Currently xk6 image is based on a Debian image, which brings a significant number of unneeded dependencies that increase the surface for vulnerabilities. Consider an image with a smaller attack surface such a alpine
However, this is potentially breaking change as:
Some users can use this image as a base for their own images and relay on some tools available on the debian for their build processes (e.g. git, curl) which are not available in the alpine
Images such as alpine doesn't have compatibility issues with extensions requiring cgo enabled (due to the lack of a proper standard glibc library)
Currently
xk6
image is based on a Debian image, which brings a significant number of unneeded dependencies that increase the surface for vulnerabilities. Consider an image with a smaller attack surface such a alpineHowever, this is potentially breaking change as:
alpine
doesn't have compatibility issues with extensions requiringcgo
enabled (due to the lack of a proper standardglibc
library)