Official container image

Description

Having a pre-built container image can be handy for Onion Service operators, and could be used by suites like Onionspray and Oniongroove to pre-generate service keys.

Tasks

• Create a Dockerfile. References/starting points:
  • mkp224o's Dockerfile.
  • onion-csr's Dockerfile.
• Build:
  • Build container images with kaniko.
  • Build container images with podman.
  • Ensure scheduled rebuilds are configured, so fresh images are published regularly.
• Test:
  • Test the image through CI (doing the same tests done in the current build job).
  • Consider (if possible) to always run the cleanup-container job, to prevent dangling (and failed) images in the registry.
  • Consider catching errors on the curl process from the cleanup-container CI job.
• Publish:
  • Publish images at GitLab's container registry.
  • Upload the build image to the Docker Registry?
  • Update the Composer file to use the pre-built images.
  • Setup Container Registry cleanup policy. No need for that, since CI already cleans uneeded image tags.
• Document:
  • Bonus: update TPA docs (if not already done).
  • Update the documentation, including:
    • One-liner to generate a vanity address using docker/podman.
• Optimize (moved to #34):
  • Try to optimize image size.
  • Support for customized mkp224o build flags.

Time estimation

• Complexity: very small (0.5 day)
• Uncertainty: low (x1.1)
• Reference (adapted)