Open simonepri opened 6 years ago
What we could do to offer a hardened Docker image:
https://github.com/microversecloud/docker-alpine-hardened/blob/master/harden.sh is interesting
What are your thought about the un-publish of all the 20 images?
I think that if we provide a single image we can then use a reasonable versioning on it.
For instance we can publish something like:
pm2:2.9.2
pm2:2.9
pm2:2
Each image will have a fixed version of node
and a fixed version of pm2
this will guarantee that images based on our image will NEVER get broken.
In that way, maybe, may have sense to publish them on the official Docker channel.
Also I've found some interesting bits there:
About the tags you suggest, we could not change the node version?
After the discussion here I've thought that maybe we can re-think the objective of the images that we ship on the Docker Hub.
Now, basically, we publish 20 images that just adds
pm2
on the officialnode
Docker repo. While they can be useful for some, the truth is that, as pointed out here, they may not be real value added for the community. (Even if there are more than 10k pull from the Docker Hub)I believe that the common user just want to have a "production ready" container to ship his services. BUT the
node
's official images aren't suited for production. So, in that sense, it wouldn't be better to build our ownHARDENED
image that the users can pull and run?Something like docker-alpine-hardened image.
@Unitech @vmarchaud What do you think? Is there a way to get some feedbacks from pm2's users?