Slim Docker image

[SheevaPlug]

The official Joomla Docker image having 784 MB is not only quite large, but also contains a lot of (IMHO unnecessary) software like:

• Perl
• Python
• GNU make
• the C and C++ compilers
• ghostscript

From a security-focused point of view, it might not be the best idea to equip potential attackers with tools that can help then in privilege escalation, container escape, local and remote denial of service, and other malicious activity. (I know that it is not the Joomla Docker project but its base images that install these tools, no offense.)

I have created another Joomla base image [1] based on Alpine Linux, which has only 116 MB and a smaller attack surface. In fact, it requires another approach to set up Joomla extensions, templates and the like, but maybe it might help the project to further advance to some sort of ":slim" image. If you want to try and experiment with my image you'll find it on Docker hub at [2].

Users may want to run my base image locally, "docker exec" into it, install needed tools and Joomla components, then maybe remove tools only needed at build time and afterwards "docker commit" the container into a new image. In contrast to my inquiry in the above mentioned discussion, his indeed needs manual intervention and someone who does not fear an interactive shell, but then it works very well and the so-created image can even be "docker run" with "--read-only" for enhanced security.

Please be aware of another discussion [3] that is about automated builds without manual intervention on top of my base image. Right now, this seems to contradict the intended use case for Joomla and thus is hard or even not possible to implement in a reliable way. But then i like Joomla and hope that my works maybe can help your project.

[1] https://github.com/SheevaPlug/JoomlaBase
[2] https://hub.docker.com/r/sheevaplug/joomlabase
[3] joomla/joomla-cms#46102