Here's a request for comments on improvements to our https://hub.docker.com/r/gardendev/garden/tags naming scheme, and to how Garden references system images from Dockerhub internally, with the goal of making it easier to understand and more secure: https://github.com/garden-io/garden/issues/3993
I would love your feedback
Little explainer why I'm working on this: I want to make Garden Docker images auto-update using Dependabot so we automatically get security updates and we need that for reducing toil work to keep up with our SOC2 certification. In the mean time we could make it easier to understand and generally more secure, I thought.
Would you be open to pair with me on this? Once we agree on how we want it to look like, implementation should be doable in one day (if someone helps me understand the current build process better; I'm thinking @alert-helicopter-61082 or @ancient-diamond-80011 ).