How to build 0 CVE docker images? Can there be a better solution?
ฝัง
- เผยแพร่เมื่อ 22 พ.ค. 2024
- With the rise of supply chain security attacks, the tools have evolved over the years. In this video, I discuss my views on why 0 CVEs are important and how we can achieve that with Chainguard images. I also have a question and high hopes for the NIX community, which can play a big part here.
Do watch till the end and let me know your thoughts and what you are using for your Docker base images.
Other resources to learn:
Chainguard Reproducible image by Adrian - • Reproducibility and Ch...
Building a Tool to Debug Minimal Container Images in K8s Docker - Kyle Quest & Saiyam Pathak: • Building a Tool to Deb...
►►►Connect with me ►►►
► Kubesimplify: kubesimplify.com/newsletter
► Newsletter: saiyampathak.com/newsletter
► Discord: saiyampathak.com/discord
► Twitch: saiyampathak.com/twitch
► TH-cam: saiyampathak.com/youtube.com
► GitHub: github.com/saiyam1814
► LinkedIn: / saiyampathak
► Website: / saiyampathak
► Instagram: / saiyampathak
► / saiyampathak - วิทยาศาสตร์และเทคโนโลยี
If the current image has cve ? (Assuming using base img as chainguard )
There will be vulnerability?
Using a base image from Chainguard, like Alpine Linux, typically results in fewer vulnerabilities compared to Debian-based images. Chainguard focuses on providing secure base images with minimal vulnerabilities, reducing the risk of CVEs in your environment. Regularly scanning images with tools like Red Hat Advanced Cluster Security for Kubernetes can further enhance security.
CVEs are triaged frequently, but they do occur from time to time. Please compare to the upstream (not Chainguard) image. :)
What tool he mentioned near 9:49 mint or mint plus something ca anyone provide official link for the tool ?
Its mint github.com/mintoolkit/mint