
perhaps you're right! I am considering switching to a redhat based image to fix a lot of the built-in vulnerabilities in these images
l
Yep confirmed. User 1000 "node" exists in there. I changed my Dockerfile: it used to create user 1000 "pulumi" then `USER pulumi`; now it just 
USER node
. All is working as before. Good stuff 👍
Ooo, unlucky timing.. image is 2.1.1 and it's just started to complain that 2.2.0 has been released! ;)
b
I've added a cron build to rectify this, it should build twice a day - 
latest
should include this now
👍 1
l
I have finally got Docker, docker-compose, mocha, npm, tsc, pulumi and aws playing nicely. I've built lots of times today. The smaller image size has been noticeable, thanks.
b
@little-cartoon-10569 did you have any dependency issues? Anything you wish had been pre-installed?
l
I didn't check, I'm still using the one extra set of dependencies I used yesterday while trying to get Mocha working: 
RUN npm install --global typescript mocha @types/mocha ts-node chai @types/mocha
Probably don't even need all of that. I also update my XDG_CACHE_HOME and XDG_CONFIG_HOME to be in 
/home/node
since my use case is to protect the developer machine from having to install Node, NPM, Mocha, Pulumi, ... 🙂
It's docker all the way down on my machine 🙂 My mantra: https://blog.jessfraz.com/post/docker-containers-on-the-desktop/
👍 1
Hi again, is this being updated at the moment? Looks like 2.2.1 was pushed about 20 minutes ago, but 2.3.0 is out?
b
i just pushed 2.3.0, but generally the 
latest
will have the latest build after midnight (when the cron runs) We're working on a plan to pull these into the main build in the mid-term
👍 1
l
The upsides of living on the bottom of the planet.. midnight US time is about COB my time, so I get to enjoy the "please upgrade" message for an entire day! 🙂
Ah looks like 
jaxxstorm/pulumi:nodejs.latest
is gone, but I was still referring to it in my Dockerfile. After I changed by FROM to 
jaxxstorm/pulumi:nodejs.latest-12.16.3
it worked. Interestingly, the nodejs.latest image is still pullable even though it's not listed on your tags page. Is that deliberate? When I switch back to nodejs.latest, the warning about upgrading from 2.1.1 to 2.30 returns.
b
let me look at that, that's not expected
ah yes, you'll need to use the 
12.16.3
for now, I had to add the runtime versions for something, I'll file an issue
👍 1
l
Hello again! Will 2.4 be coming to this image? I see this:
nodejs.2.3.0-12.16.3
Last updated21 hours agobyjaxxstorm
But nothing for 2.4
I can switch back to the official image if you don't need testing for this one any more?
b
@little-cartoon-10569 it won't be coming to this repo, we're looking to move this into the main pulumi org, I'm working on this now
👍 1
Open in Slack
PreviousNext
Powered by