[tpetry]

The problem is adding ONLY the exact files needed is currently impossible when building docker containers. If you are building go/rust executables this easy, you will get one executable you'll add. But if you need to pull in some dependency by a package manager you are lost, they will pull in so many dependencies you may not need but are not defined optional by the packages. A small container is really impossible.

[jbverschoor]

No it's perfectly possible, but people are just lazy and/or don't understand their platforms.

Docker is for many a "simple" way of getting their app running, and once it's up, they never look back.

[folkrav]

There are ways, but they aren't particularly obvious and are more work than they should. With some elbow grease involving multi-step builds, snapshots and diffing the resulting images to copy only the required files into your final image, you can definitely build them, at least.

It isn't made particular easy for you. Honestly it's actually kind of a pain, wherein lies the problem. Doesn't help that some languages' official images are kind of bloated themselves, either.

[mikeyjk]

Is diffing images really necessary? I've done multi step builds in the past for a Java app and I didn't find it especially hard to only include what was required. E.g. the final resultant image would exclude maven, which would be used in the first stage of the build.

[folkrav]

If you copy over files directly built by your build steps, sure, you don't really need diffing images, you know where things are. If you're trying to build a minimal image with some specific dependencies copied over that are the result of things you have less control over diffing is pretty much the only way to figure out what you need IME. E.g. you want to copy only the parts of dependencies you actually need.

[mikeyjk]

Ah I see, thank you, that makes sense.

[tpetry]

Multi Step Images will not help if you want to build a python container and the package manager will pull in e.b. Bash for the python runtime snd many more depencies. It only saves you from adding build tools to the image.