Offer slimmer docker image options about eth-security-toolbox HOT 20 CLOSED

Hi, I think I can take a stab at this. I see quite a bit of caches being left uncleaned (e.g., apt and npm) and things being done on many different RUN lines when they should be on the same (eg clone then rm). Fixing those should reduce image size somewhat.

from eth-security-toolbox.

So I gave it a try last night to see how much it would go down by doing some cleaning (I discovered stack is to blame for most of the bloat), here's the resulting images if you want to try them out and see if I broke anything 👍

https://hub.docker.com/repository/docker/elopez93/etheno/tags?page=1
https://hub.docker.com/repository/docker/elopez93/eth-security-toolbox/tags?page=1

Originals:
https://hub.docker.com/repository/docker/trailofbits/etheno/tags?page=1
https://hub.docker.com/repository/docker/trailofbits/eth-security-toolbox/tags?page=1

REPOSITORY                         TAG                   IMAGE ID            CREATED             SIZE
elopez93/eth-security-toolbox      latest                38f661e84fab        8 minutes ago       2.16GB
elopez93/etheno                    0.2.3-master          e5a632546fc3        9 hours ago         1.32GB
trailofbits/eth-security-toolbox   latest                f813b84e1687        34 hours ago        15.2GB
trailofbits/etheno                 latest                c5b34e5bbde3        35 hours ago        9.57GB

from eth-security-toolbox.

Each of our tools has its own Docker image that is much smaller, so if you only need one specific one (e.g., Echidna or Manticore), then you can use their specific containers. But yes, reducing the size of the Docker image is a long term goal. I’ll keep this issue open to track progress.

from eth-security-toolbox.

Task Description

Reduce the docker image

Acceptance criteria

• The docker image is significantly reduced

Required Skills

• Docker

Please share thoroughly your plan to reduce the image size before starting.

Feel free to ask questions here, or join our slack (#ethereum)

from eth-security-toolbox.

Issue Status: 1. Open 2. Started 3. Submitted 4. Done

This issue now has a funding of 200.0 SAI (200.0 USD @ $1.0/SAI) attached to it.

• If you would like to work on this issue you can 'start work' on the Gitcoin Issue Details page.
• Want to chip in? Add your own contribution here.
• Questions? Checkout Gitcoin Help or the Gitcoin Slack
• $114,807.00 more funded OSS Work available on the Gitcoin Issue Explorer

from eth-security-toolbox.

Issue Status: 1. Open 2. Started 3. Submitted 4. Done

Workers have applied to start work.

These users each claimed they can complete the work by 1 month from now.
Please review their action plans below:

1) elopez has applied to start work (Funders only: approve worker | reject worker).

I see quite a bit of caches being left uncleaned (e.g., apt and npm) and things being done on many different RUN lines when they should be on the same (eg clone then rm). Fixing those should reduce image size somewhat.

Learn more on the Gitcoin Issue Details page.

from eth-security-toolbox.

Issue Status: 1. Open 2. Started 3. Submitted 4. Done

Work has been started.

These users each claimed they can complete the work by 1 week, 5 days from now.
Please review their action plans below:

1) elopez has been approved to start work.

I see quite a bit of caches being left uncleaned (e.g., apt and npm) and things being done on many different RUN lines when they should be on the same (eg clone then rm). Fixing those should reduce image size somewhat.
2) tkembo has applied to start work (Funders only: approve worker | reject worker).

I'll rewrite the Dockerfile. This Dockerfile is based on another Dockerfile (trailofbits/etheno:latest) whose base os is Ubuntu. Just changing the base os to apline will reduce the size of it drastically. Also, and more apropriately for this Dockerfile, Alpine linux is more secure than Ubuntu - read more here: https://alpinelinux.org/about/

Learn more on the Gitcoin Issue Details page.

from eth-security-toolbox.

@elopez Can you send a PR so we can try it out with building the dockerfile ourselves?

from eth-security-toolbox.

Sure, I will send PRs here and on etheno later today.

from eth-security-toolbox.

Hi @elopez, thank you for your interest in this issue, your solution looks promising!

@ceresstation can you approve @elopez for this bounty? Thanks

from eth-security-toolbox.

@disconnect3d there they are 😄 Make sure to rebuild the updated etheno image first and tag it as trailofbits/etheno:latest so that docker picks up the smaller image when you build eth-security-toolbox.

from eth-security-toolbox.

@elopez Hello from Gitcoin Core - are you still working on this issue? Please submit a WIP PR or comment back within the next 3 days or you will be removed from this ticket and it will be returned to an ‘Open’ status. Please let us know if you have questions!

• reminder (3 days)
• escalation to mods (6 days)

Funders only: Snooze warnings for 1 day | 3 days | 5 days | 10 days | 100 days

from eth-security-toolbox.

I still am :) I found a few smaller tweaks that can be done, I'll follow up during the weekend.

from eth-security-toolbox.

@disconnect3d I've sent another small PR for the etheno image, to save a few megabytes more. Please have a look at it when you get a chance :)

I guess there is a discussion to be had about what uses people have for these Docker images, and if their size is now fit for those purposes. I feel they are mainly meant for people to use them interactively, since they contain, for instance, examples.

If there is a need for more "CI friendly" images, then maybe another slimmer Dockerfile based on Alpine could possibly be written for that purpose. But maybe ~2GB for all the tools here is already alright and not worth the extra effort. What do you think @jmcnevin?

from eth-security-toolbox.

You are correct, they are typically used interactively, which is why we didn't originally use Alpine.

from eth-security-toolbox.

We went down from 15 -> 2 GB. Thanks @elopez!

$ sudo docker images | grep eth
trailofbits/eth-security-toolbox               latest              f11c15fe7a2b        8 hours ago         2.07GB
trailofbits/etheno                             latest              a6ad2d93a35b        15 hours ago        1.25GB
trailofbits/eth-security-toolbox               <none>              8bc811698b85        8 days ago          15.2GB

@gitcoinbot Please mark the job as done :)

from eth-security-toolbox.

@ceresstation: can you send the bounty to @elopez? Thanks!

from eth-security-toolbox.

⚡️ A tip worth 200.00000 SAI (200.0 USD @ $1.0/SAI) has been granted to @elopez for this issue from @ceresstation. ⚡️

Nice work @elopez! To redeem your tip, login to Gitcoin at https://gitcoin.co/explorer and select 'Claim Tip' from dropdown menu in the top right, or check your email for a link to the tip redemption page.

• $97022.43 in Funded OSS Work Available at: https://gitcoin.co/explorer
• Incentivize contributions to your repo: Send a Tip or Fund a PR
• No Email? Get help on the Gitcoin Slack

from eth-security-toolbox.

@elopez Hello from Gitcoin Core - are you still working on this issue? Please submit a WIP PR or comment back within the next 3 days or you will be removed from this ticket and it will be returned to an ‘Open’ status. Please let us know if you have questions!

• reminder (3 days)
• escalation to mods (6 days)

Funders only: Snooze warnings for 1 day | 3 days | 5 days | 10 days | 100 days

from eth-security-toolbox.

Issue Status: 1. Open 2. Started 3. Submitted 4. Done

This Bounty has been completed.

Additional Tips for this Bounty:

• ceresstation tipped 200.0000 SAI worth 200.0 USD to elopez.

• Learn more on the Gitcoin Issue Details page
• Questions? Checkout Gitcoin Help or the Gitcoin Slack
• $96,764.86 more funded OSS Work available on the Gitcoin Issue Explorer

from eth-security-toolbox.