diff --git a/README.md b/README.md index 87f869a0ae..dbf5f4df8b 100644 --- a/README.md +++ b/README.md @@ -1154,14 +1154,7 @@ Yes. The `--cmd`, `--entrypoint`, and `--mount` options will help you minify you Notes: -You can explore the artifacts Slim generates when it's creating a slim image. You'll find those in `/.images//artifacts`. One of the artifacts is a "reverse engineered" Dockerfile for the original image. It'll be called `Dockerfile.fat`. - -If you'd like to see the artifacts without running the Slim app you can take a look at the `examples/artifacts` directory in this repo. It doesn't include any image files, but you'll find: - -- a reverse engineered Dockerfile (`Dockerfile.fat`) -- a container report file (`creport.json`) -- a sample AppArmor profile (which will be named based on your original image name) -- and a sample Seccomp profile +You can explore the artifacts Slim generates when it's creating a slim image. You'll find those in `/.images//artifacts`. One of the artifacts is a "reverse engineered" Dockerfile for the original image. It'll be called `Dockerfile.reversed`. If you don't want to create a minified image and only want to "reverse engineer" the Dockerfile you can use the `info` command. diff --git a/pkg/app/master/commands/build/handler.go b/pkg/app/master/commands/build/handler.go index f0aa3fc5ac..79445c612b 100644 --- a/pkg/app/master/commands/build/handler.go +++ b/pkg/app/master/commands/build/handler.go @@ -24,6 +24,7 @@ import ( "github.com/docker-slim/docker-slim/pkg/app/master/kubernetes" "github.com/docker-slim/docker-slim/pkg/app/master/version" "github.com/docker-slim/docker-slim/pkg/command" + "github.com/docker-slim/docker-slim/pkg/consts" "github.com/docker-slim/docker-slim/pkg/docker/dockerclient" "github.com/docker-slim/docker-slim/pkg/docker/dockerimage" "github.com/docker-slim/docker-slim/pkg/docker/dockerutil" @@ -210,12 +211,13 @@ func OnCommand( if kubeOpts.HasTargetSet() { xc.Out.Info("params", ovars{ - "target.type": "kubernetes.workload", - "target": kubeOpts.Target.Workload, - "target.namespace": kubeOpts.Target.Namespace, - "target.container": kubeOpts.Target.Container, - "target.image": kubeOpts.TargetOverride.Image, - "continue.mode": continueAfter.Mode, + "target.type": "kubernetes.workload", + "target": kubeOpts.Target.Workload, + "target.namespace": kubeOpts.Target.Namespace, + "target.container": kubeOpts.Target.Container, + "target.image": kubeOpts.TargetOverride.Image, + "continue.mode": continueAfter.Mode, + "image-build-engine": imageBuildEngine, }) kubeClient, err := kubernetes.NewClient(kubeOpts) @@ -283,32 +285,35 @@ func OnCommand( if len(composeFiles) > 0 && targetComposeSvc != "" { xc.Out.Info("params", ovars{ - "target.type": "compose.service", - "target": targetRef, - "continue.mode": continueAfter.Mode, - "rt.as.user": doRunTargetAsUser, - "keep.perms": doKeepPerms, - "tags": strings.Join(outputTags, ","), + "target.type": "compose.service", + "target": targetRef, + "continue.mode": continueAfter.Mode, + "rt.as.user": doRunTargetAsUser, + "keep.perms": doKeepPerms, + "tags": strings.Join(outputTags, ","), + "image-build-engine": imageBuildEngine, }) } else if cbOpts.Dockerfile != "" { xc.Out.Info("params", ovars{ - "target.type": "dockerfile", - "context": targetRef, - "file": cbOpts.Dockerfile, - "continue.mode": continueAfter.Mode, - "rt.as.user": doRunTargetAsUser, - "keep.perms": doKeepPerms, + "target.type": "dockerfile", + "context": targetRef, + "file": cbOpts.Dockerfile, + "continue.mode": continueAfter.Mode, + "rt.as.user": doRunTargetAsUser, + "keep.perms": doKeepPerms, + "image-build-engine": imageBuildEngine, }) } else { xc.Out.Info("params", ovars{ - "target.type": "image", - "target": targetRef, - "continue.mode": continueAfter.Mode, - "rt.as.user": doRunTargetAsUser, - "keep.perms": doKeepPerms, - "tags": strings.Join(outputTags, ","), + "target.type": "image", + "target.image": targetRef, + "continue.mode": continueAfter.Mode, + "rt.as.user": doRunTargetAsUser, + "keep.perms": doKeepPerms, + "tags": strings.Join(outputTags, ","), + "image-build-engine": imageBuildEngine, }) } @@ -1571,9 +1576,10 @@ func finishCommand( xc.Out.Info("results", ovars{ - "image.name": cmdReport.MinifiedImage, - "image.size": cmdReport.MinifiedImageSizeHuman, - "has.data": cmdReport.MinifiedImageHasData, + "image-build-engine": imageBuildEngine, + "image.name": cmdReport.MinifiedImage, + "image.size": cmdReport.MinifiedImageSizeHuman, + "has.data": cmdReport.MinifiedImageHasData, }) xc.Out.Info("results", @@ -1588,13 +1594,17 @@ func finishCommand( xc.Out.Info("results", ovars{ - "artifacts.dockerfile.reversed": "Dockerfile.fat", + "artifacts.dockerfile.reversed": consts.ReversedDockerfile, }) - xc.Out.Info("results", - ovars{ - "artifacts.dockerfile.optimized": "Dockerfile", - }) + if imageBuildEngine == IBEDocker || + imageBuildEngine == IBEBuildKit { + //no minified Dockerfile when using IBEInternal (or IBENone) + xc.Out.Info("results", + ovars{ + "artifacts.dockerfile.minified": "Dockerfile", + }) + } xc.Out.Info("results", ovars{ diff --git a/pkg/app/master/inspectors/image/image_inspector.go b/pkg/app/master/inspectors/image/image_inspector.go index 4a22092cee..055c5c2a29 100644 --- a/pkg/app/master/inspectors/image/image_inspector.go +++ b/pkg/app/master/inspectors/image/image_inspector.go @@ -7,19 +7,19 @@ import ( "regexp" "strings" + docker "github.com/fsouza/go-dockerclient" + log "github.com/sirupsen/logrus" + + "github.com/docker-slim/docker-slim/pkg/consts" "github.com/docker-slim/docker-slim/pkg/docker/dockerfile/reverse" "github.com/docker-slim/docker-slim/pkg/docker/dockerutil" "github.com/docker-slim/docker-slim/pkg/util/errutil" - - docker "github.com/fsouza/go-dockerclient" - log "github.com/sirupsen/logrus" ) const ( slimImageRepo = "slim" appArmorProfileName = "apparmor-profile" seccompProfileName = "seccomp-profile" - fatDockerfileName = "Dockerfile.fat" appArmorProfileNamePat = "%s-apparmor-profile" seccompProfileNamePat = "%s-seccomp.json" https = "https://" @@ -306,7 +306,7 @@ func (i *Inspector) ProcessCollectedData() error { if err != nil { return err } - fatImageDockerfileLocation := filepath.Join(i.ArtifactLocation, fatDockerfileName) + fatImageDockerfileLocation := filepath.Join(i.ArtifactLocation, consts.ReversedDockerfile) err = reverse.SaveDockerfileData(fatImageDockerfileLocation, i.DockerfileInfo.Lines) errutil.FailOn(err) diff --git a/pkg/app/sensor/artifact/artifact.go b/pkg/app/sensor/artifact/artifact.go index 3aa7008ceb..35bd512e31 100644 --- a/pkg/app/sensor/artifact/artifact.go +++ b/pkg/app/sensor/artifact/artifact.go @@ -188,7 +188,7 @@ var binDataReplace = []fsutil.ReplaceInfo{ { PathSuffix: "/node", Match: "node.js/v", - Replace: "dope,fu/v", + Replace: "done,xu/v", }, } diff --git a/pkg/consts/external.go b/pkg/consts/external.go new file mode 100644 index 0000000000..fbaa0a3433 --- /dev/null +++ b/pkg/consts/external.go @@ -0,0 +1,7 @@ +package consts + +// Other constants that external users/consumers will see +const ( + //reverse engineered Dockerfile for the target container image + ReversedDockerfile = "Dockerfile.reversed" +)