Distroless Containers

Container sizes for applications are often a concern. I recently came across distroless from Google that seems to solve this pain-point while also reducing the potential vulnerability surface of the container as well. So I was looking for a suitable target to try this on.

I use MailHog for testing emails in dev. The published container is unfortunately too old. So seemed like a good opportunity to try distroless. I really wanted to go with a the static base image, but unfortunately ran into issues with CGO_ENABLED=0 for build. For now, the base build will be fine. Here’s the Dockerfile for generating a distroless image of MailHog

	FROM golang:1 as builder

	# Install MailHog:
	RUN apt install git \
	&& mkdir -p /root/gocode \
	&& export GOPATH=/root/gocode \
	&& go install github.com/mailhog/MailHog@latest

	FROM gcr.io/distroless/base-debian11:nonroot

	COPY –from=builder /root/gocode/bin/MailHog /usr/local/bin/

	USER nonroot

	WORKDIR /home/nonroot

	ENTRYPOINT ["MailHog"]

	# Expose the SMTP and HTTP ports:
	EXPOSE 1025 8025

view raw Dockerfile hosted with ❤ by GitHub

Leave a Reply Cancel reply

Enter your comment here...

Fill in your details below or click an icon to log in:

Email (required) (Address never made public)

Name (required)

Website

You are commenting using your WordPress.com account. ( Log Out / Change )

You are commenting using your Facebook account. ( Log Out / Change )

Cancel

Connecting to %s

Grok Circuits

Circuit insights from the field

Grok Circuits

Distroless Containers

Leave a Reply Cancel reply

Grok Circuits

Circuit insights from the field

Share this:

Like this:

Leave a Reply Cancel reply