It's a trade-off between fewer dependency on the host (by including ca-certificates in the image) and smaller image size (by excluding ca-certificates in the image).
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
ENV CGO_ENABLED 0
is very important.If it's forgotten, the program won't start.
Alpine and ca-certificates could be avoided if you mount
/etc/ssl/certs
directory from the host system.Agreed! however as the production stage would be built on CI, I don't think it we would want to mount the
/etc/ssl/certs
host system/etc/ssl/certs
isn't necessary when you build the production container image. It can be mounted when you run the container in production.sure, but why? I'm trying to understand why will I mount it when it's running on kubernetes?
It's a trade-off between fewer dependency on the host (by including
ca-certificates
in the image) and smaller image size (by excludingca-certificates
in the image).