I was able to employ sysbox for our Linux-based Docker host to enable secure DIND (Docker IN Docker) for our CI/CD pipelines (specifically ones that need to build or start other containers).
However, I can't find a way to do something similar for our Windows Server-based Docker host. Right now my best approach is to share the host's Docker pipe with selected containers (the "DOOD" approach, Docker Out Of Docker). This enables build operations as expected but doesn't "clean up" after itself and I'd much rather have full isolation (not to mention other security issues).
Is something like sysbox even possible on Windows Server 2022 /w Docker?
