There are several problems in the current image build process (see [[#25] The Future of Container Images - Image Build v2 - Rationale](https://gitlab.com/yaook/meta/-/issues/25#rationale)). [Re-thinking and implementing an new process](https://gitlab.com/yaook/meta/-/issues/25) could take some time. ## Proposal Until then we can improve the image build gradually to address some of the pain-points. Here are some possible improvements: - Have all container images scanned in CI and output an SBOM as artifact in ecyclone-dx (JSON) format. - Use layers where possible - Pin the base image version to snapshot images where possible - Extract build logic - Use a common directory layout for patches, e.g have one directory per OpenStack release - Move to common base images - Enable caching where possible ## Relevant images - [ ] [nova-compute](https://gitlab.com/yaook/images/nova-compute) - [ ] [nova(-api)](https://gitlab.com/yaook/images/nova) - [ ] [cinder](https://gitlab.com/yaook/images/cinder) - [ ] [keystone](https://gitlab.com/yaook/images/keystone) - [ ] [barbican](https://gitlab.com/yaook/images/barbican) - [ ] [glance](https://gitlab.com/yaook/images/glance)