chore(ci): add Docker BuildKit examples, .dockerignore, CI cache docs; tune vite config
This commit is contained in:
Scott Idem
30
documentation/AE_Docker_CI_cache_policy.md
Normal file
30
documentation/AE_Docker_CI_cache_policy.md
Normal file
@@ -0,0 +1,30 @@
|
||||
# AE Docker CI Cache Policy (recommendation)
|
||||
|
||||
Purpose
|
||||
- Provide a straightforward policy to keep build caches useful but bounded.
|
||||
|
||||
Recommendations
|
||||
- Primary CI cache: **registry-based buildx cache** (preferred). Use a single cache ref (e.g. `ghcr.io/ORG/REPO:cache`) reused by CI builds.
|
||||
- Local dev cache: use `--cache-to type=local` for fast iteration but prune periodically.
|
||||
- Retention: keep registry cache for 30 days by default. Implement registry GC or lifecycle rule to delete older cache blobs.
|
||||
|
||||
Rotation strategy
|
||||
- Option A (simple): CI always writes to the same cache ref `:cache`. Periodically (monthly) run a job to `docker pull` and `docker image rm` older tags if you use date-based tagging.
|
||||
- Option B (date-tag): CI writes cache to `cache-YYYYMMDD` and a small scheduled job deletes tags older than 30 days.
|
||||
|
||||
Pruning commands (developer)
|
||||
- Remove local build cache older than 72 hours:
|
||||
```bash
|
||||
docker builder prune --filter "until=72h" --force
|
||||
```
|
||||
- Remove all builder cache (aggressive):
|
||||
```bash
|
||||
docker builder prune --all --force
|
||||
```
|
||||
|
||||
CI runner requirements
|
||||
- `docker` and `docker buildx` available in runner environment.
|
||||
- Registry credentials provided via CI secrets with permission to push/pull images.
|
||||
|
||||
Security & Secrets
|
||||
- Do not store registry credentials in repo. Use CI secret storage.
|
||||
Reference in New Issue
Block a user