
Magicpak: Build minimal Docker images without static linking - coorde
https://github.com/coord-e/magicpak
======
grhmc
Looks like a cool alternative to [https://grahamc.com/blog/nix-and-layered-
docker-images](https://grahamc.com/blog/nix-and-layered-docker-images)

~~~
otabdeveloper4
'Cool' isn't the word I'd use here.

But I guess it's useful if you already have an ad-hoc build system and you
can't/won't migrate to something industrial-strength.

~~~
paranoidrobot
Could you elaborate with some examples of what you mean, and where those might
be better alternatives than using the linked tool?

~~~
otabdeveloper4
Which of the linked tools?

The original commenter called magicpak a 'cool alternative to nix', to which I
replied that nix is an industrial-strength, tested and very through solution,
while magicpak is more like a dirty hack. (We used to have an internal tool
much like magicpak before nix came along.)

------
jmeyer2k
Honest question: what's the difference between storing dependencies in the
executable (statically) and storing them in the Docker image?

~~~
etaioinshrdlu
Beyond a method of software distribution, docker containers are also a nice
sandbox. Apps run inside docker will have very limited access to the rest of
the system unless you explicitly give access.

~~~
beagle3
But don’t assume it is a security perimeter, mostly because the docket
developers don’t.

It’s a lock on the door - keeps honest people honest and erroneous rm -rf
confined. But it might not stop a determined hacker.

------
justicezyx
How does this work behind the scene?

BTW: I might be an exceptional person. But the first thing I look for in a new
software is how it works. Granted that, in most cases, I might not be the
targeted audience. But a brief introduction can effectively boost my interests
in learning more. The opposite case, i.e., no such information, turns off my
curiosity.

------
conradev
Does this handle non-executable resources? i.e. the trusted root SSL
certificates that you typically install alongside OpenSSL

------
CGamesPlay
Are any results available? How much does this save in a few common use cases?

------
anon102010
How does this handle something like a python program

