diff --git a/DOCKERHUB.md b/DOCKERHUB.md new file mode 100644 index 0000000..094dc24 --- /dev/null +++ b/DOCKERHUB.md @@ -0,0 +1,131 @@ +# Flutter SDK Docker Images + +Git Repository +Wolfi + +Lightweight Flutter SDK images for CI/CD pipelines. Built on [Wolfi](https://wolfi.dev), a security-focused Linux distribution designed for containers. + +## Variants + +- `web` - Web/WASM builds +- `android` - Android APK/AAB builds +- `linux` - Linux desktop builds + +All variants support `linux/amd64` and `linux/arm64`. + +## Why Wolfi? + +[Wolfi](https://wolfi.dev) is a lightweight Linux distribution built specifically for containers. It provides: + +- **Minimal footprint** - Only essential packages, nothing extra +- **Daily security updates** - Patches applied quickly +- **Designed for containers** - No legacy cruft from traditional distros + +## Features + +- **Lightweight** - Optimized for fast CI/CD pulls +- **Secure** - Built on Wolfi with continuous vulnerability scanning +- **Multi-arch** - Supports both `linux/amd64` and `linux/arm64` +- **Non-root** - Runs as unprivileged user (UID 65532) +- **Supply chain security** - SBOM and SLSA provenance attestations included + +## Dockerfile Examples + +### Web App (WASM) + +```dockerfile +FROM svrnty/flutter-sdk:web-latest AS build +WORKDIR /app +COPY . . +RUN flutter pub get && flutter build web --wasm --release + +# Cache-busting: append version to JS/WASM references +RUN VERSION=$(date +%s) && cd build/web && \ + sed -i "s|flutter_bootstrap\.js\"|flutter_bootstrap.js?v=${VERSION}\"|g" index.html && \ + sed -i "s|main\.dart\.js\"|main.dart.js?v=${VERSION}\"|g" flutter_bootstrap.js && \ + sed -i "s|main\.dart\.mjs\"|main.dart.mjs?v=${VERSION}\"|g" flutter_bootstrap.js && \ + sed -i "s|main\.dart\.wasm\"|main.dart.wasm?v=${VERSION}\"|g" flutter_bootstrap.js + +FROM ghcr.io/static-web-server/static-web-server:2 AS sws +FROM scratch +COPY --from=sws /static-web-server /static-web-server +COPY --from=build /app/build/web /public +COPY sws.toml /sws.toml +EXPOSE 8080 +USER 65534 +ENTRYPOINT ["/static-web-server", "--config-file", "/sws.toml"] +``` + +**sws.toml** - Required headers for WASM multi-threading: + +```toml +[general] +host = "0.0.0.0" +port = 8080 +root = "/public" +page-fallback = "/public/index.html" +compression = true + +[[advanced.headers]] +source = "**" +[advanced.headers.headers] +Cross-Origin-Opener-Policy = "same-origin" +Cross-Origin-Embedder-Policy = "require-corp" +``` + +### Android APK + +```dockerfile +FROM svrnty/flutter-sdk:android-latest AS build +WORKDIR /app +COPY . . +RUN flutter pub get && flutter build apk --release + +FROM scratch +COPY --from=build /app/build/app/outputs/flutter-apk/app-release.apk / +``` + +### Linux Desktop + +```dockerfile +FROM svrnty/flutter-sdk:linux-latest AS build +WORKDIR /app +COPY . . +RUN flutter pub get && flutter build linux --release + +FROM debian:bookworm-slim +RUN apt-get update && apt-get install -y libgtk-3-0 && rm -rf /var/lib/apt/lists/* +COPY --from=build /app/build/linux/arm64/release/bundle /app +ENTRYPOINT ["/app/my_app"] +``` + +## CI/CD (Gitea/GitHub Actions) + +```yaml +jobs: + build: + runs-on: ubuntu-latest + container: + image: svrnty/flutter-sdk:android-latest + steps: + - uses: actions/checkout@v4 + - run: flutter pub get + - run: flutter build apk --release +``` + +## Tags + +- `-latest` - Latest stable Flutter release +- `-` - Specific Flutter version (e.g., `android-3.29.0`) + +## Automatic Updates + +Images are automatically rebuilt when: +- New Flutter stable versions are released +- Base image security updates are available + +Every build is scanned and includes supply chain attestations (SBOM, SLSA provenance). + +## License + +MIT