[REQ] "Distroless" Ubuntu/Debian images #448
Labels
enhancement
New feature or request
Comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
What kind of request is this?
None
What is your request or suggestion?
When we were working on Ubuntu Jammy support we originally had support for building a "distroless" image.
We did this by relying on mmdebstrap.
Unfortunately we found the only way to use mmdebstrap to produce a correct image was to enable privileged mode so mmdebstrap can setup chroots.
mmdebstrap does support an unprivileged mode, however a lot of things didn't work properly due to debhelper/maintainer scripts in deb packages not being able to handle this properly. An example of this was dh_systemd failing to put things in the right place.
We should definitely support this, though.
One option can be to use mmdebstrap (where supported) and require privileged mode.
This is at least a relatively low-effort way to achieve this, but it does require people to reconfigure their buildkit daemons and build invocations to allow the privileged entitlement.
We should be able to do what mmdebstrap does ourselves since we control all the things that mmdebstrap wants to control. This will take a bit more work to tease apart and implement all the requirements.
Are you willing to submit PRs to contribute to this feature request?
The text was updated successfully, but these errors were encountered: