-
-
Notifications
You must be signed in to change notification settings - Fork 7.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat(docker): hugo from scratch + dockhub & quay account #4155
Conversation
|
hi @bep, thanks for the confirmation that there is no docker image out there we as a community could use. please don't get me wrong, i did not create the accounts for myself, my target is to help the project to optimize the docker stuff and automate as much as possible. after we got everything automated and working i would move on anyway and hack on other stuff but could help in the future in case of problems and optimizations. cheers maik |
I wanted to chime in on this conversation. I agree generally with what @ellerbrock is trying to achieve here. Hugo needs to have a official Docker container on the Docker Hub. I would recommend a different path from both of the mentioned (above). Official Docker containers for projects, or at least those for common use cases, typically follow a different structure then those that are namespaced. The process is outlined in Official repositories on Docker Hub. Official project container that would match the URL structure below: https://hub.docker.com/_/ubuntu/ In Hugo's case whatever identifier makes the most sense for findability. This isn't to say Hugo couldn't have namespaced containers but they should probably directed to specific use cases that aren't covered by the "general purpose" containers usually provided by official containers such as dev, build tools, etc. It is a bit unclear what you mean @bep. Is https://hub.docker.com/u/gohugo/ the "official" organization account on Docker Hub? There is nothing that would indicate this or denoting it as the official organization account in the docs; might be something to consider. I am more inclined to agree with @ellerbrock regarding locking down |
This issue has been automatically marked as stale because it has not had recent activity. The resources of the Hugo team are limited, and so we are asking for your help. |
This pull request has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs. |
Hello Hugo's,
i optimized our Hugo Docker Image to run FROM scratch instead of Alpine Linux and with that another optimization from 27MB to 6MB. Pretty sweet optimization when thinking that we started with 428MB!
The good thing with that is we don't need to worry about security patches and image updates in the future anymore. Looking at the latest Version 3.7 of Alpine there are 3 unpatched vulnerabilities mentioned with the root cause in the underlaying Busybox:
Hugo DockerHub
I ask on 26 Jul about the topic to configure DockerHub with Automated Builds for the Hugo Project. Since there is still no official Hugo Repo i was so free and created one myself.
DockerHub Account: gohugoio
Repository: hugo
Pull Command:
docker pull gohugoio/hugo
Quay Account
Quay Account: gohugoio
Repository: hugo
Pull Command:
docker pull quay.io/gohugoio/hugo
The nice thing on Quay is that they run under the hood Clair (Vulnerability Static Analysis for Containers) and we can define to trigger notifications when problems are found.
Current Status
Searching today on DockerHub there are currently 892 separate maintained versions of Hugo. Since Hugo is such a great project with a very big community i would love to work together with you guys to make an official image maintained by the project. I configured DockerHub and Quay with Automatic Builds for maximum transparency with the nice side effect that pushing to a defined branch (currently master) the Docker Image will be build automatically.
On Quay i also configured notification on found vulnerabilities (currently with risk level medium).
Next Steps
If you guys like the idea to create a official Docker and Quay Repo for the Hugo Project we should discuss the next steps. Since I'm not a project member i had to fork the repository to configure the automatic build. Problem is that i can't trigger new builds when changes were made in the original repository here. We could solve that by setting up a Webhook but the better way would be in my opinion to use the official repo here for that instead. You can read about how to setup a Automated Build here.
Let me know if you are interested then i can create users in both accounts for you and we could setup the repository here to be used for automated builds. When all is working and tested for a while we could then try to apply to become a official Docker Repository.
Have a nice weeked!
Cheers Maik