Comments (20)
Hi, I think I can take a stab at this. I see quite a bit of caches being left uncleaned (e.g., apt and npm) and things being done on many different RUN lines when they should be on the same (eg clone then rm). Fixing those should reduce image size somewhat.
from eth-security-toolbox.
So I gave it a try last night to see how much it would go down by doing some cleaning (I discovered stack
is to blame for most of the bloat), here's the resulting images if you want to try them out and see if I broke anything 👍
https://hub.docker.com/repository/docker/elopez93/etheno/tags?page=1
https://hub.docker.com/repository/docker/elopez93/eth-security-toolbox/tags?page=1
Originals:
https://hub.docker.com/repository/docker/trailofbits/etheno/tags?page=1
https://hub.docker.com/repository/docker/trailofbits/eth-security-toolbox/tags?page=1
REPOSITORY TAG IMAGE ID CREATED SIZE
elopez93/eth-security-toolbox latest 38f661e84fab 8 minutes ago 2.16GB
elopez93/etheno 0.2.3-master e5a632546fc3 9 hours ago 1.32GB
trailofbits/eth-security-toolbox latest f813b84e1687 34 hours ago 15.2GB
trailofbits/etheno latest c5b34e5bbde3 35 hours ago 9.57GB
from eth-security-toolbox.
Each of our tools has its own Docker image that is much smaller, so if you only need one specific one (e.g., Echidna or Manticore), then you can use their specific containers. But yes, reducing the size of the Docker image is a long term goal. I’ll keep this issue open to track progress.
from eth-security-toolbox.
Task Description
Reduce the docker image
Acceptance criteria
- The docker image is significantly reduced
Required Skills
- Docker
Please share thoroughly your plan to reduce the image size before starting.
Feel free to ask questions here, or join our slack (#ethereum)
from eth-security-toolbox.
Issue Status: 1. Open 2. Started 3. Submitted 4. Done
This issue now has a funding of 200.0 SAI (200.0 USD @ $1.0/SAI) attached to it.
- If you would like to work on this issue you can 'start work' on the Gitcoin Issue Details page.
- Want to chip in? Add your own contribution here.
- Questions? Checkout Gitcoin Help or the Gitcoin Slack
- $114,807.00 more funded OSS Work available on the Gitcoin Issue Explorer
from eth-security-toolbox.
Issue Status: 1. Open 2. Started 3. Submitted 4. Done
Workers have applied to start work.
These users each claimed they can complete the work by 1 month from now.
Please review their action plans below:
1) elopez has applied to start work (Funders only: approve worker | reject worker).
I see quite a bit of caches being left uncleaned (e.g., apt and npm) and things being done on many different RUN lines when they should be on the same (eg clone then rm). Fixing those should reduce image size somewhat.
Learn more on the Gitcoin Issue Details page.
from eth-security-toolbox.
Issue Status: 1. Open 2. Started 3. Submitted 4. Done
Work has been started.
These users each claimed they can complete the work by 1 week, 5 days from now.
Please review their action plans below:
1) elopez has been approved to start work.
I see quite a bit of caches being left uncleaned (e.g., apt and npm) and things being done on many different RUN lines when they should be on the same (eg clone then rm). Fixing those should reduce image size somewhat.
2) tkembo has applied to start work (Funders only: approve worker | reject worker).
I'll rewrite the Dockerfile. This Dockerfile is based on another Dockerfile (trailofbits/etheno:latest) whose base os is Ubuntu. Just changing the base os to apline will reduce the size of it drastically. Also, and more apropriately for this Dockerfile, Alpine linux is more secure than Ubuntu - read more here: https://alpinelinux.org/about/
Learn more on the Gitcoin Issue Details page.
from eth-security-toolbox.
@elopez Can you send a PR so we can try it out with building the dockerfile ourselves?
from eth-security-toolbox.
Sure, I will send PRs here and on etheno later today.
from eth-security-toolbox.
Hi @elopez, thank you for your interest in this issue, your solution looks promising!
@ceresstation can you approve @elopez for this bounty? Thanks
from eth-security-toolbox.
@disconnect3d there they are 😄 Make sure to rebuild the updated etheno image first and tag it as trailofbits/etheno:latest
so that docker picks up the smaller image when you build eth-security-toolbox
.
from eth-security-toolbox.
@elopez Hello from Gitcoin Core - are you still working on this issue? Please submit a WIP PR or comment back within the next 3 days or you will be removed from this ticket and it will be returned to an ‘Open’ status. Please let us know if you have questions!
- reminder (3 days)
- escalation to mods (6 days)
Funders only: Snooze warnings for 1 day | 3 days | 5 days | 10 days | 100 days
from eth-security-toolbox.
I still am :) I found a few smaller tweaks that can be done, I'll follow up during the weekend.
from eth-security-toolbox.
@disconnect3d I've sent another small PR for the etheno image, to save a few megabytes more. Please have a look at it when you get a chance :)
I guess there is a discussion to be had about what uses people have for these Docker images, and if their size is now fit for those purposes. I feel they are mainly meant for people to use them interactively, since they contain, for instance, examples.
If there is a need for more "CI friendly" images, then maybe another slimmer Dockerfile
based on Alpine could possibly be written for that purpose. But maybe ~2GB for all the tools here is already alright and not worth the extra effort. What do you think @jmcnevin?
from eth-security-toolbox.
You are correct, they are typically used interactively, which is why we didn't originally use Alpine.
from eth-security-toolbox.
We went down from 15 -> 2 GB. Thanks @elopez!
$ sudo docker images | grep eth
trailofbits/eth-security-toolbox latest f11c15fe7a2b 8 hours ago 2.07GB
trailofbits/etheno latest a6ad2d93a35b 15 hours ago 1.25GB
trailofbits/eth-security-toolbox <none> 8bc811698b85 8 days ago 15.2GB
@gitcoinbot Please mark the job as done :)
from eth-security-toolbox.
@ceresstation: can you send the bounty to @elopez? Thanks!
from eth-security-toolbox.
⚡️ A tip worth 200.00000 SAI (200.0 USD @ $1.0/SAI) has been granted to @elopez for this issue from @ceresstation. ⚡️
Nice work @elopez! To redeem your tip, login to Gitcoin at https://gitcoin.co/explorer and select 'Claim Tip' from dropdown menu in the top right, or check your email for a link to the tip redemption page.
- $97022.43 in Funded OSS Work Available at: https://gitcoin.co/explorer
- Incentivize contributions to your repo: Send a Tip or Fund a PR
- No Email? Get help on the Gitcoin Slack
from eth-security-toolbox.
@elopez Hello from Gitcoin Core - are you still working on this issue? Please submit a WIP PR or comment back within the next 3 days or you will be removed from this ticket and it will be returned to an ‘Open’ status. Please let us know if you have questions!
- reminder (3 days)
- escalation to mods (6 days)
Funders only: Snooze warnings for 1 day | 3 days | 5 days | 10 days | 100 days
from eth-security-toolbox.
Issue Status: 1. Open 2. Started 3. Submitted 4. Done
This Bounty has been completed.
Additional Tips for this Bounty:
- ceresstation tipped 200.0000 SAI worth 200.0 USD to elopez.
- Learn more on the Gitcoin Issue Details page
- Questions? Checkout Gitcoin Help or the Gitcoin Slack
- $96,764.86 more funded OSS Work available on the Gitcoin Issue Explorer
from eth-security-toolbox.
Related Issues (20)
- Adding new solc versions
- New slither version HOT 2
- Vyper support?
- Installed Node version creates issues with etheno --ganache
- Fix automated build HOT 1
- Adding newer solc versions? HOT 3
- Echidna doesn't work HOT 6
- Use solc-select from pip
- Break up monolithic image into images targeting solc versions HOT 2
- ImportError: Missing some packages for native binary analysis. Please install them with pip3 install manticore[native]
- Update slither to v0.8.2 HOT 1
- Tag docker image with version HOT 1
- M1 Support HOT 5
- Install foundry HOT 1
- Can't run slither from docker image without interactive mode HOT 2
- etheno does not work HOT 1
- Error when buiding from the scratch HOT 3
- Update solc installation
- Consider including vyper HOT 1
- Update to include newer tools and deprecate not actively used/maintained
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from eth-security-toolbox.