Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

use distroless base image #155

Merged
merged 1 commit into from
Aug 9, 2023
Merged

use distroless base image #155

merged 1 commit into from
Aug 9, 2023

Conversation

matthyx
Copy link
Contributor

@matthyx matthyx commented Aug 8, 2023
edited
Loading

this one requires a modification in the Helm chart:

securityContext:
  fsGroup: 65532
  runAsUser: 65532

@matthyx
use distroless base image
484b278 
Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>
@codiumai-pr-agent-free
Copy link

PR Analysis

  • 🎯 Main theme: Change of base image in Dockerfile
  • 📌 Type of PR: Enhancement
  • 🧪 Relevant tests added: No
  • Focused PR: Yes, because all changes are related to the Dockerfile and the base image used
  • 🔒 Security concerns: No, because the changes are related to the Dockerfile and do not introduce any new functionality or dependencies that could lead to security issues

PR Feedback

  • General suggestions: The PR is well focused and the changes are clear. However, it would be beneficial to include a brief explanation in the PR description about why the base image is being changed to 'distroless'. This would provide context to reviewers and future developers.

  • 🤖 Code feedback:

    • relevant file: build/Dockerfile
      suggestion: Consider using multi-stage builds to reduce the final image size. This can be achieved by separating the building of the application and the creation of the final image into different stages. [important]
      relevant line: FROM --platform=$BUILDPLATFORM golang:1.20-bullseye as builder

    • relevant file: build/Dockerfile
      suggestion: It's a good practice to pin the version of the base image to ensure the build is reproducible. This can prevent unexpected errors due to changes in the base image. [medium]
      relevant line: FROM gcr.io/distroless/static-debian11:nonroot

    • relevant file: build/Dockerfile
      suggestion: The ARG image_version is not used in the Dockerfile. If it's not necessary, consider removing it to clean up the Dockerfile. [medium]
      relevant line: ARG image_version

How to use

To invoke the PR-Agent, add a comment using one of the following commands:
/review [-i]: Request a review of your Pull Request. For an incremental review, which only considers changes since the last review, include the '-i' option.
/describe: Modify the PR title and description based on the contents of the PR.
/improve: Suggest improvements to the code in the PR.
/ask <QUESTION>: Pose a question about the PR.

To edit any configuration parameter from 'configuration.toml', add --config_path=new_value
For example: /review --pr_reviewer.extra_instructions="focus on the file: ..."
To list the possible configuration parameters, use the /config command.

@matthyx matthyx marked this pull request as ready for review August 8, 2023 13:38
@matthyx matthyx requested a review from dwertent August 8, 2023 13:38
@github-actions
Copy link

github-actions bot commented Aug 8, 2023

Summary:

  • License scan: success
  • Credentials scan: success
  • Vulnerabilities scan: success
  • Unit test: success
  • Go linting: success

@dwertent dwertent merged commit b8b6088 into main Aug 9, 2023
@matthyx matthyx deleted the distroless branch August 9, 2023 06:53
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dwertent dwertent dwertent approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@matthyx @dwertent