Skip to main content
Skip table of contents

Pre-built Docker Base Images for Repo Integrations

Overview

With the pre-built Docker images for self-hosted Repo Integrations, Mend.io allows you to avoid the need to fully build your own images. This will speed up the time to adopt or upgrade the Repo Integration, and generally provide a better user experience in that regard.

Mend.io distributes its Repo Integrations in the form of Dockerfiles. As a customer of the repo integration, you are typically required to build three images:

  • App/Controller

  • Scanner

  • Remediate

The Scanner and Remediate images in particular can be multiple gigabytes in size and present a challenge to build, primarily if any of the public sites for package managers are even partially unavailable, in which case you might be blocked from building the image.

While some companies may prefer to customize Mend.io’s Dockerfiles and build them from scratch, others may prefer a “prebuilt” approach, where the Open Source part of Mend.io’s images (e.g., languages and package managers) are available prebuilt so that the building part will consist of downloading the majority from Docker Hub and building the rest online.

Getting it done

  1. Open-Source Base Images: The base images, based on Mend.io’s Repository Integrations releases, are hosted on https://github.com/mend/docker-base-images (the default distributed Dockerfiles are manually divided into “base” and “rest” with the base part (OSS only) added to Dockerfiles in this repository). The Dockerfiles are then built and published to Docker Hub: https://hub.docker.com/repositories/mend?search=base

  2. Open Pre-built Final Images: The remaining part of the Dockerfiles is then added to https://github.com/mend/docker-final-images. The Dockerfiles are updated to build FROM the relevant base image.

The structure of the docker-final-images repository is designed such that the files under repo-integrations can be downloaded or extracted over the top of a regular repo integration distribution to replace the existing Dockerfiles.

When someone builds with these replacement Dockerfiles, they will no longer need to reach out to the internet for package manager and language downloads, instead downloading them all via a single Docker Hub base image per Mend.io image.

Limitations

The base images support all distributions.

  • As of October 2024, only the GitHub Enterprise App has a ready-made Dockerfile.

    image-20240923-125747.png

  • The SAST Dockerfile has not been rebuilt with a base image.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close