I'm currently using Kaniko to build containers in our development environment and I'm exploring other options. We've been facing challenges because we have JAR/WAR files as input and we rely on custom Dockerfiles, which we submit to Kaniko. Additionally, we push our containers to Artifactory. Our cluster doesn't support user namespaces, and we need a rootless solution. Unfortunately, all the usual alternatives require one or both of those features. Paid solutions like Chainguard aren't viable for us either. Has anyone else dealt with this situation or found alternative tools that work?
3 Answers
The fork of Kaniko by Chainguard is still free to use under Apache 2 license. I’ve been using it, and it seems to be well supported. Plus, if needed, you can fork it yourself to maintain its open-source status.
I’ve had good experiences with BuildKit. It’s also rootless and can handle various build scenarios without issues.
You should definitely check out Buildah! It’s designed for rootless builds and works well with custom Dockerfiles without needing user namespaces or a daemon.
You can also use their pre-built images without compiling it yourself. Just pull it from the GitHub container registry: ghcr.io/kaniko-build/dist/chainguard-dev-kaniko/executor:v1.25.5-debug.