On 2019-11-06 02:02, sarn wrote:
And the neat way to do that is with a multi-stage build: one Dockerfile, with an Alpine container building the binary, then copying to a FROM scratch container
I've used the "smith" tool as well [1]. It has some additonal help with dynamically linked code. It will use "ldd", recursively, to track dependencies and automatically add those. It will also do a couple of other things, like making the filesystem read only.
The musl build is practically necessary because glibc has effectively given up standalone static binary support. So, thanks BPF Korea :)
Yeah, it helps. Although it still possible to statically link with glibc, although you might get some warnings.
[1] https://github.com/oracle/smith -- /Jacob Carlborg
