michaeljmarshall commented on issue #11269: URL: https://github.com/apache/pulsar/issues/11269#issuecomment-893665031
> having more images to maintain is very costly because ideally you would have to run tests and security auditing against all the released images. I don't know if this would be as costly as you're suggesting. If we build the base pulsar image and then extend that base image to build the dev image, the dev image will share the same initial layers. I am not familiar with docker image security scanning tools, but I would think that they should be optimized to not re-scan the same layer within some period of time. This deserves more research, though. > Should we open an issue to address this on places like setup-guides, testing environment etc.? @hpvd - can you clarify what setup-guides and testing environments need updated documentation? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
