How does Janitor use the images with updates?


In the dockerfiles repo, each of the supported projects has a create dockerfile and an update dockerfile. The former is used to create an image, while the latter is occasionally run to perform an “incremental update” (pulling in updates to the source repository and binary artifacts as another layer).

I know that the create dockerfile is run on the Docker Hub or on CircleCI (depending on the project’s needs).

Where is the update dockerfile run? I can see that the Circle and Hub configuration both don’t mention these files.


Thanks for assembling this information into a Discourse post!

The update Dockerfile is copy/pasted directly into Janitor’s secret admin interface, where admins can trigger a “Pull” of the full image from Docker Hub, or simply an “Update” to build the update dockerfile.

Update dockerfiles are a bit less useful today, as we generally prefer to just pull a new image (if it isn’t too large), however incremental image updates allow having fresh images every day without causing many different versions of the (sometimes very large) base image to exist in parallel (i.e. there is one base image, maybe ~30GB and a month old, and then many ~8GB daily update layers that exist in parallel as long as containers based on them exist, and then get garbage collected).