f54b8f37ae
The build uses --build-arg to override the Dockerfile default, so README sync should read from the actual release tag. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> |
||
|---|---|---|
| .gitea/workflows | ||
| .gitignore | ||
| Dockerfile | ||
| Dockerfile.android | ||
| Dockerfile.linux | ||
| PLAN.md | ||
| README.md | ||
Flutter SDK Docker Images
Lightweight Flutter SDK images for CI/CD pipelines. Built on Wolfi, a security-focused Linux distribution designed for containers.
Images
| Variant | Use Case | Size | Arch |
|---|---|---|---|
 |
Web/WASM builds |  |
  |
 |
Android APK/AAB builds |  |
|
 |
Linux desktop builds |  |
|
Why Wolfi?
Wolfi is a lightweight Linux distribution built specifically for containers. It provides:
- Minimal footprint - Only essential packages, nothing extra
- Daily security updates - Patches applied quickly
- Designed for containers - No legacy cruft from traditional distros
Features
- Lightweight - Optimized for fast CI/CD pulls
- Secure - Built on Wolfi with continuous vulnerability scanning
- Multi-arch - Supports both
linux/amd64andlinux/arm64 - Non-root - Runs as unprivileged user (UID 65532)
- Supply chain security - SBOM and SLSA provenance attestations included
Dockerfile Examples
Web App (WASM)
FROM svrnty/flutter-sdk:web-latest AS build
WORKDIR /app
COPY . .
RUN flutter pub get && flutter build web --wasm --release
# Cache-busting: append version to JS/WASM references
RUN VERSION=$(date +%s) && cd build/web && \
sed -i "s|flutter_bootstrap\.js\"|flutter_bootstrap.js?v=${VERSION}\"|g" index.html && \
sed -i "s|main\.dart\.js\"|main.dart.js?v=${VERSION}\"|g" flutter_bootstrap.js && \
sed -i "s|main\.dart\.mjs\"|main.dart.mjs?v=${VERSION}\"|g" flutter_bootstrap.js && \
sed -i "s|main\.dart\.wasm\"|main.dart.wasm?v=${VERSION}\"|g" flutter_bootstrap.js
FROM ghcr.io/static-web-server/static-web-server:2 AS sws
FROM scratch
COPY --from=sws /static-web-server /static-web-server
COPY --from=build /app/build/web /public
COPY sws.toml /sws.toml
EXPOSE 8080
USER 65534
ENTRYPOINT ["/static-web-server", "--config-file", "/sws.toml"]
sws.toml - Required headers for WASM multi-threading:
[general]
host = "0.0.0.0"
port = 8080
root = "/public"
page-fallback = "/public/index.html"
compression = true
[[advanced.headers]]
source = "**"
[advanced.headers.headers]
Cross-Origin-Opener-Policy = "same-origin"
Cross-Origin-Embedder-Policy = "require-corp"
Android APK
FROM svrnty/flutter-sdk:android-latest AS build
COPY . /app
WORKDIR /app
RUN flutter pub get && flutter build apk --release
FROM scratch
COPY --from=build /app/build/app/outputs/flutter-apk/app-release.apk /
Linux Desktop
FROM svrnty/flutter-sdk:linux-latest AS build
WORKDIR /app
COPY . .
RUN flutter pub get && flutter build linux --release
FROM debian:bookworm-slim
RUN apt-get update && apt-get install -y libgtk-3-0 && rm -rf /var/lib/apt/lists/*
COPY --from=build /app/build/linux/arm64/release/bundle /app
ENTRYPOINT ["/app/my_app"]
CI/CD (Gitea/GitHub Actions)
jobs:
build:
runs-on: ubuntu-latest
container:
image: svrnty/flutter-sdk:android-latest
steps:
- uses: actions/checkout@v4
- run: flutter pub get
- run: flutter build apk --release
Tags
<variant>-latest- Latest stable Flutter release<variant>-<version>- Specific Flutter version (e.g.,android-3.38.9)
Automatic Updates
Images are automatically rebuilt when:
- New Flutter stable versions are released
- Base image security updates are available
Every build is scanned and includes supply chain attestations (SBOM, SLSA provenance).
License
MIT