Suggest replacing Python with Go binary

It would be preferable to remove the Python dependency and opt for static Go binaries instead. This reduces the size and attack surface area of the docker images.

"Sort of" - You're merely replacing python with go. Go modules suffer from the same issue, CVEs are disclosed, Go module updates are released that fix it, requiring downstream projects such as this to consume those updates to get around the CVE. That doesn't really address the maintenance problem IMO. Maybe go has a better reputation with respect to CVEs, but at that point, I would then say "Rewrite it in Rust" at that point.

In general I don't see the usefulness of this tool. Using a combination of docker secrets, docker config and the right docker-compose.yaml files (or docker run invocations) you can accomplish the same effect of configuring Confluent Platform's services inside the container to utilize those "mounted" config / secret files instead of having this tricky framework that reads data in from ENV variables passed to the container. About the only thing that couldn't be replicated would he health checks for dependent services (ie: kafka -> zookeeper, schema-registry -> kafka, etc).

But a lot of this has been around since before I started maintaining cp-docker, so theres little chance of this changing in existing releases.

Your inquiry has piqued my interest, but I'm afraid that there are more important features (https://github.com/confluentinc/common-docker/issues/117) to get across the line, and I don't have a lot of resources [1] to develop cp-docker image features any further outside of maintenace and major feature support. I would be happy to look at a fork or anther project of @christophschubert 's though.

[1] https://www.confluent.io/careers/

confluentinc / confluent-docker-utils

Suggest replacing Python with Go binary #35