Initial base distro with apko/Wolfi configs

Five minimal OCI image variants built with apko: - base: ~5.5MB glibc runtime (wolfi-baselayout, libstdc++, ca-certs, tzdata) - build: base + build tools (bash, git, curl, wget, unzip, xz) - dotnet-runtime: base + ICU, OpenSSL, zlib for .NET runtime - dotnet-sdk: build + ICU, OpenSSL, zlib for .NET SDK - flutter: build variant configured for Flutter SDK Includes melange package definitions for .NET 10 SDK/runtime and Flutter SDK (for future use when building custom APKs). CI/CD pipelines: publish on release, Scout CVE comparison on PRs, weekly rebuild for Wolfi security patches. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-02-02 02:32:32 -05:00
commit 734939fd12
15 changed files with 677 additions and 0 deletions
@@ -0,0 +1,43 @@
+# Example: .NET 10 runtime image using base-distro
+#
+# Usage in accounting-api or route-api:
+#   FROM svrnty/base-distro:dotnet-sdk-latest AS build
+#   ... (build stage with .NET SDK installed on top) ...
+#
+#   FROM svrnty/base-distro:dotnet-runtime-latest AS final
+#   COPY --from=build /app .
+#   ENTRYPOINT ["dotnet", "MyApp.dll"]
+
+# Build stage: use the SDK base + install .NET SDK
+FROM svrnty/base-distro:dotnet-sdk-latest AS build
+
+# Install .NET 10 SDK (not yet in Wolfi, manual tarball install)
+USER root
+RUN curl -fsSL "https://dotnetcli.azureedge.net/dotnet/Sdk/10.0.100/dotnet-sdk-10.0.100-linux-$(uname -m | sed 's/x86_64/x64/;s/aarch64/arm64/').tar.gz" \
+      -o /tmp/dotnet-sdk.tar.gz && \
+    mkdir -p /usr/share/dotnet && \
+    tar xf /tmp/dotnet-sdk.tar.gz -C /usr/share/dotnet && \
+    ln -sf /usr/share/dotnet/dotnet /usr/bin/dotnet && \
+    rm /tmp/dotnet-sdk.tar.gz
+
+WORKDIR /source
+COPY . .
+RUN dotnet publish -o /app
+
+# Runtime stage: minimal base + .NET runtime only
+FROM svrnty/base-distro:dotnet-runtime-latest AS final
+
+# Install .NET 10 ASP.NET runtime
+USER root
+RUN curl -fsSL "https://dotnetcli.azureedge.net/dotnet/aspnetcore/Runtime/10.0.0/aspnetcore-runtime-10.0.0-linux-$(uname -m | sed 's/x86_64/x64/;s/aarch64/arm64/').tar.gz" \
+      -o /tmp/aspnet-runtime.tar.gz && \
+    mkdir -p /usr/share/dotnet && \
+    tar xf /tmp/aspnet-runtime.tar.gz -C /usr/share/dotnet && \
+    ln -sf /usr/share/dotnet/dotnet /usr/bin/dotnet && \
+    rm /tmp/aspnet-runtime.tar.gz
+
+WORKDIR /app
+COPY --from=build /app .
+
+USER 65532
+ENTRYPOINT ["dotnet", "MyApp.dll"]
@@ -0,0 +1,30 @@
+# Example: Flutter web build image using base-distro
+#
+# Usage in flutter-admin-console or other Flutter web projects:
+#   FROM svrnty/base-distro:flutter-latest AS build
+#   ... (install Flutter SDK, build web app) ...
+
+FROM svrnty/base-distro:flutter-latest AS build
+
+# Install Flutter SDK on top of the base
+USER root
+ARG FLUTTER_VERSION=3.38.9
+RUN curl -fsSL "https://storage.googleapis.com/flutter_infra_release/releases/stable/linux/flutter_linux_${FLUTTER_VERSION}-stable.tar.xz" \
+      -o /tmp/flutter.tar.xz && \
+    mkdir -p /opt && \
+    tar xf /tmp/flutter.tar.xz -C /opt && \
+    rm /tmp/flutter.tar.xz && \
+    git config --global --add safe.directory /opt/flutter && \
+    flutter config --enable-web \
+      --no-enable-android --no-enable-ios \
+      --no-enable-linux-desktop --no-enable-macos-desktop \
+      --no-enable-windows-desktop && \
+    flutter precache --web \
+      --no-android --no-ios --no-linux \
+      --no-macos --no-windows --no-fuchsia --no-universal && \
+    chown -R 65532:65532 /opt/flutter
+
+USER 65532
+WORKDIR /app
+COPY . .
+RUN flutter pub get && flutter build web --wasm --release