apko
by
chainguard-dev

Description: Build OCI images from APK packages directly without Dockerfile

View on GitHub ↗

Summary Information

Updated 43 minutes ago
Added to GitGenius on April 3rd, 2025
Created on February 8th, 2022
Open Issues & Pull Requests: 152 (+0)
Number of forks: 221
Total Stargazers: 1,648 (+0)
Total Subscribers: 14 (+0)

Issue Activity (beta)

Open issues: 63
New in 7 days: 0
Closed in 7 days: 0
Avg open age: 560 days
Stale 30+ days: 62
Stale 90+ days: 59

Recent activity

Opened in 7 days: 0
Closed in 7 days: 0
Comments in 7 days: 0
Events in 7 days: 0

Top labels

  • bug (15)
  • images (6)
  • enhancement (5)
  • q123 (3)
  • good first issue (2)
  • documentation (1)
  • eng:containers (1)
  • faq (1)

Most active issues this week

No issue events were indexed in the last 7 days.

Repository Insights (GitGenius)

Median issue/PR response: 7.9 days
Mean response time: 252.9 days
90th percentile: 871.5 days
Tracked items: 106

Most active contributors

Detailed Description

apko is a tool developed by Chainguard for building OCI container images directly from APK packages without requiring a Dockerfile. Written in Go, it provides an alternative approach to traditional container image construction by leveraging Alpine Linux's package management system to create minimal, reproducible container images. The project is classified across multiple domains including container security, software supply chain management, reproducibility, and build tooling.

The core functionality of apko centers on declarative image building. Rather than supporting imperative commands like Docker's RUN statements, apko requires all custom tooling and applications to be packaged as APK files first, typically using Chainguard's companion tool melange. This design constraint enables apko to make strong guarantees about image contents and reproducibility. The tool produces fully bitwise reproducible images by default, meaning running apko twice with identical inputs generates byte-for-byte identical output. This reproducibility is critical for supply chain security and auditability.

Performance and image size are primary design goals. apko aims to build images in milliseconds and generates minimal container images containing only what applications require, following the distroless philosophy of removing unnecessary components. The tool also generates Software Bill of Materials (SBOM) documentation for all images, providing complete visibility into package contents. Additionally, apko supports the s6 supervision suite for running multiple processes within containers while properly handling process reaping and signaling.

The repository shows active maintenance and community engagement. GitGenius tracking data reveals a median issue and pull request response latency of 188.4 hours across 106 tracked items, with the most active contributor xnox recording 60 events. Bug reports represent the most frequently tracked issue label with 7 instances, followed by image-related issues with 3 instances. The project maintains connections with other significant repositories including dagger/dagger, istio/istio, and angular/angular through overlapping contributor networks.

Installation options include Homebrew, building from source, or using the apko container image itself. The tool integrates with existing container ecosystems and can publish images directly to registries. Documentation is available through the project's website at apko.dev and through Chainguard Academy tutorials. The project explicitly acknowledges being a work in progress with details subject to change.

The design philosophy reflects Chainguard's specific requirements for secure, rapidly-rebuilt container images in response to security patches and version updates. By combining apko with melange for package creation, users can handle the vast majority of container image building scenarios. For cases where this combination proves insufficient, the recommended approach is building a base image with apko and melange, then using traditional Dockerfile-based tooling for final customization steps. The project draws design inspiration from ko and distroless, positioning itself within a broader ecosystem of modern container image building tools focused on security, reproducibility, and efficiency.

apko
by
chainguard-devchainguard-dev/apko

Repository Details

Fetching additional details & charts...