Upgrade to Pro — share decks privately, control downloads, hide ads and more …

GCRと脆弱性検査

Avatar for youyo youyo
October 15, 2018
Technology
240
0

 GCRと脆弱性検査

GCRと脆弱性検査

Avatar for youyo

youyo

October 15, 2018

More Decks by youyo

See All by youyo
家の快適度を計測してみた
Avatar for youyo youyo
1
230
Get started AWS CDK
Avatar for youyo youyo
0
150
Tried to create a deployment pipeline of AutoML Vision.
Avatar for youyo youyo
0
110
API GatewayのWebSocket対応について
Avatar for youyo youyo
0
930
goodbye-ec2
Avatar for youyo youyo
0
790
それでも僕はzabbixと生きていく
Avatar for youyo youyo
1
510
About AWS Lambda and kintone
Avatar for youyo youyo
1
300
TerraformとWerckerとAWS Organizationsで始めるステージング・開発環境構築 / terraform-wercker-aws-organizations
Avatar for youyo youyo
1
34k
ServerlessのおさらいとIronFunctionsについて
Avatar for youyo youyo
0
480

Other Decks in Technology

See All in Technology
会社紹介資料 / Sansan Company Profile
Avatar for Sansan, Inc. sansan33
PRO
16
410k
The essence of decision-making lies in primary data
Avatar for 株式会社カミナシ kaminashi
0
200
最大のアウトプット術は問題を作ること
Avatar for ryoAccount ryoaccount
0
230
GitHub Copilot CLI で Azure Portal to Bicep
Avatar for Yuta Matsumura tsubakimoto_s
0
300
OpenClawでPM業務を自動化
Avatar for 西岡 賢一郎 (Kenichiro Nishioka) knishioka
2
360
Zephyr(RTOS)でOpenPLCを実装してみた
Avatar for misoji engineer iotengineer22
0
170
自分をひらくと次のチャレンジの敷居が下がる
Avatar for aki sudoakiy
4
1.2k
トイルを超えたCREは何屋になるのか
Avatar for 弁護士ドットコム bengo4com
0
110
Oracle AI Database@AWS:サービス概要のご紹介
Avatar for oracle4engineer oracle4engineer
PRO
3
2k
AWS DevOps Agent or Kiro の使いどころを考える_20260402
Avatar for モブエンジニア(Masaki Okuda) masakiokuda
0
120
ハーネスエンジニアリング×AI適応開発
Avatar for Ryohei Kamiya aictokamiya
2
970
AWS Systems Managerのハイブリッドアクティベーションを使用したガバメントクラウド環境の統合管理
Avatar for Toru_Kubota toru_kubota
1
190

Featured

See All Featured
Refactoring Trust on Your Teams (GOTO; Chicago 2020)
Avatar for Rebecca Miller-Webster rmw
35
3.4k
End of SEO as We Know It (SMX Advanced Version)
Avatar for Michael King ipullrank
3
4.1k
sira's awesome portfolio website redesign presentation
Avatar for ElsiraPls elsirapls
0
200
The Cult of Friendly URLs
Avatar for Andy Hume andyhume
79
6.8k
It's Worth the Effort
Avatar for 3n 3n
188
29k
Designing Powerful Visuals for Engaging Learning
Avatar for Mike Taylor tmiket
1
320
Unsuck your backbone
Avatar for Amy Palamountain ammeep
672
58k
Ruling the World: When Life Gets Gamed
Avatar for Sebastian Deterding codingconduct
0
190
16th Malabo Montpellier Forum Presentation
Avatar for AKADEMIYA2063 akademiya2063
PRO
0
87
CoffeeScript is Beautiful & I Never Want to Write Plain JavaScript Again
Avatar for Sam Stephenson sstephenson
162
16k
YesSQL, Process and Tooling at Scale
Avatar for Rocio Delgado rocio
174
15k
Utilizing Notion as your number one productivity tool
Avatar for Mfonobong Umondia mfonobong
4
280

Transcript

  1. GCRと脆弱性検査

  2. GCR? Google Container Registory Dockerhubみたいなもの 脆弱性検査 Container Registry 脆弱性スキャン まだアルファ版

    ubuntu, debian, alpine https://cloud.google.com/container‑registry/docs/vulnerability‑ scanning?authuser=0&hl=ja

  3. FROM debian LABEL maintainer "youyo <[email protected]>" RUN apt update -y

    RUN apt install apache2 -y EXPOSE 80/TCP ENTRYPOINT ["apachectl","-k","start","-D","FOREGROUND"] $ docker build -t ¥ asia.gcr.io/any-applications/httpd:latest . $ gcloud auth configure-docker $ docker push asia.gcr.io/any-applications/httpd:latest
  4. None

  5. FROM alpine LABEL maintainer "youyo <[email protected]>" RUN apk add --update

    apache2 RUN mkdir /run/apache2 EXPOSE 80/TCP ENTRYPOINT ["httpd", "-DFOREGROUND"] $ docker build -t ¥ asia.gcr.io/any-applications/httpd:alpine alpine/ $ gcloud auth configure-docker $ docker push asia.gcr.io/any-applications/httpd:alpine
  6. None

  7. まとめ コンテナイメージも脆弱性検査をする時代 最適化されたベースイメージを使用するだけで脆弱性を減らせる https://github.com/GoogleContainerTools/distroless たぶんそんなにお金かからないし, とりあえず始めてみよう