Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/astefanutti/scratch-node
Distroless Node.js Docker Images
https://github.com/astefanutti/scratch-node
distroless docker docker-image dockerfile musl nodejs
Last synced: about 7 hours ago
JSON representation
Distroless Node.js Docker Images
- Host: GitHub
- URL: https://github.com/astefanutti/scratch-node
- Owner: astefanutti
- License: mit
- Created: 2018-11-13T15:36:30.000Z (about 6 years ago)
- Default Branch: main
- Last Pushed: 2022-10-21T15:54:32.000Z (about 2 years ago)
- Last Synced: 2024-12-04T10:38:39.887Z (10 days ago)
- Topics: distroless, docker, docker-image, dockerfile, musl, nodejs
- Language: Dockerfile
- Homepage: https://hub.docker.com/r/astefanutti/scratch-node
- Size: 95.7 KB
- Stars: 847
- Watchers: 17
- Forks: 46
- Open Issues: 2
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# Distroless Node.js Docker Images
Multi-architecture distroless Node.js Docker images.
## Content
* The Node.js binary, statically linked using [_musl_](https://musl.libc.org), with opt-in support for i18n data
* The _musl_ dynamic linker, to support native modules
* A `/etc/passwd` entry for a `node` user
## Images
Multi-architecture images for `amd64`, `arm32v6`, `arm32v7` and `arm64v8`:
* `latest`, `18`, `18.10`, `18.10.0` – 18.7 MB / 47.5 MB
* `17`, `17.7`, `17.7.2` – 17.9 MB / 46.4 MB
* `16`, `16.14`, `16.14.2` – 17.1 MB / 43.0 MB
* `15`, `15.14`, `15.14.0` – 16.7 MB / 42.7 MB
* `14`, `14.17`, `14.17.0` – 15.9 MB / 41.7 MB
* `13`, `13.14`, `13.14.0` – 14.8 MB / 39.0 MB
* `12`, `12.22`, `12.22.1` – 15.2 MB / 39.8 MB
* `10`, `10.22`, `10.22.0` – 13.3 MB / 34.1 MB
* `8`, `8.17`, `8.17.0` – 11.2 MB / 30.1 MB
The image sizes are _compressed_ / _unpacked_.
They are published to the following repositories:
* [docker.io/astefanutti/scratch-node](https://hub.docker.com/r/astefanutti/scratch-node)
* [ghcr.io/astefanutti/scratch-node](https://github.com/users/astefanutti/packages/container/package/scratch-node)
* [quay.io/astefanutti/scratch-node](https://quay.io/repository/astefanutti/scratch-node)
## Usage
```dockerfile
FROM node as builder
WORKDIR /app
COPY package.json package-lock.json index.js ./
RUN npm install --prod
FROM astefanutti/scratch-node
COPY --from=builder /app /
ENTRYPOINT ["node", "index.js"]
```
### Native modules
Native modules need to be statically compiled with _musl_ to be loadable.
This can easily be achieved by updating the above example with:
```dockerfile
FROM node:alpine as builder
RUN apk update && apk add make g++ python
WORKDIR /app
COPY package.json package-lock.json index.js ./
RUN LDFLAGS='-static-libgcc -static-libstdc++' npm install --build-from-source=
FROM astefanutti/scratch-node
COPY --from=builder /app /
ENTRYPOINT ["node", "index.js"]
```
### Internationalization
The Node binaries are linked against the ICU library statically, and include a subset of ICU data (typically only the English locale) to keep the image sizes small.
Additional locales data can be provided if needed, so that methods work for all ICU locales.
It can be made available to ICU by retrieving the locales data from the ICU sources, e.g.:
```dockerfile
FROM alpine as builder
RUN apk update && apk add curl
# Note the exact version of icu4c that's compatible depends on the Node version!
RUN curl -Lsq -o icu4c-71_1-src.zip https://github.com/unicode-org/icu/releases/download/release-71-1/icu4c-71_1-src.zip \
&& unzip -q icu4c-71_1-src.zip
FROM astefanutti/scratch-node:18.10.0
COPY --from=builder /icu/source/data/in/icudt71l.dat /icu/
ENV NODE_ICU_DATA=/icu
```
More information can be found in the [Providing ICU data at runtime](https://nodejs.org/api/intl.html#intl_providing_icu_data_at_runtime) from the Node.js documentation.
## Build
The image can be built by executing the following commands:
```console
$ git clone https://github.com/astefanutti/scratch-node
$ cd scratch-node
$ docker build --build-arg version= --build-arg arch= .
```