Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
GCRと脆弱性検査
Search
youyo
October 15, 2018
Technology
0
230
GCRと脆弱性検査
GCRと脆弱性検査
youyo
October 15, 2018
Tweet
Share
More Decks by youyo
See All by youyo
家の快適度を計測してみた
youyo
1
230
Get started AWS CDK
youyo
0
140
Tried to create a deployment pipeline of AutoML Vision.
youyo
0
100
API GatewayのWebSocket対応について
youyo
0
910
goodbye-ec2
youyo
0
770
それでも僕はzabbixと生きていく
youyo
1
500
About AWS Lambda and kintone
youyo
1
300
TerraformとWerckerとAWS Organizationsで始めるステージング・開発環境構築 / terraform-wercker-aws-organizations
youyo
1
34k
ServerlessのおさらいとIronFunctionsについて
youyo
0
480
Other Decks in Technology
See All in Technology
フルスタックGoでスコア改ざんを防いだ話
ponyo877
0
460
サイボウズ 開発本部採用ピッチ / Cybozu Engineer Recruit
cybozuinsideout
PRO
10
74k
マネージャー視点で考えるプロダクトエンジニアの評価 / Evaluating Product Engineers from a Manager's Perspective
hiro_torii
0
340
プレビュー版のDevOpsエージェントを現段階で触ってみた
ad_motsu
1
170
LLMOpsのこれまでとこれからを学ぶ
nsakki55
2
620
量子クラウドサービスの裏側 〜Deep Dive into OQTOPUS〜
oqtopus
0
350
22nd ACRi Webinar - ChipTip Technology Eric-san's slide
nao_sumikawa
0
130
なぜAIは チーム開発を 速くしないのか
tan_go238
6
3.1k
歴史に敬意を! パラシュートVPoEが組織と共同で立ち上がる信頼醸成オンボーディング
go0517go
PRO
0
100
EMから現場に戻って見えた2026年の開発者視点
sudoakiy
1
130
Oracle Base Database Service 技術詳細
oracle4engineer
PRO
15
94k
Exadata Fleet Update
oracle4engineer
PRO
0
1.2k
Featured
See All Featured
Game over? The fight for quality and originality in the time of robots
wayneb77
1
120
Documentation Writing (for coders)
carmenintech
77
5.3k
Exploring anti-patterns in Rails
aemeredith
2
270
Self-Hosted WebAssembly Runtime for Runtime-Neutral Checkpoint/Restore in Edge–Cloud Continuum
chikuwait
0
360
Primal Persuasion: How to Engage the Brain for Learning That Lasts
tmiket
0
270
Lessons Learnt from Crawling 1000+ Websites
charlesmeaden
PRO
1
1.1k
Building Experiences: Design Systems, User Experience, and Full Site Editing
marktimemedia
0
420
SEOcharity - Dark patterns in SEO and UX: How to avoid them and build a more ethical web
sarafernandez
0
130
Helping Users Find Their Own Way: Creating Modern Search Experiences
danielanewman
31
3.1k
Conquering PDFs: document understanding beyond plain text
inesmontani
PRO
4
2.4k
Cheating the UX When There Is Nothing More to Optimize - PixelPioneers
stephaniewalter
287
14k
A Guide to Academic Writing Using Generative AI - A Workshop
ks91
PRO
0
210
Transcript
GCRと脆弱性検査
GCR? Google Container Registory Dockerhubみたいなもの 脆弱性検査 Container Registry 脆弱性スキャン まだアルファ版
ubuntu, debian, alpine https://cloud.google.com/container‑registry/docs/vulnerability‑ scanning?authuser=0&hl=ja
FROM debian LABEL maintainer "youyo <
[email protected]
>" RUN apt update -y
RUN apt install apache2 -y EXPOSE 80/TCP ENTRYPOINT ["apachectl","-k","start","-D","FOREGROUND"] $ docker build -t ¥ asia.gcr.io/any-applications/httpd:latest . $ gcloud auth configure-docker $ docker push asia.gcr.io/any-applications/httpd:latest
None
FROM alpine LABEL maintainer "youyo <
[email protected]
>" RUN apk add --update
apache2 RUN mkdir /run/apache2 EXPOSE 80/TCP ENTRYPOINT ["httpd", "-DFOREGROUND"] $ docker build -t ¥ asia.gcr.io/any-applications/httpd:alpine alpine/ $ gcloud auth configure-docker $ docker push asia.gcr.io/any-applications/httpd:alpine
None
まとめ コンテナイメージも脆弱性検査をする時代 最適化されたベースイメージを使用するだけで脆弱性を減らせる https://github.com/GoogleContainerTools/distroless たぶんそんなにお金かからないし, とりあえず始めてみよう
youyo
ponyo877
cybozuinsideout
.jpg){kind=avatar}
hiro_torii
ad_motsu
nsakki55
oqtopus
nao_sumikawa
tan_go238
go0517go
sudoakiy
oracle4engineer
wayneb77
carmenintech
aemeredith
chikuwait
tmiket
charlesmeaden
marktimemedia
sarafernandez
danielanewman
inesmontani
stephaniewalter
ks91
![FROM debian LABEL maintainer "youyo <[email protected]>" RUN apt update -y](https://files.speakerdeck.com/presentations/367643268476400e9923efa9a412752d/slide_2.jpg){kind=link}
![FROM alpine LABEL maintainer "youyo <[email protected]>" RUN apk add --update](https://files.speakerdeck.com/presentations/367643268476400e9923efa9a412752d/slide_4.jpg){kind=link}
