Open yesudeep opened 2 weeks ago
We will be sending a PR for your review shortly.
https://github.com/optimizely/agent/pull/419 should fulfill this security feature request.
Hi @yesudeep. Thanks for opening the PR. Let us review this issue and your solution and get back with you short. I've created internal ticket FSSDK-10402
Description
Namaste,
Distroless images are small and per our security team's guidance at Google, we're required to use those images for our deployments. To that effect, we're making a feature request to add the ability to build distroless images in addition to images built from scratch and Alpine Linux.
We'd appreciate the ability to build using podman.
And the ability to deploy built container images to the Google Artifact Registry.
For more information about distroless, please see: https://github.com/GoogleContainerTools/distroless.
Benefits
Low attack surface. High security standards.
Detail
We would like the ability to run:
Examples
Please see: https://github.com/GoogleContainerTools/distroless
Risks/Downsides
A little more tooling and build complexity.