4.5 KiB
Container Image Builder
Dagger-based pipeline for building extensible container images with two base variants (Ubuntu 24.04 and Chainguard) and customizable tool sets.
Overview
This project provides a systematic way to build and maintain container images with:
- Multi-architecture support: All images built for linux/amd64 and linux/arm64
- Two base image variants: Ubuntu 24.04 and Chainguard (Wolfi-based)
- Core tools available in all images: Git, jq, yq, Node.js (20/22/24)
- Specialized tools as separate image variants: kustomize, Dagger, ESPHome, Zola, yamllint
- Automated dependency updates via Renovate
Prerequisites
- Mise for tool management
- Docker or compatible container runtime (for running Dagger)
Setup
- Install tools via Mise:
mise install
This installs:
- Dagger 0.19.8
- Go 1.23
- Verify installation:
dagger version
Usage
Building Individual Tool Images
Build a specific tool image:
# Ubuntu-based image (default: amd64)
dagger call build-tool --tool=yamllint --config-file=tools.yaml --base=ubuntu
# Chainguard-based image (default: amd64)
dagger call build-tool --tool=kustomize --config-file=tools.yaml --base=chainguard
# Build for arm64 platform
dagger call build-tool --tool=yamllint --config-file=tools.yaml --platform=linux/arm64
# Build for amd64 platform (explicit)
dagger call build-tool --tool=yamllint --config-file=tools.yaml --platform=linux/amd64
Verifying Tool Installation
# Check yamllint version
dagger call build-tool --tool=yamllint --config-file=tools.yaml \
with-exec --args=yamllint,--version stdout
# Check multiple tools
dagger call build-tool --tool=yamllint --config-file=tools.yaml \
with-exec --args=jq,--version \
with-exec --args=yq,--version \
with-exec --args=node,--version stdout
Building All Images
Build and publish all images to a registry (multi-arch: amd64 + arm64):
dagger call build-all --config-file=tools.yaml --registry=docker.io/myorg
This creates multi-architecture images with the following naming scheme:
- Ubuntu base:
ubuntu-runner:24.04(amd64 + arm64) - Ubuntu + tool:
ubuntu-{tool}:{version}(e.g.,ubuntu-esphome:2025.11.2) (amd64 + arm64) - Chainguard + tool:
{tool}:{version}(e.g.,esphome:2025.11.2) (amd64 + arm64)
All images are published as multi-platform manifests supporting both linux/amd64 and linux/arm64.
Configuration
Adding New Tools
Edit tools.yaml to add new tools:
tools:
newtool:
version: "1.2.3"
description: "Description of the new tool"
Then update dagger/main.go to add installation logic in both buildUbuntuTool() and buildChainguardTool() functions.
Updating Tool Versions
Tool versions are managed in tools.yaml. Renovate will automatically create PRs to update these versions.
Architecture
tools.yaml: Version configuration for all toolsdagger/main.go: Dagger pipeline implementationrenovate.json: Renovate configuration for automated updates.mise.toml: Mise tool version management
Available Tools
Core Tools (all images)
- Git
- jq
- yq
- Node.js (20, 22, 24)
Specialized Tools
- kustomize: Kubernetes configuration customization
- dagger: Application delivery as code
- esphome: ESPHome firmware builder
- zola: Static site generator
- yamllint: YAML linter
Renovate Integration
The project is configured with Renovate to automatically:
- Monitor releases for all tools
- Create PRs when new versions are available
- Update both
tools.yamland.mise.tomlfiles
Development
Project Structure
.
├── dagger/
│ ├── main.go # Dagger module implementation
│ ├── go.mod
│ └── go.sum
├── tools.yaml # Tool version configuration
├── renovate.json # Renovate configuration
├── .mise.toml # Mise configuration
└── README.md # This file
Local Testing
Test building a single tool image locally:
dagger call build-tool --tool=yamllint --config-file=tools.yaml
Image Tags
Images follow a consistent tagging scheme:
| Base | Tool | Tag Format | Example |
|---|---|---|---|
| Ubuntu | None | ubuntu-runner:24.04 |
Base Ubuntu image |
| Ubuntu | Any | ubuntu-{tool}:{version} |
ubuntu-kustomize:5.5.0 |
| Chainguard | Any | {tool}:{version} |
kustomize:5.5.0 |
License
Apache-2.0