$30 off During Our Annual Pro Sale. View Details »

GCRと脆弱性検査

Avatar for youyo youyo
October 15, 2018
Technology
0
230

 GCRと脆弱性検査

GCRと脆弱性検査

Avatar for youyo

youyo

October 15, 2018
Tweet

More Decks by youyo

See All by youyo
家の快適度を計測してみた
Avatar for youyo youyo
1
220
Get started AWS CDK
Avatar for youyo youyo
0
130
Tried to create a deployment pipeline of AutoML Vision.
Avatar for youyo youyo
0
95
API GatewayのWebSocket対応について
Avatar for youyo youyo
0
880
goodbye-ec2
Avatar for youyo youyo
0
750
それでも僕はzabbixと生きていく
Avatar for youyo youyo
1
490
About AWS Lambda and kintone
Avatar for youyo youyo
1
290
TerraformとWerckerとAWS Organizationsで始めるステージング・開発環境構築 / terraform-wercker-aws-organizations
Avatar for youyo youyo
1
34k
ServerlessのおさらいとIronFunctionsについて
Avatar for youyo youyo
0
470

Other Decks in Technology

See All in Technology
20251209_WAKECareer_生成AIを活用した設計・開発プロセス
Avatar for syobochim syobochim
5
1.4k
Haskell を武器にして挑む競技プログラミング ─ 操作的思考から意味モデル思考へ
Avatar for Naoya Ito naoya
6
1.3k
ログ管理の新たな可能性?CloudWatchの新機能をご紹介
Avatar for Ikumi Ono ikumi_ono
1
620
AI活用によるPRレビュー改善の歩み ― 社内全体に広がる学びと実践
Avatar for LINEヤフーTech (LY Corporation Tech) lycorptech_jp
PRO
1
200
AWS Bedrock AgentCoreで作る 1on1支援AIエージェント 〜Memory × Evaluationsによる実践開発〜
Avatar for Yusuke Shimizu yusukeshimizu
6
380
ML PM Talk #1 - ML PMの分類に関する考察
Avatar for LINEヤフーTech (LY Corporation Tech) lycorptech_jp
PRO
1
780
打 造 A I 驅 動 的 G i t H u b ⾃ 動 化 ⼯ 作 流 程
Avatar for Bo-Yi Wu appleboy
0
260
Kubernetes Multi-tenancy: Principles and Practices for Large Scale Internal Platforms
Avatar for hhiroshell hhiroshell
0
120
SSO方式とJumpアカウント方式の比較と設計方針
Avatar for Yuto Obayashi yuobayashi
7
590
Playwright x GitHub Actionsで実現する「レビューしやすい」E2Eテストレポート
Avatar for kinosuke01 kinosuke01
0
540
ChatGPTで論⽂は読めるのか
Avatar for Spatial AI Network spatial_ai_network
2
1.8k
Ruby で作る大規模イベントネットワーク構築・運用支援システム TTDB
Avatar for Taketo Takashima taketo1113
1
240

Featured

See All Featured
jQuery: Nuts, Bolts and Bling
Avatar for Doug Neiner dougneiner
65
8.2k
The Art of Programming - Codeland 2020
Avatar for Erika Heidi erikaheidi
56
14k
Raft: Consensus for Rubyists
Avatar for Patrick Van Stee vanstee
141
7.2k
Facilitating Awesome Meetings
Avatar for Lara Hogan lara
57
6.7k
Intergalactic Javascript Robots from Outer Space
Avatar for Vicent Martí tanoku
273
27k
The Art of Delivering Value - GDevCon NA Keynote
Avatar for David Neal reverentgeek
16
1.8k
Testing 201, or: Great Expectations
Avatar for Joseph Mastey jmmastey
46
7.8k
A Tale of Four Properties
Avatar for Chris Coyier chriscoyier
162
23k
Bootstrapping a Software Product
Avatar for Garrett Dimon garrettdimon
PRO
307
120k
Chrome DevTools: State of the Union 2024 - Debugging React & Beyond
Avatar for Addy Osmani addyosmani
9
1k
Six Lessons from altMBA
Avatar for Skipper Chong Warson skipperchong
29
4.1k
XXLCSS - How to scale CSS and keep your sanity
Avatar for Zaharenia Atzitzikaki sugarenia
249
1.3M

Transcript

  1. GCRと脆弱性検査

  2. GCR? Google Container Registory Dockerhubみたいなもの 脆弱性検査 Container Registry 脆弱性スキャン まだアルファ版

    ubuntu, debian, alpine https://cloud.google.com/container‑registry/docs/vulnerability‑ scanning?authuser=0&hl=ja

  3. FROM debian LABEL maintainer "youyo <[email protected]>" RUN apt update -y

    RUN apt install apache2 -y EXPOSE 80/TCP ENTRYPOINT ["apachectl","-k","start","-D","FOREGROUND"] $ docker build -t ¥ asia.gcr.io/any-applications/httpd:latest . $ gcloud auth configure-docker $ docker push asia.gcr.io/any-applications/httpd:latest
  4. None

  5. FROM alpine LABEL maintainer "youyo <[email protected]>" RUN apk add --update

    apache2 RUN mkdir /run/apache2 EXPOSE 80/TCP ENTRYPOINT ["httpd", "-DFOREGROUND"] $ docker build -t ¥ asia.gcr.io/any-applications/httpd:alpine alpine/ $ gcloud auth configure-docker $ docker push asia.gcr.io/any-applications/httpd:alpine
  6. None

  7. まとめ コンテナイメージも脆弱性検査をする時代 最適化されたベースイメージを使用するだけで脆弱性を減らせる https://github.com/GoogleContainerTools/distroless たぶんそんなにお金かからないし, とりあえず始めてみよう