Image sizes miss the point

Some engineers in the containers community have advocated for small images. These "small image" proponents support using base images such as distroless and alpine and image optimization tools such as Docker Slim. But small images can still be complex, and the complexity is the true enemy, not simply size. By…

Not All SBOMs Are Created Equal

Software Bill of Materials documents, or SBOMs, have become a hot topic in software supply chain security these days, with everyone bringing their own solution to the table in response to President Biden’s executive order last year.  While vendors advertise that these solutions are easy to use and accurate,…

Introducing apko: bringing distroless nirvana to Alpine Linux

Earlier today, Chainguard released version 0.1 of our apko tool.  This tool allows for the composition of so-called “distroless” images from APK-based software distributions, such as Alpine Linux, using a declarative configuration.  Unlike the traditional distroless tooling, apko enables the creation of minimal, small-attack-surface images without the complications of…