Show HN: Minimal – Open-Source Community driven Hardened Container Images

19•ritvikarya98•1h ago

I would like to share Minimal - Its a open source collection of hardened container images build using Apko, Melange and Wolfi packages. The images are build daily, checked for updates and resolved as soon as fix is available in upstream source and Wolfi package. It utilizes the power of available open source solutions and contains commercially available images for free. Minimal demonstrates that it is possible to build and maintain hardened container images by ourselves. Minimal will add more images support, and goal is to be community driven to add images as required and fully customizable.

Comments

debarshri•45m ago

This is great. I have been talking to quite some vendors in the space. I have looked in docker hardened images too. They have made it free too.

I think the problem in general is hardened image market is keeping up with CVEs and making sure the catalog is vast so that it covers all the images and nuances.

Responding and patchibg CVEs with an SLA is the KPI of the vendors. As much as I would like cheer for you, doing it as an opensource initiate with a guaranteed SLA is going to be painful for you as maintainer without profit as a motive.

ritvikarya98•23m ago

Thanks for looking into this! I agree with you and hence I'm also relying on Wolfi packages, which will ensure they are updated as soon as upstream is available so I'm piggy backing on that. Github Actions run daily/weekly based on the cadence and once the pipeline is setup do not require a significant effort imo. And I want it to be community driven so we can add images as and when people want it and build it accordingly. Chainguard tools surely help with this! I aim to show that companies can try and build internal pipelines like this for all images in their repository

anukritisingh•25m ago

Looks very useful, we should definitely build up on this!!!

Joel_Mckay•6m ago

Hard pass...

In general, a public security policy is pointless. It is the one layer you want people to trip over when breaking a system. =3

Housing program helped kids escape poverty – by changing who they befriended

AI-augmented photon-trapping spectrometer-on-a-chip on silicon platform

Michael Beck, 65, Dies; First to Report Symptoms of 'Havana Syndrome'

Kaidan IM 0.15.0: Audio/Video Calls and Integrated Search Field – XMPP

33rpm – a spinning vinyl screensaver for your Mac

Crazy shit linkers do: Relaxation

Is there a platform for devs to share repositories in hopes of OSS contributors?

Show HN: Hackmenot – Security scanner for AI-generated code

Signal president warns AI agents are making encryption irrelevant

Best of Moltbook

Looking for Founders that have SHIPPED and are looking to PARTNER UP

For most flagged articles, nearly every cited sentence failed verification

I still don't understand this SYN attack, but now I can block it easily

Outsourcing Thinking

Convicted ex-Google engineer faces up to 175 year sentence for AI tech theft

Two lines of code for making your MCPs compatible with OpenAI libs

Custom machine kept man alive without lungs for 48 hours

Private Credit Worries Bedevil Shares of Biggest Buyout Shops

Humans Tap into a 'Collective Unconscious'–and It May Be Shaping Brains

GlassWorm Loader Hits Open VSX via Developer Account Compromise

What we can learn from tiny traces of ancient blood chemicals

James Mickens' Tenure Announcement

The State of WebAssembly – 2025 and 2026

"You can post anything to Moltbook"

Show HN: Save upto 70% of API usage in agentic development

'It's ridiculous': publicans bemused by rise of single-file queues to get served

The Spacecraft That Wouldn't Die

Show HN: Replicating OpenAI Prism's LaTeX Workflows in 24h Using Gemini Agents

Show HN: Pinchwork – A task marketplace where AI agents hire each other

Content Negotiation Is All You Need (For AI-Readable Docs)