Hacker News new | past | comments | ask | show | jobs | submit login

FWIW, we use Gitlab to help protect against this: we use its CI scheduling to rebuild our base images on a regular basis. Our Docker image builds are managed via CI, and we have a schedule set up to rebuild them with --no-cache. This keeps our base images fresh without slowing down most marginal builds during the workday.

You could obviously do this with cron, as well, but if you already have a CI pipeline managing your base images, it makes sense to set up a recurring build.

Applications are open for YC Winter 2020

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact