Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Distroless] Enable Distroless Java SDK based container images #32818

Open
5 of 6 tasks
Tracked by #32815
damondouglas opened this issue Oct 16, 2024 · 2 comments
Open
5 of 6 tasks
Tracked by #32815

[Distroless] Enable Distroless Java SDK based container images #32818

damondouglas opened this issue Oct 16, 2024 · 2 comments
Assignees

Comments

@damondouglas
Copy link
Contributor

damondouglas commented Oct 16, 2024

Summary

Add distroless variants to existing Java SDK container images:

  • beam-sdk/beam_java17_sdk
  • beam-sdk/beam_java21_sdk

Description

The Publish Beam SDK Snapshots, and build_release_candidate GitHub workflows build and publish Beam container images using docker. The distroless base images by design lack tools assumed to exist in Java Dockerfiles such as file system tools. In order to reuse the existing Dockerfile to add a distroless variant, we need to employ a multi-stage build approach.

Blockers

Measures of Done

@damondouglas damondouglas self-assigned this Oct 16, 2024
@damondouglas damondouglas changed the title Enable Distroless Java SDK based container images [Distroless] Enable Distroless Java SDK based container images Oct 16, 2024
@damondouglas damondouglas added this to the 2.62.0 Release milestone Oct 29, 2024
@kennknowles
Copy link
Member

How's the status here? I would love to cherry-pick changes if they are not risky, in order to offer users an option to get fewer vuln scanner results.

@kennknowles
Copy link
Member

It seems that Java may not be as up to date as we want so this may not be a good choice.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants