🚀 Goodbye Docker Daemon: My Journey into Buildah for Secure Container Builds

Buildah is a lightweight tool for building OCI-compliant images without needing a daemon like Docker. It allows for creating, building, and managing container images without a running service. Buildah offers key features like rootless image building, daemonless operation, and full scripting control. The author discovered Buildah and Skopeo while working in CI/CD environments and wanted more control and security. Docker has some pain points like security concerns, overkill in CI/CD environments, and lack of transparency. Buildah addresses these concerns with rootless builds, transparency, and scripting control. The author's first Buildah project involved building a simple container image from Ubuntu and copying an app inside. Buildah can also inspect and modify layers more easily than Docker and works flawlessly with Podman. It's OCI-compliant, making it suitable for Kubernetes, OpenShift, and others. Buildah is perfect for secure environments and CI/CD pipelines, offering a daemonless and rootless way to build container images.