Docker Image signing with Notation
This article takes a detailed look at image signatures created by Notation, which is one of several tools to create and verify Docker images.
Development
Everything related to software development.
Docker Image signing and attestation – overview of the 5 best tools
This article provides an overview of available options to a) sign and verify Docker/container images and b) create image attestations. It compares the tools Docker Content Trust, BuildKit attestations, Notation, Cosign, and GitHub attestations. The basic terms and concepts are explained, and it concludes with recommendations for which tool is most suitable per use case.
Are full stack web frameworks worth it?
Full stack web frameworks, like Reflex (Python) or Vaadin (Java), enable backend-focused developers to build web applications, including the frontend UI, using a backend language like Java. These frameworks include a (large) UI component library and require no knowledge of frontend technologies. However, using such frameworks comes with major caveats that should give you pause … Read more
Unexpected Docker Hub rate limit for HEAD requests
For developers who directly call the Docker Hub APIs, this article sheds light on how Docker Hub handles rate limiting, particularly for HEAD requests. Here, the behavior differs in unexpected ways from the well-known image pull rate limits.
Detecting Docker image version tag updates easily
This article explains how to use my open-source Docker Tag Monitor website to determine how frequently the maintainers of a Docker image rebuild specific image version tags. It also explains why the image rebuild frequency matters when choosing the best (base) image.
Next-Gen calendar sync for Outlook and Google
Having multiple calendars that are not synchronized often causes scheduling issues. To solve this problem, I built a completely new Next-Gen Microsoft Power Automate flow that synchronizes Outlook with Outlook, Outlook with Google, or Google with Google calendars. The flow is free and open-source, but requires a Power Automate Premium plan. Here I explain how … Read more
Go vs Python performance benchmark of a REST backend
This article benchmarks the performance of two different Python frameworks (Django, FastAPI) and a Go framework (Pocketbase), when making GET requests that serialize 20 simple JSON objects from a relational database (SQLite, PostgreSQL). The results show that Go/Pocketbase is only about twice as fast as Python/FastAPI, which is surprising, given that Go is generally considered … Read more
Docker optimization guide: the 12 best tips to optimize Docker image security
This article introduces 12 tips to optimize your Docker image security. For each tip, it explains the underlying attack vector, and one or more mitigation approaches. Tips include avoiding leaking of build secrets, running as non-root user, or how to make sure to use the most recent dependencies and updates. Originally posted on 2022-02-20, updated … Read more
Docker optimization guide: 8 tricks to optimize your Docker image size
This article introduces several tricks that you can apply at build-time, to reduce the size of your Docker images, including the use of a small base image, multi-stage builds, consolidation of RUN statements, avoiding separate chown/chmod commands, or using the slim toolkit. Originally posted on 2022-02-06, updated on 2024-06-11. Introduction Docker has become a commodity … Read more
Docker optimization guide: optimize build speed in CI pipelines
This article offers several tips for tweaking the build speed of Docker images in CI pipelines. I explain multiple caching-tricks offered by BuildKit, Docker’s integrated image build engine. I also elaborate on how the .dockerignore file and extra arguments to package managers such as apt can speed up your image builds. Originally posted on 2022-01-23, … Read more