rules_docker - Rules for building and handling Docker images with Bazel

  •        367

These rules used to be docker_build, docker_push, etc. and the aliases for these (mostly) legacy names still exist largely for backwards-compatibility. We also have early-stage oci_image, oci_push, etc. aliases for folks that enjoy the consistency of a consistent rule prefix. The only place the format-specific names currently do any more than alias things is in foo_push, where they also specify the appropriate format as which to publish the image.Also, unlike traditional container builds (e.g. Dockerfile), the Docker images produced by container_image are deterministic / reproducible.

https://github.com/bazelbuild/rules_docker

Tags
Implementation
License
Platform

   




Related Projects

colossus - Colossus — An example microservice architecture for Kubernetes using Bazel, Go, Java, Docker, Kubernetes, Minikube, Gazelle, gRPC, Prometheus, Grafana, and more

  •    Python

Wait a second, these services don't do anything meaningful! Nope, they sure don't. But that's okay because the point of this project is to show you how to get the basic (yet not-at-all-trivial) plumbing to work. Colossus is a boilerplate project that's meant as a springboard to more complex and meaningful projects. Getting all of these technologies to work together was a real challenge. I had to dig through countless GitHub issues and dozens of example projects to make all these things work together. I'm offering this repo as a starter pack for other people with a Bazel monorepo targeting Kubernetes.

rules_go - Go rules for Bazel

  •    Go

The master branch is only guaranteed to work with the latest version of Bazel.Create a file at the top of your repository named WORKSPACE and add one of the snippets below, verbatim. This will let Bazel fetch necessary dependencies from this repository and a few others.

Docker-Secure-Deployment-Guidelines - Deployment checklist for securely deploying Docker

  •    

Within today’s growing cloud-based IT market, there is a strong demand for virtualisation technologies. Unfortunately most virtualisation solutions are not flexible enough to meet developer requirements and the overhead implied by the use of full virtualisation solutions becomes a burden on the scalability of the infrastructure. Docker reduces that overhead by allowing developers and system administrators to seamlessly deploy containers for applications and services required for business operations. However, because Docker leverages the same kernel as the host system to reduce the need for resources, containers can be exposed to significant security risks if not adequately configured. The following itemised list suggests hardening actions that can be undertaken to improve the security posture of the containers within their respective environment. It should be noted that proposed solutions only apply to deployment of Linux Docker containers on Linux-based hosts, using the most recent release of Docker at the time of this writing (1.4.0, commit 4595d4f, dating 11/12/14). Part of the content below is based on publications from Jérôme Petazzoni [1] and Daniel J Walsh [2]. This document aims at adding on to their recommendations and how they can specifically be implemented within Docker. Note: Most of suggested command line options can be stored and used in a similar manner inside a Dockerfile for automated image building. Docker 1.3 now supports cryptographic signatures [3] to ascertain the origin and integrity of official repository images. This feature is however still a work in progress as Docker will issue a warning but not prevent the image from actually running. Furthermore, it does not apply to non-official images. In general, ensure that images are only retrieved from trusted repositories and that the --insecure-registry=[] command line option is never used.

nodejs-docker - The Node.js Docker image used by Google App Engine Flexible.

  •    TypeScript

This repository contains the source for the Google-maintained Node.js docker image. This image can be found at launcher.gcr.io/google/nodejs or gcr.io/google-appengine/nodejs and can be used as the base image for running applications on Google App Engine Flexible, Google Container Engine, or any other Docker host.This image is based on Debian Jessie and includes nodejs and npm installed from nodejs.org and yarn installed from yarnpkg.com.


serverless-image-resizing - CloudFormation template to resize images on-the-fly using Amazon API Gateway, AWS Lambda, and Amazon S3

  •    Javascript

Resizes images on the fly using Amazon S3, AWS Lambda, and Amazon API Gateway. Using a conventional URL structure and S3 static website hosting with redirection rules, requests for resized images are redirected to a Lambda function via API Gateway which will resize the image, upload it to S3, and redirect the requestor to the resized image. The next request for the resized image will be served from S3 directly.Use the Amazon Linux Docker container image to build the package using your local system. This repo includes Makefile that will download Amazon Linux, install Node.js and developer tools, and build the extensions using Docker. Run make all.

kraken - P2P Docker registry capable of distributing TBs of data in seconds

  •    Go

Kraken is a P2P-powered Docker registry that focuses on scalability and availability. It is designed for Docker image management, replication and distribution in a hybrid cloud environment. With pluggable backend support, Kraken can easily integrate into existing Docker registry setups as the distribution layer. Kraken has been in production at Uber since early 2018. In our busiest cluster, Kraken distributes more than 1 million blobs per day, including 100k 1G+ blobs. At its peak production load, Kraken distributes 20K 100MB-1G blobs in under 30 sec.

distroless - 🥑 Language focused docker images, minus the operating system.

  •    Python

"Distroless" images contain only your application and its runtime dependencies. They do not contain package managers, shells any other programs you would expect to find in a standard Linux distribution.For more information, see this talk (video).

distroless - 🥑 Language focused docker images, minus the operating system.

  •    Python

"Distroless" images contain only your application and its runtime dependencies. They do not contain package managers, shells or any other programs you would expect to find in a standard Linux distribution. For more information, see this talk (video).

ignite - Ignite a Firecracker microVM

  •    Go

Weave Ignite is an open source Virtual Machine (VM) manager with a container UX and built-in GitOps management. Ignite makes Firecracker easy to use by adopting its developer experience from containers. With Ignite, you pick an OCI-compliant image (Docker image) that you want to run as a VM, and then just execute ignite run instead of docker run. There’s no need to use VM-specific tools to build .vdi, .vmdk, or .qcow2 images, just do a docker build from any base image you want (e.g. ubuntu:18.04 from Docker Hub), and add your preferred contents.

Harbor - An enterprise-class container registry server based on Docker Distribution

  •    Go

Project Harbor is an enterprise-class registry server that stores and distributes Docker images. It extends the open source Docker Distribution by adding the functionalities usually required by an enterprise, such as security, identity and management. As an enterprise private registry, Harbor offers better performance and security.

docker - Docker Official Image packaging for Docker

  •    Shell

This is the Git repo of the Docker "Official Image" for docker (not to be confused with any official docker image provided by docker upstream). See the Docker Hub page for the full readme on how to use this Docker image and for information regarding contributing and issues. The full description from Docker Hub is generated over in docker-library/docs, specifically in docker-library/docs/docker.

Deis - Your PaaS. Your Rules.

  •    Python

Deis (pronounced DAY-iss) is an open source PaaS that makes it easy to deploy and manage applications on your own servers. Deis builds upon Docker and CoreOS to provide a lightweight PaaS with a Heroku-inspired workflow. Deis can deploy any application or service that can run inside a Docker container. In order to be scaled horizontally, applications must follow Heroku's 12-factor methodology and store state in external backing services.

jib - Build container images for your Java applications.

  •    Java

Jib builds optimized Docker and OCI images for your Java applications without a Docker daemon - and without deep mastery of Docker best-practices. It is available as plugins for Maven and Gradle and as a Java library.

image-syncer - Docker image synchronization tool for Docker Registry V2 based services

  •    Go

image-syncer is a docker registry tools. With image-syncer you can synchronize docker images from some source registries to target registries, which include most popular public docker registry services. After v1.2.0, image-syncer supports both YAML and JSON format, and origin config file can be split into "auth" and "images" file. A full list of examples can be found under example, meanwhile the older version of configuration file is still supported via --config flag.

docker-cloud - Automatically run your Docker containers on Google Compute Engine

  •    Go

```Once the authorization is completed, you can start the proxy server. If you don't specify any project ID, it'll use the project ID provided during authorization.```docker-cloud start [-project=<your-google-cloud-project-here>]```

aws-lambda-container-image-converter - The AWS Lambda container image converter tool (img2lambda) repackages container images (such as Docker images) into AWS Lambda layers, and publishes them as new layer versions

  •    Go

This container image converter tool (img2lambda) repackages container images (such as Docker images) into AWS Lambda layers, and publishes them as new layer versions to Lambda. The tool copies all files under '/opt' in the Docker image, maintaining the individual Docker image layers as individual Lambda layers. The published layer ARNs will be stored in a file 'output/layers.json', which can be used as input when creating Lambda functions. Each layer is named using a "namespace" prefix (like img2lambda or my-docker-image) and the SHA256 digest of the Docker image layer, in order to provide a way of tracking the provenance of the Lambda layer back to the Docker image that created it.

Bazel - Google's own build tool

  •    Java

Bazel is a build tool that builds code quickly and reliably. It is used to build the majority of Google's software, and thus it has been designed to handle build problems present in Google's development environment. A comprehensive, built-in set of rules lets you build software for a wide variety of languages and platforms right out of the box.

OpenFaaS - A serverless framework for Docker & Kubernetes

  •    Go

OpenFaaS (Functions as a Service) is a framework for building serverless functions with Docker which has first class support for metrics. Any process can be packaged as a function enabling you to consume a range of web events without repetitive boiler-plate coding.






We have large collection of open source products. Follow the tags from Tag Cloud >>


Open source products are scattered around the web. Please provide information about the open source projects you own / you use. Add Projects.