Building Container Images the Modern Way

Watch talk on YouTube

Problems

  • Dockerfiles are hard and not 100% reproducible
  • Buildpacks are reproducible but result in large single-arch images
  • Nix has multiple ways of doing things

Solutions

  • Dagger as a CI solution
  • Multistage docker images with distroless -> Small image, small attack surface
  • Language specific solutions (ki, jib)