Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
GCRと脆弱性検査
Search
Sponsored
·
SiteGround - Reliable hosting with speed, security, and support you can count on.
→
youyo
October 15, 2018
Technology
250
0
Share
GCRと脆弱性検査
GCRと脆弱性検査
youyo
October 15, 2018
More Decks by youyo
See All by youyo
家の快適度を計測してみた
youyo
1
230
Get started AWS CDK
youyo
0
160
Tried to create a deployment pipeline of AutoML Vision.
youyo
0
120
API GatewayのWebSocket対応について
youyo
0
980
goodbye-ec2
youyo
0
850
それでも僕はzabbixと生きていく
youyo
1
510
About AWS Lambda and kintone
youyo
1
310
TerraformとWerckerとAWS Organizationsで始めるステージング・開発環境構築 / terraform-wercker-aws-organizations
youyo
1
34k
ServerlessのおさらいとIronFunctionsについて
youyo
0
490
Other Decks in Technology
See All in Technology
ルールやカスタム機能、どう使う?理想の出力を引き出すために今知りたいIBM Bob 5つの機能
muehara
1
310
オンコールの負荷軽減のためのBits Assistant 活用方法 / How to Use Bits Assistant to Reduce the Workload on On-Call Staff
sms_tech
1
380
AI時代の私の技術インプットとアウトプット術
tonkotsuboy_com
16
8.3k
Claude code Orchestra
ozakiomumkj
3
920
long-running-tasks
cipepser
3
460
Spring AI × MCP 入門〜AIエージェントへのツール公開、境界設計から始める最小構成 〜
yuyamiyamoto
0
210
エンジニアは生成AIと どのように向き合うべきか? ことばの意味という観点から
verypluming
3
340
Chart.js が簡単に使えるようになっていたので OGP 画像生成に使った話
kamekyame
0
140
イベントストーミングとKiroの仕様駆動開発で実現する要件の認識合わせプロセス
syobochim
7
1.1k
React、まだ楽しくて草
uhyo
7
3.9k
ITエンジニアを取り巻く環境とキャリアパス / A career path for Japanese IT engineers
takatama
4
1.8k
もりもり新機能を一挙紹介! AgentCoreに入門して、AWS上にAIエージェントを構築しよう
minorun365
PRO
6
720
Featured
See All Featured
Done Done
chrislema
186
16k
Docker and Python
trallard
47
3.9k
Navigating Algorithm Shifts & AI Overviews - #SMXNext
aleyda
1
1.3k
What's in a price? How to price your products and services
michaelherold
247
13k
Primal Persuasion: How to Engage the Brain for Learning That Lasts
tmiket
0
350
個人開発の失敗を避けるイケてる考え方 / tips for indie hackers
panda_program
122
22k
Ethics towards AI in product and experience design
skipperchong
2
300
Data-driven link building: lessons from a $708K investment (BrightonSEO talk)
szymonslowik
1
1.1k
技術選定の審美眼(2025年版) / Understanding the Spiral of Technologies 2025 edition
twada
PRO
118
120k
Six Lessons from altMBA
skipperchong
29
4.3k
Marketing to machines
jonoalderson
1
5.3k
Context Engineering - Making Every Token Count
addyosmani
9
930
Transcript
GCRと脆弱性検査
GCR? Google Container Registory Dockerhubみたいなもの 脆弱性検査 Container Registry 脆弱性スキャン まだアルファ版
ubuntu, debian, alpine https://cloud.google.com/container‑registry/docs/vulnerability‑ scanning?authuser=0&hl=ja
FROM debian LABEL maintainer "youyo <
[email protected]
>" RUN apt update -y
RUN apt install apache2 -y EXPOSE 80/TCP ENTRYPOINT ["apachectl","-k","start","-D","FOREGROUND"] $ docker build -t ¥ asia.gcr.io/any-applications/httpd:latest . $ gcloud auth configure-docker $ docker push asia.gcr.io/any-applications/httpd:latest
None
FROM alpine LABEL maintainer "youyo <
[email protected]
>" RUN apk add --update
apache2 RUN mkdir /run/apache2 EXPOSE 80/TCP ENTRYPOINT ["httpd", "-DFOREGROUND"] $ docker build -t ¥ asia.gcr.io/any-applications/httpd:alpine alpine/ $ gcloud auth configure-docker $ docker push asia.gcr.io/any-applications/httpd:alpine
None
まとめ コンテナイメージも脆弱性検査をする時代 最適化されたベースイメージを使用するだけで脆弱性を減らせる https://github.com/GoogleContainerTools/distroless たぶんそんなにお金かからないし, とりあえず始めてみよう
youyo
muehara
sms_tech
tonkotsuboy_com
ozakiomumkj
cipepser
yuyamiyamoto
verypluming
kamekyame
syobochim
uhyo
takatama
minorun365
chrislema
trallard
aleyda
michaelherold
tmiket
panda_program
skipperchong
szymonslowik
twada
jonoalderson
addyosmani
![FROM debian LABEL maintainer "youyo <[email protected]>" RUN apt update -y](https://files.speakerdeck.com/presentations/367643268476400e9923efa9a412752d/slide_2.jpg){kind=link}
![FROM alpine LABEL maintainer "youyo <[email protected]>" RUN apk add --update](https://files.speakerdeck.com/presentations/367643268476400e9923efa9a412752d/slide_4.jpg){kind=link}
