marco/plugin-barman-cloud
1
0
Fork 0
mirror of https://github.com/cloudnative-pg/plugin-barman-cloud.git synced 2026-03-09 20:22:20 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity
a29726e0ee
plugin-barman-cloud/containers
History
Marco Nenciarini a29726e0ee
fix: use distroless base image to reduce size and attack surface 
Switch from python:3.13-slim-trixie to distroless/python3-debian13
for the sidecar container. The virtualenv approach now extracts
runtime libraries from Debian packages using dpkg, eliminating the
need for apt and package management tools in the final image.

The image is 44% smaller (260MB vs 463MB on main, or 31% vs 377MB
from the previous commit) with 70% fewer packages (35 vs 115) while
maintaining zero HIGH/CRITICAL vulnerabilities. There is no shell
or package manager in the final image, reducing the attack surface
significantly.

Based on Google's distroless best practices.

Signed-off-by: Marco Nenciarini <marco.nenciarini@enterprisedb.com>
2026-01-29 13:39:48 +01:00
..
Dockerfile.plugin chore(deps): update golang docker tag to v1.25.6 (#734) 2026-01-18 22:33:55 +01:00
Dockerfile.sidecar fix: use distroless base image to reduce size and attack surface 2026-01-29 13:39:48 +01:00
sidecar-requirements.in chore(deps): update dependency barman to v3.17.0 (#720) 2026-01-10 16:01:49 +01:00
sidecar-requirements.txt chore(deps): refresh pip-compile outputs (#704) 2026-01-13 18:03:43 +01:00