Skip to content

refactor(docker): modernize Dockerfile.debian with build optimizations#4398

Open
spnngl wants to merge 1 commit intocrowdsecurity:masterfrom
spnngl:chore/dockerfile/improvements
Open

refactor(docker): modernize Dockerfile.debian with build optimizations#4398
spnngl wants to merge 1 commit intocrowdsecurity:masterfrom
spnngl:chore/dockerfile/improvements

Conversation

@spnngl
Copy link
Copy Markdown

@spnngl spnngl commented Apr 2, 2026
edited
Loading

  • Add BuildKit syntax directive and SHELL for proper error handling
  • Upgrade base images from bookworm to trixie
  • Add cache mounts for apt, re2, go modules, and go build (arch-specific)
  • Split go mod download from build for better layer caching
  • Use heredoc syntax for cleaner multi-line RUN commands
  • Add apt-get upgrade for security patches in runtime image
  • Use --no-install-recommends consistently to reduce image size
  • Set CGO_ENABLED=1 with PKG_CONFIG_PATH/LD_LIBRARY_PATH for re2
  • Add proper error handling with || exit 1 and subshells
  • Add missing nc deps to debian image

@spnngl
refactor(docker): modernize Dockerfile.debian with build optimizations
5e754f3 
- Add BuildKit syntax directive and SHELL for proper error handling
- Upgrade base images from bookworm to trixie
- Add cache mounts for apt, re2, go modules, and go build (arch-specific)
- Split go mod download from build for better layer caching
- Use heredoc syntax for cleaner multi-line RUN commands
- Add apt-get upgrade for security patches in runtime image
- Use --no-install-recommends consistently to reduce image size
- Set CGO_ENABLED=1 with PKG_CONFIG_PATH/LD_LIBRARY_PATH for re2
- Add proper error handling with || exit 1 and subshells
@github-actions
Copy link
Copy Markdown

github-actions bot commented Apr 2, 2026

@spnngl: There are no 'kind' label on this PR. You need a 'kind' label to generate the release automatically.

  • /kind feature
  • /kind enhancement
  • /kind refactoring
  • /kind fix
  • /kind chore
  • /kind dependencies
Details

I am a bot created to help the crowdsecurity developers manage community feedback and contributions. You can check out my manifest file to understand my behavior and what I can do. If you want to use this for your project, you can check out the BirthdayResearch/oss-governance-bot repository.

@github-actions
Copy link
Copy Markdown

github-actions bot commented Apr 2, 2026

@spnngl: There are no area labels on this PR. You can add as many areas as you see fit.

  • /area agent
  • /area local-api
  • /area cscli
  • /area appsec
  • /area security
  • /area configuration
Details

I am a bot created to help the crowdsecurity developers manage community feedback and contributions. You can check out my manifest file to understand my behavior and what I can do. If you want to use this for your project, you can check out the BirthdayResearch/oss-governance-bot repository.

@spnngl
Copy link
Copy Markdown
Author

spnngl commented Apr 2, 2026

/kind enhancement
/area agent
/area local-api
/area appsec

@spnngl
Copy link
Copy Markdown
Author

spnngl commented Apr 2, 2026

@blotus Could I have a review please ? 🙏

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

area/agent area/appsec area/local-api kind/enhancement New feature or request

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@spnngl