Skip to content
Quickstart

Alpine build

Status: Planned · Priority: 3

Produce a Brume binary and container image built on Alpine Linux (musl libc) — smaller, leaner, with a reduced attack surface compared to the current glibc-based artifacts.

  • Smaller images make CI pipelines faster and deployments cheaper.
  • Reduced attack surface matters for a tool that handles production data. Fewer system libraries means fewer CVEs to track.
  • Alpine is the de-facto standard for security-conscious container deployments.
  • Smaller Docker images for the official containerized build.
  • A statically-linked binary for environments that don’t ship a JVM by default.
  • Lower-friction CI usage — pull, run, throw away.
  • Native-image (GraalVM) vs. JLink-based runtime trimming.
  • Whether pg_dump (required for schema replication) stays a runtime dependency or gets bundled.