General Docker changes look good to me. Not sure how to answer the question about pip and --break-system-packages.

I believe the built image is missing a few tools used in the scripts here and there in dd-trace-java.

Got a few questions / remarks though, that may be addressed later.

1. I noticed the versioning is based on year + month

   dd-trace-java-docker-build/build

   Line 212 in 3c26d22

   version="$(date +%y.%m)"

   Since this is like a major change shall we label this differently? That said this could affect other part of the build pipelines.

2. Circle CI image appear to use the circleci user, this requires commands to be run as sudo. Should we reproduce this behavior?

Looking good.

Few comments about cleaning it up further:

• Is the yq, docker and docker-compose still needed? I used to install them manually to override the outdated version from the CircleCI image but I don't know if they are used.
• Similarly I don't know if autoforward is still used 🤷
• And I ask to @smola what ubuntu17 is for and if it is still relevant

Do you know how to test the image from your PR in the CI to test it?

For the tags, it's just that the current image inherit cimg, while this PR changes it to ubuntu, I pondered on making the change of the base image more visible via tags.