Sandstorm has some nice features, especially in regards to single-sign-on, automatically setting up a reverse proxy, automatically handling SSL certificates, etc.
But I really don't understand what the sandstorm runtime is bringing over just having a docker container. It's trying to reinvent docker, which seems weirdly out of scope for the problems it's trying to solve. Or even if docker isn't suitable you can still use OCI-compatible container images instead of a custom format?
>We do often use Docker’s build tools in the process of building Sandstorm packages, simply because they provide a structured and reproducible way to gather an app and its dependencies into a chroot environment, which we can then package up.
It sounds like "we do use OCI-compatible images, but we wrap them in our own filetype". Which I suppose is fine.
But I really don't understand what the sandstorm runtime is bringing over just having a docker container. It's trying to reinvent docker, which seems weirdly out of scope for the problems it's trying to solve. Or even if docker isn't suitable you can still use OCI-compatible container images instead of a custom format?