Hacker News new | past | comments | ask | show | jobs | submit login

things like https://github.com/GoogleContainerTools/distroless should help to reduce the attack surface of your containers.

Interesting. So instead of using a package manager inside the container, it downloads .debs from debian, parses and extracts the files, and then uses bazel to build the container directly.

Applications are open for YC Winter 2020

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact