From a0685787b13909c0fa4eb7b586085d146a4986cd Mon Sep 17 00:00:00 2001 From: Stefan Junker Date: Tue, 9 Aug 2016 18:37:09 +0200 Subject: [PATCH] README: add outlook section --- README.md | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/README.md b/README.md index 9339aaa..113aedf 100644 --- a/README.md +++ b/README.md @@ -154,3 +154,15 @@ In case a sysadmin needs a patched and specifically configured version of its fa * https://blogs.gentoo.org/zmedico/2015/07/06/tardelta-generate-a-tarball-of-differences-between-two-tarballs/ * https://github.com/jordansissel/fpm/wiki +## Outlook +The completion of the described container build system will benefit greatly to how container images can be shared and deployed. + +### Trusted Containers by reproducibility +Trusting container images has been hard. Being able to reproduce and verify the builds improves this. + +### Obsolete Container-Vulnerabilities Scans +Vulnerabilities scans are only necessary if it's unknown what the container image contains. With the new build system the build specification allows to inspect the included container images much more efficiently. Image vendors can directly track contained packages and their CVEs instead of relying on posteriori scans. + +### Automatic Container Updates +When identified, regular and security updates to 3rd party packages can trigger rebuilds as well as changed source files of 1st party applications. The update circle can be closed by automatically deploying new containers triggered by the updated images. +Complete automation might be difficult in real-world deployments because software updates sometimes require configuration changes.