- 64
- 18 362
Chainguard
เข้าร่วมเมื่อ 29 มี.ค. 2022
The safe source for open source.
Using Grype to Scan Container Images for Vulnerabilities | Chainguard
In this video, we show you how to use the open source scanner Grype to scan for CVEs in container images. We also show off Chainguard's Grype image, which comes with low-to-no CVEs and is a perfect building block for a secure software foundation.
Check out the written tutorial on Chainguard Academy: edu.chainguard.dev/chainguard/chainguard-images/working-with-images/scanners/grype-tutorial/
Chainguard Grype Image: edu.chainguard.dev/chainguard/chainguard-images/reference/grype/
Official Grype repository: github.com/anchore/grype
About Chainguard
Founded by the industry's leading experts on open source software, security and cloud native development, we are on a mission to be the safe source for open source.
Where to find us:
Website: www.chainguard.dev/
Twitter: chainguard_dev
LinkedIn: www.linkedin.com/company/chainguard-dev
TikTok: www.tiktok.com/@chainguard_dev
Check out the written tutorial on Chainguard Academy: edu.chainguard.dev/chainguard/chainguard-images/working-with-images/scanners/grype-tutorial/
Chainguard Grype Image: edu.chainguard.dev/chainguard/chainguard-images/reference/grype/
Official Grype repository: github.com/anchore/grype
About Chainguard
Founded by the industry's leading experts on open source software, security and cloud native development, we are on a mission to be the safe source for open source.
Where to find us:
Website: www.chainguard.dev/
Twitter: chainguard_dev
LinkedIn: www.linkedin.com/company/chainguard-dev
TikTok: www.tiktok.com/@chainguard_dev
มุมมอง: 25
วีดีโอ
Introduction to Docker Scout | Chainguard
มุมมอง 10216 ชั่วโมงที่ผ่านมา
In this video, we discuss Docker Scout, a supply chain management tool that integrates well with Chainguard Images. We discuss what it is, how it works, and show off how it interacts with Chainguard Images. About Chainguard Founded by the industry's leading experts on open source software, security and cloud native development, we are on a mission to be the safe source for open source. Where to...
Chainguard's Go Image | Chainguard Learning Labs
มุมมอง 70วันที่ผ่านมา
This video is a recording of a Chainguard Learning Labs livestream that occurred on Tuesday, June 25, 2024 at 12:00 pm ET. The recording covers how to create a Go Chainguard Image, and how to migrate your Go applications to use Chainguard Images. About Chainguard Founded by the industry's leading experts on open source software, security and cloud native development, we are on a mission to be t...
Get Smart in Five Minutes: What is a CVE?
มุมมอง 140วันที่ผ่านมา
This video, starring Dustin Kirkland, VP of Engineering at Chainguard, and John Speed Meyers, Head of Chainguard Labs, goes over the basics of what the term "CVE" means, as well as how they can problematic and what the state of the software vulnerability problem is in this day and age. TIMESTAMPS: 00:00 Intro 00:20 What is a CVE? 01:39 How to assess the severity of a CVE 02:31 What happens when...
Deploying a Flask App with Python and nginx Chainguard Images
มุมมอง 11314 วันที่ผ่านมา
In this video, we discuss how to deploy a Flask App with the Python and nginx Chainguard Images, which have low-to-no CVEs. GitHub: github.com/chainguard-dev/cg-images-python-migration About Chainguard Founded by the industry's leading experts on open source software, security and cloud native development, we are on a mission to be the safe source for open source. Where to find us: Website: www...
GitGuardian uses Chainguard Images to streamline vulnerability management | Chainguard
มุมมอง 7221 วันที่ผ่านมา
Discover how GitGuardian turned the tide against software vulnerabilities, achieving nearly zero CVEs with Chainguard Images. This case study video reveals the challenges faced by GitGuardian, a leader in secure code management, and how their strategic partnership with Chainguard led to groundbreaking reductions in common vulnerabilities and exposures. Dive into their journey of enhancing conta...
Reproducible Dockerfiles with Frizbee and Digestabot
มุมมอง 146หลายเดือนก่อน
How to avoid issues with flaky Dockerfiles by using Frizbee and Digestabot to pin images to digests. Frizbee is available at github.com/stacklok/frizbee Digestabot is available at github.com/chainguard-dev/digestabot About Chainguard Founded by the industry's leading experts on open source software, security and cloud native development, we are on a mission to make the software supply chain sec...
Dan Lorenc Talks Containers, Open Source, Startup Life, and More | CISO Breakfast Summit RSA 2024
มุมมอง 104หลายเดือนก่อน
In this video, Dan Lorenc, Co-Founder and CEO of Chainguard, is interviewed by Yassir Abousselham, Founder and CEO of Silicon Valley Cyber. The interview took place at the CISO Breakfast Summit at RSA '24 on May 8, 2024. About Chainguard Founded by the industry's leading experts on open source software, security and cloud native development, we are on a mission to be the safe source for open so...
How Chainguard Creates Container Images with Low-to-No CVEs
มุมมอง 215หลายเดือนก่อน
In this video, we go over how we are able to create container images with low-to-no CVEs, and how you can utilize them. Check out Chainguard Images: images.chainguard.dev/?category=featured?FY25-EC-Newsletter About Chainguard Founded by the industry's leading experts on open source software, security and cloud native development, we are on a mission to make the software supply chain secure by d...
5 Tips for Migrating to Chainguard Images
มุมมอง 150หลายเดือนก่อน
In this video, we discuss 5 easy tips you can implement into your migration process to make migrating to Chainguard Images easier. TIMESTAMPS 00:00 Intro 00:28 Use latest-dev Images when you need a shell 01:25 You can install any shell you need 01:52 Use apk search to find utilities 03:13 Beware of entrypoint differences 04:26 Wolfi != Alpine 05:08 Outro About Chainguard Founded by the industry...
Debugging Distroless Images with Kubectl Debug and CDebug | Chainguard
มุมมอง 434หลายเดือนก่อน
In this video, we go over how to debug a distroless container image using Kubectl Debug or CDebug. TIMESTAMPS 00:00 Intro 00:27 Kubectl 07:32 CDebug About Chainguard Founded by the industry's leading experts on open source software, security and cloud native development, we are on a mission to be the safe source for open source. Where to find us: Website: www.chainguard.dev/ Twitter: twitter.co...
Chainguard's Python Image | Chainguard Learning Labs
มุมมอง 58หลายเดือนก่อน
This video is a recording of a Chainguard Learning Labs livestream that occurred on Tuesday, May 14, 2024 at 3:00 pm ET. The recording covers how to create a Python Chainguard Image, and how to migrate your Python applications to use Chainguard Images. About Chainguard Founded by the industry's leading experts on open source software, security and cloud native development, we are on a mission t...
Reproducibility and Chainguard Images
มุมมอง 138หลายเดือนก่อน
In this video, we talk about the importance of reproducibility, and how the concept relates to Chainguard Images. UPDATE: In this video I mention needing to keep copies of old APKs in order to be able to recreate images. In fact we do keep all our previously issued APKs, so you can build images from months (and in the future, years) ago without issue. We currently retain all of these package ve...
Get Smart in Five Minutes: What is a Container Image?
มุมมอง 334หลายเดือนก่อน
This video, starring Adrian Mouat, Staff DevRel Engineer at Chainguard, and Ryan O'Daniel, Sales Engineering Manager at Chainguard, goes over the basics of what the term "container image" means in software development, and some of the basic concepts of what a container image is, and how it's built. TIMESTAMPS 00:00 Intro 00:23 What is a container image? 00:57 What are the components of a contai...
Get Smart in Five Minutes: What is Software Supply Chain Security?
มุมมอง 299หลายเดือนก่อน
This video, starring Dan Lorenc, CEO at Chainguard, and Sandy Deason, Executive Business Partner at Chainguard, goes over the basics of what the term "software supply chain security" means, and why it's an important concept in the world of software development today. TIMESTAMPS 00:00 Intro 00:20 What is software supply chain security? 01:01 Why is software supply chain security important? 01:18...
New Chainguard Images in April 2024 | rstudio, Harbor, FFmpeg, Valkey, and more!
มุมมอง 110หลายเดือนก่อน
New Chainguard Images in April 2024 | rstudio, Harbor, FFmpeg, Valkey, and more!
Snowflake reaches vulnerability management goals with Chainguard Images | Chainguard
มุมมอง 4502 หลายเดือนก่อน
Snowflake reaches vulnerability management goals with Chainguard Images | Chainguard
Chainguard's PHP / Laravel Image | Chainguard Learning Labs
มุมมอง 622 หลายเดือนก่อน
Chainguard's PHP / Laravel Image | Chainguard Learning Labs
Chainguard's Java Container Image | Chainguard Learning Labs
มุมมอง 572 หลายเดือนก่อน
Chainguard's Java Container Image | Chainguard Learning Labs
Build and Secure Minimal Images with Chainguard Static Images | Chainguard Learning Labs
มุมมอง 1252 หลายเดือนก่อน
Build and Secure Minimal Images with Chainguard Static Images | Chainguard Learning Labs
How to Migrate a Node.js Application to Chainguard Images | Chainguard
มุมมอง 1132 หลายเดือนก่อน
How to Migrate a Node.js Application to Chainguard Images | Chainguard
How to containerize a Python application with a multi-stage build using Chainguard Images
มุมมอง 1442 หลายเดือนก่อน
How to containerize a Python application with a multi-stage build using Chainguard Images
How to Migrate a Java Application to Chainguard Images
มุมมอง 3003 หลายเดือนก่อน
How to Migrate a Java Application to Chainguard Images
Chainguard Images are now available on Docker Hub! | Chainguard
มุมมอง 5293 หลายเดือนก่อน
Chainguard Images are now available on Docker Hub! | Chainguard
Introduction to Chainguard Images Demo | Chainguard
มุมมอง 1.9K4 หลายเดือนก่อน
Introduction to Chainguard Images Demo | Chainguard
How Wolfi's Fast Release Times Secure Chainguard Images
มุมมอง 1604 หลายเดือนก่อน
How Wolfi's Fast Release Times Secure Chainguard Images
Migrating a Dockerfile for a Go application to use Chainguard Images
มุมมอง 3745 หลายเดือนก่อน
Migrating a Dockerfile for a Go application to use Chainguard Images
Debugging Distroless Containers with Docker Debug
มุมมอง 1K5 หลายเดือนก่อน
Debugging Distroless Containers with Docker Debug
How to Use Chainguard Security Advisories
มุมมอง 2386 หลายเดือนก่อน
How to Use Chainguard Security Advisories
Keep your Chainguard Images up to date with digestabot
มุมมอง 2116 หลายเดือนก่อน
Keep your Chainguard Images up to date with digestabot
Great demo of both kubectl and cdebug capabilities! I like how the consistency of your images makes the Chainguard's variant of the debugger image work nicely with the Chainguard's variant of Nginx. A couple of notes on cdebug: - Often, there is no need for `cd /proc/1/root` because cdebug tries to chroot the debugger's shell to /proc/1/root automatically - cdebug is not limited to Kubernetes - it also works with Docker (Desktop and CE) and even vanilla containerd 😉
We (Ok, Adrian) made a mistake in this video. We do keep old versions of APKs, so it's possible to build images from months or even longer ago without issue. To date we have never withdrawn an APK. We currently retain all of these package versions indefinitely (only servicing latest), but in the future we may age things out just to manage the size of the index
Awesome! Small drops of knowloedge are always welcome. Thanks for creating that and thanks for TH-cam recommending it, because I never heard of Chainguard before. Nice aquatic animal by the way :)
Thanks, glad you enjoyed! And while we might be biased towards octopuses, rockhopper penguins are pretty cool too! 🐧
That's me! (cue Joey from Friends meme)
IMPORTANT! 13:39 pip install openai 😄And if you get the error "ModuleNotFoundError: No Module Named openai", install it in the interpreter path. If you don't know how to do that, search for the error on Stackoverflow to find the solution.
is there a writeup for this somewhere trying to use a different base image than wolfie so i am not sure how to replicate some of the commands.
PS does chainguard have cuda images? Any recommendations to making cuda baaed images safer
Yes! We have pytorch and NeMo, and building more as I type. Which cuda images are you interested in?
Thx helpful
For those that try out what is seen at 31:00 and also run into troubles: 1) the path to the yaml needs to be stated absolute (/work/apko.yaml) 2) If you, like me, need to add the musl libc "so:libc.musl-x86_64.so.1" (as printed out with apk info --depends <package>) to the package list, you will run into issues as apko tries to build a multi-arch image. You need to add "--arch x86_64" to the build command line!
Very helpful, thanks.
We're glad you found this useful!
This Awsome, I wold like te se more things like this
Thanks Dan!
Talk starts at 9:28 :)
you guys need a Discord server.
that was a great presentation by Nuno <3
Thanks for sharing, I hope more video shows build like this.
Great explanation and a must for reproducibility! Thanks! One question: How should you handle the multi arch issue with different digests in Dockerfile or docker-compose? Separate dockerfile of compose or can they be made conditional?
great video <3
super useful, learned great tips!
great video <3
Thanks for sharing how you work through the build process!
🎉❤
Instead of using YAML to define installed packages, it would be MUCH better to use a declarative language like what nix and guix use.
It's still declarative... Also ignoring a build structure is rather hazardous
@@frozenintime YAML is just a data structure. It doesn't have independent tooling to call itself a language (declarative or otherwise). Languages have many benefits like compiler/interpreter-specific optimizations, code reuse etc.
What are the benefits of using an 'undistro' over a webassembly runtime?
Inky is soo cute! 😍
insightful, thanks :)