Slow to start perhaps because this is a Docker container action?

[jizusun]

Hi community,

I love this actions, but it takes almost 1 minutes to build the image to start the actions

Since one of our use case is for documentation checking, and it's a little bit slow for this use case.
How can I optimize it to make it start faster?

[shogo82148]

python:3.11.4-buster is Debian based image.

action-detect-secrets/Dockerfile

Line 1 in 85ed1bf

FROM python:3.11.4-buster

How about trying python:<version>-slim or python:<version>-alpine?

[jizusun]

python:3.11.4-buster is Debian based image.

action-detect-secrets/Dockerfile

Line 1 in 85ed1bf

FROM python:3.11.4-buster

How about trying python:<version>-slim or python:<version>-alpine?

Thank you for the quick response @shogo82148

I tried to use python:<version>-slim, and it just requires extra gcc to pip install.
https://github.com/jizusun/action-detect-secrets/blob/68af1399b892278f6ba59e946bba2ea293d025e7/Dockerfile#L1-L19

alpine should also work.

But now my latest progress is that ,
by using

  image: docker://ghcr.io/xxx/action-detect-secrets:master

https://github.com/jizusun/action-detect-secrets/blob/6d92919c68b7bfdc86c1847dd8f4d6cd88f40ee8/action.yml#L37-L39

the start-up process can be optimized to ~9s.

https://github.com/jizusun/action-detect-secrets/actions/runs/7682270594/job/20936413098?pr=1

The approach is actually first build and publish the image to GHCR,
and when using the docker action, it pull the image directly instead of building it.

Will you agree with this approach and accept such PR?
#55

[shogo82148]

It sounds good.
For example, https://github.com/reviewdog/action-actionlint uses GHCR.

[jizusun]

It sounds good. For example, https://github.com/reviewdog/action-actionlint uses GHCR.

Thank you!
Can you help me to clarity the software supply chain problem in the PR, if you have time?
#55