The big picture is to use docker in docker to get newer user space tools. Please note that docker in docker requires privileged containers which have a lot of security disabled. So don't do anything in a privileged container you wouldn't do as root on your raspberry pi directly.
First I started a registry to get the build image out of the container:
docker run -d -p 127.0.0.1:5000:5000 --name registry registryPlease note the "-p 127.0.0.1:5000:5000". This makes the port 5000 only accessible from the raspberry pi and not everyone on the same network.
To start the container:
docker run -ti --security-opt seccomp=default.json --privileged=true -v /home/pi/workdir:/workdir --network="host" alpine shThe " --security-opt seccomp=default.json" argument provides the changed seccomp profile. "--privileged=true"" is required for docker in docker and creates the privileged container. "--network="host"" is needed that the container can access ports on 127.0.0.1 on the raspberry pi.
Then add docker in the container:
apk add docker
Start the container in the background:
dockerd > /root/docker.log 2> /root/docker.err &
Build the image (this is up to you, so no code here).
Move the generated image to the registry:
docker image tag my_image 127.0.0.1:5000/my_image
docker push 127.0.0.1:5000/my_image
On the raspberry pi:
docker pull 127.0.0.1:5000/my_image
docker image tag 127.0.0.1:5000/my_image my_image:latest
Now you can stop the registry container.