d-t-w
commented
1 year ago This change will be applied in v90.6 (Q1 2023)
Closed d-t-w closed 1 year ago
d-t-w
commented
1 year ago This change will be applied in v90.6 (Q1 2023)
d-t-w
commented
1 year ago Wont Do - it may introduce to many issue for users who depend on the full corretto base image.
We have an -alpine tag available in dockerhub which makes Kpow+Alpine available to those who choose it.
We have automated CVE scanning with NVD to actively reduce the number of known CVE in any release of Kpow (often times we have zero detected, occasionally we need to apply a suppression or two).
Historically we have used the general Corretto image as the base of our docker container. That image often has a range of CVE as it contains generally applicable unix commands/apps, vim, etc.
If we switch to Alpine we get the advantage of a smaller container with less surface area for CVE.
Kpow doesn't use any of the non-alpine tooling in the general image anyway.
Are there any drawbacks to using Alpine?