Currently xk6 image is based on a Debian image, which brings a significant number of unneeded dependencies that increase the surface for vulnerabilities. Consider an image with a smaller attack surface such a alpine
However, this is potentially breaking change as:
Some users can use this image as a base for their own images and relay on some tools available on the debian for their build processes (e.g. git, curl) which are not available in the alpine
Images such as alpine doesn't have compatibility issues with extensions requiring cgo enabled (due to the lack of a proper standard glibc library)
pablochacin
commented
5 months ago
Currently
xk6image is based on a Debian image, which brings a significant number of unneeded dependencies that increase the surface for vulnerabilities. Consider an image with a smaller attack surface such a alpineHowever, this is potentially breaking change as:
alpinedoesn't have compatibility issues with extensions requiringcgoenabled (due to the lack of a proper standardglibclibrary)