On Wed, Aug 21, 2019, at 7:34 AM, Daniel Walsh wrote: > I agree. Entering a container and doing a yum update is an > Anti-pattern. This is a complex discussion - I think we need both. Personally I live inside a "pet" container using https://github.com/cgwalters/coretoolbox and I definitely `yum update` inside there, though I do also periodically destroy it and re-pull. Kubernetes though for sure is about non-pet containers. > Buildah and Multi-Stage builds do allow you to eliminate > these tools, but that is more difficult to do. multi-stage is easy and obvious for the case of e.g. Golang and Rust single compiled binaries, and it's not too hard to do for other compiled languages (C/C++) as long as you have a notion of `BuildRequires` versus `Requires`. For interpreted languages though, yeah, not as worthwhile unless you're pulling in a *lot* of build dependencies (doc tooling?) distinct from your runtime ones. _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
