Skip to content

CNG: Reduce complexity, extend use of multi-stage Dockerfile patterns

Summary

As we're making use of multi-stage Dockerfile builds, we can re-examine the steps involved in each Dockerfile to remove complexity.

Current behavior

  • gitlab-workhorse has a complex build step, bundling many && into a single RUN. As the builder image is disposed of except for the final binaries, we can and should break this down and reduce wasted complexity
  • git-base has multiple complex RUN steps. If we can remove the complication here and prepare a minimal final image out of this, we should. git-base has been removed.
  • gitaly has a complex step for the download & compilation of Gitaly, that likely has no need to be a part of the final container.
  • gitlab-go includes multiple steps in the final image that are in no way required to be a part of the final image (which only needs the final binary and links)
  • ...

Expected behavior

  • Dockerfile RUN steps are simple to understand and safely alter
  • The final images of each build step are as bare as possible, ensuring reduction in size and software footprints
Edited by Jason Plum