GitHub Actions got a lot of things right and provided a nice improvement in developer experience relative to CI/CD platforms that existed before them. The decision to bundle a plethora of tools into the base image is baffling though. Their base image is a whopping 47 GiB.
It includes:
- 10+ programming language runtimes
- 4 different versions of Java
- 3 different versions of Go
- 3 different versions of Node
- 5 different versions of Python
- 2 different versions of Ruby
- a bunch of Android SDKs
- 11 package managers
- 4 build tools
- CLIs for every cloud platform
- 8 different web browsers or drivers
The full list of notes on installed software:
All of that, and most people install their own dependencies anyway to control the exact version that they want to have installed. I wonder if GitHub anticipated how prevalent actions would become and how easy they'd be to use when they made this decision about base images.
#Big Base Images are a Bad Decision
The reason to include so much software in the base image is to support a wide variety of things out of the box, without additional configuration or installation necessary. However, this is the wrong thing to optimize for.
A bloated base image affects performance. It also creates backwards compatibility problems when updates are made, resulting in builds spontaneously breaking for people when updates are rolled out.
But the biggest problem with this approach is that it makes any build scripting unable to be ported. The amount of logic inside a CI/CD pipeline that is proprietary to the CI/CD platform should be as minimal as possible. Using big platform-specific base images means the implementation will only run on that platform.
The amount of logic inside a CI/CD pipeline that is proprietary to the CI/CD platform should be as minimal as possible.
#RWX Runs on Generic Base Images
In contrast, RWX runs on generic base images, with a minimal set of configuration.
The code that engineering teams run on RWX can easily run in other environments because it executes on top of a basic ubuntu container.
Debugging, understanding, and reuse are all drastically improved with this approach.
1FROM ubuntu:24.0423# install commonly needed packages4RUN apt-get update && \5apt-get install -y \6build-essential \7ca-certificates \8curl \9dtach \10git \11gnupg \12jq \13sudo \14tzdata \15unzip \16wget \17xz-utils && \18apt-get upgrade -y && \19apt-get clean && \20rm -rf /var/lib/apt/lists/*2122# install docker CLI and optional plugins23ENV DOCKER_VERSION=5:28.0.4-1~ubuntu.24.04~noble24RUN install -m 0755 -d /etc/apt/keyrings && \25curl -fsSL https://download.docker.com/linux/ubuntu/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg && \26echo "deb [arch="$(dpkg --print-architecture)" signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu "$(. /etc/os-release && echo "$VERSION_CODENAME")" stable" > \27/etc/apt/sources.list.d/docker.list && \28apt-get update && \29apt-get install -y \30docker-ce=$DOCKER_VERSION \31docker-ce-cli=$DOCKER_VERSION \32docker-ce-rootless-extras=5:28.0.4-1~ubuntu.24.04~noble \33containerd.io=1.7.26-1 \34docker-buildx-plugin=0.22.0-1~ubuntu.24.04~noble \35docker-compose-plugin=2.34.0-1~ubuntu.24.04~noble && \36apt-get clean && \37rm -rf /var/lib/apt/lists/*
Related posts
Read more on updates and advice from the RWX engineering team
RWX November 2025 Recap: container image builds, git patching runs, OTEL, and more
At RWX, we use our own product to rapidly prototype, develop, and ship features all the time. Here's what we've built recently...
