apko: a year later
Last Friday, we released apko 0.7.1, just a day after the initial release of apko to the public. This release brings several key innovations that bring the ecosystem we have built around apk forward, including a native golang implementation of the apk package manager, which can run on any UNIX-like operating system, such as macOS and the BSDs. In other words, you are no longer required to run apko on a Linux machine.
Don’t take my word for it, try it on your Mac today via Homebrew: brew install chainguard-dev/tap/apko.
A lot has happened since we first released apko to the world. Although the underlying concept behind apko itself was not conceptually new in the Alpine community, the user interface, based on declarative YAML resonated well, both in the Alpine community and the Cloud Native community at large. Building on that resonance, we started to make a library of alternatives to the Google distroless images, originally based on Alpine, which led to creating our Chainguard Images. Demand for a package building solution with the same user experience as apko resulted in the creation of Melange, itself using apko at its core to manage the package build environments. Finally, customer demand for GNU/Linux images with the same behavior and simplicity of our Alpine-based images resulted in the creation of Wolfi, our GNU “undistro” designed for use with apko. None of these things would have happened without apko’s initial release a year ago.
At Chainguard, apko is at the core of what we do. On top of all of the work we have done with the Chainguard Images product, every image we run as part of our Chainguard Enforce platform is built on a Chainguard Image, built with apko from Wolfi packages. We have also released a terraform provider for apko, which can tie your base image release process into your release engineering process.
We enthusiastically look forward to the next year of apko development, and the surrounding ecosystem that has grown out of it. We believe that tools like apko are essential for the realization of a secure software supply chain, with the images-as-code concept in tandem with nightly image rebuilds, allowing enterprises to have small build horizons for the images they deploy on their infrastructure.
Ready to Lock Down Your Supply Chain?
Talk to our customer obsessed, community-driven team.