[feature] add comparison

2025-04-28 10:58:10 +02:00
parent 78cede6065
commit 1c78ef6e04
3 changed files with 14 additions and 9 deletions
--- a/.github/workflows/docker.yml
+++ b/.github/workflows/docker.yml
@@ -338,22 +338,20 @@ jobs:


      # README
-      - name: github / checkout master
+      - name: github / checkout HEAD
        continue-on-error: true
-        run: |    
-          git pull     
-          git checkout master
+        run: |     
+          git checkout HEAD

      - name: docker / setup comparison images
        if: env.WORKFLOW_CREATE_COMPARISON == 'true'
        continue-on-error: true
        run: |    
-          docker image prune -af
          docker image pull ${{ env.WORKFLOW_CREATE_COMPARISON_IMAGE }}
          docker image pull ${{ env.WORKFLOW_CREATE_COMPARISON_FOREIGN_IMAGE }}
-          docker image ls &> ./docker.image.ls
-          echo "${PWD}"
-          cat ./docker.image.ls
+          docker image ls --filter "reference=${{ env.WORKFLOW_CREATE_COMPARISON_IMAGE }}" --format json | jq --raw-output '.Size' &> ./comparison.size0.log
+          docker image ls --filter "reference=${{ env.WORKFLOW_CREATE_COMPARISON_FOREIGN_IMAGE }}" --format json | jq --raw-output '.Size' &> ./comparison.size1.log
+          docker run --entrypoint "/bin/sh" --rm ${{ env.WORKFLOW_CREATE_COMPARISON_FOREIGN_IMAGE }} -c id &> ./comparison.id.log

      - name: github / create README.md
        id: github-readme
@@ -409,7 +407,7 @@ jobs:
            git add LICENSE
          fi
          git commit -m "auto update README.md"
-          git push
+          git push origin HEAD:master



--- a/.json
+++ b/.json
@@ -20,6 +20,9 @@
        "11notes/distroless",
        "11notes/distroless:curl"
      ]
+    },
+    "comparison":{
+      "image":"nginx:1.28.0-alpine-slim"
    }
  }
 }
--- a/project.md
+++ b/project.md
@@ -9,9 +9,13 @@ ${{ github:> }}* This image does not ship with any critical or high rated CVE an
 ${{ github:> }}* This image is created via a secure, pinned CI/CD process and immune to upstream attacks, most other images have upstream dependencies that can be exploited
 ${{ github:> }}* This image contains a proper health check that verifies the app is actually working, most other images have either no health check or only check if a port is open or ping works
 ${{ github:> }}* This image works as read-only, most other images need to write files to the image filesystem
+${{ github:> }}* This image is a lot smaller than most other images

 If you value security, simplicity and the ability to interact with the maintainer and developer of an image. Using my images is a great start in that direction.

+${{ content_comparison }}
+
+
 ${{ title_config }}
 ```yaml
 ${{ include: ./rootfs/etc/nginx/nginx.conf }}