Problem
As tools are added to the ci-tools image, its size grows unbounded. There is no automated check to catch unexpected bloat (e.g. a tool pulling in large transitive dependencies).
Proposal
Add a size assertion to the verify step. For example, fail if the image exceeds a configurable threshold (e.g. 500MB). This could be:
- A
check_size function in scripts/lib/verify.sh
- A Make target that runs
docker image inspect and compares
- A simple assertion at the end of
scripts/ci-tools/verify.sh
Context
Flagged during operational review. The image is currently lean (gcc is removed after use, caches are cleaned), but there is no guardrail to prevent regressions.
Problem
As tools are added to the ci-tools image, its size grows unbounded. There is no automated check to catch unexpected bloat (e.g. a tool pulling in large transitive dependencies).
Proposal
Add a size assertion to the verify step. For example, fail if the image exceeds a configurable threshold (e.g. 500MB). This could be:
check_sizefunction inscripts/lib/verify.shdocker image inspectand comparesscripts/ci-tools/verify.shContext
Flagged during operational review. The image is currently lean (gcc is removed after use, caches are cleaned), but there is no guardrail to prevent regressions.