This document provides guidelines for the Docker image provided in the context of Kyma.
Place images in the Kyma Docker registry located at
eu.gcr.io/kyma-project. For development and proof of concepts, use the following location:
All images use the following attributes:
- an image name which is the same as the related project. Do not use prefixes. If the image requires sub-modularization, append it as in "istio-mixer"
- a tag with a semantic version number, like
Assume an initializer image for the Helm Broker extension. This is the example of the location and the name of the image:
Base all images on an image that is as small as possible in size and dependency. A base image must have a specified version. Do not use the
An application based on Go should originate from a
scratch image. If a
scratch image does not have the specific tooling available, you can use an
alpine base image having the package catalog updated.
nginx-alpine base image with an updated package catalog.
All images use the
source label with a link to the GitHub repository containing the sources.
Define labels as in the following example:
source = firstname.lastname@example.org:kyma-project/examples.git
Kyma uses some Docker images that originally were not built (and hosted) by us. For security and reliability reasons, we need to copy all external images to our own Docker registry. We have two solutions to this problem: the third-party-images repository and the image-syncer tool.
If you want to rebuild the image from scratch, use the third-party-images repository. For every component, create a separate directory. You need to provide a Dockerfile, a Makefile, and create a ProwJob for building your images. See the repository content for more information.
If you want to "cache" an image from an external registry, use the image-syncer tool.
To copy the image to our registry, modify the external-images.yaml file.
After your change is merged to the
main branch, you can check the new image URL in the logs of the post-main-test-infra-image-syncer-run job.
For example, the source image
grafana/grafana:7.0.6 will be transformed to
This URL can then be used in your Helm charts.
Go from scratch:
FROM scratchLABEL email@example.com:kyma-project/examples.gitADD main /CMD ["/main"]
Go from alpine:
FROM alpine:3.7RUN apk --no-cache upgrade && apk --no-cache add curlLABEL firstname.lastname@example.org:kyma-project/examples.gitADD main /CMD ["/main"]
FROM nginx:1.13-alpineRUN apk --no-cache upgradeLABEL email@example.com:kyma-project/examples.gitCOPY nginx.conf /etc/nginx/nginx.confCOPY /build var/publicEXPOSE 80CMD ["nginx", "-g", "daemon off;"]