KeyDB icon indicating copy to clipboard operation
KeyDB copied to clipboard

Published 20 hours ago verified publisher icon Snapchat

[NEW] Arch-less docker version tags

Open silverwind opened this issue 2 years ago • 10 comments

The problem/use-case that the feature addresses

I'd like to pin the docker image to a specifc version but without specifying the architecture. The current tags x86_64_vx.x.x and arm64_vx.x.x only provide arch-specific images, so it's not possible to pin a specific version while remaining portable across archs.

Description of the feature

Introduce arch-less vx.x.x tags which provides multi-arch images.

silverwind avatar Jun 20 '22 13:06 silverwind

Same request here, there is docker manifest for creating multiarch manifests AFAIK

laurivosandi avatar Aug 25 '22 09:08 laurivosandi

Bump!

laurivosandi avatar Nov 04 '22 11:11 laurivosandi

Now that more and more devs are moving to M* Macs, this is becoming even more welcome.

KenjiTakahashi avatar Jan 07 '23 16:01 KenjiTakahashi

And heterogeneous k8s clusters can't use images that were generated with the current schema

WonderBeat avatar Jan 25 '23 13:01 WonderBeat

Please just steal the code https://github.com/codemowers/keydb/blob/24cac279950d5acbadd54f7e659300c0adb3c474/.github/workflows/docker.yml

laurivosandi avatar Apr 04 '23 10:04 laurivosandi

We already use manifests for the "latest" docker tag, for clarity you also want this functionality for each specific version? ie. docker pull eqalpha/keydb:v6.3.3

benschermel avatar Apr 04 '23 18:04 benschermel

Yes please include multiarch builds for versioned tags

Also please include the Dockerfile in the Git repo for reproducible builds. How are these images produced? Locally on someone's laptop? If that's the case I'd highly recommend switching to GH actions or similar to prevent supply chain attacks

I am also confused why the images are under eqalpha org? Why not use org keydb?

laurivosandi avatar Apr 04 '23 18:04 laurivosandi

Dockerfiles are located here: https://github.com/Snapchat/KeyDB/tree/main/pkg/docker. Regarding it being under eqalpha, this was a legacy name and we are looking at moving it under the 'snapchat' org namespace or registering it as an official Docker image.

benschermel avatar Apr 04 '23 19:04 benschermel

I think most people are looking for Dockerfile on top level, so I'd place it there but I guess that's matter of how the source is organized

In any case how about using proper multistage Dockerfile etc? The current Dockerfiles look pretty messy. This whole gosu thing looks like total mess. How about just issuing USER 1000 and be done with it? Docker should drop the privileges and for Kubernetes we use security context anyway. I don't see why the entrypoint is generated in such a messy way as well...

laurivosandi avatar Apr 04 '23 19:04 laurivosandi

Any updated on this? It's been a while and I can't see any changes yet :confused:

der-eismann avatar Mar 25 '24 17:03 der-eismann