richlander / container-workshop Goto Github PK

ASP.NET Core Composite images provide a smaller size on disk while keeping the performance of the default ReadyToRun (R2R) setting. The caveat is that the composite images have tighter version coupling. This means the final app run on them cannot use handpicked custom versions of the framework and/or ASP.NET assemblies that are built into the composite binary. For a full technical description on how the composites work, we have a feature
doc here.

How do I find out which assemblies and of what version?

Broadly, we should

• remove usage of the NuGet packages and ensure console examples add EnableSdkContainerSupport set to true, since 8.0.200 includes the package but requires that enablement flag for non-Web-or-Worker projects
• ensure all publishing uses the /t:PublishContainer form instead of the /p PublishProfile=DefaultContainer form.

1. What is the best way to deal with certificates? For example, if an organization uses its own "trusted root" and "intermediate root" certificates?
   If I install it in the container, when those certs expire, I would need to rebuild the container with the new certs.
   If I pull the certificates during app startup, I would need a root user to install the certs.

2. Can I use a jammy-chiseled and execute a command during startup with root privileges, and then the app with app privileges?