Closed tulilirockz closed 1 year ago
Other solution would be to use either Golang's alpine as a builder and regular alpine as a runner
we're using chainguard for the signing/sbom (which we aren't using YET)
Oooooh! Makes sense now. But like, isn't signing a build step? Maybe using chainguard's as a builder and alpine as a runner would be a nice idea? (It'd be the best of both worlds), but idk, maybe its unnecessary?
I hadn't even considered having a runner
. At this point the only thing using the container is the ublue-os/bluefin build process which just strips the binaries & man pages out of the container and puts them in bluefin.
This is just a suggestion, but, maybe using the golang alpine images would be better because of their size / attack surface. In the worst case scenario it would definitely be at least a bit faster to build them...