Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add general documentation page for Ubuntu Chiseled #4968

Merged
merged 10 commits into from
Oct 31, 2023
Merged

Add general documentation page for Ubuntu Chiseled #4968

Changes from 1 commit
Commits
Show all changes
10 commits
Select commit Hold shift + click to select a range
8f38386
Add draft of chiseled readme
lbussell Oct 26, 2023
9eafebd
Apply suggestions from code review
lbussell Oct 26, 2023
e1b571f
Address some code review comments
lbussell Oct 26, 2023
6403018
Update repo readmes
lbussell Oct 26, 2023
74ff43e
Add missing word
lbussell Oct 27, 2023
b9fb243
Use relative links
lbussell Oct 27, 2023
a0cea93
Use correct chiseled documentation link.
lbussell Oct 27, 2023
22ddb48
Update FAQ questions
lbussell Oct 30, 2023
d459ee2
Add multi-stage guidance
lbussell Oct 30, 2023
d935794
Apply suggestions from code review
lbussell Oct 31, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 2 additions & 4 deletions documentation/ubuntu-chiseled.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -50,9 +50,7 @@ For example, you can scan for CVEs with [Docker Scout](https://docs.docker.com/s
docker scout cves mcr.microsoft.com/dotnet/runtime-deps:8.0-jammy-chiseled
```

## Common issues adopting distroless containers

### Trying to invoke a shell
### How can I write my Dockerfile to work without a shell?
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't feel like we're actually answering this question. We're just saying "make sure don't run shell commands". We need to be more specific about this. One thing is to mention the use of multi-stage Dockerfiles as a pattern to help with executing necessary commands. The other is to call out the use of app code that may be running Process.Start with UseShellExecute or whatever it's called and how that would be bad.


If you switch your containers to Ubuntu Chiseled, you may run into one of the following errors:

Expand All @@ -78,7 +76,7 @@ CMD dotnet myapp.dll --args

Please see the [Dockerfile documentation](https://docs.docker.com/engine/reference/builder/#run) for more info about different ways to format Dockerfile instructions.

### Permission denied error
### How do I handle file permissions when running as a non-root user?

If your app writes to the disk, you may encounter permission issues at runtime, such as:

Expand Down