Building Container Images the Modern Way
Watch talk on YouTubeProblems
- Dockerfiles are hard and not 100% reproducible
- Buildpacks are reproducible but result in large single-arch images
- Nix has multiple ways of doing things
Solutions
- Dagger as a CI solution
- Multistage docker images with distroless -> Small image, small attack surface
- Language specific solutions (
ki
,jib
)