SapMachine icon indicating copy to clipboard operation
SapMachine copied to clipboard
verified publisher icon SAP

JRE only and distroless image

Open wayzha opened this issue 3 years ago • 1 comments

Would like to check if we can provide JRE only (without full JDK) and distroless images? Thx

wayzha avatar Aug 15 '22 09:08 wayzha

Hi @wayzha,

thanks for getting in touch! Maybe you noticed that we provide JRE packages in the release section, e.g.: https://github.com/SAP/SapMachine/releases/tag/sapmachine-11.0.16

However, I reckon you are looking for JRE docker images, correct?

With regards distroless, we are evaluating providing further container images, but haven't decided on it yet. Could you provide some information why distroless in particular would be interesting for you?

Thanks!

nice2mitja avatar Aug 16 '22 14:08 nice2mitja

@nice2mitja We are also interested in this. Our final image size is 500+mb with 70% just consumed by sap-machine. A JVM + distroless will help with the size reduction

rage28 avatar Jan 09 '23 12:01 rage28

Hi @wayzha,

thanks for getting in touch! Maybe you noticed that we provide JRE packages in the release section, e.g.: https://github.com/SAP/SapMachine/releases/tag/sapmachine-11.0.16

However, I reckon you are looking for JRE docker images, correct?

With regards distroless, we are evaluating providing further container images, but haven't decided on it yet. Could you provide some information why distroless in particular would be interesting for you?

Thanks!

Thx for following that up. yes, we need JRE only docker images. hope it can be distroless and non-root. first of all, following least privilege principal, we should not offer a binary if that's not needed. and on the other side, SAP standards suggest a distroless/non-root image with bare mininal components in it:)

wayzha avatar Jan 09 '23 13:01 wayzha

Hi there,

for the time being, we have decided against offering a distroless-based SapMachine image, as our current focus is rather with Cloud Native Buildpacks. From our point of view this approach addresses also other precious issues, while dealing with image size and non-root users in unprivileged environments. There is a cloud native buildpack for SapMachine.

Is it correct that both your requests derive from an SAP-context? If so, you should be able to benefit from CNB's as part of the Business Technology Platform (BTP) quite comfortably.

I hope you understand :)

nice2mitja avatar Jan 18 '23 12:01 nice2mitja