docker-source-checksum-0.2.1 is not a library.
Deterministic source-based docker image checksum
Use case
You have a CI pipeline that builds a monorepo with many Dockerfiles.
You want to efficiently avoid rebuilding Dockerfiles that haven't changed, even when the rest of the monorepo did.
docker-source-checksum
will calculate a hash of:
Dockerfile
content- all source files referenced by that
Dockerfile
(figured out by parsing it) - any additiona arguments that might affect the build
and then hashing all of these together, to give you deterministic checksum,
before you even attempt to call docker build
. You can use it as a
deterministic content-based ID to avoid rebuilding containers that
were already built (eg. by taging them with that checksum).
Warnings and missing features
- don't use it on untrusted
Dockerfiles
- the exact checksum is not stable yet and can change between versions
["src1", "src", "dst"]
syntax ofADD
andCOPY
is not supported (PRs welcome)- file ownership is ignored
- it was put together in 2 hours, so if you plan to use it in production, maybe... review the code or something and tell me what you think
Having said that, seems to work great.
Installing
See docker-source-checksum releases,
or use cargo install docker-source-checksum
.
Using
Somewhat similiar to docker build
:
$ docker-source-checksum --help
docker-source-checksum 0.2.0
Dockerfile source checksum
USAGE:
docker-source-checksum [FLAGS] [OPTIONS] <context-path>
FLAGS:
-h, --help Prints help information
--hex Output hash in hex
-V, --version Prints version information
OPTIONS:
--extra-path <extra-path>... Path relative to context to include in the checksum
--extra-string <extra-string>... String (like arguments to dockerfile) to include in the checksum
-f, --file <file> Path to `Dockerfile`
--ignore-path <ignore-path>... Path relative to context to ignore in the checksum
ARGS:
<context-path> Dockerfile build context pa