Container tag slim

.github/workflows/docker-publish.yml

@@ -9,11 +9,11 @@ on:
   #schedule:
   #  - cron: '35 11 * * *'
   push:
-    branches: [ main ]
+    branches: [ main, container-tag-slim ]
     # Publish semver tags as releases.
     tags: [ 'v*.*.*' ]
   pull_request:
-    branches: [ main ]
+    branches: [ main, container-tag-slim ]
 
 env:
   # Use docker.io for Docker Hub if empty

Dockerfile

@@ -1,65 +1,19 @@
-FROM node:24.0.2-slim
+FROM alpine:3.22
 
-ENV DEBIAN_FRONTEND noninteractive
-ENV PNPM_VERSION 10.11.0
-ENV TURBO_VERSION 2.5.3
-ENV TSX_VERSION 4.19.4
-ENV TS_NODE 10.9.2
-ENV SWC_CORE 1.11.24
-ENV AWS_CLI 2.27.19
-ENV BUILDKIT_VERSION 0.21.1
+ENV AWS_CLI=2.27.25-r0
 
-RUN apt-get update -y \
- && apt-get install -y --no-install-recommends \
-    software-properties-common \
+RUN apk update \
+ && apk add --no-cache \
     ca-certificates \
-    build-essential \
+    build-base \
+    bash \
     wget \
     jq \
     patch \
-    python3 \ 
     curl \
     unzip \
-    git \
- && apt-get clean
+    aws-cli=${AWS_CLI} \
+    # docker cli tool
+    skopeo 
 
-# install awscli v2. see https://docs.aws.amazon.com/cli/latest/userguide/getting-started-install.html
-RUN curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64-${AWS_CLI}.zip" -o /tmp/awscliv2.zip \
- && unzip /tmp/awscliv2.zip -d /tmp/ \
- && /tmp/aws/install \
- && rm /tmp/awscliv2.zip \
- && rm -rf /tmp/aws
-
-# install node packages
-RUN npm i -g pnpm@${PNPM_VERSION} turbo@${TURBO_VERSION} tsx@${TSX_VERSION} ts-node@${TS_NODE} @swc/core@${SWC_CORE}
-
-RUN curl -L "https://github.com/moby/buildkit/releases/download/v${BUILDKIT_VERSION}/buildkit-v${BUILDKIT_VERSION}.linux-amd64.tar.gz" -o /tmp/buildkit.tar.gz \
- && mkdir -p /tmp/buildkit \
- && tar -C /tmp/buildkit -xzf /tmp/buildkit.tar.gz \
- && mv /tmp/buildkit/bin/buildctl /usr/bin/buildctl \
- && chmod a+x /usr/bin/buildctl \
- && rm -rf /tmp/buildkit \
- && rm /tmp/buildkit.tar.gz
-
-# install kubectl
-RUN curl -L "https://dl.k8s.io/release/v1.30.13/bin/linux/amd64/kubectl" -o "/usr/bin/kubectl-v1.30" \
- && curl -L "https://dl.k8s.io/release/v1.31.9/bin/linux/amd64/kubectl" -o "/usr/bin/kubectl-v1.31" \
- && curl -L "https://dl.k8s.io/release/v1.32.5/bin/linux/amd64/kubectl" -o "/usr/bin/kubectl-v1.32" \
- && chmod a+x /usr/bin/kubectl*
-
-RUN ln -s /usr/bin/kubectl-v1.32 /usr/bin/kubectl
-
-# install golang
-COPY --from=golang:1.22.0 /usr/local/go/ /usr/local/go/
-ENV GOPATH /go
-ENV PATH $GOPATH/bin:/usr/local/go/bin:/usr/bin:${PATH}
-
-# install amazon-ecr-credential-helper
-RUN curl -L "https://amazon-ecr-credential-helper-releases.s3.us-east-2.amazonaws.com/0.9.1/linux-amd64/docker-credential-ecr-login" -o "/usr/bin/docker-credential-ecr-login" \
- && chmod a+x /usr/bin/docker-credential-ecr-login
-
-RUN mkdir -p "$GOPATH/src" "$GOPATH/bin" && chmod -R 777 "$GOPATH"
-
-# install uv
-# https://docs.astral.sh/uv/reference/installer/#unmanaged-installations
-RUN curl -LsSf https://astral.sh/uv/install.sh | env UV_UNMANAGED_INSTALL="/usr/bin" sh
+COPY script /script

script/add-container-tag

@@ -0,0 +1,92 @@
+#!/bin/bash -e
+
+add_docker_tag() {
+    local IMAGE_PATH="$1"
+    local NEW_TAG="$2"
+    local USERNAME="$3"
+    local PASSWORD="$4"
+
+    local REGISTRY_URL=$(echo $IMAGE_PATH | cut -d'/' -f1)
+    local REPO_PATH=$(echo $IMAGE_PATH | cut -d'/' -f2- | cut -d':' -f1)
+    local CURRENT_TAG=$(echo $IMAGE_PATH | cut -d':' -f2)
+
+    # 붙일 태그가 없으면 에러
+    if [[ -z "$CURRENT_TAG" ]]; then
+        echo "Error: Current tag not found in image path '$IMAGE_PATH'"
+        return 1
+    fi
+
+    if [[ -z "$NEW_TAG" ]]; then
+        echo "Error: New tag is empty"
+        return 1
+    fi
+
+    echo "Start tagging: $REGISTRY_URL/$REPO_PATH, $CURRENT_TAG -> $NEW_TAG"
+
+    local SOURCE_IMAGE="docker://$REGISTRY_URL/$REPO_PATH:$CURRENT_TAG"
+    local DEST_IMAGE="docker://$REGISTRY_URL/$REPO_PATH:$NEW_TAG"
+
+    local AUTH_OPTS=""
+    if [[ -n "$USERNAME" && -n "$PASSWORD" ]]; then
+        echo "Using provided credentials for authentication: user=$USERNAME password=$PASSWORD"
+        AUTH_OPTS="--src-creds $USERNAME:$PASSWORD --dest-creds $USERNAME:$PASSWORD"
+    fi
+
+    echo "Adding new tag '$NEW_TAG'..."
+
+    if skopeo copy $AUTH_OPTS "$SOURCE_IMAGE" "$DEST_IMAGE"; then
+        echo "Successfully added tag '$NEW_TAG' to $IMAGE_PATH"
+        return 0
+    else
+        echo "Error: Failed to add tag '$NEW_TAG'"
+        return 1
+    fi
+}
+
+
+TAG_TO_ADD=$1
+DOCKER_REGISTRY=$2
+TOKEN=$3
+
+if [ -z "$TAG_TO_ADD" ] || [ -z "$DOCKER_REGISTRY" ]; then
+    echo "Usage: echo -e 'image1\\nimage2\\nimage3' | $0 <tag_to_add> <docker_registry> [token]"
+    exit 1
+fi
+
+# if ECR
+if [[ "$DOCKER_REGISTRY" == *".dkr.ecr."* ]]; then
+    USERNAME="AWS"
+    PASSWORD=$(aws ecr get-login-password --region us-east-1)
+else
+    USERNAME=$(echo "$TOKEN" | base64 -d | cut -d: -f1)
+    PASSWORD=$(echo "$TOKEN" | base64 -d | cut -d: -f2)
+fi
+
+if [[ -z "$PASSWORD" && "$DOCKER_REGISTRY" == *".dkr.ecr."* ]]; then
+    echo "Error: ECR token is required for ECR registry"
+    exit 1
+fi
+
+if [[ -z "$TOKEN" ]]; then
+    echo "Error: Token is required for non-ECR registry"
+    exit 1
+fi
+
+# stdin에서 이미지 목록을 배열로 읽기
+mapfile -t IMAGES
+if [ ${#IMAGES[@]} -eq 0 ]; then
+    echo "Error: No images found"
+    exit 1
+fi
+
+for IMAGE in "${IMAGES[@]}"; do
+    if [[ $IMAGE != *"$DOCKER_REGISTRY"* ]]; then
+        echo "Skipping: $IMAGE (not from $DOCKER_REGISTRY)"
+        continue
+    fi
+
+    echo "add_docker_tag $IMAGE $TAG_TO_ADD $USERNAME"
+    add_docker_tag "$IMAGE" "$TAG_TO_ADD" "$USERNAME" "$PASSWORD" &
+done
+wait
+