-
lots of questions here regarding what this product is. I guess i can provide some information for the context, from a perspective of an outside contributor.
Chainguard Images is a set of hardened container images.
They were built by the original team that brought you Google's Distroless (https://github.com/GoogleContainerTools/distroless)
However, there were few problems with Distroless:
1. distroless were based on Debian - which in turn, limited to Debian's release cadence for fixing CVE.
2. distroless is using bazelbuild, which is not exactly easy to contrib, customize, etc...
3. distroless images are hard to extend.
Chainguard built a new "undistro" OS for container workload, named Wolfi, using their OSS projects like melange (for packaging pkgs) and apko (for building images).
The idea is (from my understanding) is that
1. You don't have to rely on upstream to cut a release. Chainguard will be doing that, with lots of automation & guardrails in placed. This allow them to fix vulnerabilties extremely fast.
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
-
-
Related posts
-
Distroless: Language focused Docker images, minus the operating system
-
Language focused Docker images, minus the operating system
-
Using Alpine can make Python Docker builds 50× slower
-
Smaller and Safer Clojure Containers: Minimizing the Software Bill of Materials
-
Fat OCI images are a cultural problem