You may not need a Dockerfile 🐳

Explore way to create images without the Dockerfile generic approach

Building a “docker image”, or more appropriately an OCI image, is usually associated with the Dockerfile format. Although it is one of the most generic way to build an OCI image, it is definitely not the only way, nor the best way, depending on your use case. And there is a decent amount of ways to create your image. Let’s try to explore some of them.

Don’t get me wrong, I used to love Dockerfile 🙃

I love Dockerfile. They have been extremely useful for the container ecosystem. The recent evolutions, backed by buildkit are also very good. But they do come with a bit of baggages:

  • They do not allow (or enable) to write reproducible builds. The timestamps, the RUN with “random” commands is getting in the way.
  • They bring a very big assumption, each and every RUN is running in a container. Of course there is tools (as we may, or may not see) that do build Dockerfile without containers, but they are a bit limited (because of that assumption).

Questions to ask yourself

In order to decide what to use to build a container image, there is a couple of questions to answer. Your answers will help you choose what tool to use.

  • Is “reproductible builds” something important to you ?
  • Is your CI running in containers ?
  • Is your developement environment running in containers ?
  • Do you care about running things as root ?
  • Do you care about running things as privileged (aka giving the keys to escape the containers to the process running in the container) ?