Hacker News new | ask | show | jobs
by jonjonsonjr 3213 days ago
You might be interested in distroless[1] base images.

The repo links to a talk that goes into more depth, but the basic idea is to a use minimal language-specific base for your runtime instead of e.g. statically linking all of ubuntu into your image.

The base images are built with bazel's docker rules[2], so you get reproducible builds.

[1] https://github.com/GoogleCloudPlatform/distroless

[2] https://github.com/bazelbuild/rules_docker
1 comments
dlor 3213 days ago
I've even been using these rules here to work on making the Debian distro rootfs.tar.xz times we provide for Google Cloud Platform reproducible.

The same source should lead to the same tarball, and anyone should be able to clone the repo and verify that.

github.com/GoogleCloudPlatform/debian-docker

link