$30 off During Our Annual Pro Sale. View Details »

GCRと脆弱性検査

Avatar for youyo youyo
October 15, 2018
Technology
0
230

 GCRと脆弱性検査

GCRと脆弱性検査

Avatar for youyo

youyo

October 15, 2018
Tweet

More Decks by youyo

See All by youyo
家の快適度を計測してみた
Avatar for youyo youyo
1
220
Get started AWS CDK
Avatar for youyo youyo
0
130
Tried to create a deployment pipeline of AutoML Vision.
Avatar for youyo youyo
0
96
API GatewayのWebSocket対応について
Avatar for youyo youyo
0
880
goodbye-ec2
Avatar for youyo youyo
0
750
それでも僕はzabbixと生きていく
Avatar for youyo youyo
1
500
About AWS Lambda and kintone
Avatar for youyo youyo
1
290
TerraformとWerckerとAWS Organizationsで始めるステージング・開発環境構築 / terraform-wercker-aws-organizations
Avatar for youyo youyo
1
34k
ServerlessのおさらいとIronFunctionsについて
Avatar for youyo youyo
0
470

Other Decks in Technology

See All in Technology
re:Invent 2025 ふりかえり 生成AI版
Avatar for TakaakiKakei takaakikakei
1
220
AWSを使う上で最低限知っておきたいセキュリティ研修を社内で実施した話 ~みんなでやるセキュリティ~
Avatar for maimyyym maimyyym
2
1.7k
AI 駆動開発勉強会 フロントエンド支部 #1 w/あずもば
Avatar for 1ft-seabass 1ftseabass
PRO
0
400
ChatGPTで論⽂は読めるのか
Avatar for Spatial AI Network spatial_ai_network
10
29k
Lookerで実現するセキュアな外部データ提供
Avatar for ZOZO Developers zozotech
PRO
0
150
IAMユーザーゼロの運用は果たして可能なのか
Avatar for Yuuki Yamashita yama3133
1
460
評価駆動開発で不確実性を制御する - MLflow 3が支えるエージェント開発
Avatar for Databricks Japan databricksjapan
1
210
寫​了​幾年​ Code,​然後​呢?​軟體​工程師​必須重新​認識​的​ DevOps
Avatar for Cheng-Wei Chen cheng_wei_chen
1
1.4k
MLflowダイエット大作戦
Avatar for LINEヤフーTech (LY Corporation Tech) lycorptech_jp
PRO
1
140
re:Inventで気になったサービスを10分でいけるところまでお話しします
Avatar for Yuuki Yamashita yama3133
1
120
因果AIへの招待
Avatar for Shohei SHIMIZU sshimizu2006
0
980
文字列の並び順 / Unicode Collation
Avatar for とみたまさひろ tmtms
3
600

Featured

See All Featured
Refactoring Trust on Your Teams (GOTO; Chicago 2020)
Avatar for Rebecca Miller-Webster rmw
35
3.3k
Git: the NoSQL Database
Avatar for Brandon Keepers bkeepers
PRO
432
66k
Building Applications with DynamoDB
Avatar for Matt Wood mza
96
6.8k
Sharpening the Axe: The Primacy of Toolmaking
Avatar for Bryan Cantrill bcantrill
46
2.6k
Code Reviewing Like a Champion
Avatar for maltzj maltzj
527
40k
How To Stay Up To Date on Web Technology
Avatar for Chris Coyier chriscoyier
791
250k
Responsive Adventures: Dirty Tricks From The Dark Corners of Front-End
Avatar for Vitaly Friedman smashingmag
254
22k
Speed Design
Avatar for Sergey Chernyshev sergeychernyshev
33
1.4k
Producing Creativity
Avatar for Steve Smith orderedlist
PRO
348
40k
Why You Should Never Use an ORM
Avatar for John Nunemaker jnunemaker
PRO
61
9.6k
Scaling GitHub
Avatar for Zach Holman holman
464
140k
Agile that works and the tools we love
Avatar for Rasmus Luckow-Nielsen rasmusluckow
331
21k

Transcript

  1. GCRと脆弱性検査

  2. GCR? Google Container Registory Dockerhubみたいなもの 脆弱性検査 Container Registry 脆弱性スキャン まだアルファ版

    ubuntu, debian, alpine https://cloud.google.com/container‑registry/docs/vulnerability‑ scanning?authuser=0&hl=ja

  3. FROM debian LABEL maintainer "youyo <[email protected]>" RUN apt update -y

    RUN apt install apache2 -y EXPOSE 80/TCP ENTRYPOINT ["apachectl","-k","start","-D","FOREGROUND"] $ docker build -t ¥ asia.gcr.io/any-applications/httpd:latest . $ gcloud auth configure-docker $ docker push asia.gcr.io/any-applications/httpd:latest
  4. None

  5. FROM alpine LABEL maintainer "youyo <[email protected]>" RUN apk add --update

    apache2 RUN mkdir /run/apache2 EXPOSE 80/TCP ENTRYPOINT ["httpd", "-DFOREGROUND"] $ docker build -t ¥ asia.gcr.io/any-applications/httpd:alpine alpine/ $ gcloud auth configure-docker $ docker push asia.gcr.io/any-applications/httpd:alpine
  6. None

  7. まとめ コンテナイメージも脆弱性検査をする時代 最適化されたベースイメージを使用するだけで脆弱性を減らせる https://github.com/GoogleContainerTools/distroless たぶんそんなにお金かからないし, とりあえず始めてみよう