Is it possible to update the base OS image layer of your container without rebuilding your container image?
i.e. if the base OS has security updates in the latest version can you download it and automatically apply that to be used by your existing container image without rebuilding?
Also, can you deploy a container image to DockerHub which has a dependency on a base OS without containing the image layer for the base OS? This would improve performance when downloading your container from DockerHub onto other servers that already have the base OS image layer downloaded.
It is not possible with the default tooling. Your image bases on an image, which itself consists of a set of image layer. You can not “change the link” to a different base image.
Actualy only the delta of your image layers will be pushed - but they will refence the version of the base image present on your system during build time.
I can imagine that it might be possible to apply a dirty hack:
export your image as tar
extract the tar to a folder
manipulate the manifest to use the new base images layers instead the old ones
repackage the foler as tar
import the modified tar as image
push it to dockerhub
though, even if this succeeds: it remains a dirty hack. Not recommended!